Bonum Certa Men Certa

Links 9/1/2020: Cockpit 210, UEK Release 6



  • GNU/Linux

    • Desktop/Laptop

      • The best Linux laptop [Ed: Link for EU readers (blocked by this site)]

        While Linux is definitely not the most well-known operating system for a computer, it's one worth considering. Linux uses open source programming, meaning dedicated user groups write and edit the code themselves. Laptops with Linux preinstalled on them are not easy to find, but they will give you a good level of performance and good value. sssss To learn more, keep reading our buying guide, which includes reviews of a few of our favorites at the end. Our top choice is the Lenovo Business 330S Laptop, which has outstanding power and performance along with a full HD resolution display screen.

      • Dell's super XPS 13 gets even better

        I’ve carried a 2018 XPS 13 to more meetings and conferences than I want to remember. Not because I didn’t have any other choice, but because the XPS 13 was (is) lightweight, ran for a day so I didn’t have to tote a charger or backup battery, has fast face recognition log in (the thing I hate the most THE MOST is passwords), and has two kinds of holes in it: HDMI and USB-C. My only complaint was the screen resolution. The screen itself is plenty bright and sharp. We pass down computers we get to test, the 2018 XPS 13 will be one of the last ones, it’s that good.

        Well, now I may be willing to let it go. Dell has come out with a new and improved version.

      • Messed up laptop: Linux recovery

        Remember, I told you about a messed up laptop? Well, let's elaborate, shall we. I was doing some testing with imaging & recovery software, and once I was done, I wanted to see how well the process had gone. Not well, it turned out. GRUB was there, but no entry in the menu worked initially. Once I had that promptly fixed, I saw that Windows 10 wouldn't boot, and wouldn't auto-repair, and half the distros on the system (out of the total eight) in the multi-boot setup wouldn't start either, going into emergency mode. We're talking the full share of distros, take your pick.

        Now, the GRUB recovery was quite tricky - none of the methods I could think of worked, and I ended up installing a test distro just to get the bootloader configured properly. Then, I started one of the distros that DID work, and noticed there was no data loss. Everything was there, all the partitions were sane and whole, and the files were in their right place, Linux and Windows included. In this article, I'd like to show you how I went about this problem, and how I fixed it - and in the sequel, we shall do the same for Windows 10. A useful exercise. Follow me.

      • Best Linux Distribution For Windows Users In 2020

        Recently, we published an article on the list of Linux operating systems for the computer with low specs or old computers and laptops. Today, we are writing about an article for the Windows users who are planning to use Linux for the first time in 2020.

    • Server

      • Cumulus's Linux to Run Networks for Large HPE Storage Clusters
      • Software Development, Microservices & Container Management – Part IV – About making Choices – CaaSP 4 as SUSE’s empowering of Kubernetes

        Together with my colleague Bettina Bassermann and SUSE partners, we will be running a series of blogs and webinars from SUSE (Software Development, Microservices & Container Management, a SUSE webinar series on modern Application Development), and try to address the former questions and doubts about K8s and Cloud Native development and how it is not compromising quality and control.

      • IBM

        • Huawei Releases openEuler, A CentOS-Based Linux Distribution

          Huawei has released the source code of openEuler, a CentOS-based Linux distribution. Enterprise edition of openEuler called EulerOS is already available, and now Huawei has released its community edition. However, as many would expect, the source code of openEuler is not available on Github, it’s published on Gitee, a Chinese Github alternative.

          When you visit the source code of openEuler Linux distribution, you’ll find two components...

        • Huawei Unveils OpenEuler, CentOS-Based Linux Distribution

          Huawei has released the source code of openEuler, its distribution of Linux based on CentOS. The operating system was formally launched by Huawei in September 2019 in response to U.S. sanctions, which had briefly affected the company's access to Windows and Android operating systems. The source code has now been published on Gitee, the Chinese version of Github.

          OpenEuler comprises two organizations on Gitee, one for source code and one for package sources. The openEuler organization was keen to highlight two particular packages, iSulad and A-Tune, among the openEuler source code. "iSulad is a lightweight gRPC service-based container runtime. Compared to runc, iSulad is written in C, but all interfaces are compatible with OCI. A-Tune is a system software to auto-optimize the system adaptively to multiple scenarios with embedded AI-engine." The announcement continues: "You will also see several infrastructure-supported projects that set up the community's operating systems... these systems are built on the Huawei Cloud through script automation."

        • Huawei unveils openEuler, CentOS-based Linux distribution

          Huawei has released the source code of openEuler, its distribution of Linux based on CentOS. However, in the spirit of the age, it has published the source code of its Linux distribution on Gitee, rather than Github.

          The operating system was formally launched by Huawei in September 2019 in response to US sanctions, which had briefly affected the company's access to Windows and Android operating systems.

          The company is still running under its second three-month extension exempting it from the full provisions of the US government's Entity List, which ordinarily requires a US company to apply for and receive a licence to trade with a named ‘entity'.

        • Satellite Host Configuration with RHEL System Roles Powered by Ansible

          Most of the Red Hat Enterprise Linux (RHEL) system administrators I talk to are looking for ways to further automate tasks in order to save time and make their systems more consistent?this can lead to better reliability and improve security in the environment.

          RHEL System Roles Powered by Ansible is a feature introduced in RHEL 7.4 as a technology preview, and became a supported feature in RHEL 7.6. These system roles allow you to configure several aspects of RHEL: SELinux, kdump, network configuration, and time synchronization. As of RHEL 7.7, a Postfix system role is also available as a technology preview.

          Using RHEL System Roles Powered by Ansible allows you to automate these configurations across your environment. In addition, system roles provide a consistent configuration interface across major RHEL versions. You can use the same system roles to automate the configuration on RHEL 6.10 or later, RHEL 7 and RHEL 8 systems, even when the underlying technologies change between versions.

          For example, for time synchronization, rather than having to learn how to configure ntp on RHEL 6 and how to configure chrony on RHEL 7 and RHEL 8, you just need to know how to use the time synchronization system role. The system role will automatically translate that configuration to ntp on RHEL 6 and chrony on RHEL 7 and 8. This makes management easier and saves time, especially in environments with a mixture of RHEL 6, RHEL 7, and RHEL 8.

        • 6 requirements of cloud-native software

          For many years, monolithic applications were the standard enterprise architecture for achieving business requirements. But that changed significantly once cloud infrastructure began treating business acceleration at scale and speed. Application architectures have also transformed to fit into the cloud-native applications and the microservices, serverless, and event-driven services that are running on immutable infrastructures across hybrid and multi-cloud platforms.

        • Debugging applications within Red Hat OpenShift containers

          There are debugging tools that can be used within containers but are not preinstalled in container base images. Tools such as strace or Valgrind must be included in a container during the container image build process.

          In order to add a debugging tool to a container, the container image build process must be configured to perform additional package installation commands. Whether or not package installation is permitted during the image build process depends on the method being used to build the container image. OpenShift provides several methods of building container images. These methods are called build strategies. Currently, OpenShift supports the Dockerfile, Source-to-Image (S2I), Pipeline, and Custom build strategies. Not all build strategies allow package installation: Of the most commonly-used strategies, the Dockerfile strategy permits package installation but the S2I strategy does not, because an S2I build process builds the container image in an unprivileged environment. A build process within an unprivileged environment lacks the ability to invoke package installation commands.

    • Audiocasts/Shows

      • 2020-01-08 | Linux Headlines

        Tails has a new trick to keep you secure, Google?s Project Zero is making a change, and OpenMandriva ups its package game. Plus the KDE Community?s well-timed new campaign.

      • FLOSS Weekly 561: Titan

        Titan is an open-source project for developers to manage their data like code. Titan makes it easy to run your favorite database in a docker container on your laptop or in Kubernetes, but with the power of versioning the underlying data. Titan's git-like CLI enables developers to clone, commit, checkout, push, and pull data just like code, making it easy to rollback to a previous state, build a test data library, or share a structured dataset with collaborators.

      • 2×62: Hey Eckhardt

        Stuart Langridge, Jono Bacon, and Jeremy Garcia present Bad Voltage, in which what will happen in 2020 is laid out for your consideration with perfect precision. Yes, it’s the predictions episode!

      • Explaining Linux and Open Source as Concepts | Choose Linux 26

        Trying to explain what Linux and open source are can be tricky. We discuss our various approaches, and how they differ depending on the experience of who we are explaining them to.

      • The Linux Link Tech Show Episode 839

        the new year, data modeling, upgrades, fun stuff

    • Kernel Space

      • EXT4 Gets More Direct I/O Optimizations - Can Help Some Database Workloads Around ~140%+

        A few days ago I wrote about a big improvement to write performance for EXT4's Direct I/O code path but that is not the only DIO optimization coming for Linux 5.6. Thanks to IBM, another big EXT4 DIO boost can be found for database workloads.

        Other EXT4 development work currently in its queue ahead of the Linux 5.6 cycle is helping the inode lock scalability for Direct I/O mixed read/write workloads. The issue was pointed out by an Alibaba engineer last summer in a significant performance regression with EXT4's DIO performance under mixed read/write scenarios. The Alibaba engineer bisected the issue to a mainline kernel commit from 2016 when the performance became worse. The problem was quite noticeable with an Intel P3600 NVMe solid-state drive.

      • Intel Media Driver Q4-19 Brings Tiger Lake, Jasper Lake, Better Encode/Decode

        Quietly released over the holidays was Intel's quarterly update to the Intel Media Driver that serves as their modern open-source GPU-accelerated video encode/decode solution for Linux systems.

        This "Intel Media Driver" is their new VA-API solution they began back in 2017 to succeed their earlier Intel VA-API Linux drivers. The open-source Media Driver still uses the Video Acceleration API (VA-API) and remains focused on Broadwell through Ice Lake and now Tiger Lake / Jasper Lake / Elkhart Lake graphics hardware.

      • Intel Working On "Virtual Bus" As Generic Way Of Exchanging Data Between Devices/Driver

        In addition to Intel IGC network driver performance-boosting TSO support, also queued within Intel's next-queue tree of networking changes is a new software bus called Virtual Bus.

        Virtual Bus "Virtbus" is a software-based bus devised by Intel for generic virtbus_devices and virtbus_drivers. Virtbus is lightweight and intended for dealing with the generic devices/drivers wanting to pass chunks of data to other virtbus_device-using devices.

      • Linux 5.6 To Make Use Of Intel Ice Lake's Fast Short REP MOV For Faster memmove()

        While Intel has offered good Ice Lake support since before the CPUs were shipping (sans taking a bit longer for the Thunderbolt support as a key lone exception, since resolved), a feature that's been publicly known since 2017 is the Fast Short REP MOV behavior and finally with Linux 5.6 that is being made use of for faster memory movements.

        The Fast Short REP MOV with Icelake allows for faster moves of data from one location to another. With the upcoming Linux 5.6 cycle the Fast Short REP MOV (FSRM) is finally being added to the CPU features (X86_FEATURE_FSRM) for easily detecting its presence on supported CPUs. Intel's Tony Luck who added the patch explained, "Beginning with processors based on Ice Lake Client microarchitecture, REP MOVSB performance of short operations is enhanced. The enhancement applies to string lengths between 1 and 128 bytes long."

      • 2019 at Bootlin, a year in review

        First of all, the entire team at Bootlin wishes you a Happy New Year, and best wishes for 2020 in your personal and professional life. The beginning of the new year is a good time to look back and see the achievements of the past year, which is why we review the 2019 year in terms of Bootlin news and activity.

      • Bootlin Wraps Up Feature Development On The Allwinner Cedrus VPU Driver

        While the Allwinner VPU "Cedrus" video decode driver is a wonderful success of open-source third-party work expanding Linux's multimedia hardware acceleration capabilities, consulting firm Bootlin who spearheaded this driver is for now at least is ending feature development on this driver.

