January 1, 2020 marks the beginning of a new year and a new decade. Many things will doubtless change over the course of this year in the free-software community and beyond, while others will remain the same. One thing that will certainly hold true is LWN's tradition of starting the new year with some ill-advised predictions about what may be in store. Your editor has no special vision, but neither does he fear being proved badly wrong in a public setting — it's all in a day's work. The Python community will continue to chart its post-Guido course. One relatively unnoticed development in the Python project's 2020 steering-council election was the quiet withdrawal of project founder Guido van Rossum's nomination. While he will still participate, he no longer wants a leadership role in the project. Increasingly, Python will have to find its way without the developer who has guided it since the beginning.
Similarly, the GNU Project will have to decide what it will be in the 2020s. This project's founder, Richard Stallman, retains his post as its leader, and it's possible that he will still be there at the end of the year. But there is ongoing restlessness in the project that brings a desire for new leadership and new directions. After all these years, it still sometimes seems like GNU is stuck trying to reproduce the Unix workstations of the 1980s, leaving much of the current computing environment to systems that are half-free at best. We need a GNU project for mobile devices, private clouds, home systems, embedded applications, and more. Stallman once famously said "I'm not really concerned with what's running inside my microwave oven." The time has long since come to be concerned about such things; wouldn't it be a great thing if a newly reinvigorated GNU project were to take on this challenge?
There is a common theme to those last two items that may not really arise in 2020, but will certainly come about in the 2020s: many of our leaders in the free-software community got their start in the 1980s and 1990s. In talking with those people, your editor increasingly gets the sense that many of them are thinking they have done this sort of work for just about long enough. Retirements will increase in the coming years, and we will lose much of the skill and experience that has gotten us this far. There are plenty of skilled and motivated younger developers who can certainly pick up where these folks leave off, but the transitions will go more smoothly if they are properly planned for.
The presence of highly experienced developers is perhaps felt most strongly in the kernel project. This is a good thing in a setting where mistakes can be catastrophic on a large scale, but it also partially explains why kernel developers have a distinctly old-school workflow. This is, remember, the project that only started using a source-code management system in 2002. Change is afoot, though, and the kernel workflow efforts will begin to bear fruit in 2020. We'll still be sending patches over email at the end of the year, but we'll have an improved understanding of what a better solution that can work at the kernel project's scale will look like. As part of this effort, the kernel's testing tools will also continue to improve at a rapid rate.
[...]
Expect perturbations in the employment market as various economic realities catch up with us. Both the dotcom crash and the 2008 crisis impacted the development community; the next downturn will do the same. As in the past, Linux and free software as a whole will not be significantly hurt when this happens, but the same cannot be said for individual developers, at least in the short term.
Finally, though this is perhaps more of a wishlist item than a prediction: the free-software community has to think more deeply about what it is creating and how that will affect the world. At many levels free software has won; the world's computing infrastructure is built on the code we have created. We have much more control over our computing environments than we would have believed all those years ago; it's a great success.
Announced earlier this month, the new 10th generation version of the Dell XPS Developer Edition sports a thinner design, smaller screen bezels, and much faster internals.
Heck, it even has a fingerprint scanner that, Dell say, will work in Ubuntu 18.04 LTS (which comes pre-loaded).
But while most of us know that Dell make and sell a range of Ubuntu laptops (not just the XPS Developer Edition, though that’s the focus here) the company doesn’t often “show them off” at mainstream technology conventions.
Between increased caregiving responsibilities for my mother, looking for freelance work, and the holidays, my Linux-powered HP laptop went by the wayside. (It's not my only laptop, thankfully, but the keyboard is great for writing). However, the past few months have seen me slowly repair and upgrade the laptop to the point where my Linux laptop is working very efficiently and becoming my go-to writing computer. It's a good argument for adopting open-source computing, and my Linux-powered HP 8530p Elitebook laptop is a great example of reusing and repurposing technology. (I'm writing this post on the HP laptop)
[...]
Dependability - Both Linux Mint and MX Linux are distros that work well once installed with a minimum of tweaking. (We'll talk about that in a later point). With the diverse range of Linux distros available (as well as a site where you can test Linux distros online), there is a Linux distro for anyone that works well out of the box, and that provides excellent performance especially in older hardware.
Adaptability - Not only can a user customize the appearance and functionality of the Linux distro to their specification (the desktop screenshot was a photo from a Beverly-area restaurant), but Linux provides multiple open-source software options for a variety of computing needs. By integrating LibreOffice, GIMP, Calibre, and Scribus, I have easily configured my Linux laptop to become a production machine for blogging, creative writing, editing, and self-publishing. (Many distros integrate a package manager/software center that makes it easy for users to download software). With privacy and data issues around Windows 10, Linux has some edge in that many distros do not share user data.
Remember Huawei announced its open source openEuler server operating system in September last year? Well, the Chinese vendor has now released the source code of openEuler.
The openEuler has two open-source sub-projects: A-Tune and iSula. While A-Tune is an intelligent performance optimization system software, iSula is a cloud-native solution that can meet the multiple needs of the ICT field.
The source code is available at Gitee (GitHub’s Chinese alternative). There are two separate repositories, one for the source code and the other as a package source to store software packages that help to build the OS.
We are pleased to announce the availability of the Oracle Linux 7 Update 8 Beta release for the 64-bit Intel and AMD (x86_64) and 64-bit Arm (aarch64) platforms. Oracle Linux 7 Update 8 Beta is an updated release that include bug fixes, security fixes and enhancements.
Sameer Parulkar: We started talking about agile integration at Red Hat Summit in 2017. We were looking at the integration space and the capabilities that we offer as well as some of the challenges from the customer perspective of adopting these integration capabilities, as well as providing faster and competitive solutions. And then we spoke with a lot of our customers and there was consensus that integration should be more agile and align with DevOps. One of our key motivations with agile integration was to essentially position integration as a key business capability, enabling differentiated services for customers.
Red Hat's Chief People Officer DeLisa Alexander describes [the space] as Red Hat's in-house "marketing agency." And the new space – 9,000 square feet directly adjacent to its lobby - is designed for them to collaborate, and publicly.
SAP HANA uses in-memory database technology that allows much faster access to data than was ever possible with hard disk technology on a conventional database – access times of 5 nanoseconds versus 5 milliseconds. SAP HANA customers can also use the same database for real-time analysis and decision-making that is used for transaction processing.
The combination of faster access speeds and better access for analytics has resulted in strong customer demand for SAP HANA. There are already more than 1600 customers using SAP HANA on Power since it became available in 2015.
GitOps is a pattern that has gained a fair share of popularity in recent times as it emphasizes declaratively expressing infrastructure and application configuration within Git repositories. When using Kubernetes, the concepts that GitOps employs aligns well as each of the resources (Deployments, Services, ConfigMaps) that comprise not only an application, but the platform itself can be stored in Git. While the management of these resources can be handled manually, a number of tools have emerged to not only aid in the GitOps space, but specifically with the integration with Kubernetes.
ArgoCD is one such tool that emphasizes Continuous Delivery (CD) practices to repeatedly deliver changes to Kubernetes environments.
Note: ArgoCD has recently joined forces with Flux, a Cloud Native Computing Foundation (CNCF) sandbox project, to create gitops-engine as the solution that will combine the benefits of each standalone project.
