Tuxedo has presented the InfinityBook Pro 14, which is trimmed for a low weight with high graphics performance. It uses a processor from Intel’s Tiger Lake-H35 mobile series – the quad-core Core i7-11370H with a thermal design power (TDP) of 35 watts – and Nvidia’s GeForce RTX 3050 Ti graphics chip.
As a Max-Q variant with a TDP of 35 watts, the GPU is trimmed for high efficiency. When the CPU load is low, the GeForce RTX 3050 Ti can also squeeze energy from the processor and thus allow itself up to 50 watts.
In this maximum configuration, Tuxedo installed a 14-inch, viewing-angle display with low-temperature polycrystalline silicon technology (LTPS) in a high 16:10 format. The screen displays 2880 Ãâ 1800 pixels, illuminates with 400 cd / m€² and almost completely covers the sRGB color space.
Linux is free as in freedom and free as in cost, but that doesn't mean it comes cheap. Sure, you can download a GNU-based operating system and load it up on your computer without paying a cent. But if you want to buy a PC that already has a free and open-source desktop pre-installed, that's going to cost you, and it's probably going to cost you a lot.
Why is this? Let's look at six reasons that preinstalled Linux hardware doesn't come cheap.
The FSF has been running a compaign against non free javascript for the past 8 years and Jshelter is the next step along that journey, the purpose of this extension is to limit the privacy invasive nature of Javascript
Efforts to bring Linux to Apple Silicon have resulted in a basic functional desktop, according to the Asahi Linux team.
The project kicked off in earnest with a lengthy blog post earlier this year detailing the challenges involved in getting the OS onto Apple's latest and greatest.
Since then Apple M1 support has been sidling into the Linux kernel and by August the GNOME desktop was shown booting up with the experience described as "not great, but usable."
September's progress report, published today by founder Hector Martin, was packed with good news for fans of the project, including the comment that Asahi Linux "is usable as a basic Linux desktop" albeit without GUI acceleration.
As for what desktop, Martin told The Register: "Whatever desktop you want, that's up to you!"
According to the progress report of September, Asahi Linux is running better than ever, although it still lacks GPU acceleration on M1 Macs as the team approached version 5.16 of the software.
The team was able to merge some drivers such as PCIe bindings, PCIe drive, and USB-C PD drive. Princtrl drive, I2C driver, ASC mailbox driver, IOMMU 4K patches, and Device Power Management are still in review.
Bringing Apple M1 support to Linux has been quite a journey so far as Apple's system-on-chips (SoCs) use loads of proprietary technologies and methods, and Apple has not been exactly cooperative. However, developers have managed to run Linux on an Apple M1-based system and at this point the machine can be used for basic things.
Asahi Linux, a project and community that is working to port Linux to Apple Silicon Macs, is usable as a basic Linux desktop on an Apple M1-powered PC, but without GPU acceleration, according to the progress report.
So far, developers of Asahi Linux have managed to merge various drivers (PCIe, USB-C PD, etc.) and bindings (PCIe) for Linux 5.16. They also managed to make things like pinctrl driver (Apple GPIO pin control), I2C driver, device power management, NVMe + SART driver, and DCP (display control) driver work.
"With these drivers, M1 Macs are actually usable as desktop Linux machines," said Hector Martin, the head of the project. "While there is no GPU acceleration yet, the M1's CPUs are so powerful that a software-rendered desktop is actually faster on them than on e.g., Rockchip ARM64 machines with hardware acceleration."
We have taken a quick trip through history, through a number of the differences between the Linux kernel and the C/C++ memory models, sequence locks, RCU, ownership, zombie pointers, and KCSAN. I give a big "thank you" to everyone who has contributed to this discussion, both publicly and privately. It has been an excellent learning experience for me, and I hope that it has also been helpful to all of you.
To date, Can Rust Code Own Sequence Locks? has proven the most popular by far. Porting Linux-kernel code using sequence locking to Rust turns out to be trickier than one might expect, in part due to the inherently data-racy nature of this synchronization primitive.