        The talented folks at Bootlin who specialize in embedded Linux development had been working on this Linux kernel driver developed independent of Allwinner but for their VPU hardware. This was made possible via crowd-funding for improving the hardware-accelerated video decoding potential in particular for Allwinner SoCs.

      • UEK Release 6 Developer Preview available for Oracle Linux 7 and Oracle Linux 8

        The Unbreakable Enterprise Kernel (UEK), included as part of Oracle Linux, provides the latest open source innovations, optimizations and security for enterprise cloud workloads. The UEK Release 5, based on the upstream kernel 4.14, is the current UEK release that powers the production workloads on Oracle Linux 7 in the cloud or on-premises.

        Linux 5.4 is the Latest Stable Kernel release, and it is the mainline kernel that the UEK Release 6 tracks. You can experiment the UEK Release 6 preview today with Oracle Linux 7 and Oracle Linux 8 on both x86_64 and aarch64 platforms.

        The example below is using an Oracle Linux 8 x86_64 instance on Oracle Cloud Infrastructure. The kernel was upgraded to the UEK Release 6 preview within a few minutes. The same upgrade procedures apply to an Oracle Linux 7 or Oracle Linux 8 instance running on-premises.

      • Oracle's Unbreakable Enterprise Kernel 6 Is Tracking Linux 5.4

        Oracle has released a developer preview of their forthcoming Unbreakable Enterprise Kernel 6 to Oracle Linux users, the company's spin of Red Hat Enterprise Linux. With Oracle UEK 6, Linux 5.4 serves as the new base.

        The current UEK Release 5 series has been tracking the aging Linux 4.14 LTS series with Oracle Linux 7. Meanwhile the new Unbreakable Enterprise Kernel Release 6 series will be tracking Linux 5.4 upstream.

      • Graphics Stack

        • NVIDIA have a new Vulkan Beta driver out, adds a fix for DXVK

          NVIDIA continue advancing their special Vulkan Beta driver, the one that gets all the upcoming features that need a little extra time to brew.

          Released today, the NVIDIA 440.43.02 driver includes a fix for those of you playing with DXVK, the D3D9/10/11 to Vulkan layer. Sometimes games might endlessly loop during shader compilation if no "OpSource instruction was present" which should now be sorted. Edit: From what I've now been told, this was specifically when using vkBasalt with DXVK.

        • AMDGPU Linux 5.5 Fixes 8K / 4K120 Output, Hits Sync Object Timeline Support For Vulkan

          While on the back-half of the Linux 5.5 kernel cycle, sent in on Wednesday were an interesting batch of AMDGPU driver fixes that are quite notable.

          First up, the reverting of the retry faults behavior is part of this pull request. This code revert is about helping the stability of recent AMD APUs that for some Linux users has meant frequent hangs unless this functionality was disabled. The alternative to try this workaround is booting the kernel with amdgpu.noretry=0 to achieve the same effect on existing kernel releases.

    • Benchmarks

      • Chrome 79 Is Running Past Firefox 72 Performance On Linux

        While no major performance improvements were noted as part of the release notes, given this week's Firefox 72 release here are some fresh benchmarks of Firefox 70/71/72 on Ubuntu Linux benchmarked with and without WebRender being enabled. As well, these numbers show how Firefox on Linux is currently stacking up against Google Chrome 79 as its latest stable release.

      • Benchmarks Of Clear Linux's Native Kernel Against Current/Mainline/Preempt-RT Kernels

        Given the recent discussions over the default performance of the Linux scheduler, the Liquorix patches to the Linux kernel, and other recent forum discussions over different kernel configurations and flavors, here are some reference benchmarks looking at the performance of some of the kernel options available to Clear Linux users.

        Besides the default "native" kernel option for bare metal Clear Linux installs, there are also current/mainline options that more closely follow the upstream state compared to the default Clear kernel configuration that generally carries a number of patches (their current kernel patches listed here). There is also a preempt-rt kernel option for those wanting a real-time kernel. More details on the various kernel flavors can be found via the ClearLinux.org bundle search.

    • Applications

      • Cockpit 210 and Cockpit-podman 12

        Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 210.

      • curl 7.68.0 with etags and BearSSL

        We ship a new TLS backend: BearSSL. The 14th.

        We ship two new command line options for ETags.

        We provide a new API call to wakeup “sleeping” libcurl poll calls.

        We changed the default handling in libcurl with OpenSSL for verifying certificates. We now allow “partial chains” by default, meaning that you can use an intermediate cert to verify the server cert, not necessarily the whole chain to the root, like you did before. This brings the OpenSSL backend to work more similar to the other TLS backends, and we offer a new option for applications to switch back on the old behavior (CURLSSLOPT_NO_PARTIALCHAIN).

        The progress callback has a new feature: if you return CURL_PROGRESSFUNC_CONTINUE from the callback, it will continue and call the internal progress meter.

        The new command line option --parallel-immediate is added, and if used will make curl do parallel transfers like before 7.68.0. Starting with 7.68.0, curl will default to defer new connections and rather try to multiplex new transfer over an existing connection if more than one transfer is specified to be done from the same host name.

      • Introducing gtherm

        Continuous temperature monitoring from the kernel's /sys/class/thermal/ in an application can be cumbersome. gtherm aims to make that simpler by providing a daemon (gthd) that exports thermal zones and cooling cells over DBus and providing a small library libgtherm (and GObject introspection bindings). gthcli is a simple command line client that displays the currently found values...

      • Kaidan for the Masses: Our Upcoming 9-seconds-registration

        What’s XMPP’s biggest problem? - Accessibility!

        Sure, it is accessible for the people who are really interested in XMPP or want to be more secure, but the normal user doesn’t want to study XMPP before they know what to do.

        That’s why we work on an easy-to-use registration, which makes all decisions for a new user, but still ensures the highest possible security and decentralization. This means that even the password is randomly generated (it is changeable later on). In the end it only takes a few clicks to get to your new account, which is hosted by an automatically chosen public server which supports all of Kaidan’s features.

        The user may choose to use the suggested server, username and password or to use own values. So, now switching from your old messenger to Kaidan (or other XMPP-based clients) is much easier. Therefore, you can invite your friends to XMPP and instantly start chatting with them.

      • 20 years of FAI and a new release

        Besides that, a lot of other things happened in the FAI project. Apart from the first report, we got more than 300 detailed reports containing positive feedback. We had several FAI developers meetings and I did more than 40 talks about FAI all over the world. We had a discussion about an alleged GPL violation of FAI in the past, I did several attempts to get a logo for FAI, but we still do not have one. We moved from subversion to git, which was very demanding for me. The FAI.me service for customized installation and cloud images was used more than 5000 times. The Debian Cloud team now uses FAI to build the official Debian cloud images.

        I'm very happy with the outcome of this project and I like to thank all people who contributed to FAI in the past 20 years!

      • The 15 Earth Science or Geoscience Software for Linux

        Geoscience or earth science is not only about boring theories. There are many practical implementations of the knowledge of geoscience in real life. And, there are some computer programs which will help you to simulate the ideas of this important field of science. Normally, students and academicians of geoscience use these tools.

      • auto-cpufreq Is A New CPU Speed And Power Optimizer For Linux

        auto-cpufreq is a new automatic CPU speed and power optimization tool for Linux laptops using Intel CPUs, which aims to "improve battery life without making any compromises".

        The tool changes the CPU frequency scaling, governor (switches between performance and powersave, these being the only 2 modes supported by the default intel_pstate scaling driver) and turbo boost status based on the battery state, CPU usage and system load. It can also show some basic system information, monitor the CPU frequency and temperature for each core, system load, and battery state.

    • Instructionals/Technical

    • Games

      • Open-ended tower-defense mining game Mindustry is just awesome

        When you get hooked on a game like Mindustry, it's hard to put it down and play anything else so please send help. A free and open source game that looks like a retro Factorio, with a heavy emphasis on tower defense that keeps expanding with updates and I can't stop playing it.

        Mindustry is all about building a smooth supply chain. Right from the raw resources, spreading across the map with conveyor belts feeding into turrets holding back waves of enemies. It's so ridiculously easy to get into and play for a little bit at a time, it's become quite the regular in my own personal list. So much so, that I've now gone and personally purchased it on Steam after spending far too many hours with it on itch.

      • Steam getting expanded support for Soundtracks with a Sale Event on January 20

        Valve have announced that they're going to be giving Soundtracks their own special section on Steam instead of them being a generic DLC listing.

        In the Steamworks Development post, Valve said that all this will properly launch on January 20 with a sale event. However, they've already begun pushing some of the changes out there in public.

        Currently, if you want the soundtrack to a game you have to own the game, and download it as a DLC with the game to access it through the Steam client. Not exactly ideal, in fact the whole way it was done was a bit rubbish. With a new dedicated Soundtrack "app type" you will be able to purchase a soundtrack you like completely independent from the actual game and download it. On top of that, you can have a dedicated music folder to store it all in so you don't have to hunt across Steam for all the files.

    • Distributions

      • Reviews

        • Kdenlive 19.12 on openSUSE | Review

          Making videos is not exactly my strong suit but it doesn’t have to be to enjoy it. Lately, I have been dipping my toes into the world of video content creation. Yes, most of it is into making videos as I haven’t really had the need. Recently, a need popped up for doing some video editing and I decided to give Kdenlive a try. You have to start somewhere and since many of the independently created shows out there use it, it is part of the KDE project and there are a LOT of tutorials on YouTube.

          Keep in mind, I have some very basic needs, simply, chaining clips together, title screen and a little background music. These are extremely minimal requirements. The nice thing about Kdenlive is, it is easy enough to get going with it, but brimming with features to keep you dinking around with it continually and even if you have come to learn every feature the Kdenlive Project will come along and bring you an update.

          [...]

          Kdenlive is a great application with a lot more features than I know how to even use. I don’t do any complex video editing. I don’t have good video equipment so I don’t have a real high level of motivation to create a lot of video content at this time. You can only polish a turd so much and I am often not happy with the video I shoot. I am happy, however, with what I can do with the video in Kdenlive. It does make turning the lack-luster video into barely acceptable video content. Editing with Kdenlive is easy to use and is enjoyable to turn the mess I start with into something more usable. I would like to make more excuses to do more video content because the great user experience Kdenlive provides.

          I have heard of people complain that Kdenlive isn’t stable, well, that is a bunch of hooey. Kdenlive on openSUSE Tumbleweed works fantastically well without any crashing. I am very thankful for fantastic packaging and QA process from the openSUSE Project and I am very grateful for every programmer that has had a hand in every piece of this, from the Linux kernel to the Plasma desktop to the application itself. Thank you for all your time and efforts.

      • Screenshots/Screencasts

      • SUSE/OpenSUSE

        • Tumbleweed Provides Some Stability to 2020

          The year of 2020, at least in the openSUSE world, is starting out to be pretty stable. In little more than a week into the new year, there have been five openSUSE Tumbleweed snapshots released.

          The releases, with the exception of one, are either posting a stable rating or are trending at a stable rating, according to the Tumbleweed snapshot reviewer.

          With the release of snapshot 20200107, more OpenGL and Vulkan driver features and improvements came in the update of the Mesa 19.3.1 package. The newer version update also provides better AMD Radeon Accelerated Processing Unit (APU) performance.

          The bluez-tools package that is a set of tools to manage Bluetooth devices for Linux had a minor update from the previous three-year-old package included in Tumbleweed. GNOME’s web browser package epiphany provided some security AdBlocker preferences in the 3.34.3.1 version. Message transfer agent exim reduced the start up process initialization with version 4.93.0.4 and fixed more than a half dozen bugs. KDE’s kdevelop5 5.4.6 version fixed some wrong text in the license. Network detector, packet sniffer, and intrusion detection system package for wireless network kismet updated to its December release in the snapshot. One package update that stands out in the snapshot is the release of the finger reader package for Linux devices libfprint 1.0; this first major release provides better documentation and bug fixes related to restarting a failed verification immediately.The osc 0.167.2 package fixed regression in osc chroot. Other packages updated in the snapshot were rubygem-parser 2.7.0.1 and tigervnc 1.10.0 among others.