ArgoCD accomplishes CD methodologies by using Git repositories as a source of truth for Kubernetes manifests that can be specified in a number of ways including plan yaml files, kustomize applications, as well as Helm Charts, and applies them to targeted clusters. When working with multiple teams and, in particular, enterprise organizations, it is imperative that each individual using the tool is authorized to do so in line with the principle of least privilege. ArgoCD features a fully functional Role Based Access Control (RBAC) system that can be used to implement this requirement.
An important security fix for Firefox, handy upgrades for a Tor tool, and a new security-optimized laptop from Nitrokey.
Announcing HyperbolaBSD, IPFW In-Kernel NAT setup on FreeBSD, Wayland and WebRTC enabled for NetBSD 9/Linux, LLDB Threading support ready for mainline, OpenSSH U2F/FIDO support in base, Dragonfly drm/i915: Update, and more.
When you can call yourself a professional developer? Sure, getting paid to write code is probably part of the formula. But when is your skillset up to that level?
I'm announcing the release of the 5.4.10 kernel.
Only powerpc users need to update from 5.4.9, there was a missing patch
in that release that is in here. Sorry for the confusion.
The updated 5.4.y git tree can be found at:
git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y
and can be browsed at the normal kernel.org git web browser:
https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...
Intel quietly released its quarterly Intel Media Driver update for Linux in December. Phoronix reported on Wednesday that the new driver brings GPU-accelerated encode and decode support for the company's Tiger Lake, Jasper Lake and Elkhart Lake processors, showing that they continue to be on track for a 2020 release.
Tiger Lake is the successor to Ice Lake that was launched during the holidays with Xe graphics. Both Jasper Lake and Elkhart Lake are based on the 10nm Atom Tremont architecture and Gen11 graphics and are rumored to replace Gemini Lake Refresh in the second half of 2020.
Linux kernel creator Linus Torvalds doesn't recommend using ZFS On Linux at least until Oracle were to re-license the code to make it friendly for mainline inclusion. But even then he doesn't seem turned on by the ZFS features or general performance.
Derailed from the recent mailing list discussion over Torvalds' thoughts on the Linux kernel scheduler, he responded to a post of a user complaining about the Linux kernel recently breaking the out-of-tree ZFS module.
The Linux control-group mechanism was designed to make it easy to assign processes to groups or move them around; it is a simple matter of writing a process ID to the appropriate cgroup.procs file in the control-group filesystem hierarchy. That only works for processes that actually exist, though. Adding the ability to place a new process into a control group at birth is the subject of this patch set from Christian Brauner. Before getting into the details, one might naturally ask why this capability is needed, given that Linux has done without it since control groups were first created. The answer is that current kernels present a bit of a race condition for process managers using control groups. A manager can create a process, and it can assign it to a group, but it has little control over what happens between those two actions. That means, for example, that a process might run briefly before being placed into a group where its resource usage can be accounted for properly. The amount of error introduced is likely to be small, but people who are into accounting tend to be intensely irritated by such things.
Placing a process into its intended control group at birth avoids that kind of messiness. It also enables actions like creating a process in a frozen group, ensuring that it will start in a frozen state and not run at all until the process manager allows it to. Finally, as Brauner notes, this feature "simplifies container creation and exec logic quite a bit".
Hi list,
Following the long break for Christmas and New Years (in the Gregorian calendar), I'd like to announce the availability of 19.3.2.
In general this release looks pretty reasonable given the length of time and the number of people celebrating (or not working) over the holidays.
Intel and AMD drivers make up the bulk of the changes, with a bit of nir and glsl, plus a sprinkling of other stuff in there.
Dylan
Shortlog ========
Andrii Simiklit (3): glsl: fix an incorrect max_array_access after optimization of ssbo/ubo glsl: fix a binding points assignment for ssbo/ubo arrays glsl/nir: do not change an element index to have correct block name
Bas Nieuwenhuizen (7): radv: Limit workgroup size to 1024. radv: Expose all sample counts for integer formats as well. amd/common: Handle alignment of 96-bit formats. nir: Add clone/hash/serialize support for non-uniform tex instructions. spirv: Fix glsl type assert in spir2nir. radv: Only use the gfx mipmap level offset/pitch for linear textures. radv: Emit a BATCH_BREAK when changing pixel shaders or CB_TARGET_MASK.
Caio Marcelo de Oliveira Filho (4): intel/fs: Lower 64-bit MOVs after lower_load_payload() intel/fs: Fix lowering of dword multiplication by 16-bit constant intel/vec4: Fix lowering of multiplication by 16-bit constant anv: Ignore some CreateInfo structs when rasterization is disabled
Christian Gmeiner (1): etnaviv: update resource status after flushing
Dylan Baker (4): dcos: add releanse notes for 19.3.1 cherry-ignore: update for 19.3.2 docs: Add release notes for 19.3.2 VERSION: bump for 19.3.2
Eric Engestrom (4): util/format: remove left-over util_format_description_table declaration amd: fix empty-body issues nine: fix empty-body-issues mesa: avoid returning a value in a void function
Gert Wollny (1): r600: Fix maximum line width
Jason Ekstrand (2): anv: Properly advertise sampledImageIntegerSampleCounts intel/nir: Add a memory barrier before barrier()
Lionel Landwerlin (2): loader: fix close on uninitialized file descriptor value anv: don't close invalid syncfd semaphore
Marek Olšák (2): winsys/radeon: initialize pte_fragment_size radeonsi: disable SDMA on gfx8 to fix corruption on RX 580
Pierre-Eric Pelloux-Prayer (2): radeon/vcn2: enable rate control for hevc encoding radeonsi: check ctx->sdma_cs before using it
Samuel Pitoiset (2): radv/gfx10: fix the out-of-bounds check for vertex descriptors radv: return the correct pitch for linear mipmaps on GFX10
Timur Kristóf (1): aco: Fix uniform i2i64.
Yevhenii Kolesnikov (2): meta: Cleanup function for DrawTex main: allow external textures for BindImageTexture
git tag: mesa-19.3.2
There hasn't been a new Mesa stable release in a number of weeks due to the Christmas and New Year's holidays but that changed today with Mesa 19.3.2 as the first significant point release of Mesa 19.3.
As usual, the Mesa 19.3.2 release is dominated by fixes to the Intel and AMD Radeon OpenGL/Vulkan drivers but also fixes to some common areas of Mesa and the smaller drivers.
AMD "Pollock" is a new chip similar to Dali and looking like it may be used for some Ryzen embedded purposes. AMD Pollock was plumbed into the Linux driver yesterday and was the first time we've heard this codename.
AMD sent out a patch for the AMDGPU DRM driver adding support for Pollock. The Pollock enablement for this Linux kernel graphics driver primarily comes down to adding the new IDs and updating some conditional statements to basically take the same driver code-paths as Dali.
GNU/Linux distributions include a wealth of programs for handling text, most of which are provided by the GNU core utilities. There’s somewhat of a learning curve, but these utilities can prove very useful and efficient when used correctly.
Deft/Deft Zero live forensic tool: is an Ubuntu based Linux distribution oriented to computer forensics and evidence harvesting which allows to block writing permissions on hard disks to prevent their modification in the process of recovering evidence. It is open source and live, so there is no need to install it. In the main menu you can access disks utilities from which you can see the storage devices connected. DEFT contains over 1 GB of free and open source software to afford incidents in Microsoft Windows systems. You can get Deft Zero from http://na.mirror.garr.it/mirrors/deft/zero/.