So what are those advocating use of Rust within the Linux kernel to do?
Given the data-race-freedom guarantees of Rust's non-unsafe code, one might reasonably argue that there is no point is the Kernel Concurrency Sanitizer (KCSAN) analyzing such code. However, the Linux kernel is going to need unsafe Rust code. Furthermore, even given unanticipated universal acclamation of Rust within the Linux kernel community combined with equally unanticipated advances in C-to-Rust translation capabilities, a significant fraction of the existing tens of millions of lines of Linux-kernel C code will persist for some time to come. Both the unsafe Rust code and the C code can interfere with Rust non-unsafe code, and furthermore safe code can violate unsafe code's assumptions as long as it is in the same module. For all I know, this last caveat might also apply to unsafe code in other modules for kernels built with link-time optimizations (LTO) enabled.
Work toward the signing of BPF programs has been finding its way into recent mainline kernel releases; it is intended to improve security by limiting the BPF programs that can be successfully loaded into the kernel. As John Fastabend described in his "Watching the super powers" session at the 2021 Linux Plumbers Conference, this new feature has the potential to completely break his tools. But rather than just complain, he decided to investigate solutions; the result is an outline for an auditing mechanism that brings greater flexibility to the problem of controlling which programs can be run.
The kernel has had the ability to enforce signatures on loadable modules for years, so it makes sense to consider creating the same mechanism for BPF programs. But, while kernel modules and BPF programs look similar — both are code loaded into the kernel from user space, after all — there are some significant differences between them. The safety of kernel modules is entirely dependent on the diligence of developers. They are built and distributed via the usual channels, are tied to specific kernel versions, and can last for years; they present a stable API to user space. BPF programs, instead, benefit from safety built into (and enforced by) the loader. They are often dynamically built and optimized, they are patched at run time to avoid being tied to kernel versions, and they have a different lifetime; often, they are created on the fly and quickly thrown away. These differences suggest that the same signing mechanism might not work equally well for both types of program.
Somewhat of a surprising change with Intel Gen12.5 graphics is that they have removed the hardware supporting Adaptive Scalable Texture Compression (ASTC). Intel's Linux graphics driver has now been updated to address Gen12.5+ foregoing hardware support for ASTC texture compression.
Adaptive Scalable Texture Compression was much welcomed on the scene particularly by Linux/open-source folks when more than a decade ago S3TC texture compression was quite common but patent-encumbered and posed complications for open-source usage/adoption. ASTC support was added as official extensions to OpenGL and OpenGL ES nearly a decade ago for this lossy block-based algorithm. Since Intel Gen9/Skylake graphics there has been support for ASTC in the graphics hardware while now with Gen12.5 graphics that hardware is being removed.
Earlier this week I posted benchmarks showing how Intel Tiger Lake performance has improved nicely for Ubuntu 21.10 compared to Ubuntu 21.04. Of course, readers immediately wondered whether this also applied on the AMD laptop side... So here are some tests using an AMD Ryzen 9 5900HX with the ASUS ROG Strix G15 AMD Advantage laptop under Ubuntu 21.04, Ubuntu 21.10, and then also looking at running Linux 5.15 + Mesa 21.3-devel Git for an even more bleeding edge experience.
The Squid HTTP Proxy team is very pleased to announce the availability of the Squid-5.2 release!
This release is a security release resolving several vulnerabilities and bugs found in the prior Squid releases.
The major changes to be aware of:
* SQUID-2020:12 Out-Of-Bounds memory access in WCCPv2 (CVE-2021-28116 aka ZDI-CAN-11610)
Due to an out of bounds memory access Squid is vulnerable to an information leak vulnerability when processing WCCPv2 messages.
This problem allows a WCCPv2 sender to corrupt Squids list of known WCCP routers and divert client traffic to attacker controlled routers.
This attack is limited to Squid proxy with WCCPv2 enabled and IP spoofing of a router IP address configured as trusted in squid.conf.