        • SUSE Manager 4 Content Lifecycle Management Deep Dive

          SUSE€® Manager 4 is a best-in-class open source infrastructure management solution that lowers costs, enhances availability and reduces complexity for lifecycle management of Linux systems in large, complex and dynamic IT landscapes. You can use SUSE Manager to configure, deploy and administer thousands of Linux systems running on hypervisors, as containers, on bare metal systems, IoT devices and third-party cloud platforms. SUSE Manager also allows you to manage virtual machines.

        • Transformation – Simplify First

          While a bit of a stretch, there is some similarity to the dilemma that many companies are facing in this rapidly changing business environment. In my last blog, I talked about how companies are looking at the digital transformation of their business in order to stay competitive in a rapidly changing world. In a 2019 report by 451 Research commissioned by SUSE, 89% of survey respondents are considering, evaluating or executing their digital transformation strategy.

      • Fedora Family

        • Peter Czanik: Keeping syslog-ng portable

          I define syslog-ng, as an “Enhanced logging daemon with a focus on portability and high-performance central log collection”. One of the original goals of syslog-ng was portability: running the same application on a wide variety of architectures and operating systems. After one of my talks mentioning syslog-ng, I was asked how we ensure that syslog-ng stays portable when all the CI infrastructure focus on 64bit x86 architecture and Linux.

          [...]

          Not this often, but I also test syslog-ng git snapshots on FreeBSD. Mostly on AMD64, but sometimes also on Aarch64. Just to make sure that one more operating system outside of Linux and OS X is regularly tested. Why FreeBSD? First of all, I keep using FreeBSD almost from the day it was born, even a few months earlier before I started to use Linux. And it is also the largest platform outside Linux where syslog-ng is used, including some appliances built around FreeBSD.

          Travis announced support for ARM just recently: https://blog.travis-ci.com/2019-10-07-multi-cpu-architecture-support. It needed some extra work on the syslog-ng side, but now each pull request is also tested on ARM before merging. This is not just a simple compile test – as I do most of the time – but it includes unit tests as well.

          Does this approach work? Yes, it seems to work. For example, syslog-ng compiles on all architectures supported by Debian. That also includes MIPS that I only tested with syslog-ng once. And I learned about a new architecture just by checking on which CPU architecture the BMW i3 is using to run syslog-ng :) It is the SuperH.

        • Fedora 33 To Finally Kill Off Python 2.6 Support

          Python 2.6 has been end-of-life all the way back to late 2013. However, Python 2.6 packaging for Fedora has kept upt in order to maintain some compatibility with RHEL/EPEL 6 having Python 2.6. But now with EPEL 6 reaching end-of-life as the extra packages for Red Hat Enterprise Linux 6 / CentOS 6, Fedora will gut its Python 2.6 support should anyone still be using it outside of the EPEL building/testing use-case. EPEL 6 is being retired in November 2020, similar to the expected release of Fedora 33.

      • Debian Family

        • Debian revisits systemd vote, relaxes things a bit
        • Debian vs Ubuntu Comparison

          Today the differences between Debian and Ubuntu are minimal for medium to advanced users, except for users in need of up to date software probably only users who aren’t previously familiarized with LInux can appreciate differences or advantages on Ubuntu represented by graphical assistants or methods like the Packages Manager which isn’t part of Debian, yet both distributions share the dpkg packages manager including their front ends like apt or aptitude.

          In brief, the history shows Debian used to lead the market after Red Hat becoming the most chosen distribution for advanced users throwing Gentoo or Slackware almost out of the market. Yet Debian had an issue for users who wanted to keep a stable system with the last software.

        • Privacy-Focused Tails OS 4.2 Improves Automatic Upgrades, Adds Tor Browser 9.0.3

          Tails, the amnesic incognito live system based on Debian GNU/Linux, which focuses on delivering online privacy to those who need a portable operating system, has been updated to version 4.2.

          Both a feature and bugfix release, Tails 4.2 is here to improve and optimize the automatic upgrade feature to use less memory and allow users to upgrade from any previous version to the latest release and do as many automatic upgrades as possible. Manual upgrades will only be required when upgrading to a major release, such as Tails 5.0.

          "Until now, if your version of Tails was several months old, you sometimes had to do 2 or more automatic upgrades in a row. For example, to upgrade from Tails 3.12 to Tails 3.16, you first had to upgrade to Tails 3.14," explain the devs. "Starting with 4.2, direct automatic upgrades will be available from all prior versions to the latest version."

        • GStreamer-VAAPI 1.16 and libva 2.6 in Debian

          Also, Debian testing has imported that iHD driver with two flavors: intel-media-driver and intel-media-driver-non-free. So basically iHD driver is now the main VAAPI driver for Intel platforms, though it only supports the new chips, the old ones still require i965-va-driver.

          Sadly, for current GStreamer-VAAPI stable, the iHD driver is not included in its driver white list. And this will pose a problem for users that have installed either of the intel-media-driver packages, because, by default, such driver is ignored and the VAAPI GStreamer elements won’t be registered.

        • Russ Allbery: C TAP Harness 4.6

          C TAP Harness is my test framework for C software packages.

          This release is mostly a release for my own convenience to pick up the reformatting of the code using clang-format, as mentioned in my previous release of rra-c-util. There are no other user-visible changes in this release.

          I did do one more bit of housekeeping, namely added proper valgrind testing support to the test infrastructure. I now run the test suite under valgrind as part of the release process to look for any memory leaks or other errors in the harness or in the C TAP library.

        • Steve Kemp: I won't write another email client

          Once upon a time I wrote an email client, in a combination of C++ and Lua.

          Later I realized it was flawed, and because I hadn't realized that writing email clients is hard I decided to write it anew (again in C++ and Lua).

          Nowadays I do realize how hard writing email clients is, so I'm not going to do that again. But still .. but still ..

      • Canonical/Ubuntu Family

        • NitroPad: Secure Laptop With Unique Tamper Detection

          NitroPad ships with a preinstalled Ubuntu Linux 18.04 LTS with full-disk encryption. Ubuntu is one of the most popular, stable and easiest to use Linux distributions, so that Ubuntu facilitates switching from Windows to Linux.

        • Ubuntu 20.04 LTS Could Better Support Scanners Compliant With Apple AirScan

          Apple AirScan is akin to their AirPrint technology for supporting various printers from Apple devices without the need for specialized drivers. Multi-function printers compliant with AirPrint also need to implement AirScan for scanner functionality, thus opening up most of today's multi-function printers to supporting this scanning standard. Ubuntu 20.04 LTS could end up supporting AirScan nicely thanks to new SANE back-ends.

          Till Kamppeter who is manager of OpenPrinting and has been working under contract for Canonical on Ubuntu printer/scanner functionality appears to be aiming for enabling this AirScan support.

        • Data Ops at petabyte scale

          Deploying Apache Spark in production is complex. Should you deploy Kubernetes? Should that Kubernetes cluster be backed by Ceph? Perhaps stick with a traditional Hadoop/HBase stack? Learn how Juju and model-driven operations have enabled one data engineering team to evaluate several options and come to an ideal solution.

          This article is an interview between Tim McNamara, Developer Advocate at Canonical and James Beedy of OmniVector Solutions. James has spent years refining his approach for packaging Apache Spark and managing large-scale deployments. With data volumes into the petabyte range and current operations to maintain, he has used Juju to create purpose-built solutions for his team and their customers.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • flexiWAN Open Source SD-WAN Platform Hits GA

        flexiWAN launched the first stable release of its open-source SD-WAN platform, which is available through one of the company’s hardware partners: Advantech, Lanner, and Silicom.

        “This release is a major milestone for flexiWAN and our community as it is the world’s first production-ready open and community-driven SD-WAN solution,” said Amir Zmora, CEO and co-founder of flexiWAN, in a statement. “Our innovation and openness doesn’t stop at the technical level. By offering our services as a freemium business model, along with publicly sharing our pricing and source code with the community, we strive to lead the industry to more openness.”

      • 11 top open-source API testing tools: What your team needs to know

        How do you find the right open-source API testing tool for your needs? Since my last roundup of the best candidates, a few more tools have appeared that warrant consideration—and there's a new technique that's all the buzz in AI automation circles that you need to know about.

        While most vendors are talking up the benefits of AI- and UI-based testing tools in general, AI- and machine learning-based applications that help with API testing have arrived.

        Before you begin API testing, however, make sure you understand test automation basics and know how to avoid the most common test automation mistakes.

      • Enterprise Networking Planet Predictions for 2020

        With 2020 now ramping up there's a lot to look forward to in the networking space this new year. Some of the trends have been going on for years, some are newer, but these are the areas where we expect to see big things in 2020

        [...]

        Simply put, all major networking efforts in 2020 will have some form of open source component. Whether its via code, participation in an Linux Foundation collaboration project or otherwise, the reach of open source is inescapable.

      • Events

        • Daniel Stenberg: webinar: Why everyone is using curl and you should too

          I’m please to invite you to our live webinar, “Why everyone is using curl and you should too!”, hosted by wolfSSL. Daniel Stenberg (me!), founder and Chief Architect of curl, will be live and talking about why everyone is using curl and you should too!

          This is planned to last roughly 20-30 minutes with a following 10 minutes Q&A.

      • Web Browsers

        • Mozilla

          • How to pick up a project with an audit

            When I was younger, I'd wander around a project and figure it out as I went along. That takes a long time during which I don't really know what I'm doing, I don't feel good about it, and I'm learning too many things from dealing with nasty surprises. I neither enjoy that nor does it make me look good.

            These days, I take a methodical approach to picking up a project. I spend a week or so working through a set of questions. I find this approach makes for a good survey of the project and the problem domain it exists in. Further, it surfaces the grime that I should clean up thus avoiding nasty surprises.

            The primary audience for the audit is me--I'm using the process as a way to come up to speed on something. I'm a software engineer so I'm focused on software development and maintenance aspects of the project. I'm concerned about security and data policies, uptime and reliability, impact on stake-holders, costs, budgets, infrastructure complexity, and ongoing maintenance work.

          • The new Overbite Android (works with Firefox Android too): Gopherspace on your mobile Android device

            Since this blog is syndicated to Planet Mozilla and I periodically post Mozilla- and Firefox-relevant posts, here is another: if you still dwell in Gopherspace and use OverbiteWX and OverbiteNX on desktop Firefox, Overbite Android has been updated to full Android Q compatibility so you can use it with Android Firefox as well. Instead of an add-on, just sideload the .apk, and whenever you tap a Gopher URL in Firefox it will automatically load in Overbite Android so you can seamlessly jump back and forth. (Or Chrome, I guess, but who uses that?)

            [...]

            Overbite Android is offered to you under the BSD license and supports 4.0 (Ice Cream Sandwich) through 10 (Q). You can get it, the Android Studio project and source code, and all the rest of the Overbite gopher client family from the Overbite website or directly from Gopherspace.

          • Expanding Mozilla’s Boards in 2020

            Mozilla is a global community that is building an open and healthy internet. We do so by building products that improve internet life, giving people more privacy, security and control over the experiences they have online. We are also helping to grow the movement of people and organizations around the world committed to making the digital world healthier.

            As we grow our ambitions for this work, we are seeking new members for the Mozilla Foundation Board of Directors. The Foundation’s programs focus on the movement building side of our work and complement the products and technology developed by Mozilla Corporation.

          • Expanding Mozilla’s Boards in 2020

            I’ve written in the past about the role of the Board of Directors at Mozilla.

            At Mozilla, our board members join more than just a board, they join the greater team and the whole movement for internet health. We invite our board members to build relationships with management, employees and volunteers. The conventional thinking is that these types of relationships make it hard for the Executive Director to do his or her job. I wrote in my previous post that “We feel differently”. This is still true today. We have open flows of information in multiple channels. Part of building the world we want is to have built transparency and shared understandings.