Santoku live forensic tool: Santoku is a Linux distribution which, additionally to security features includes mobile forensics tools such as firmware flashing, ram, media cards and NAND imaging tools, brute forcing Android encryption, analysing Iphone backups and more. It auto detects connected mobile devices. You can run Santoku live also from a virtual machine with VMware or Virtualbox. Santoku is among the best tools for mobile forensics. You can download Santoku Linux at https://santoku-linux.com, from Lubuntu installations you can run the script https://santoku-linux.com/wp-content/uploads/build.sh_.txt to add Santoku features to your current system.
CAINE live forensic tool: CAINE is another computer forensics Linux live distro, it is among the most popular tools in computer forensics and includes top level forensics tools such as Autopsy, Dcfldd, dc3dd, Ddrescue, Dvdisaster, Exif, Foremost, FileInfo, FiWalk, Fundl 2.0, FKLook, Fod, Fatback, GCalcTool, Geany, Gparted,gtk-recordmydesktop, Galleta, Gtkhash, Guymager, HDSentinel, Hex Editor (Ghex), HFSutils, Libewf, Lnk-parse, lnk.sh, Log2Timeline, liveusb, mork.pl, MC, MD5deep, md5sum, Nautilus Scripts, NBTempo, ntfs-3g, Offset_Brute_Force, Pasco, Photorec, Read_open_xm, Reglookup, Rifiuti, Rifiuti2, Readpst, Scalpel, SQLJuicer, SFDumper 2.2 , SSDeep, Stegbreak, Smartmontools, Shred and more tools.
DXVK 1.5.1 is out today as the latest feature update for this project implementing Direct3D 9/10/11 over Vulkan for faster Wine/Proton Linux gaming performance. This is the first update since the big DXVK 1.5 release that integrated D9VK for D3D9 support.
Highlights of DXVK 1.5.1 include:
- Direct3D 9 performance improvements as well as improved depth bias support, which should fix rendering issues in many games. There is also Direct3D 9 crash fixes and other improvements.
DXVK, the project that (since D9VK was merged) has turned into a massive translating unit of Direct 3D 9/10/11 to Vulkan has the first 2020 release available.
What is it again? Let's do a quick refresher! DXVK when fused together with Wine translates calls from D3D9/10/11 into Vulkan, usually giving you much better performance than standard Wine for playing Windows-only games on Linux.
Version 1.5.1 went up today and it includes a bunch of performance improvements for D3D9, an improved depth bias implementation in D3D9 fixing rendering issues (like missing shadows) in lots of titles, plus multiple other D3D9 bug fixes.
The number of threads used for pipeline compilation was tweaked this time too, hopefully reducing the performance impact on those with 6/8 core CPUs while also allowing CPUs with more than 12 cores to scale it up a bit. You can customize it with the dxvk.numCompilerThreads option.
February seems to be a popular month recently with LUNA The Shadow Dust, Dwarrows and now the great looking spooky XCOM-like Graywalkers: Purgatory also coming to Linux then.
Here though, it's not quite a simple story. It's actually launching in Early Access this month on Jan 15, with Linux (and macOS) delayed until February. Speaking on Kickstarter, they said they just haven't given it the testing it needs yet, so they're going to sort the starting issues out on then move onto putting it up for Linux.
If you've seen any news lately, you've probably heard about what a terrible and frightening state Australia is currently in with the devastation from the wildfires.
Crytivo who are currently developing The Universim (which I quite like!), will be donating some of their profits to help support "rebuilding lost homes, firefighters working overtime and environmental cleanup". On Steam they will be giving away 30% net revenue and from their own store (which has multiple Linux games) they will send 100% from this month and next.
Streets of Rogue, my personal pick for 2019 just expanded with a new update now out. This makes the Level Editor and Steam Workshop support fully live for everyone.
Now you can download entirely new characters, "chunk" packs which are basically room layouts that it will add into your run through to make it even more varied and full campaigns where people can come up with a crazy story for you to follow.
Bytten Studio, a tiny team made up of two former Chucklefish developers who previously worked on titles like Stardew Valley, Starbound and Wargroove have announced their debut title the Zelda-inspired Lenna’s Inception is releasing on January 17.
"I've been working on Lenna's Inception for 8 years," says Tom Coxon, the lead developer of Lenna’s Inception. "That’s most of my adult life! It began as a spare-time experiment with procedural generation, mutated into game that helped start my career in the games industry, and has finally grown into something I'm proud to release to the world. I've been very lucky to be able to turn this dream into a reality."
This isn't your usual retro-looking adventure, with glitches being not just a feature but part of the story.
Another sale, time to pick up some cheap games if you missed some during other big sales last month. This time Humble Store have a big selection up and a free game to grab.
The free game is Headsnatchers, a hectic local/online party game. No official Linux support but it does seem to run in Steam Play Proton. You have about 72 hours to claim it, or until all their keys run out. I personally tried it in the latest Proton, worked fine with two gamepads in local multiplayer.
For the Winter Sale, there's absolutely tons currently on discount plenty big and small to suit all tastes. Multiple publishers also have dedicated winter sales on including: Paradox Interactive, Take-Two Interactive (2K), Codemasters, SQUARE ENIX and more.
LUNA The Shadow Dust, developed by Lantern Studio with Application Systems Heidelberg giving them a publishing hand with the Western release have now announced the launch date.
This is after the time consuming process they spoke about before, where they had to get a permit to release the game as they're an all-Chinese studio. They said at the time it would release in February and now today it's been confirmed as February 13. Even better, is that the Linux version is releasing with same-day support.
Lithic Entertainment are crafting a 3rd person adventure and town-building game, Dwarrows, which they've now given a release date with same-day Linux support expected.
Announced on Twitter by co-founder Andy Wood, it's going to release on February 28 and I'm pretty darn excited about this one. Not seen it before?
The long-awaited modernized version of KTimeTracker is finally released. The application is a personal time tracker for busy people which is now available on Linux, FreeBSD and Windows. Over the course of 2019 it had been ported to Qt5 and KDE Frameworks after being unmaintained since around 2013.
The new version is also polished and slightly modernised with the most noticeable new features being the new Task Time Editing dialog and live preview in the Export dialog as seen in the picture below.
After releasing the fifth and last point release to its KDE Plasma 5.17 desktop environment, the KDE Project released today KDE Applications 19.12.1, the first maintenance update to its KDE Applications 19.12 software suite adding improvements and new features to various apps like the KTimeTracker personal time tracker, which was ported to KDE Frameworks 5 and received a new Task Time Editing dialog.
KStars 3.3.9 astronomy program is included as well in this release with new features like support for viewing the faintest of stars and alternative constellations from the Western Sky Culture. KNewStuff received a redesigned UI and filters for comments, Elisa got improved file indexing, and Kdenlive has many improvements and fixes in timeline and preview handling. Also included are KDevelop 5.4.6 and Latte Dock 0.9.7.
The KDE community has shared details on how they want to help people using the Windows 7 operating system to migrate to Linux and the Plasma desktop before it becomes obsolete on January 14th, 2020.
Next week, on January 14, Microsoft will no longer provide updates or security patches to Windows 7 users, which means that their beloved OS will soon start to become the target of hackers and all sort of threats if they don't upgrade to Windows 10 or another operating system, such as macOS or a GNU/Linux distribution.
As such, the KDE community encourages Windows 7 users who don't want to upgrade their computers to Windows 10 to give Linux a try and install a distribution that features the Plasma desktop environment, which can be easily transformed to look and behave like a Windows 7 desktop with a special theme. In addition, you'll also take advantage of Linux's security and stability features.