* SQUID-2021:6 Improper Certificate Validation of TLS server certificates (CVE-2021-41611)
When validating an origin server or peer certificate, Squid may incorrectly classify certain certificates as trusted.
This problem allows a remote server to obtain security trust when the trust is not valid. This indication of trust may be passed along to clients allowing access to unsafe or hijacked services.
This problem is guaranteed to occur when multiple CA have signed the TLS server certificate. It may also occur in cases of broken server certificate chains.
* Bug 4922: Improve ftp://... filename extraction
Since 3.5 Squid has incorrectly truncated FTP downloads when the transfer is made in ASCII mode (with ';type=' argument). This release can be expected to work when downloading from all FTP servers.
* Bug 5164: a copy-paste typo in HttpHdrCc::hasMinFresh()
This bug shows up as incorrect HIT and MISS results when caching responses from a server using Cache-Control:min-fresh.
All users of Squid are encouraged to upgrade as soon as possible.
See the ChangeLog for the full list of changes in this and earlier releases.
Please refer to the release notes at http://www.squid-cache.org/Versions/v5/RELEASENOTES.html when you are ready to make the switch to Squid-5
This new release can be downloaded from our HTTP or FTP servers
http://www.squid-cache.org/Versions/v5/ ftp://ftp.squid-cache.org/pub/squid/ ftp://ftp.squid-cache.org/pub/archive/5/
or the mirrors. For a list of mirror sites see
http://www.squid-cache.org/Download/http-mirrors.html http://www.squid-cache.org/Download/mirrors.html
If you encounter any issues with this release please file a bug report. https://bugs.squid-cache.org/
Amos Jeffries
After three years of development , a stable release of the Squid 5.1 proxy server is presented , ready for use on production systems (the 5.0.x releases were beta). After making the 5.x branch stable, from now on, only fixes for vulnerabilities and stability problems will be made in it, and minor optimizations are also allowed. Development of new features will be done in the new experimental branch 6.0. Users of the previous stable 4.x branch are encouraged to plan a migration to the 5.x branch.
Squid is one of the most popular proxy/cache server, and the 5.2 version fixes several vulnerabilities and bugs found in the prior Squid releases.
Squid is a widely-used caching proxy server for Linux and Unix platforms. This means that it stores requested Internet objects, such as data on a Web or FTP server, on a machine that is closer to the requesting workstation than the server.
In other words, it redirects object requests from clients (in this case, from Web browsers) to the server.
Proxies provide added layers of security and cache services that make loading processes faster. Squid supports several caching protocols, such as hypertext caching protocols (HTCP), internet cache protocol (ICP), cache array routing protocol (CARP), and web cache communication protocol (WCCP). It also processes caching requests from Domain Name Server (DNS) lookups and Secure Sockets Layer (SSL).
Now that a new version has been announced, let’s see what has changed in Squid 5.2.
CommaFeed is an RSS feed reader accessible via web browser and can be used easily everywhere. In short, it is an alternative to Google News. It looks very simple and lightweight, and works fast! User can just subscribe news from websites they like and read them anywhere they go. Registration is free and the software behind is free as in freedom. This simple tutorial explains how to use CommaFeed for first timers. Let's start reading!
[...]
For server admins, CommaFeed allows selfhosting and has ability to work with multiple other RSS clients.
This release contains bug fixes to improve robustness. This release note describes what’s different between Istio 1.10.4 and Istio 1.10.5.
It was out at 3pm, and I managed to finish uploading the last bits to Unstable at 9pm… Of course, that’s because all of the packaging and testing work was done before the release date. All of it is, as usual, also available through a Bullseye non-official backports repository that can be added using extrepo (ie: “extrepo enable openstack_xena”).
Finding your Laptop battery status in GUI mode is easy. You could easily tell the battery level by hovering the mouse pointer over the battery indicator icon in the task/top bar. But, how about from the command line? Not everyone know this. The other day a friend of mine asked how to check his Laptop battery level from Terminal in his Ubuntu desktop - hence this post. Here I have included five simple methods which will help you to check Laptop battery status and level in Terminal in any Linux distribution.