            It’s worth noting that Mozilla is an unusual organization. We’re a technology powerhouse with broad internet openness and empowerment at its core. We feel like a product organization to those from the nonprofit world; we feel like a non-profit organization to those from the technology industry.

            It’s important that our board members understand the full breadth of Mozilla’s mission. It’s important that Mozilla Foundation Board members understand why we build consumer products, why it happens in the subsidiary and why they cannot micro-manage this work. It is equally important that Mozilla Corporation Board members understand why we engage in the open internet activities of the Mozilla Foundation and why we seek to develop complementary programs and shared goals.

            [...]

            Finding the right people who match these criteria and who have the skills we need takes time. We hope to have extensive discussions with a wide range of people. Board candidates will meet the existing board members, members of the management team, individual contributors and volunteers. We see this as a good way to get to know how someone thinks and works within the framework of the Mozilla mission. It also helps us feel comfortable including someone at this senior level of stewardship.

          • Firefox 72: Floating videos, blocking fingerprints, and defeating notification pop-ups

            Mozilla has aired a bunch of new features aimed at making web 2020 a little less unpleasant in its release of Firefox 72.

            "Picture in picture" is a way to play videos, introduced in Firefox 71 for Windows only, but now available on macOS and Linux. Start a video playing and a blue button appears. Click it, and the video plays in a floating, chromeless window, small by default but resizable. Mozilla says it is ideal for, um, multitasking, like when you are hard at work but want to keep an eye on the score at a big game. Perhaps it could work for those dull keynote streams when there might be a big announcement.

          • The Talospace Project: Firefox 72 on POWER

            Firefox 72 builds out of the box and uneventfully on OpenPOWER. The marquee feature this time around is picture-in-picture, which is now supported in Linux and works just fine for playing Trooper Clerks ("salsa shark! we're gonna need a bigger boat!"). The blocking of fingerprinting scripts should also be very helpful since it will reduce the amount of useless snitchy JavaScript that gets executed. The irony of that statement on a Blogger site is not lost on me, by the way.

            [...]

            The debug and opt configurations are, again, otherwise unchanged from Firefox 67.

      • Funding

        • Odoo Raises $90M To Advance Open Source ERP

          Odoo brings in new funds as it aims to further expand its enterprise resource planning platform.

          Enterprise Resource Planning (ERP) software has long been dominated by established proprietary vendors, but that's not to say there isn't open source competition in the market.

          Odoo, a company formerly known as OpenERP, develops a suite of open source ERP tools and built a solid user base of over 4.5 million users. The core open source Odoo community version is complemented with the Odoo enterprise edition that adds proprietary features that can be useful for larger organizations.

          In December 2019, Odoo got a strong vote of confidence, with an investment of $90 million, led by Summit Partners, with the participation of existing investor SRIW and its affiliate Noshaq. Total funding to date for Odoo is approximately $104 million.

      • FSF

        • Bring the planet to LibrePlanet by sponsoring an attendee

          LibrePlanet 2020: Free the Future is only ten weeks away! On March 14 and 15, we will welcome free software enthusiasts and experts to Boston for the Free Software Foundation's (FSF) annual conference on technology and social justice.

          We're hard at work creating an event with engaging talks with speakers from all over the world, and without spoiling any future announcements, we're very excited about the program we have so far. It is promising to be a year filled with talks about interesting and successful projects. Anticipated talks will expose the fascinating parallels between social movements in free software, dig into community-related subjects, and as always, explore the latest issues in licensing, security, education, and government adoption of free software with experts from these fields.

          The FSF is proud of the fact that the LibrePlanet audience and speakers come from a diverse range of backgrounds, countries, and cultures. We believe that anyone who wants to attend or speak at the conference should not be held back by financial burdens, so if you have a few dollars to spare, why not make a donation in support of the LibrePlanet Scholarship Fund? You'll be supporting a robust, diverse free software community by helping to reduce the financial barrier for those who need the help.

          [...]

          On top of all the free software work we fund and do year-round, with your financial support, we can invite speakers who can enlighten us with their knowledge and experience. Your donations will also help free software enthusiasts attend who otherwise would not have the means to do so. Your contribution, even if it's only a couple dollars, can be the difference between someone attending or not.

        • GNU Projects

          • libredwg-0.10 released
            Some minor API changes and bugfixes, mostly stabilization. 
            API breaking changes: 
              * added a new int *isnewp argument to all dynapi utf8text getters, 
                if the returned string is freshly malloced or not. 
              * removed the UNKNOWN supertype, there are only UNKNOWN_OBJ and UNKNOWN_ENT 
                left, with common_entity_data. 
              * renamed BLOCK_HEADER.preview_data to preview, preview_data_size to preview_size 
              * renamed SHAPE.shape_no to style_id 
              * renamed CLASS.wasazombie to is_zombie 
            Major bugfixes: 
              * Improved building the perl5 binding, proper dependencies. 
                Set proper -I and -L paths, create LibreDWG.c not swig_perl.c 
              * Harmonized INDXFB with INDXF, removed extra src/in_dxfb.c (#134). 
                Slimmed the .so size by 260Kb. Still untested though. 
              * Fixed encoding of added r2000 AUXHEADER address (broken since 0.9) 
              * Fixed EED encoding from dwgrewrite (a dxf2dwg regression from 0.9) (#180) 
            Minor bugfixes: 
              * Many fuzzing and static analyzer fixes for dwg2dxf, dxf2dwg, dwgrewrite, 
                including a stack-overflow on outdxf cquote. (#172-174, #178, #179). 
                dwgrewrite and indxf are pretty robust now, but still highly experimental, 
                as many dxf2dwg import and DWG validity tests are missing. 
                indxf still has many asserts on many structural DXF errors. 
              * Protect indxf from many NULL ptr, overflows and truncation. 
              * Fixed most indxf and encode leaks. (#151) 
              * More section decoders protections from invalid (fuzzed) values. 
              * Stabilized the ASAN leak tests for make check. 
              * Fix MULTILEADER.ctx.lline handles <r2010 
              * Fix indxf color.alpha; at DXF 440 
              * Fixed most important make scan-build warnings, the rest are mostly bogus. 
            Other newsworthy changes: 
              * Added LIBREDWG_VERSION et al to include/dwg.h 
              * Added support for AcDb3dSolid history_id (r2007+) 
              * Improved the indxf speed in new_object. Do a proper linear search, and 
                break on first found type. 
              * Rename the ./dxf helper to ./dwg, and added a ./dxf test helper. 
              * dxf2dwg got a new experimental --force-free option to check for leaks and 
                UAF or double-free's. 
              * Allow -o /dev/null sinks for dxf2dwg and dwg2dxf, for faster fuzzing. 
              * Harmonized *.spec formatting and adjusted gen-dynapi.pl 
              * Harmonized out_dxfb with out_dxf, e.g. the new mspace improvements (#173). 
            Here are the compressed sources: 
              http://ftp.gnu.org/gnu/libredwg/libredwg-0.10.tar.gz   (10.9MB) 
              http://ftp.gnu.org/gnu/libredwg/libredwg-0.10.tar.xz   (4.5MB) 
            Here are the GPG detached signatures[*]: 
              http://ftp.gnu.org/gnu/libredwg/libredwg-0.10.tar.gz.sig 
              http://ftp.gnu.org/gnu/libredwg/libredwg-0.10.tar.xz.sig 
            Use a mirror for higher download bandwidth: 
              https://www.gnu.org/order/ftp.html 
            Here are more binaries: 
              https://github.com/LibreDWG/libredwg/releases/tag/0.10 
            Here are the SHA256 checksums: 
            e890b4d3ab8071c78c4eb36e6f7ecd30e7f54630b0e2f051b3fe51395395d5f7  libredwg-0.10.tar.gz 
            8c37c4ef985e4135e3d2020c502c887b6115cdbbab2148b2e730875d5659cd66  libredwg-0.10.tar.xz 
            [*] Use a .sig file to verify that the corresponding file (without the 
            .sig suffix) is intact.  First, be sure to download both the .sig file 
            and the corresponding tarball.  Then, run a command like this: 
              gpg --verify libredwg-0.10.tar.gz.sig 
            If that command fails because you don't have the required public key, 
            then run this command to import it: 
              gpg --keyserver keys.gnupg.net --recv-keys B4F63339E65D6414 
            and rerun the 'gpg --verify' command. 
            
            

      • Programming/Development

        • Automating the creation of research artifacts

          In my work as a programming language researcher, I need to create artifacts that are easy to understand and well-documented. To make my work easier, I found a simple way to automate generating source code documentation, creating HTML and PDF versions of user documentation, compiling a technical (research) document to PDF, generating the bibliography, and provisioning of virtual machines with the software artefact installed for ease of reproducibility of my research.

        • Parallel Programming: December 2019 Update

          There is a new release of Is Parallel Programming Hard, And, If So, What Can You Do About It?.

          This release features a number of formatting and build-system improvements by the indefatigible Akira Yokosawa. On the formatting side, we have listings automatically generated from source code, clever references, selective PDF hyperlink highlighting, and finally settling the old after-period one-space/two-space debate by mandating newline. On the build side, we improved checks for incompatible packages, SyncTeX database file generation (instigated by Balbir Singh), better identification of PDFs, build notes for recent Fedora releases, fixes for some multiple-figure page issues, and improved font handling, and workarounds for ever-troublesome a2ping. In addition, the .bib file format was dragged kicking and screaming out of the 1980s, as suggested by Stamatis Karnouskos. The new format is said to be more compatible with modern bib-file tooling.

        • BH 1.72.0-3 on CRAN

          The BH 1.72.0-1 release of BH required one update 1.72.0-2 when I botched a hand-edited path (to comply with the old-school path-length-inside-tar limit).

          Turns out another issue needed a fix. This release improved on prior ones by starting from a pristine directory. But as a side effect, Boost Accumulators ended up incomplete with only the dependented-upon-by-others files included (by virtue of the bcp tool). So now we declared Boost Accumulators a full-fledged part of BH ensuring that bcp copies it “whole”. If you encounter issues with another incomplete part, please file an issue ticket at the GitHub repo.

          No other changes were made.

        • Flang Fortran Compiler Set To Land Next Week For LLVM 10.0

          As reported last month, Flang is expected to land in the LLVM 10.0 source tree ahead of the feature freeze for the v10.0 release due out in February. That landing is now scheduled to take place next week.

          The plan is to merge the Flang Fortran compiler front-end into the LLVM mono repository on Monday, 13 January. That allows Flang to be integrated prior to the upcoming LLVM 10.0 branching / feature freeze.

          Details on the plans for merging Flang into the LLVM source tree can be found on the development list.

        • Are you ready to work remotely?

          Here is a one question test for anyone considering remote work. You can ask yourself this question and if the answer is yes, a remote position will likely work well for you. If the answer is no, then I think you’d be happier with an onsite position. By the way, some people are never going to want to work remotely for a variety of reasons, and that is no big deal.

          That question is: “Are you comfortable asking a dumb question in public?”

        • Create temp file in Bash using mktemp and trap

          When working on Linux Bash, sometimes there is need to create temporary file. A common way of creating temp file on Linux is creating some file in /tmp directory. However there is security risk when creating temp file in /tmp directory. This post will show how to securely create temp file in Linux Bash.

        • Create demo project templates with one script

          When you're standing on a stage or doing a live demo in an online session, getting your project into a perfect-looking state may appear easy. But a lot of work goes on behind the scenes to create working, easy to use, and repeatable demo projects.

          When you're doing a demo, the technology in a project must support your bigger story about the project without failing. My fellow JBoss technology evangelists and I often have to set up different technologies, so it became necessary for us to tune some sort of generic framework or template to put these demo projects into.

        • Perl / Raku

          • Perl Weekly Challenge 42: Octal Numbers and Balanced Parentheses

            These are some answers to the Week 42 of the Perl Weekly Challenge organized by Mohammad S. Anwar.