The KDE Community wants Windows 7 users to migrate to the Plasma desktop environment after Microsoft's 10-year-old OS will reach end of support next week and stops receiving security and bug fixes.
"The specific end of support day for Windows 7 will be January 14, 2020," Microsoft says. "After that, technical assistance and software updates from Windows Update that help protect your PC will no longer be available for the product."
"Therefore, it's important that you upgrade to a modern operating system such as Windows 10, which can provide the latest security updates to help keep you and your data safer."
GNOME 3.34.3 is now available. This is a stable release containing seven weeks worth of bugfixes since the 3.34.2 release. Since it only contains bugfixes, all distributions shipping 3.34.2 should upgrade. Note the GNOME flatpak runtime has been updated as well
There will be releases through out this cycle and most likely the next one as well.
Next stable release is scheduled for the middle of February, see https://wiki.gnome.org/ThreePointThirtyfive
If you want to compile GNOME 3.34.3, you can use the official BuildStream project snapshot:
https://download.gnome.org/teams/releng/3.34.3/gnome-3.34.3.tar.xz
The list of updated modules and changes is available here:
https://download.gnome.org/core/3.34/3.34.3/NEWS
The source packages are available here:
https://download.gnome.org/core/3.34/3.34.3/sources/
Enjoy the new release,
Javier Jardon GNOME Release Team
GNOME has continued its recent trend of offering more point releases to existing stable series for filling the void between the six-month feature releases. Out today is GNOME 3.34.3 with all of the latest fixes, many of which were back-ported from the currently under development GNOME 3.36.
Just a quick heads up that GNOME 3.34.3 just hit Fedora 31 updates-testing repo. It’s a fairly small update; mostly just gnome-shell/mutter fixes and translation updates to leaf applications.
Right of the cuff, I should note that this will work on other Linux distros too, I am just focusing on openSUSE because, that is my jam. I have been using this on openSUSE Tumbleweed as of Snapshot 20200103. It should also work on Leap as of 42 and newer (that means Leap 15.x is good to go, in case there was any question).
The reason this application excites me so is that I use several AppImages on my system. Which ones you may ask? I’ll tell you, xLights, which I use for my Christmas Light display, VirtScreen that I use when I am remote and need to turn my laptop or phone into a second display. This is super handy as it will not only create links in my menu to the AppImages, it will also copy the *.AppImage file into a designated folder, in my case ~/Applicaitons which is the default. At first, I wasn’t sure about it but after noodling it around a bit, I am totally good with it.
One of the most important things about Arch Linux is the AUR (Arch User Repository). It is a community-driven software repository for Arch Linux users which contains PKGBUILDs, allowing users to compile and build their own packages that do not exist in the official repository from the source.
Many new packages start in AUR before entering in the official repository and users can also contribute packages that they have developed to this repo. More importantly, Users can search and download PKGBUILDs from here, build them and install. But some users prefer to use AUR helpers that make it easy to install PKGBUILDs other than the method above.
In this article, we shall look at some of the best AUR helpers that users can rely on to easily install PKGBUILDs all of which are using the Arch user repo as source.
I want to sum up what happened in Copr during 2019. At the end of this post, you can see our TODO list and cast your vote on what we should focus on in 2020.
A proposal to periodically run the fstrim command on Fedora 32 systems was discussed recently on the Fedora devel mailing list. fstrim is used to cause a filesystem to inform the underlying storage of unused blocks, which can help SSDs and other types of block devices perform better. There were a number of questions and concerns raised, including whether to change the behavior of earlier versions of the distribution when they get upgraded and if the kernel should be responsible for handling the whole problem.
The proposal for a Fedora 32 system-wide change to "enable fstrim.timer by default" was posted by program manager Ben Cotton on behalf of its owner, Chris Murphy. The fstrim.timer systemd unit file simply runs fstrim.service (which runs fstrim) weekly on mounted filesystems.
Release Candidate versions are available in testing repository for Fedora and Enterprise Linux (RHEL / CentOS) to allow more people to test them. They are available as Software Collections, for a parallel installation, perfect solution for such tests, and also as base packages.
RPM of PHP version 74.2RC1 are available as SCL in remi-test repository and as base packages in the remi-php74-test repository for Fedora 29-31 and Enterprise Linux 7-8.
RPM of PHP version 7.3.13RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 30-31 or remi-php73-test repository for Fedora 29 and Enterprise Linux.
The Q4OS development team informs Softpedia about the general availability of a new maintenance update to their latest Q4OS 3 "Centaurus" stable LTS operating system series.
Based on the latest Debian GNU/Linux 10.2 "Buster" operating system, the Q4OS 3.10 release appears to bring important changes for both the Trinity Desktop Environment (TDE) and KDE Plasma desktop environments, which they're now much more independent on each other as Plasma no longer requires Trinity to be present.
This change alone could significantly reduce the size of the KDE Plasma installation media in future releases. Q4OS 3.10 also introduces a dedicated hardware reporting tool that's available on both the KDE Plasma and Trinity Desktop Environment desktops, and improves the screen scaling tool for Trinity desktop.
Plasma Debonaire improvements, updated components
Also improved in the Q4OS 3.10 release is the Plasma Debonaire theme for the KDE Plasma desktop environment, which has been polished to look a bit darker. Apart from the aforementioned changes, Q4OS 3.10 brings updates to numerous core components and apps from the Debian Buster repositories, as well as many other tweaks, bug fixes, and security patches.
Today Qt 4 (aka src:qt4-x11) has been removed from Debian bullseye, what as of today we know as "testing". We plan to remove it from unstable pretty soon.
Released nine months ago on April 18th, 2019, Ubuntu 19.04 was dubbed by Canonical as the "Disco Dingo" and was the first Ubuntu release to ship with a Linux 5.x kernel. Ubuntu 19.04 also included the GNOME 3.32 desktop environment, a new icon theme, and various desktop refinements and updated components.
Ubuntu 19.04 was a release for bleeding-edge users, which means that Canonical only offered nine months of support. Starting January 23rd, Canonical will no longer release software updates and security patches for Ubuntu 19.04, which means that users will have to consider upgrading to Ubuntu 19.10 (Eoan Ermine).
my own phone line when I was about thirteen years old, thanks to my first job in a grocery. My friend, Evan, could tell you all about the sounds that happen before the called party’s phone starts to ring. He could tell you the routing, the set-up delay, and even warn you when the Jane Barbe intercept message was coming. He could also tell you, most of the time, what kind of equipment had routed it (e.g., Crossbar). I traded a lot of pizza for just a little of his learning, a very handy skill to pick up.
With the upcoming release of MaaS 2.7, Metal-as-a-Service has basically gained that skill, to your benefit. One of the big features of MaaS 2.7 is network testing that identifies broken and slow network links when you try to commission machines. In this release, we offer specific link tests, as well as the ability to test networking in a configurable way, even using your own scripts.
First, MaaS tests whether links are connected or disconnected. Previously, when commissioning, you couldn’t detect unplugged cables. Now you can, sort of like knowing the telephone line noise change when you’re about to hear that “your call did not go through.”You do have to take a couple of steps: First you have to upgrade to 2.7, then run commissioning again to see if a link is disconnected. But you no longer have to puzzle over what’s broken when this happens.
Second, MaaS makes sure you’re getting the most out of your link speed. As servers and hardware get faster — 10G, 40G, even 100G NICS — the chances increase that you might plug your 10G NIC into a 1G switch, for example. Just like when I would call my grandmother long-distance, and I had some idea how long till the the “ring” happened, just from call set-up noises.