In this tutorial, we will show you how to install Plex Media Server on Debian 11. For those of you who didn’t know, Plex is a free piece of software that allows you to organize your movies, TV shows, music, and photos in one beautiful elegant interface and stream those media files on your PC, phone, TV, on the network or over the Internet. Plex can run on Linux, FreeBSD, macOS, Windows, and various NAS systems.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Plex Media Server on a Debian 11 (Bullseye).
A Chromium web browser version with Google integration completely removed for privacy-oriented computer users, that is Ungoogled-Chromium. This tutorial will explain how to install it on Ubuntu, use DuckDuckGo Search engine, and make it default browser with quick and clear instructions. Let's do it!
Linux kernel 5.14 is out and with many new features, support, and security. The Linux 5.14 kernel release has gone through seven release candidates over the last two months and benefits from the contributions of 1,650 different developers. Those that contribute to Linux kernel development include individual contributors and prominent vendors like Intel, AMD, IBM, Oracle, and Samsung.
Vivaldi is an increasingly popular web browser. It is based on Chromium, so you have Chrome like features, but it adds several other features to give a different, intuitive interface.
It comes with tab grouping, ad blocker, mouse gestures, notes manager and even allows adding macros. You could even use split viewing to view multiple pages at once. It also respects your privacy, unlike Chrome.
Learn the commands to install SQLite Database server on Ubuntu 20.04, 18.04, or 21.04 for creating and managing Databases using it.
What is SQLite?
In spite of the many options available for database systems, SQLite is the standard and most simple system. This free, compact, and command-line database program allows you to share data easily with others and save it in a simple format. It is a widely used database application in computers, smartphones, and other everyday applications.
Also, the SQLLite format is used for many desktop applications such as CAD programs, version control systems, record-keeping tools, financial analysis tools, media catalogs, and so forth.
This type of database engine is sometimes called an embedded database as well since you can run it as a part of another program. SQLite becomes even more powerful with the SQLite browser as it is a graphical and completely free software platform for developing and designing SQLite databases. These codes are free to use for private and commercial purposes because SQLite is part of the public domain.
Installing SQLite can be an easy task, but it requires correct knowledge. That’s why we have written this tutorial to give you in-depth details on installing and using SQLite on Ubuntu 20.04.
If you use Red Hat Satellite to manage your infrastructure, you probably occasionally run into situations where you need to access Red Hat Enterprise Linux (RHEL) systems to gather information directly, make changes to systems, review log files, analyze performance metrics, troubleshoot issues, and more.
Previously, if you were in the Satellite web interface and needed to drill down to a specific RHEL system to complete a task, you would generally need to open a secure shell (SSH) client application, establish an SSH connection, and authenticate to the host. Once you were logged in over SSH, you could run the necessary commands on the host.
Amazon Elastic File System(EFS) provides an NFS file system for use with AWS Cloud services and on-premises resources which is simple, scalable, fully managed. We can mount this file system either on AWS Cloud or our on-premises servers. It is built to scale on-demand, grows and shrinks automatically. This means it can grow and reduce its capacity as we add or delete files on it. It is an alternative to our legacy NFS Server. Amazon EFS can be quickly and easily created from the Web Console of AWS. This service manages the infrastructure for us, which means we can avoid the complexity of deploying, patching, and maintaining complex file system configurations. Amazon EFS supports the Network File System version 4 (NFSv4.1 and NFSv4.0) protocol.
A month ago, when sudo 1.9.8 was still under development, we checked out the new log_subcmds option. It allows you log all commands (with some limitations) that are executed by a command started through sudo. For example, you can see if a shell was started through a text editor. The intercept option brings this one step further: you can prevent sub-commands from even running.