            Spoiler Alert: This weekly challenge deadline is due in a couple of days (January 12, 2020). This blog post offers some solutions to this challenge, please don’t read on if you intend to complete the challenge on your own.

          • Paws XXXXVI (The game she is over)

            Well I left off on form my last post with this Moose error;

            Attribute (Items) does not pass the type constraint because: Validation failed for 'ArrayRef[Str|Undef]' with value [ { Method: ARRAY(0x5184cf0) } ] at /wwwveh/lib/x86_64-linux-thread-multi/Moose/Object.pm line 24

            but before I tackle that on I wanted to have a closer look at my changes I did to the callresult_class.tt template; I wanted to clean that up nicely and then my plan is to see if my changes have Borden anything else.

            So in cleaning it up I found what might be a bug.

          • Excellent Free Tutorials to Learn Perl

            Programming is about solving problems and good communication. But before code is written, you need to know how to solve the problem. Breaking the problem into component parts assists in the process. And being able to model the problem so that it’s easy to implement and test also helps. Combine this with a solid understanding of the programming language itself – a good programming book contributes to all aspects of problem solving. Perl has the virtue it can solve a problems in a few lines of code. Perl programmers solve problems and get things done.

            The popularity of a book is influenced by personal feelings, tastes, and opinions. Programming books accord to this general rule. There is a wide range of Perl books. As Perl is an open source programming language, with an eclectic heritage written by Larry Wall with thousands of contributors, it is welcome some authors have released their Perl books under a freely distributable license.

            Perl is a high-level, general-purpose, interpreted, scripting, dynamic programming language released under the GPL or Artistic license. Perl’s syntax has its roots in shell scripting tools, borrowing features from other languages including C, shell script (sh), AWK, and sed. It is available for most operating systems. Perl is implemented as an interpreted (not compiled) language. It is procedural, with variables, expressions, assignment statements, control structures, blocks and subroutines.

        • Python

          • Checking sphinx code blocks

            I'm too lazy to manually check code blocks in autogenerated sphinx documentation to see if they are valid and reasonably up to date. Doing it automatically feels much more interesting to me: here's how I did it.

          • From Browser To Dj

            Maybe you have heard about Django and that it can help you build websites. You might be new to Python, new to web development, or new to programming as a whole.

            This new series, Understand Django, will show you what Django is all about. Throughout this series, I hope to reveal how Django is a powerful tool that can unlock the potential of anyone interested in making applications on the internet.

            We’re going to take a high level approach to learning. Rather than starting at the bottom with all the pieces of Django, I’ll give you the big picture, then explore each layer more and more to reveal how much Django does for developers under the hood.

            Let’s get started from the very top of a user’s internet experience: at the web browser.

          • Letting Users Change a wx.ComboBox’s Contents in wxPython

            This week I came across someone who was wondering if there was a way to allow the user to edit the contents of a wx.ComboBox. By editing the contents, I mean change the names of the pre-existing choices that the ComboBox contains, not adding new items to the widget.

            While editing the contents of the selected item in a ComboBox works out of the box, the widget will not save those edits automatically. So if you edit something and then choose a different option in the ComboBox, the edited item will revert back to whatever it was previously and your changes will be lost.

          • Python 2 series to be retired by April 2020

            The CPython core development community is urging users to migrate to Python 3 as it will be the only version that will be updated for bugs and security vulnerabilities.

            After nearly 20 years of development on the Python 2 series, the last major version 2.7 will be released in April 2020, and then all development will cease for Python 2. Users are urged to migrate to Python 3 to benefit from its many improvements, as well as to avoid potential security vulnerabilities in Python 2.x after April 2020. This move will free limited resources for the CPthyon core developer community for other important work.

            The final Python 2.7 maintenance release was originally planned for 2015. However, it was delayed 5 years to give people adequate time to migrate and to work closely with vendors and redistributors to ensure that supported Python 3 migration options were available. Part of the reason for this delay was because the stricter text model in Python 3 was forcing the resolution of non-trivial Unicode handling issues in the reference interpreter and standard library, and in migrated libraries and applications

            Python 3 is a noticeable improvement to Python. There is ground-up support for Unicode and internationalization. It better expresses common idioms and patterns, which in code makes it easier to read and reason about. Improvements in concurrency, fault handling, testing, and debugging provide developers with the opportunity to create more robust and secure applications.

          • Exploring HTTPS With Python

            Have you ever wondered why it’s okay for you to send your credit card information over the Internet? You may have noticed the https:// on URLs in your browser, but what is it, and how does it keep your information safe? Or perhaps you want to create a Python HTTPS application, but you’re not exactly sure what that means. How can you be sure that your web application is safe?

            It may surprise you to know that you don’t have to be an expert in security to answer these questions! In this tutorial, you’ll get a working knowledge of the various factors that combine to keep communications over the Internet safe. You’ll see concrete examples of how a Python HTTPS application keeps information secure.

          • Deploying Django Applications to AWS EC2 with Docker

            In the fast-paced field of web applications, containerization has become not only common but the preferred mode of packaging and delivering web applications. Containers allow us to package our applications and deploy them anywhere without having to reconfigure or adapt our applications to the deployment platform.

            At the forefront of containerization is Docker, which is a tool that is used to package and run applications in containers that are platform agnostic. Serverless technology is also flourishing in this era of containerization and is proving to be the go-to option for developers when deploying their applications with more and more providers allowing users to deploy containerized software.

            While building an application is important, making it available to the end-users is also a crucial part of the product. In this post, we will package a Django application using Docker and deploy it to Amazon's EC2.

        • Shell/Bash/Zsh/Ksh

  • Leftovers

    • Science

      • Trump EPA’s Proposed "Secret Science" Rule Directly Threatens Children’s Health

        The Trump administration is working to weaken U.S. environmental regulations in many areas, from water and air pollution to energy development and land conservation. One of its most controversial proposals is known as the “secret science” rule because it would require scientists to disclose all of their raw data, including confidential medical records, in order for their findings to be considered in shaping regulations.

      • Y2K20 - The Infamous Millennium Bug Strikes Back 20 Years Later

        The new millennium presented the coders of the 90s with a unique problem know as the Y2K bug. Many computers of the time counted years by the last two digits, and they were about to roll back to 00. Come January 1st, a lot of systems were going to jump back to 1900, instead of 2000.

        Y2K was a coding complication that added to the plethora of scares surrounding the mysterious year 2000. Some people feared supernatural entities or extraterrestrial creatures would roam the earth. Others worried that every nuclear weapon in the world would misfire all at once as a result of the bug. In actuality, banking errors were among the worst things to come out of it.

    • Health/Nutrition

    • Integrity/Availability

      • Proprietary

        • The Hidden Cost of Ransomware: Wholesale Password Theft

          Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. But all too often, ransomware victims fail to grasp that the crooks behind these attacks can and frequently do siphon every single password stored on each infected endpoint. The result of this oversight may offer attackers a way back into the affected organization, access to financial and healthcare accounts, or — worse yet — key tools for attacking the victim’s various business partners and clients.

        • Pseudo-Open Source

          • Openwashing

            • The open source licence debate: dead project walking & incentive models

              Open source grew, it proliferated… and it became something that many previously proprietary-only software vendors embraced as a key means of development.

              If you don’t accept the options offered by the community contribution model of development, then you risk becoming a Proprietary 2.0 behemoth… or so the T-shirt slogan might go.

              But the issue of how open source software is licenced is still the stuff of some debate.

          • Entrapment (Microsoft GitHub)

            • Uber open-sources Manifold, a visual tool for debugging AI models

              Debugging machine learning (ML) models isn’t a walk in the woods. Just ask the data scientists and engineers at Uber, some of whom have the unenviable task of digging into algorithms to diagnose the causes of their performance issues.

              To lighten the workload, Uber internally developed Manifold, a model-agnostic visual tool that surfaces the differences in distributions of features (i.e., the measurable properties of the phenomena being observed). It’s a part of the ride-hailing company’s Michelangelo ML platform, where it’s helped various product teams analyze countless AI models. And as of today, it’s available in open source on GitHub.

        • Security

          • Security updates for Wednesday

            Security updates have been issued by Arch Linux (firefox), Debian (python-django and wordpress), Fedora (dovecot), Mageia (opensc, radare2, and varnish), Red Hat (rh-java-common-apache-commons-beanutils), SUSE (containerd, docker, docker-runc, golang-github-docker-libnetwork, java-1_8_0-ibm, java-1_8_0-openjdk, libzypp, openssl-1_0_0, sysstat, and tomcat), and Ubuntu (clamav, linux-azure, and linux-lts-xenial, linux-aws).

          • How AppArmor can protect your Linux system

            AppArmor is a useful Linux security module that can restrict the file-system paths used by an application.

            It works differently than Security-Enhanced Linux (SELinux) and cannot run on at the same time on the same system with SELinux, which comes installed on some Linux distributions. The question is when to use AppArmor and what it can do to protect your system.

            This 2-Minute Linux Tip video below is an introduction to AppArmor and how to get starting using it.

          • IPFire 2.23 - Core Update 139 released

            It is time for the first release of the year, IPFire 2.23 - Core Update 139. It is packed with improvements, software updates, and many many bug fixes.

          • What's HTTPS for secure computing?

            Over the past few years, it's become difficult to find a website that is just "http://…" This is because the industry has finally realised that security on the web is "a thing," and also because it has become easy for both servers and clients to set up and use HTTPS connections. A similar shift may be on its way in computing across cloud, edge, Internet of Things, blockchain, artificial intelligence, machine learning, and beyond. We've known for a long time that we should encrypt data at rest (in storage) and in transit (on the network), but encrypting it in use (while processing) has been difficult and expensive. Confidential computing—providing this type of protection for data and algorithms in use using hardware capabilities such as trusted execution environments (TEEs)—protects data on hosted systems or vulnerable environments.

            I've written several times about TEEs and, of course, the Enarx project of which I'm a co-founder with Nathaniel McCallum (see Enarx for everyone (a quest) and Enarx goes multi-platform for examples). Enarx uses TEEs and provides a platform- and language-independent deployment platform to allow you safely to deploy sensitive applications or components (such as microservices) onto hosts that you don't trust. Enarx is, of course, completely open source (we're using the Apache 2.0 licence, for those with an interest).

          • TenFourFox not vulnerable to CVE-2019-17026

            After doing some analysis late last night and today to determine if we need a chemspill build, I have concluded that TenFourFox is not vulnerable to CVE-2019-17026, or at least not to any of the PoCs or test cases available to me. This is the 0-day that was fixed in Firefox 72.0.1 and 68.4.1. Though a portion of the affected code exists in the TenFourFox code base, there doesn't seem to be a way to trigger the exploit due to various other missing optimizations and the oddities of our JIT. (Firefox 45-based browsers using our patches as upstream should bear in mind this may not be true for other architectures, however.) Absent evidence to the contrary it will be nevertheless patched as part of the standard security fixes in FPR19.

          • Privacy/Surveillance

            • Federal Agents Are Using A Reverse Warrant To Track Down Arson Suspects

              Reverse warrants have been deployed again. And, again, Wisconsin law enforcement agencies are involved. The feds used a reverse warrant to track down robbers who hit a bank at a strip mall just outside of Milwaukee earlier this year.

            • European Law Enforcement Officials Upset Facebook Is Warning Users Their Devices May Have Been Hacked

              Oh boy. Facebook has just added fuel to the anti-encryption fire. And by doing nothing more than something it should be doing: notifying users that their device may have been compromised by malware.

            • Did Twitter Help Stop War With Iran? [iophk: federal communications filtered through a foreign-owned private company]

              Neither Trump nor Zarif tweeted again all night. After weeks of frenetic activity on Twitter by the president, a hundred or more a day sometimes, Trump’s 13-hour silence on Twitter by the time he took the stage at the White House Wednesday morning marked one of his longest periods of online calm since the start of the Ukraine scandal in the fall.