Previously, with MaaS, you’d be stuck with the speed of the slowest link, but there wasn’t a way to verify your link speed without recommissioning. Depending on your physical hardware, that might still be an issue, but the MaaS UI can now warn you if your interface is connected to a link slower than what the interface supports. And all information shown in the UI is available via the API, as well. You can still replace a slow switch without recommissioning.
Third, MaaS allows you to configure network connectivity testing in a number of ways. If you can’t connect to the rack controller, deployment can’t complete, the same way that Evan sometimes knew right away that a call wouldn’t go through (I never mastered that one). Now MaaS can check connectivity to the rack controller and warn you if there’s no link, long before you have to puzzle over it.
If you can’t connect to your gateway controller, traffic can’t leave your network. It’s a little like trying to call long-distance without dropping a dime: you can dial, but the call won’t go through. MaaS can now check this link and recognize that there’s no connectivity, which alleviates a lot of annoying (and sometimes hard-to-detect) network issues.
Fourth, Internet connectivity testing has been greatly expanded. Previously, MaaS gave a yes/no link check during network testing, like the ANI numbers that would read you back your phone number: nice to know, but it’s not a great revelation. Now you can give a list of URLs or IP addresses to check.
Changing theme in Ubuntu is harder than it should be and, call me a revolutionary, but I think that needs to change.
See, once upon a time it was easy to change the look and feel of your Ubuntu desktop. You popped open the “Appearance” tool, selected something attractive from the gallery of theme thumbnails before you, and bam: applied.
That all changed with the introduction of the Unity in 2011. User control over theming vanished overnight, and Ubuntu hasn’t had an “user friendly” way to change GTK theme since then.
There are many ways to leave a lasting impression through a cleverly designed business card, but nothing screams “now this is unique” quite like a business card that doubles as a stripped-down ARM computer running Linux. That’s precisely what Embedded Systems Engineer George Hilliard has built, and with a total cost that’s surprisingly affordable.
Variscite has launched a “VAR-SOM-MX8M-MINI” module that runs Linux on the i.MX8M Mini with up to 4GB DDR4, 64GB eMMC, and WiFi-ac plus an optional new Dev Kit. There’s also an upcoming VAR-SOM-MX8M-NANO with an i.MX8M Nano.
Variscite has opened $53 and up orders for a Linux-ready VAR-SOM form-factor spin of NXP’s i.MX8M Mini, which has previously appeared on its smaller DART-MX8M-Mini. The VAR-SOM-MX8M-MINI, which is also available with a new development kit (see farther below), joins other pin-compatible VAR-SOM modules including Variscite’s larger VAR-SOM-MX8, featuring the more powerful i.MX8 QuadMax, and the VAR-SOM-MX8X, built around the low-power, Cortex-A35 based i.MX8X.
SiFive and CEVA announced that CEVA-BX audio DSPs, CEVA-XM vision chips, and up to 12.5-TOPS NeuPro AI processors will be added to SiFive’s DesignShare program, enabling customers to create custom “Edge AI SoCs” built around SiFive’s RISC-V CPUs.
CEVA has partnered with RISC-V chip designer and manufacturer SiFive to help bolster its DesignShare program with IP from several of its proprietary DSPs and NPUs. The two companies are collaborating to help customers design and manufacture customized, “ultra-low-power domain-specific” Edge AI SoCs that combine SiFive’s RISC-V CPUs and CEVA’s coprocessors. CEVA is also contributing its CDNN Deep Neural Network machine learning software compiler.
In 1985, a man named Richard Stallman, who didn’t like the current situation, created what’s known as the Free Software Foundation (FSF), which promoted the alternative of free software (free as in freedom, not as in free coffee). He drafted 4 criteria for a software to be considered free:
The freedom to run the program as you wish, for any purpose. The freedom to study how the program works, and change it so it does your computing as you wish. Access to the source code is a precondition for this. The freedom to redistribute copies so you can help your neighbor. The freedom to distribute copies of your modified versions to others. By doing this you can give the whole community a chance to benefit from your changes. Access to the source code is a precondition for this.
All of this without requiring a pre-given handwritten permission from the program author to the user. By just seeing the license, and knowing that it is a free software license, you can do all the 4 things stated above, and that is what refer to as free software.
Today, there are tens of free software licenses that software developer use to put their program under. The most famous one for that is the GPL (GNU Public License), which was initially released in 1989. There are millions of free software around the world today.
Hello ChefFriends! Are you thinking about submitting to the ChefConf 2020 Call for Presentations? We hope you are! If you’re searching for some topic suggestions, here’s a few for folks working with Chef Infra!
For all of our past ChefConf talks, check out our YouTube Channel for recordings. Let’s look at some topics from ChefConf 2019 around Chef Infra.
[...]
Attendees at ChefConf 2020 will be from a wide range of industries and have different levels of knowledge about Chef Infra. Maybe you’re deep in the weeds on something like OHAI. Dan-Joe Lopez and Juan Martinez Sr. from SAP gave us some insight into working with “Custom OHAI Plugins at Enterprise Scale”. While it seems really niche, another attendee told me he was going to use their project almost immediately after ChefConf. You just never know where the kindred spirits are.
Maybe you’ve been using Chef Infra for a long time. Some of our users have been working on Chef for years and share their stories about maintaining and improving their Chef installations to help their organizations. Capital One has shared their evolution story with us. They started in 2018 with “Capital One’s Fully Automated, Scalable & Regionally Fault-tolerant Chef Platform” and returned in 2019 to give us an update, “Evolution of Capital One’s Enterprise Chef Platform”. Maybe you’ve seen them at a Chef Meetup, too. What have you learned about using Chef Infra over the years that might be interesting to others? Maybe there have been some surprises about automating your platforms, or some intriguing lessons learned.
The Libre Graphics Meeting (LGM) is the annual international convention for the discussion and development of free and open source graphics software.
This year it will happen in Rennes, France, from May 26th to 29th. We are welcoming all relevant projects to submit a proposal for a talk and/or a workshop. We already expect Krita and Kdenlive teams to be present. The Krita sprint will be held after the meeting and Kdenlive are planning to have a sprint around that time too. It would be awesome to also see some people from Plasma team working on graphics tablet support and color management, or any other topic of interest for developers and users of graphics creation application.
LGM are now asking for talks, workshops, BoF meetings and lightning talks for the conference. Please don't be shy and submit your proposal.
CRLite is a technology proposed by a group of researchers at the IEEE Symposium on Security and Privacy 2017 that compresses revocation information so effectively that 300 megabytes of revocation data can become 1 megabyte. It accomplishes this by combining Certificate Transparency data and Internet scan results with cascading Bloom filters, building a data structure that is reliable, easy to verify, and easy to update.
Since December, Firefox Nightly has been shipping with with CRLite, collecting telemetry on its effectiveness and speed. As can be imagined, replacing a network round-trip with local lookups makes for a substantial performance improvement. Mozilla currently updates the CRLite dataset four times per day, although not all updates are currently delivered to clients.
CRLite is a technology to efficiently compress revocation information for the whole Web PKI into a format easily delivered to Web users. It addresses the performance and privacy pitfalls of the Online Certificate Status Protocol (OCSP) while avoiding a need for some administrative decisions on the relative value of one revocation versus another. For details on the background of CRLite, see our first post, Introducing CRLite: All of the Web PKI’s revocations, compressed.
To discuss CRLite’s design, let’s first discuss the input data, and from that we can discuss how the system is made reliable.