In this tutorial, we will show you how to install Mono on Debian 11. For those of you who didn’t know, Mono is a free, open-source development platform based on the .NET Framework. Mono supports most modern operating systems with 32-bit and 64-bit architecture. A growing family of solutions and an active and enthusiastic contributing community helps position Mono to become the leading choice for the development of cross-platform applications.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Mono Framework on a Debian 11 (Bullseye).
This tutorial shows all the ways to install the 3D creation software Blender in Ubuntu, including Snap, Flatpak, native Deb packages, and compile from source tarball.
Blender is a free open-source software for creating animated films, visual effects, computer games. It’s available to install in Ubuntu via a few different package formats. Here you may choose the one that you prefer.
TermRecord is a simple open source tool written in Python, allows saving terminal sessions to an easy-to-share, self-contained HTML file.
In this guide, we will show you how to install TermRecord on CentOS 8.
I will keep this tutorial short and easy to follow. With OpenSSL commands, So we can get much information from a https site like the certificate expiration date, the issuer of the certificates and fingerprint, and more things Lets start now .
I once asked a software developer at work how many times we called fork() in our code. I’ll admit, it was a very large project, but I expected the answer to be — at most — two digits. The developer came back and read off some number from a piece of paper that was in the millions. I told them there was no way we had millions of calls to fork() and, of course, we didn’t. The problem was the developer wasn’t clear on the difference between a regular expression and a glob.
Tools like grep use regular expressions to create search patterns. I might write [Hh]ack ?a ?[Dd]ay as a regular expression to match things like “HackaDay” and “Hack a day” and, even, “Hackaday” using a tool like grep, awk, or many programming languages.
After I learned how subshells can be executed within nushell I was confident that I could handle that part.
The commands in this tutorial to install Doxygen on Ubuntu 20.04 LTS can be used for Ubuntu 18.04/21.04, Linux Mint, Debian, ElementaryOS, MX Linux, POP!OS, and other similar distros.
Doxygen is a free software documentation tool. Using special comments in the source code, Doxygen creates documentation in HTML , LaTeX , CHM (help files under Windows), XML , RTF , PostScript , PDF and man pages . Doxygen analyzes both the comments and the source code itself in order to identify and document modules, classes, methods, and functions as well as various types of variables.
Macchanger is an amazing Linux utility that can be used to view as well as to change the MAC address of any desired networking device. This utility can be conveniently installed on any Linux distribution and then you can use it just the way you like. In this article, we will begin with the installation of this utility on a Ubuntu 20.04 or Linux Mint 20 system and then we will teach you how you can change the MAC address with the help of this utility.
Gitea is a free, open-source, self-hosted, and well-known Git server written in the Go programming language. It is a version control platform similar to Github. It is robust, scalable and offers many features including issues and time tracking, repository branching, file locking, and tagging, merging, and many others. If you are looking for a self-hosted Git service, then probably Gitea is the best option you can use.
In this tutorial, I will show you how to install Gitea on Debian 11.
Icinga2 is a free, open-source and one of the most popular network monitoring tools. It is written in PHP and C++, and allows you to monitor network resources, notifies outages and generates performance data for reporting. It is capable of monitoring various protocols including SMTP, POP3, HTTP, NNTP, ping, CPU load, disk usage, switches, routers, and more. It is made from two stacks Icinga2 and Icinga Web 2. Icinga2 is used as a monitoring server while Icinga Web 2 is the web interface to keep monitoring.
In this article, I will show you how to install the Icinga2 monitoring server on Debian 11.
Git is a distributed version control system that was originally developed by Linus Torvalds in 2005. It has since been made available as an open-source project, allowing for more people to contribute and use it across all platforms of development without charge. It has since grown to be the most widely used distributed version control system (DVCS) in the world. Git became so popular because of its speed, reliability, security, and ease of use. These qualities have allowed it to become a fundamental part of GitHub – one of the largest code repositories in the world – which has over 20 million users on its website alone.
Despite being such an essential tool for many people around the globe, there are still some who don’t know how to install Git on Debian 11 operating systems. This tutorial will show you how to do just that.