              In those remarks, Trump underscored the message of the previous night's tweets: Tensions with Iran would remain high. Sanctions would increase. But for now, there will be no war.

            • Confidentiality

              • TikTok Security Flaws May Have Exposed User Videos to [Attackers]

                Check Point Software Technologies Ltd. outlined in a report a series of vulnerabilities that cyber-attackers could exploit to manipulate user accounts and information, from revealing personal data and deleting videos to sending text messages on behalf of TikTok. The research firm said it informed TikTok -- owned by Chinese giant ByteDance Inc. -- which deployed fixes. TikTok confirmed the patches and said it was committed to protecting user data, and encouraged researchers to privately disclose flaws.

    • Defence/Aggression

      • Is This the End of U.S. Interference in West Asia?

        Major General Hossein Salami, the chief of the Islamic Revolutionary Guard Corps (IRGC) of Iran, said on January 4 that his country would take “strategic revenge” against the United States for the assassination of Lieutenant General Qassem Soleimani. The assassination of Soleimani, Salami said, will be later seen as a “turning point” in U.S. interference in West Asia.

      • Bernie Sanders, Elizabeth Warren, Ro Khanna, and Barbara Lee to Join 12,000 Activists on No War With Iran Strategy Call

        The call, in advance of Thursday's planned anti-war marches, begins at 8pm EST.

      • US Jingoism Promotes Mindless Support for War with Iran

        This is not an article intended to praise Qassem Suleimani, the Commander of Iran’s military who was whacked by President Trump with several Hellfire Missiles fired from a US drone at his vehicle outside the Baghdad Airport.

      • Will the US Always Be This Hungry for War and Carnage?

        The people do not want war, but right now we have almost no say in the matter.

      • Two-Thirds of People Around the World Say Trump Can't Be Trusted to Make Right Choice on Foreign Policy

        Low confidence in Trump was expressed even before the president escalated tensions with Iran with the assassination of Qasem Soleimani.

      • Congress: War Profiteering Is Real. We Need to End It.

        Surging stock prices for military contractors gave several CEOs an early payday after Trump’s Iran aggression.

      • Trump’s Iran War is a Tragedy Foretold

        Here we go again. We lived through George Bush Senior’s war, then George Bush Junior’s war and now we have Donald Trump’s war. Our leaders don’t learn from our mistakes very well. True, the curtain is just rising on Act Three, and the players are just now entering the stage; no one in the audience knows how it’s going to end or who and how many are going to die. Everyone is on the edge of their seats: the in-your-face, heart-stopping suspense is palpable, which is just the sort of thing Donald Trump, the showman, thrives on and what makes his enthusiastic fans shout with delight.

      • Opposing War With Iran: Three Reasons

        The U.S. stands at the precipice of war. President Trump’s rhetorical efforts to sell himself as the “anti-war” president have been exposed as a fraud via his assault on Iran. Most Orwellian of all is Trump’s claim that the assassination of Iranian General Qassam Soleimani was necessary to avert war, following the New Year’s Eve attack on the U.S. embassy in Baghdad. In reality the U.S. hit on Soleimani represents a criminal escalation of the conflict between these two countries. The general’s assassination was rightly seen as an act of war, so the claim that the strike is a step toward peace is absurd on its face. We should be perfectly clear about the fundamental threat to peace posed by the Trump administration. Iran has already promised “harsh retaliation” following the assassination, and announced it is pulling out of the 2015 multi-national agreement prohibiting the nation from developing nuclear weapons. Trump’s escalation has dramatically increased the threat of all-out war. Recognizing this threat, I sketch out an argument here based on my initial thoughts of this conflict, providing three reasons for why Americans need to oppose war.

      • Just Get the Hell Out

        The reason there is unrest in Iraq is simple. It is because the United States has used the territory and people of Iraq both as bait and as targets in their ongoing battle to secure the Middle East. Beginning with the January 1991 attack on Baghdad, US forces and their client armies have waged a twenty-nine-year war on that nation. A once thriving land has been subjected to economic sanctions and sabotage, massive bombing, military invasion, sectarian warfare, and the theft of its resources; and that’s just the tip of it. Hundreds of thousands of its residents have died from this relentless destruction and millions more remain impoverished and with minimal hope for a better future. The ongoing occupation by the United States is both a reminder and the cause of the situation the Iraqi people are rebelling against.

      • Now We Know for Certain Trump Will Do Anything to Win in 2020—Even Start a War

        Though a failed realtor, Trump was a successful reality show star. And he knows how to entertain people with fake conflict.

      • The U.S. Military Should Take the Iraqi Parliament’s Advice and Leave

        The on-going presence of American troops in the region does not enhance U.S. or regional security; it makes Americans more vulnerable to attack and further mired in endless wars in the region.

      • Trump Has Conducted a War on Iran for 19 Months; Iran Finally Hit Back

        Trump’s blockade on Iran has not the slightest legitimacy. If you blockade a country and prevent its trade with naval ships, that is an act of war in international law.

      • Congress Must Forcibly Limit Trump’s Power to Attack Iran

        The unlawful and provocative assassination of Iran’s top general, Qassim Suleimani, has already given rise to an escalating spiral of lethal events. The greatest risks are to stumble into a devastating war in the Middle East with grave consequences for the peoples of Iran and Iraq and likely across the region. Such a war would have disastrous effects for this country, for the region and the world. It is certain to do further harm to the reputation of the United States, which already is perceived in much of the world as an irresponsible and criminal political actor in the region, using military force in ways that have made already difficult situations catastrophic by taking various dangerous military, economic and quasi-diplomatic initiatives misleadingly presented as “maximum pressure.”

      • After Biden Offers 'No Comment' Response to Middle East Escalation, Critics Suggest: How About 'No War With Iran'

        "If your candidate right now is saying anything other than 'the US cannot go to war with Iran and should de-escalate immediately,' they shouldn't be your candidate."

      • 'Stop Escalation': World Leaders Call on Trump to End Warmongering and Resume Diplomacy With Iran

        "Unless real diplomacy begins, the risk for confrontation will not dissipate for real."

      • A War on Iran Would be Different From Iraq, and Far, Far Worse

        Since President Trump’s assassination of Iranian general Qasem Soleimani, widespread alarm has centered on whether he is again dragging us into another war like Iraq, to detract from his impeachment. The bad news is that the situation is even more potentially disastrous.

      • Trump’s Actions in Iraq Could Plunge the Country Into Crisis Once Again, Leaving Iran as Strong as Ever

        The assassination of Qassem Soleimani has capsized Iraqi politics in the most dangerous of ways, making it possible that the country will be plunged once again into a state of permanent crisis and war from which it has escaped in the last two years.

      • The Dubious Moral Justification for a Nuclear Second Strike

        The aim of presenting the case for the continued possession of these terrifying weapons that hold the potential to destroy all life on earth this way seems to be to convince citizens that nuclear weapons are morally justifiable and thus somehow 'acceptable.'

      • Trump Has Been at War With Iran for More Than a Year
      • Iran’s Unlawful Reprisal (and Ours)

        Given the abject failure of unilateral force to achieve anything of lasting value, collective security measures seem worth trying. Exchanging armed reprisals can only lead to ruin.

      • Iran Sanctions Are Economic Warfare, and Trump Just Vowed to Increase Them

        The U.S. assassination of Iranian General Qassim Suleimani opened a pandora’s box in the Middle East. Iran’s initial response has come in the form of a direct missile attack on the Ain al-Assad U.S. military base in Iraq. While this morning President Trump ruled out an immediate military escalation given that there were no U.S. casualties, he did announce that there would be heightened sanctions on the country. Trump’s approach to Iran ensures direct conflict unless he leans off his so-called “maximum pressure” policy, which has always included punishing sanctions that harm the Iranian people.  

      • Who Benefits From Escalation With Iran? Defense Contractors.

        Last night, Iran launched retaliatory missile strikes on U.S. bases in Iraq. Over the past year, even when diplomatic engagement and de-escalation seem to be the obvious choices, the U.S. has continued its spiral toward war with Iran. In the face of these absurd policy and military decisions, more Americans are becoming furious at the inability of the U.S. government to stay out of conflict, and to end unnecessary U.S. violence abroad. We must ask: Who benefits from these endless wars?

      • CEOs Are Already Raking in Millions From Iran Tensions

        The prospect of war with Iran is terrifying.

      • 'Kicking the Can to Next Week Is Irresponsible': Progressives Rebuke Pelosi for Delaying Iran War Powers Vote

        "Every day we wait is a message from Congress to Trump to continue this march to war."

      • American Empire Completes Three Decades of Futility

        Thirty years ago this month, President George H.W. Bush appeared before a joint session of Congress to deliver his first State of the Union Address, the first post-Cold War observance of this annual ritual. Just weeks before, the Berlin Wall had fallen. That event, the president€ declared, “marks the beginning of a new era in the world’s affairs.” The Cold War, that “long twilight struggle” (as President John F. Kennedy so famously described it), had just come to an abrupt end. A new day was dawning. President Bush seized the opportunity to explain just what that dawning signified.

      • Because Trump Acting Like 'Both an Arsonist and a Fireman' on Iran, Congress Must Act, Say House Progressives

        "Congress must reassert our Constitutional authority by passing a strong War Powers Resolution to ensure Congressional authorization for any military action."

      • The Soleimani Assassination: Worse Than a Crime, a Mistake

        In March of 1804, French dragoons secretly crossed the Rhine into the German Margraviate of Baden. Acting on orders from Napoleon himself, they kidnapped Louis Antoine de Bourbon, Duke of Enghien. After a hastily convened court-martial on charges of bearing arms against France, the duke was shot.

      • More Than 180 Events Planned Across US to Protest Trump's March to War With Iran

        After Iran’s retaliation for the killing of Gen. Qasem Soleimani intensified fears of another catastrophic Middle East war, a coalition of progressive advocacy groups Tuesday reiterated their call for massive demonstrations across the U.S. to protest President Donald Trump’s “military brinksmanship” and demand immediate de-escalation of tensions.

      • 'We Need Everyone in the Streets': More Than 180 Events Planned Across US to Protest Trump's March to War With Iran

        "America, this is an emergency. If we spiral into war with Iran, millions could die. We have a short window of time to stop it. We need a massive protest."

      • 'Strike of Choice': US Lawmakers Decry 'Utterly Unconvincing' Trump Briefing on Soleimani Assassination

        Not just Democrats, Sen. Mike Lee of Utah said what Trump officials presented was "the worst briefing I've had on a military issue in my nine years" serving in the Senate.

      • A Window for Peace

        There is this morning a chink of light to avoid yet more devastation in the Middle East. Iran’s missile strikes last night were calibrated to satisfy honour while avoiding damage that would trigger automatically the next round. The missiles appear to have been fitted out with very light warhead payloads indeed – their purpose was to look good in the dark going up into the night sky. There is every reason to believe the apparent lack of US casualties was deliberate.

      • Iran under pressure to explain Tehran plane crash after 176 killed in Ukrainian jet disaster

        Iran dismissed speculation that the aircraft had been downed by a missile but said it would not hand over the black boxes from the aircraft to Boeing, in an unusual move likely prompted by high tensions with the United States.

      • Will This Billionaire-Funded Think Tank Get Its War With Iran?

        As it happens, this is exactly what the pro-Israel think tank the Foundation for the Defense of Democracies (FDD) reportedly achieved in an arrangement brokered by former Trump national security adviser John Bolton.

        The FDD senior adviser on the National Security Council was Richard Goldberg. And the think tank, the FDD, funded by prominent American billionaires such as the financier Paul Singer and Home Depot magnate Bernard Marcus, has relentlessly pushed for a recklessly militaristic US policy against Iran and in the Middle East generally.

    • Transparency/Investigative Reporting

      • Teen Vogue apologizes for 'confusion' after deleting controversial article about Facebook

        Teen Vogue is apologizing for creating "confusion" after what it says were a "series of errors" in the handling of a post on Facebook's efforts to combat false information in the 2020 election.