Some days ago I got a crash in current developer build (future LibreOffice 6.5) that was installed with SiGUI. Nobody could repro that crash, but I got it every time. Deleting of user profile have not help. I always installed LibreOffice for testing into the same directory on top of old version. It was a reason for my problem! A crash disappeared only after LibreOffice installing to another clean directory.
When editing a block, the tab order has been adjusted. Rather than tabbing to the next block, for example from one paragraph to the next, pressing tab will now put focus into the side bar for the active block. Further tabbing will move through the controls of said side bar. Shift+Tab will go in the opposite direction.
Likewise, when in the main contents area of a block, Shift+Tab will now move focus to the toolbar consistently and through its controls. It will also skip the drag handle for a block, because this is not keyboard operable. Tab will stop on the items to move the block up or down within the current set of blocks.
This makes the keyboard focus much more consistent and alleviates the need to use the custom keyboard shortcuts for the side bar and toolbar. These do still work, so if you have memorized them, you can continue using them. But you do not need to, tab and shift+tab will now also take you to expected places consistently.
The long in development process of converting GCC's SVN repository to Git for using this modern distributed revision control system for developing the GNU Compiler Collection in the 2020s may finally be complete in the days ahead.
Joseph Myers of CodeSourcery and one of the GCC steering committee members announced that Eric S Raymond's Reposurgeon utility should now be up to the task of converting GCC's SVN repository to Git and doing so the best following a number of last minute improvements.
On Wed, 8 Jan 2020, Eric S. Raymond wrote:
> They use your feedback to find places where their comment-processing > scripts could be improved; we've used it learn what additional > oddities in ChangeLogs we need to be able to handle automatically.
I've used comparisons of authors in the two conversions - in cases where they get different human identities for the author, not just different email addresses or name variants - to identify cases for manual review, since ChangeLog parsing is the most subjective part of doing a conversion and cases where different heuristics produce different results indicate those worthy of manual review.
Apart from about 1600 with no changes to ChangeLog files but a ChangeLog entry in the commit message, which I reviewed mostly automatically to make sure I agreed with Maxim's author extraction with only limited manual checks on those that looked like suspect cases, that involved reviewing around 3000 commits manually; I've now completed that review. Some of those are also subjective cases even after review (for example, where the commit involved one person backporting another person's patch).
In the set of around 1200 commits with both ChangeLog and non-ChangeLog files being changed, which did not look like backports, for example, I arrived at around 400 author improvements from this review (not all of them the same authors as in Maxim's conversion), while for around 800 commits I concluded the reposurgeon author was preferable. (The typical case where reposurgeon does better is where successive commits add new ChangeLog entries under an existing ChangeLog header. The typical case where I added fixes was where a commit made nonsubstantive changes under an existing header, as well as adding new entries, which is hard to distinguish automatically from a multi-author commit so reposurgeon conservatively treats as a multi-author commit.)
In the case of ChangeLog-only commits, where reposurgeon assumes they are likely to be fixing typos or similar and so does not extract an attribution from ChangeLog files in such commits, manual review identified many cases (especially in the earlier parts of the history) where the ChangeLog was committed separately from the substantive parts of the patch and so a better attribution could be assigned to those substantive commits.
I consider the reposurgeon-based conversion machinery to be in essentially its final state now; I don't have any further authors to review, Richard doesn't have any further Bugzilla-based commit summaries to review and we don't know of any relevant reposurgeon bugs or missing features. I'm running a conversion now to verify both the current state of the fixups and the Makefile integration of the conversion and subsequent automated validation, and will make that converted repository available for final checks if this succeeds. Compared to the previous converted repository, this one has many author fixups, a fix for a bug in the author fixups where they broke commit dates, and reposurgeon improvements to avoid producing unidiomatic empty git commits in the converted repository for things such as branch and tag creation.
This converted repository uses the ref rearrangements along the lines proposed by Richard (so dead branches and vendor branches are available but not fetched by default); the objects from the existing git mirror will also be included in the repository (so existing gitweb links to such objects in list archives continue to work, for example, as long as they aren't links to objects that were made unreachable at some point in the mirror's history), but again under ref names that are not fetched by default.
As noted on overseers, once Saturday's DATESTAMP update has run at 00:16 UTC on Saturday, I intend to add a README.MOVED_TO_GIT file on SVN trunk and change the SVN hooks to make SVN readonly, then disable gccadmin's cron jobs that build snapshots and update online documentation until they are ready to run with the git repository. Once the existing git mirror has picked up the last changes I'll make that read-only and disable that cron job as well, and start the conversion process with a view to having the converted repository in place this weekend (it could either be made writable as soon as I think it's ready, or left read-only until people have had time to do any final checks on Monday). Before then, I'll work on hooks, documentation and maintainer-scripts updates.
As well as having objects from the existing git mirror available under refs that are not fetched by default, that mirror will remain available read-only at git://gcc.gnu.org/git/gcc-old.git (which already exists, currently a symlink to the mirror).
DocKnot is my set of tools for generating package documentation and releases. The long-term goal is for it to subsume the various tools and ad hoc scripts that I use to manage my free software releases and web site.
This release includes various improvements to docknot dist for generating a new distribution tarball: xz-compressed tarballs are created automatically if necessary, docknot dist now checks that the distribution tarball contains all of the expected files, and it correctly handles cleaning the staging directory when regenerating distribution tarballs. This release also removes make warnings when testing C++ builds since my current Autoconf machinery in rra-c-util doesn't properly exclude options that aren't supported by C++
Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed. This is a weekly summary of its progress and community. Want something mentioned? Tweet us at @ThisWeekInRust or send us a pull request. Want to get involved? We love contributions.
So let’s talk a bit more about the two goals that I set forth for a Rust foundation. The first was to clarify Rust’s status as an independent project. In some sense, this is nothing new. Mozilla has from the get-go attempted to create an independent governance structure and to solicit involvement from other companies, because we know this makes Rust a better language for everyone.
Unfortunately, there is sometimes a lingering perception that Mozilla “owns” Rust, which can discourage companies from getting invested, or create the perception that there is no need to support Rust since Mozilla is footing the bill. Establishing a foundation will make official what has been true in practice for a long time: that Rust is an independent project.
We have also heard a few times from companies, large and small, who would like to support Rust financially, but right now there is no clear way to do that. Creating a foundation creates a place where that support can be directed.
Rust developer Denys Séguret, from Lyon, France, wanted a better way to view and search directories, so he coded his own, sparking interest from others with similar frustrations.
Broot is a command-line utility for listing and manipulating files and directories – basic functionality that you would have thought could hardly be improved, 50 years since the invention of Unix.
Séguret found that was not the case, particularly when it came to navigating source code that can have thousands of files in a single project. “I deal with many many projects, more than what my brain can memorise. So I always have to look a little to know how a project works,” he told The Register.
"... anybody wanna peanut?" - Fezzik, TPB
When last we saw our heroes, they had just applied PDL::Stats::Kmeans to a CSV file of car data with no thought regarding their own well-being.
In today's episode, we see them slice through data to identify clusters of cars, only to find they know less than they did before!
Read on, true believers!
At the January 2020 Python Frederick event, Patrick Pierson showed the group how you can use Python in different serverless services on AWS and GCP. He also showed a couple of serverless frameworks like Serverless and Chalice.
Python allows you to convert strings, integers, and floats interchangeably in a few different ways. The simplest way to do this is using the basic str(), int(), and float() functions. On top of this, there are a couple of other ways as well.