Picture this scenario. You run a program. But, you don't know how long it will take to finish. The process keeps running several minutes. You can't wait that much longer, because some other important programs are waiting in the queue. Have you ever been in a situation like this? No worries! I just found a simple trick to suspend a process and resume it later in Linux.
What I am going to do is just pause the currently running process, do some other important tasks, and then resume the stopped process after all other processes are completed. This can be very useful when you have less RAM or Processor to do multi-task. You can pause the running processes at any time, and resume them later, without having to start them all over again. Now let us go ahead and learn to suspend or pause a running process and resume it later in Linux and Unix-like operating systems.
Slow, lots of reading involved and pretty deep mechanically with lots to keep an eye in, Vagrus - The Riven Realms is officially out now. Not one for gamers who want constant action. Vagrus is a game about heading up a travelling caravan that goes through a completely ruined world.
Vagrus is a game that blends quite a few different genres together. It has open-world exploration done through a world-map, which leads into exploring new locations where you will learn about the world and trade to keep your caravan going. Then there's also the brutal turn-based combat, which has a couple different types.
Developer Voidpoint has put up a rather big patch to fix up and improve various parts of the retro shooter Ion Fury. This 2.0 update prepares the game for the Aftershock expansion releasing later in 2022.
A big update ready for new and returning players that enables powerups to be used on the go with a new inventory system, revamped controller support and big performance enhancements. On top of that the game has seen a rebalancing effort for weapons, like the Chain Gun now having more ammo and pushes you back more.
Available release of a lightweight window manager of IceWM 2.8 . IceWM provides full control through keyboard shortcuts, the ability to use virtual desktops, taskbar and application menus. The window manager is configured through a fairly simple configuration file, it is possible to use skins. Built-in applets are available for monitoring CPU, memory, traffic. Several third-party GUIs for customization, desktop implementations, and menu editors are being developed separately. The code is written in C ++ and is distributed under the GPLv2 license.
Over 120 individual programs plus dozens of programmer libraries and feature plugins are released simultaneously as part of KDE Gear.
Today they all get new bugfix source releases with updated translations, including...
KDE e.V., the non-profit organisation supporting the KDE community, is looking for a web designer to implement the environmental sustainability project (KDE Eco) website with Hugo. Please see the job ad for the web designer for more details about this employment opportunity. We look forward to your application.
I woke up too early after a nightmare, and so I decided to sit at my desk and paint. It's been two weeks I'm thinking non-stop about values, brushes, and edges...
After a first set of random strokes on my canvas, I sent it to the filter "Stylize" of Gmic. I applied the style of "A rose" by John White Alexander (1900, Public domain). You'll see easily how the palette of this amazing piece contamined the base sketch I had. Then I painted over this chaos of merged shapes. My brain started to precise the scene you can see on the final artwork and, during the process, I felt happy with it. I was probably still processing the lovecraftian horror show of my bedtime, or maybe it was the listening of masterpieces by Camille Saint-Saëns in my headphones?
Unlike the last snapshot, this is a ‘calm before the storm’ snapshot as Feren OS’s new Store and new icon set update are in the works and neither of them are anywhere near ready yet. Anyway, today, I’m proud to announce the release of Feren OS 2021.10. These releases are a regular occurence that usually occur every 4 months and provide the latest updates to Feren OS at the time of the ISO’s release right from the get-go.
Feren OS 2021.10 Available to Download, Feren OS is a desktop Linux distribution based on Ubuntu and featuring the KDE Plasma desktop. The project’s latest snapshot is Feren OS 2021.10 which includes a new lock screen, new splash screen, and a customized Firefox experience.