        The article, titled "How Facebook Is Helping Ensure the Integrity of the 2020 Election," presented an uncritical look at the company's purported efforts to quash election interference. Screenshots of the story show it was initially published without a byline and was comprised of several interviews with Facebook employees, speaking positively about their company's efforts to stop disinformation on the platform.

        The piece attracted attention online, with many questioning whether it was in fact a paid advertisement from the social media giant. Facebook has drawn criticism for failing to address the spread of fake accounts and disinformation on its site leading up to the 2016 election.

    • Environment

      • Deadly Earthquakes Rock Puerto Rico, Causing Mass Power Outages

        A 6.4 magnitude earthquake rocked Puerto Rico early Tuesday, killing at least one person and plunging nearly the entire population into darkness in a mass power outage. It is the largest earthquake to hit the island in more than 100 years and follows a series of strong quakes that have rattled the island in recent days. A 5.8 magnitude quake struck on Monday, damaging the coastal town of Guánica. Damage from the earthquakes has left nearly 350 people homeless and at least 300,000 without drinking water. Governor Wanda Vázquez declared a state of emergency Tuesday. The devastation comes as Puerto Rico continues to reckon with the fallout from Hurricane Maria in 2017, which killed at least 3,000 and left Puerto Rico in the dark for months in the longest blackout in U.S. history — and the second-longest blackout in world history. We speak with Yarimar Bonilla, a political anthropologist at the City University of New York, co-editor of the anthology “Aftershocks of Disaster: Puerto Rico Before and After the Storm” and the founder of Puerto Rico Syllabus, a guide for understanding the economic crisis in Puerto Rico. She says the word “aftershock” takes on a new meaning as delays in infrastructure repairs and electricity revival continue. The “infrastructural aftershocks … are not just about the earth shaking, but really about a lack of preparedness on the part of the government,” Bonilla says.

      • Aviation chief criticises Greta Thunberg and 'flight-shaming' movement

        The aviation industry is planning a pushback against the “flight-shaming” movement and Greta Thunberg, according to the head of the International Air Transport Association (IATA).

        IATA chief executive Alexandre de Juniac said Thunberg has pushed the environmental impact of flying up the agenda, but he argued that she unfairly singles out aviation, which emits more than 2 per cent of global CO2 emissions.

        “We are not the only polluter on this planet, and we have taken the subject frontly, directly and massively,” he told New Scientist. He said her message will lead to a world where people will be unable to connect. “Everybody would stay in his own small village, behind his walls,” he said. “It’s a move backwards, almost a century ago.”

        De Juniac said he would like to meet Thunberg, saying she is too pessimistic about the industry’s ability to find solutions. “I would like to tell her that what we are targeting is to fly more and pollute less,” he said. A representative for Thunberg said she wouldn’t be able to respond to de Juniac’s remarks.

        IATA, the trade body that represents the world’s airlines, will join forces with others in the aviation industry to launch a campaign in 2020 in a bid to reassure people who fly but are wavering because of climate concerns.

        There are already signs that the Flygskam (flight-shaming) movement that began in Sweden may have started to reduce flights in Sweden and the Netherlands, with aviation emissions in both countries falling between January and June.

      • An Australian Bushfire Benefit Concert Is In the Works

        Sound Relief Australia has announced that it will be staging a concert this year to benefit those affected by the country’s bushfires.

      • The Devastating Figures Behind Australia’s Bushfires

        The new decade has opened with a sobering and scary climate change reality. The state of New South Wales is in a designated state of emergency€ because of fires.€ At least€ 25 people have died€ as a result of those fires. Thousands of people have been displaced. Wildfires have destroyed€ more than 12 million acres€ of land across the Australian continent—an area almost seven times the size of the 2018 California wildfires (the€ worst in state history). And in the time it took to write this article, the estimated number of animals killed has jumped from a conservative 480 million to a full€ 1 billion.

      • As the World Burns, the Powerful Go on Holiday

        Like so many these past few days, I have been stunned by the devastation across Australia. The photographs and videos of the fires sweeping through the countryside and surrounding towns and even the city of Sydney show a nation literally on fire. Terrified people clung to the bottoms of boat docks, neck deep in water to escape the flames. Thousands crowded on to beaches while the skies above became a Mars like hue.€  At the time of my writing this at least 18 people are confirmed to have died, over 14 million acres scorched, and a half billion wild animals have perished. These numbers will almost certainly rise. Indeed, it has made even the most stoic of climate scientists tremble. The fires are unprecedented in scale, bigger than the fires in California or even the Amazon in 2019. And they are particularly alarming as this is only the beginning of summer in the southern hemisphere.

      • Australia’s Big Burn and Scotty From Marketing

        I was in Australia a month ago, experiencing some of the effects of the huge wildfires that had been burning there since August.

      • Debunked Australian Bushfire Conspiracy Theories Were Pushed by Alex Jones, Murdoch Media

        Two of the main conspiracies about the fires are based on the false ideas€ that they are caused by a spate of€ arson and they have been worsened by the Green Party's supposed efforts to stop€ controlled burns as a fire management and reduction€ measure.

      • With 14 'Billion-Dollar Disasters' and Record-Breaking Heat in Alaska and Across South, 2019 Was a Year of Climate Extremes for US

        "Americans are put at risk by the serious consequences of the climate crisis."

      • Time Is Running Out to Save Greenland

        It’s still possible, but it’s far from certain: stopping Greenland’s melting can be done, but it must be done soon.

      • Energy

      • Wildlife/Nature

    • Finance

    • AstroTurf/Lobbying/Politics

      • The Spotted Trump Hoax, and Other Mythical Creatures

        By conjuring these illusions, Donald Trump dodges responsibility.

      • Prince Harry and Meghan to ‘Step Back’ as Senior British Royals

        Prince Harry and his wife, Meghan, say they plan “to step back” as senior members of Britain’s royal family, a stunning announcement that underscores the couple’s wish to forge a new path for royals in the modern world.

      • Listen to Jared Kushner’s Family Saga

        In 1996, an 83-year-old Holocaust survivor and refugee to America sat down with an interviewer from the USC Shoah Foundation to recount what she had experienced. The woman, Rae Kushner, was part of the Holocaust remembrance movement.

        “If we’re not going to tell now, in 20 years I don’t know who’s going to be to tell,” Rae Kushner said in her Yiddish-accented English. “And now we have still the strength and we have the power to do this and to warn the rest of the world to be careful who is coming up on top of your government.”

      • Democratic Party Backs ALEC Alumnus Congressman Against Progressive Challenger

        Democratic Rep. Tom O’Halleran of Arizona’s First Congressional District is affiliated with an organization that promotes conservative legislation across the country, yet top House Democrats and Democratic Party groups are backing him against a primary challenge from his left.

      • ‘This is the land of our ancestors’ How plans to put Moscow’s trash in the Komi Republic’s taiga united environmental, indigenous, and Communist activists into a new opposition movement

        Since the fall of 2018, waves of protests have continuously swept through Russia’s north, both in the Arkhangelsk region and in the Komi Republic. The protesters are attempting to stop the construction of a new landfill near the Shiyes train station, which is located on the border between the two regions. The project appears to have little to do with local demand; instead, its purpose is to deal with the ever-escalating production of waste in Moscow. Arkhangelsk and Komi residents, even if they live hundreds of miles from Shiyes, believe the dump will devastate the natural environment around them.

      • Paradise Lost Political as Talmudic Such the Sigh.

        Early 21st C. (well, second Decade entered, so it goes) under Cultural Hegemony the dimensionality of moral contemplation context of Politics as ‘moral economics’ all but destroyed?

      • We Need a Strong Anti-War Movement—Yesterday

        As we spiral toward a confrontation between the U.S. and Iran, it’s worth reflecting on the failures to rein in U.S. aggression along the way.

      • The Return of the Antiwar Movement: Memories and Intimations

        The turnout in Madison, Wisconsin, for an antiwar rally on Jan.4, was not bad, considering the students are out of town, many local Bernie devotees are busy canvassing in Iowa, and the weather was about as forbidding as usual in the Winter (it could always be worse). Somehow, the icy wind always sweeps off Lake Mendota toward us assembled at the Capitol.

      • With McConnell-Led GOP Cover-Up for Trump Looming, Voters Urged to Call Senators to Demand Fair Trial

        "If Donald Trump's Republican defenders in the Senate truly believe that the president has done nothing wrong, then they should welcome the opportunity to hear public testimony from Trump administration officials who witnessed firsthand the events in question."

      • Wake Up, Democrats. Bomb-‘Em-All Bolton Won’t Help Impeachment

        Would Bolton,€ a leading advocate of bombing Iran, suddenly decide to help bring Trump down, at the very moment when Trump is taking action that could lead to the fulfillment of Bolton’s greatest aspiration, a regime-change war with Iran?€ 

      • Democracy€ in America: Six Lessons€ to Live By in 2020

        The start of a new year and a new decade is€ normally an occasion for€ reflection, but there is nothing normal about 2020. € America will decide whether or not to give Donald Trump four more years in the White House. € The choice voters make will be historic. € Quite possibly a tipping point. € What follows are some lessons, a kind of short course in civics that could make the difference between a desirable outcome and a disastrous one.

      • Deceased GOP Strategist's Daughter Makes Files Public That Republicans Wanted Sealed

        Republican state lawmakers in North Carolina fought in court to keep copies of these maps, spreadsheets and other documents from entering the public record. But some files have already come to light in recent months through court filings and news reports.

        They have been cited as evidence of gerrymandering that got political maps thrown out in North Carolina, and they have raised questions about Hofeller's role in the Trump administration's failed push for a census citizenship question.

        Now more of the files are available online through a website called The Hofeller Files, where Hofeller's daughter, Stephanie Hofeller, published a link to her copy of the files on Sunday after first announcing her plans in a tweet last month.

        "These are matters that concern the people and their franchise and their access to resources. This is, therefore, the property of the people," Hofeller told NPR. "I won't be satisfied that we the people have found everything until we the people have had a look at it in its entirety."

      • British monarchy rocked by Instagram post [iophk: official communications filtered via a foreign-owned corporation]

        This is close to the logic that has led to American celebrities using social media — the chance to speak directly to an audience, without the intermediary of a reporter, who may write something the celebrity doesn’t like, or get the story wrong. Meghan has said that adjusting to royal life has been “hard” and that the British tabloids’ treatment of her has been difficult to bear. “I never thought that this would be easy, but I thought it would be fair and that’s the part that’s really hard to reconcile,” she said in an interview with ITV’s Tom Brady.

      • Labour rules out unity government plan to block no-deal Brexit

        The rainbow coalition of anti-no-dealers, including a swelling tribe of Liberal Democrat MPs, has tried repeatedly to find a suitable candidate to lead a caretaker government in a bid to dethrone Boris Johnson and force an extension to Article 50.

        [...]

        The job change – which sees her swapping the leader’s office for Labour HQ – follows the resignation of Andrew Fisher, the party’s head of policy, in the middle of the Labour conference in Brighton last month.

        Labour is seeking a meeting with key civil servants ahead of a general election, with a view to going to the polls once an extension to Article 50 is secured.

    • Censorship/Free Speech

    • Civil Rights/Policing

      • Lawmakers Refused to Increase an Infamous Prison’s Funding. Then, Chaos Erupted.

        One prisoner strangled another to death while other inmates cheered the killing. Two convicts escaped a dilapidated building by walking out an open door. Maximum-security detainees freely roamed hallways, beating and threatening others.

        Violence has roiled the Mississippi prison system for more than a week, with state corrections officials imposing a statewide lockdown and a county coroner declaring that gangs in the prisons have launched an all-out war against one another.

      • After a String of Antisemitic Attacks, a Choice Confronts all Jews

        A surge of antisemitism has left us wondering where we can turn, to induce the feeling that rather than exercising solidarity, we should turn inward.