Before we get in to converting strings to numbers, and converting numbers to strings, let's first see a bit about how strings and numbers are represented in Python.
Note: For simplicity of running and showing these examples we'll be using the Python interpreter.
Python prides itself on being a newbie-friendly language; its developers have gone out of their way to try to ensure that easy tasks are straightforward to program. A recent discussion on the python-ideas mailing list looked at a use case that is common, but often implemented in an inefficient, incorrect fashion, with an eye toward making it easier to do correctly. Finding the first match for a regular expression in a body of text is where the conversation started, but it went in some other interesting directions as well.
When laying out your Qt GUIs it can be quite a tricky task to place every widget in the right position on your forms. Fortunately, Qt offers a set of layout managers that simplify the process of widget positioning and will allow you to easily create any kind of layout. To lay out the widget in a form, you can create everything in code, or you can create your layout with Qt Designer. In this tutorial, you'll learn how to use Qt's layouts with Qt Designer to build complex GUIs for your applications.
Additionally, we'll create a dialog example using several widgets with a coherent layout to reinforce your knowledge and put everything together into a fully functional dialog just like you would create in a real-world application.
Good morning everyone, and what a lovely start to the new year it is, because it’s your birthday! Happy birthday, it’s your 50th! What’s that you say, you aren’t 50 today? (Looks…) That’s what all these internet databases say, because you’ve spent the last decade or so putting 1970-01-01 as your birth date into every online form that doesn’t really need to know it!
It’s been a staple for a subset of our community for years, to put the UNIX epoch, January 1st 1970, into web forms as a birth date. There are even rumours that some sites now won’t accept that date as a birthday, such is the volume of false entries they have with that date. It’s worth taking a minute though to consider UNIX time, some of its history and how its storage has changed over the years.
Opera Software kicked off 2020 with a new stable release of its cross-platform, Chromium-based Opera web browser for GNU/Linux, macOS, and Windows platforms.
Opera 66 has been released earlier this week as the latest and greatest version of this Chromium-based web browser, adding various enhancements to the user interface to make it easier for users to access sidebar extensions, as well as to help them more quickly reopen tabs that were closed by accident.
"We have an easy solution for this, one that doesn’t require going to the full history section. When you click the clock icon that takes you to history, your browser will ask if you would like to reopen your recently closed tabs. If you click yes, they will come back as if you had never closed them in the first place," said Opera Software's Joanna Czajka.
Falco, the open source cloud-native runtime security project originally created by Sysdig, has been accepted as a Cloud Native Computing Foundation (CNCF) Incubation-level project. We sat down with Kris Nova, Chief Open Source Advocate at Sysdig and Loris Degioanni, CTO and Founder of Sysdig to understand the evolution of the project.
There is another Firefox release out there; this advisory suggests that updating quickly would be a good idea: "Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw."
If you use the Mozilla Firefox web browser, the government recommends that you update the browser because of a zero-day vulnerability that could enable hackers to take control of your computer.
The United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) is encouraging those with the Firefox browser to update to versions 72.0.1 and ESR 68.4.1.
“Mozilla has released security updates to address a vulnerability in Firefox and Firefox ESR. An attacker could exploit this vulnerability to take control of an affected system. This vulnerability was detected in exploits in the wild,” CISA’s statement published on Wednesday reads.
Mozilla has released a new version of Firefox that fixes an actively exploited zero-day that could allow attackers to take control of users' computers.
In an advisory, Mozilla rated the vulnerability critical and said it was "aware of targeted attacks in the wild abusing this flaw." The US Cybersecurity and Infrastructure Security Agency said one or more exploits were "detected in the wild" and warned that attacks could be exploited to "take control of an affected system." The Mozilla advisory credited researchers at China-based Qihoo 360 with reporting the flaw.
No other details about the attacks were immediately available. Neither Mozilla nor Qihoo 360 responded to emails asking for more information.
CVE-2019-17026, as the vulnerability is indexed, is a type confusion, a potentially critical error that can result in data being written to, or read from, memory locations that are normally off-limits. These out-of-bounds reads may allow attackers to discover memory locations where malicious code is stored so that protections such as address space layout randomization can be bypassed. Out-of-bounds reads can also cause crashes.
Attention! Are you using Firefox as your web browsing software on your Windows, Linux, or Mac systems?
If yes, you should immediately update your free and open-source Firefox web browser to the latest version available on Mozilla's website.
Why the urgency? Mozilla earlier today released Firefox 72.0.1 and Firefox ESR 68.4.1 versions to patch a critical zero-day vulnerability in its browsing software that an undisclosed group of hackers is actively exploiting in the wild.
Tracked as 'CVE-2019-17026,' the bug is a critical 'type confusion vulnerability' that resides in the IonMonkey just-in-time (JIT) compiler of the Mozilla's JavaScript engine SpiderMonkey.
1969 will forever be known as the year humans walked on the moon. Gary Ross Dahl rocked the world again in 1975 with the introduction of the Pet Rock. And MTV celebrated the moon landing and popular culture – and changed the music world – when it launched in 1981.
The world remembers 1989 as the year the Berlin Wall fell, opening the door to a unified Germany. It’s hard to forget 2008, the year the financial crisis hit. And 2015 was the year of the millennial, when this group surpassed baby boomers as the biggest U.S. generation.
Each year has its defining moments and trends. And 2020 will be the Year of Encryption.
Here’s why: Encryption is a key technology in protecting sensitive information such as social security numbers, government IDs and financial data. It is also an important part of personal data privacy – a key consumer and compliance concern. Given the importance of encryption it is also a subject of debate at the U.S. state and federal level and elsewhere in the world.
One of the first uses of the BPF virtual machine outside of networking was to implement access-control policies for the seccomp() system call. Since then, though, the role of BPF in the security area has not changed much in the mainline kernel, even though BPF has evolved considerably from the "classic" variant still used with seccomp() to the "extended" BPF now supported by the kernel. That has not been for a lack of trying, though. The out-of-tree Landlock security module was covered here over three years ago. We also looked at the kernel runtime security instrumentation (KRSI) patch set in September. KP Singh has posted a new KRSI series, so the time seems right for a closer look. While KRSI is implemented as a Linux security module and is able to make access-control decisions, access control does not appear to be the core goal behind this work. Instead, KRSI exists to keep an eye on system behavior overall in order to detect attacks. It is, in a sense, better thought of as an extension of the kernel's audit mechanism that uses BPF to provide a higher level of configurability beyond what the audit subsystem can do.
The concept behind KRSI is simple enough: it allows a suitably privileged user to attach a BPF program to any of the hundreds of hooks provided by the Linux security module subsystem. To make this attachment easy, KRSI exports a new filesystem hierarchy under /sys/kernel/security/bpf, with one file for each hook. The bpf() system call can be used to attach a BPF program (of the new type BPF_PROG_TYPE_LSM) to any of these hooks; there can be more than one program attached to any given hook. Whenever a security hook is called, all attached BPF programs will be called in turn; if any BPF program returns an error status, then the requested action will be denied.
Security updates have been issued by Debian (firefox-esr), Fedora (firefox), Oracle (kernel), Slackware (firefox and kernel), SUSE (apache2-mod_perl, git, java-1_7_0-ibm, java-1_7_1-ibm, log4j, mariadb, and nodejs8), and Ubuntu (gnutls28, graphicsmagick, and nss).