I have made a new version of ExTiX – The Ultimate Linux System. I call it ExTiX 21.10 KDE Anbox Live DVD. (The previous KDE/Anbox version was 20.12 from 201208). I have now included Anbox (Android in a Box – Anbox puts the Android operating system into a container, abstracts hardware access and integrates core system services into a GNU/Linux system. Every Android application will be integrated with your operating system like any other native application). So now you can run Android apps in ExTiX. GAPPS (Google Play Services and Google Play Store) are pre-installed in ExTiX 21.10. The second best thing with ExTiX 21.10 is that while running the system live (from DVD/USB) or from hard drive you can use Refracta Snapshot (pre-installed) to create your own live installable Ubuntu/Anbox system. So easy that a ten year child can do it!
Today we are looking at MX Linux 21 RC1, the KDE edition. It comes with Linux Kernel 5.11, based on Debian 11, KDE 5.20, and uses about 1GB of ram when idling. Enjoy!
In this video, we are looking at MX Linux 21 RC1.
The following kernels are available for PCLinuxOS. Kernel 5.4.151. Kernel 5.10.71 and Kernel 5.14.10.
The openSUSE Project is trying to gather more information from open-source developers, development teams, packagers and maintainers through the latest survey that will run from Oct. 7 until Oct. 29.
There are tools to monitor the health of packages, but the project doesn’t have tools to monitor the health of packagers.
Getting ready to upgrade your Red Hat Enterprise Linux (RHEL)? You can get a look at the future with the just-released RHEL 8.5 Beta. Best of all, you'll no longer need an explicit beta subscription to get the operating system. From here on out, all Red Hat accounts come with an unlimited quantity of Red Hat Beta Access subscriptions.
Logs are great for finding out what an application is doing or troubleshooting a possible problem. Almost every application we deal with generates logs, and we want the applications we develop ourselves to generate them too. The more verbose the logs, the more information we have. But left to themselves, logs can grow to an unmanageable size, and they can, in turn, become a problem of their own. So it's a good idea to keep them trimmed down, keep the ones we're going to need, and archive the rest.
DevSecOps is another step in the DevOps journey for your organization. Breaking down your transformation into phases facilitates working directly with developers and other team members. A phased approach also allows you to get feedback from those affected by the change and iterate as necessary.
The pandemic has shown us how fragile our infrastructure services and resilience can be, when faced with a loss of access to datacenter resources, either by way of physical or remote access through reliance on outsourced providers. That’s why at the height of the pandemic last year, we witnessed a significant rethink about the pace at which we move applications and data to the cloud. A major health insurer in Australia whom I spoke to recently said they have moved more data to the cloud than ever before in order to have the capabilities for a remote and diverse team to be able to work on solving digital business use cases.
A fear of failure can stymie an organization’s transformation efforts. Transformation isn’t just about technology. Culture and process are integral components, and change to one or both can create fear in an organization.
Julio Villarreal Pelegrino, distinguished architect, hybrid cloud, at Red Hat advises, "Don’t be afraid to fail. Fail fast and fail often, but learn from failure, incorporate the lessons learned, and share the feedback."
Pelegrino is a part of the first batch of Distinguished Architects at Red Hat: Senior-level technical contributors who've continued to advance in their careers working directly with customers and applying experience and knowledge of Red Hat technologies.
Red Hat’s top priority remains the health and safety of our associates. Throughout the pandemic, we have encouraged vaccination globally, given associates time off to get vaccinated, sponsored vaccination clinics, covered the cost of vaccination for associates in countries where a free vaccine was not available, and required vaccination for associates re-entering offices. Today we are taking another important step: To comply with new U.S. government regulations mandating that employees of federal contractors be vaccinated against COVID-19. As a government contractor, Red Hat must and will require all associates and contractors in the United States to be vaccinated.
In 2015, an issue was opened against Kubernetes about supporting container migration. The problem description mentioned Checkpoint/Restore In Userspace (CRIU) on Linux as a possible basis for a solution. Around the same time, I started to look into how to integrate CRIU into the container stack.
Checkpoint and restore in the container stack
The basic steps to migrate running containers from one node to another—which could also be called stateful migration—are to checkpoint the container on the source node, transfer the checkpoint image to the destination node, and restore the container on the destination node. This way, the container is migrated without losing its state.