      • All In This Together
      • Millions Flood Streets Across India as General Strike Takes Aim at Modi Government

        "The attitude of the government is that of contempt towards labour."

      • $71 Million for More Cops; Not A Dime for Jobs and Healthcare
      • Immigration and the Prison Industrial Complex

        In the past year, the struggle over immigration rights continued along a broad array of fronts. There were significant setbacks, such as the implementation of the “Remain in Mexico” policy that made asylum nearly impossible to attain. But there were also victories, such as a federal judge’s ruling in November that required the government to provide health services to thousands of parents and children traumatized by the family separations carried out in accordance with the Trump administration’s “zero-tolerance” policy.

      • Bangladesh: Online Surveillance, Control

        Expand

        Bangladeshi photojournalists and journalists form a human chain infront of National Press Club protesting the attacks on them during the students' ongoing protest demanding safe roads, in Dhaka, Bangladesh on August 7, 2018.

      • Border Patrol Detains Iranian Americans at US-Canada Border as Xenophobia Rises

        In the midst of escalating U.S.-Iran tensions, Border Patrol has been detaining Iranian Americans at the U.S.-Canada border. At least 100 people were delayed at ports of entry along the border over the weekend, following the U.S. assassination of Qassem Soleimani on January 3. For response, we speak with Anna Eskamani, Florida Democratic state representative of Orlando. She is the first Iranian American to be elected to any public office in Florida. “The reality is that when we see the potential war rise in countries like Iran … we’ll see xenophobia rise right here locally” in the U.S., Eskamani says.

      • Russia: Escalating Persecution of Jehovah’s Witnesses

        Law enforcement authorities across Russia have dramatically escalated the nationwide persecution of Jehovah’s Witnesses in the past 12 months, Human Rights Watch said today. One year after President Vladimir Putin said that the crackdown against them should be “looked into,” the numbers of house raids and people under criminal investigation€ have more than doubled, and 32 Jehovah’s Witnesses worshipers are behind bars for peacefully practicing their faith.

        At least 313 people are facing charges, are on trial, or have been convicted of criminal “extremism” for engaging in Jehovah’s Witnesses’ activities, or are suspects in such cases. About two-thirds of them found out about their status as suspect or accused in 2019. Authorities have carried out at least 780 house raids since 2017 in more than 70 towns and cities across Russia, more than half of them in 2019. Courts convicted 18 people in 2019, nine of whom received prison sentences ranging from two to six years, for such activities as leading or participating in prayer meetings. Verdicts are expected in several cases later in January.

      • Trump Administration’s Proposed Rule Attempts to Starve Out Asylum Seekers

        The Trump administration is attacking the right to seek asylum in the United States. From separating asylum seekers from their children, to legally barring people from applying for protection and forcing them to remain in harsh conditions in Mexico, the administration has used every tactic it can think of to deny rights to refugees. Its most recent approach is a cruel attempt to starve out those who have lawfully applied for asylum in the U.S. by denying them the right to work while their case is pending. The administration’s new proposed regulation will not stop people from applying for asylum, but will force asylum seekers and their families into poverty or into the underground economy while their cases pend for years in an increasingly backlogged immigration court.

      • Kazakhstan: Improper Prosecution of Asylum Seekers from China

        (Berlin) – Kazakhstan should not forcibly return two Chinese citizens fleeing ill-treatment in Xinjiang or prosecute them for illegal border crossing while their asylum claims are pending, Human Rights Watch said today.

        On January 6, 2020, court hearings against the two ethnic Kazakh men, Kaster Musakhanuly and Murager Alimuly, on charges of illegal border crossing began in the remote eastern town of Zaysan. The hearing was adjourned after only two hours, although dozens of witnesses and supporters had traveled there to testify on their behalf, and the case was postponed to January 21. If returned to China, the men would almost certainly face detention and a real risk of torture.

      • Illinois Comptroller Is Opting The State Out Of Collecting Red Light Camera Fees

        We've discussed red light cameras many times in the past, most often to point out how they really aren't great at providing any benefit in vehicle safety, but are quite good at filling up the coffers of local governments on the backs of motorists. Given that these are essentially profit centers run by governments that aren't well suited to maximizing profits, the contracts for these red light cameras are typically outsourced to private interests. And if that seems like a recipe for rampant corruption... well... yeah. Everyone from judges to my beloved home city of Chicago has found themselves being investigated, and sometimes charged, with wild corruption as part of these red light camera contracts. Contracts that, again, don't make anyone any safer.

      • Defiant Fugitive Ex-Nissan Boss Vows Fight to Clear His Name
      • Does the US have a problem with topless women?

        Women fed up with being forced to cover up their breasts and nipples are challenging American laws about nudity and sparking a debate about the country's attitude to the naked female form.

    • Internet Policy/Net Neutrality

      • There's A Recurring Theme With 5G, And It's Disappointment

        Buried beneath the unrelenting hype surrounding fifth-generation (5G) wireless is a quiet but growing consensus: the technology is being over-hyped, and early incarnations were rushed to market in a way that prioritized marketing over substance. That's not to say that 5G won't be a good thing when it arrives at scale several years from now, but early offerings have been almost comical in their shortcomings. AT&T has repeatedly lied about 5G availability by pretending its 4G network is 5G. Verizon has repeatedly hyped early non-standard launches that, when reviewers actually got to take a look, were found to be barely available.

      • .blog vs .com TLD performance

        BunnyCDN shared some interesting performance benchmarks of the name servers responsible for some generic top-level domains (gTLD). They measured from 50 locations around the world.

        I’m using a .blog domain for this website. Unfortunately, this gTLD is placed near the bottom of the list. Ouch.

        I recreated a smaller version of their experiment for the .blog and .com TLDs. I don’t have a content distribution (CDN) network with 50 points of presences around the globe to test from.

        However, I do have a RIPE Atlas test probe. It enables me to run a quick test like this from 11 000 locations around the world. I settled for recreating BunnyCDN’s tests from 300 locations, however. You can see the results from my test in the footer and the graph at the top of this article.

    • Digital Restrictions (DRM)

      • Disappointing: Apple The Latest To Abuse DMCA 1201 To Try To Stifle Competition, Security Research, Jailbreaking And More

        Back in August, Apple kicked off an already questionable lawsuit against Corellium, makers of virtualization software that would let users create and interact with "virtual" iOS devices. It is a useful tool for a variety of reasons, including (importantly) for security researchers trying to hunt down bugs on a virtual iPhone. Over the last few months, security researchers in particular have been raising the alarm about this lawsuit. Then, just before the New Year, Apple made things much, much worse, with its amended complaint, that takes Section 1201 of the DMCA to new and even more ridiculous heights.

    • Monopolies

      • The End of Indie Web Browsers: You Can (Not) Compete

        No longer is it possible to build your own web browser capable of consuming some of the most popular content on the web. Websites like Netflix, Hulu, HBO, and others require copyright content protection which is only accessible through browser vendors who have license agreements with large corporations.

        During development of Metastream⁠—a browser-based side project of mine⁠—I ran into a roadblock when Google Widevine rejected my application to use their software that allows playback of encrypted media. The same problems I faced are affecting other developers with no known solutions in-sight.

        These roadblocks were primarily introduced to appease the media industry.

      • Patents

        • Software Patents

          • Another Velos Media patent challenged as likely unpatentable

            On January 2, 2020, Unified filed a petition (with WilmerHale serving as lead counsel) for inter partes review (IPR) against U.S. Patent 9,414,066, owned by Velos Media, LLC (Velos), as part of Unified's ongoing efforts in its SEP Video Codec Zone.

            The ‘066 patent and its corresponding extended patent family is one of the largest families known to be owned by Velos, representing nearly 5% of Velos’ total U.S. patent grants. Including this petition, Unified has now challenged patents representing over 42% of Velos’ total known U.S. assets.

      • Trademarks

        • FICPI-Turkey Roundtable On The Similarity Of Trade Marks And Its Application

          Christian explained how opposition matters are handled at the European Patent Office (EPO) and how the Opposition Divisions and the Technical Boards of Appeal are composed. Specific emphasis was given to the fact that technically qualified examiners or members of the Boards will always be part of an Opposition Division or the competent Board of Appeal. He also explained the meaning of "technically qualified" as being technically qualified with relevant background in the respective technical field.

          Serkan then explained the new oppositions procedure, which is now codified in Turkish Patent Law, where the opposition proceedings (post-grant patent opposition) implemented in Turkey are more or less submission statements (i.e. purely paper-based with no hearing), which will not be exchanged among the parties and will not be implemented as true contradictory proceedings.

          FICPI-Turkey is advocating for opposition proceedings which would be more like the EPO's opposition proceedings This would involve the parties exchanging written submissions which include a full statement of facts, arguments and evidence, followed by a hearing where the parties can highlight aspects of their case and argue why they should prevail. At the end the Opposition Division announces its decision.

      • Copyrights

        • Manga Publisher Takeshobo Sues Cloudflare For Copyright Infringement

          Major Japanese publisher Takeshobo has sued Cloudflare in a Tokyo court for alleged copyright infringement. The publisher says it was forced into the action after requests to remove content being offered by a Cloudflare customer were ignored. Takeshobo is taking care not to mention the name of the 'pirate' site in question but TorrentFreak has uncovered a DMCA subpoena from 2019 which may shine some light on proceedings.

        • Sheeran v Chokri Part 2: Admission of similar fact evidence

          Readers may remember the case of Ed Sheeran and Sam Chokri, discussed by this Kat back in August 2018 here. The case is still on going and the most recent hearing before Mr Justice Nugee took place on the 9th December 2019 in the High Court of England and Wales.

          [...]

          As to the second part of the test, which could be stopped if it could be seen clearly at this stage that even if fully proved, the probative value was outweighed by the prejudice so that a fair trial. The claimant argued that Deputy Master based his decision on incorrect numbers and overlooked certain factors such the effect on Ed's reputation. However, the Judge did not accept this argument and stated that Deputy Master had identified a number of downsides of allowing the plea to go forward, such as the increase in the cost, complexity and length of the trial, as well as referring to the impact on the Claimant - although not hugely important, still born in mind.

          Therefore, in all the circumstances the Judge did not agree with the Claimants criticisms of Deputy Master's judgment and the appeal was dismissed. Although it was noted that there is nothing to stop these pleadings to be struck out at a later stage for lack of particularisation.

          The risk of including this evidence if of course to create an assumption that "once a thief, always a thief". However, where there has been an instance of similarity between songs that might have been a coincidence, it is less likely to be a coincidence where there are three instances. As it was said in the case of Rex v Sims [1946] K.B. 531, [at 540]: "The probative force of all the acts together is much greater than one alone." So the probative force of four resemblances together is much better than one alone." The songs where played to the Judge in Court, and whilst two songs sounding similar does not equate to a claim for copyright infringement, when that is supported by the clearance and royalty share evidence, this was enough to allow the pleadings at this stage.

        • Katy Perry Accused of Bringing Biased Experts Into Copyright Trial

          Attorneys for Katy Perry are recruiting expert musicologists to reverse a shocking, $2.8 million copyright infringement verdict against the pop singer. Those musicologists are now being attacked as biased towards Perry and her collaborators.

        • George Gershwin's Rhapsody In Blue Is In The Public Domain And Gerswhin's Nephew Is Worried Someone Might Turn It Into Hip Hop

          Last week we announced our latest Gaming Like It's 1924: Public Domain Game Jam, and among the newly public domain works first released in 1924 is George Gershwin's classic Rhapsody in Blue, which you might better know as the United Airlines theme song.



Recent Techrights' Posts

Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
 
Links 26/12/2024: Ukraine's Energy Supplies Bombed on Christmas Day, Energy Lines Cut/Disrupted in the Baltic Sea Again
Links for the day
Gemini Links 26/12/2024: Rot Economy, Self-hosted Tinylogs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 25, 2024
IRC logs for Wednesday, December 25, 2024
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024