Here’s everything you need to know about the most dangerous breed of security threats
The cyber security industry might not have perfected the techniques to thwart security threats completely, but it has definitely mastered the art of naming security threats. Names like trojans, worms, viruses, malware, ransomware are a testament to this. But today, we’re going to talk about another threat that might not have as original a name as others but definitely trumps all of them when it comes to destroying your privacy and security: rootkits.
What is a rootkit and what does it mean for you in terms of data security and privacy?
Today, we’re going to explore this pernicious threat — one that might be lurking on your computer right now.
Let’s hash it out.
As American and Iranian forces stand down in the middle East, the next confrontation will take place in a very different environment.
Junior athletes from around the world, including America and Iran, will come face to face on the slopes of the Swiss alps just days after their adult leaders went to the brink of war. Will these young athletes, aged 15 to 18 years, demonstrate more maturity than the man running a superpower?
On my tour of the Lausanne 2020 Olympic Village I was lucky to meet teams from Ireland, Australia and a host of other countries.
From the designation of a new national marine sanctuary to new agreements to restore natural resources damaged from pollution to the collection of emergency response aerial imagery, 2019 was a busy year. Read about our accomplishments from last year in our annual report.
The UK’s first annual African cultural festival is set to be held in the West Midlands this summer.
Described as a “jamboree of all things Africa”, Ubuntu Pride will celebrate a fusion of African culture through traditional music, arts, dance and food.
The event is expected to take place outdoors in Coventry on August Bank Holiday weekend, as organisers continue to plan for the inaugural event.
Samuel Maddock writes that the adoption of the "encrypted media extensions" by the World Wide Web Consortium has had just the sort of effect that people were worried about four years ago. "No longer is it possible to build your own web browser capable of consuming some of the most popular content on the web. Websites like Netflix, Hulu, HBO, and others require copyright content protection which is only accessible through browser vendors who have license agreements with large corporations."
.
The Federal Circuit also vacated the District Court's finding that Amneal's formulation, comprising Opadry, did not satisfy the claim limitation that an infringing formula comprise HPMC, holding that on remand the District Court should determine whether the amount of Opadry in Amneal's formulation comprises 1% to 5% by weight of HPMC.
Regarding Piramal's product, the question before the Court was whether Amgen was precluded by prosecution history estoppel from a finding that this formulation infringed under the doctrine of equivalents. The District Court found, and the Federal Circuit affirmed, that Amgen had narrowed the claims for "reasons related to patentability" by accepting the Examiner's amendment that inserted Markush language regarding the binder and disintegrant limitations. Thus, Amgen was estopped from asserting that the Piramal formulation's pregelatinized starch was an equivalent to the expressly recited povidone in its claims (despite a paper submitted on the record during prosecution after the Examiner issued a Notice of Allowance that "[t]hese amendments have not been made in response to a prior art rejection but rather to place the claims in proper format and to better define the claimed subject matter, including equivalents"). And the panel also found unavailing Amgen's argument that these amendments were tangential to patentability because they were made to avoid the prior art.
Finally, with regard to Zydus's product, the Federal Circuit affirmed the District Court's finding that its product would infringe Amgen's claims. In this case, Zydus's product comprised starch as a diluent, a component expressly recited amongst the Markush group of diluents in Amgen's claims. The panel did not find credible Amgen's expert testimony (proffered with regard to Piramal's product and asserted by Zydus against Amgen's infringement contentions) that starch was a binder and not a diluent (on the ground that the expert proffered inconsistent testimony, changing it somewhat three times). The panel held that the District Court did not err in it infringement finding and affirmed that Zydus's ANDA formulation literally infringed Amgen's asserted claims.
On December 16, 2019, the Federal Circuit affirmed a Delaware jury verdict finding that Hospira infringed Amgen’s method of manufacturing patent on erythropoietin (EPO) and that Amgen was entitled to $70 million in damages because most of the drug substance batches that Hospira made during the pre-approval period were not exempt under the Safe Harbor provision. The case arises from Hospira's December 2014 submission of a Biologics License Application (BLA) to the FDA for approval to market a biosimilar to Amgen’s EPO product, Epogen.
Amgen sued Hospira at the Delaware District Court in September 2015 for infringement of U.S. Patent No. 5,856,298 (the ’298 patent) under 35 U.S.C. €§€§ 271 (a) and 271 (e)(2)(C), and for infringement of U.S. Patent No. 5,756,349 (the ’349 patent) under U.S.C. €§€§ 271 (a). A jury trial was held in September 2017. At the time of the jury trial, Hospira's BLA had not obtained FDA approval even though Hospira had been marketing a biosimilar of Epogen in Europe since 2007 and had expected to receive FDA approval in 2015. Instead, the FDA issued a Complete Response Letter (CRL) rejecting Hospira’s BLA in October 2015. Hospira did not receive its BLA approval until May 2018.
In Amgen, Inc. v. Hospira, Inc., the Federal Circuit explained the application of 35 U.S.C. €§ 271(e)(1)’s safe harbor exemption to methods of manufacturing drug products. Specifically, the court held the exemption applies as long as there is a reasonable basis for believing that each act of manufacture was for uses reasonably related to a Food and Drug Administration (FDA) submission. Moreover, each accused activity or act of manufacture must be evaluated separately to determine whether the exemption applies.
In a case brought in the District of Delaware, Amgen alleged that Hospira infringed several patent claims over methods of manufacturing erythropoietin (EPO), a biologic drug used to treat anemia. Following a trial, a jury issued a $70 million verdict for Amgen, which was based in part on the jury’s conclusion that fourteen batches of drug substance for Hospira’s EPO biosimilar product were not covered by the Safe Harbor provision of 35 U.S.C. €§ 271(e)(1). After the district court denied Hospira’s motion for judgment as a matter of law or alternatively for a new trial, Hospira appealed on a number of issues, including the jury instructions and jury findings on its Safe Harbor defense.[2]
So far there are still no precedential opinions issued in 2020, and this is the first non-precedential patent related decision.
Philips’ patent RE44,913 (“text entry method”) claims a 2001 filing date. At that time, a key focus of mobile-device development was on how to facilitate typing on these small devices with relatively imprecise touchpads. The basic idea behind the invention can be seen in the two figures below. On the left is a “default” keypad with showing “primary characters.”; holding down the “5” key will then switch the display to the keypad on the rights that has more available options (“secondary characters”). After selecting one of those options, they keypad returns to the default state.
[...]
Slip Op. In the end, the appellate panel did not appear to directly fault the Board’s factual conclusions but rather Board’s legal analysis — in particular the meaning of “obvious-to-try” and its impact on the ultimate (legal) conclusion of obviousness.
As 2019 faded and 2020 rose, the US Copyright Office Review Board affirmed two registration refusals; both concerned the attempted registration of layouts used in digital platforms. One regarded a mobile app to monitor energy usage, the other concerned the form of a web application displaying the various procedures performed by a specific doctor. Both were refused due to lack of creative authorship, thus serving as reminders of the minimal yet genuine requirement of "some creative authorship."
[...]
Although concerning distinct works, these refusals to register affirmed two key principles of creative authorship under US copyright. First, although only a mere "modicum of creativity" is required for copyright protection, there is a de minimis threshold, whereby short words and phrases, common shapes and designs, and basic forms are elements ineligible for copyright protection individually. Second, although such elements may be eligible for copyright protection when arranged, selected, and coordinated with creative authorship, arrangement by standard means, such as alphabetization, or "selection" by provision of an exhaustive list do not constitute creative choices. Decisions that are germane to the work at hand or are dictated by function are not eligible for protection; so says the Copyright Office in two separate decades.