In 2015, however, the container stack was not ready to support checkpoint and restore in the orchestration layer (Kubernetes). The container runtime layer, runc, offered limited support for checkpointing and restoring containers, but that support was not yet available in the higher layers of the container stack.
Over the years, I was involved in bringing checkpoint and restore support to these upper layers of the container stack. Around 2018 I implemented checkpoint and restore support in Podman. Bringing checkpoint and restore support, and thus migration support, to Podman required many changes in runc and CRIU. It was necessary to support different Linux security techniques used in containers, including SELinux, AppArmor, and seccomp, before Podman could migrate a container from one node to another without losing any of its state.
Your technology metrics could all appear to be on an upward trajectory, but if you aren’t measuring what matters, or if those numbers aren’t meaningful to key stakeholders, you’ll likely have trouble proving the value and impact of your IT organization.
We asked CIOs who recently won the 2021 Kansas City CIO of the Year ORBIE Awards for their best IT metrics lessons learned during the course of their careers. The awards were presented by the Kansas City CIO Leadership Association, a professional community that annually recognizes CIOs for their excellence in technology leadership.
Automatic upgrades are available from Tails 4.19 or later to 4.23.
I recently did mentoring a new Debian contributor. This is carried out in a framework with OSS Gate on-boarding.
Google has announced the release of the source code Android 12 under the Android Open Source Project (AOSP). This means that the company has kicked off the new version of the popular mobile operating system, which in the coming months should begin to reach some device models through OTA updates.
In order to give Android 12 an early start in real environments, the first devices to receive it will be Google’s Pixel smartphones. Users will be able to install the system by OTA update or by downloading the corresponding image to the device and entering it manually without having to unlock the boot loader or have to delete the data. According to the vice president of engineering of Google, Dave Burke, at the end of the year it will begin to reach the terminals of partners such as Samsung, OnePlus, Oppo, Realme, Tecno, Vivo and Xiaomi.
In terms of data and features related to the system, Android 12 has had the contribution of 225,000 users for testing the beta versions. On the other hand, and in the words of Dave Burke, it promises to offer “the biggest design change in the history of Android” thanks to the implementation of the new design language: Material You .
The Kernel Maintainers Summit is an invitation-only gathering of top-level kernel subsystem maintainers; it is concerned mostly with process-oriented issues that are not easily worked out on the mailing lists. There was no maintainers summit in 2020; plans had been made to hold it in an electronic form, but there turned out to be a lack of things to talk about. In 2021, though, a number of interesting topics turned up, so an online gathering was held on September 24 as part of the Linux Plumbers Conference.
Earlier this year, a bad patch sent by a researcher from the University of Minnesota (UMN) set off a bit of a crisis within the kernel development community when it become known that some (other) patches from UMN were deliberate attempts to insert vulnerabilities into the kernel. Some months after that episode had been resolved, the 2021 Maintainers Summit revisited the issue to see if there are any lessons to be learned from it.
In August, a long-running dispute over drivers for AI accelerators flared up in the kernel community. Drivers for graphics accelerators are required to have at least one open-source implementation of the user-space side of the driver (which is where most of the logic is). Drivers for other types of accelerators have not, so far, been held to that same standard, which has created some friction within the community and an inconsistent experience for developers. The 2021 Maintainers Summit took up this issue in the hope of creating a more coherent policy.
The kernel development community loudly encourages developers to get their code into the upstream kernel. The actual experience of merging code into the mainline is often difficult, though, to the point that some developers (and their employers) simply give up on the idea. The 2021 Kernel Maintainers Summit spent some time discussing the ways in which the community makes things harder for developers without coming up with a lot of ways to make things better.
The kernel development process depends on its subsystem maintainers, who are often overworked and, as a result, grumpy. At the 2021 Kernel Maintainers Summit, Ted Ts'o brought up the topic of maintainer recruitment and retention, but failed to elicit a lot of new ideas from the assembled group.
The Rust for Linux developers were all over the 2021 Linux Plumbers Conference and had many fruitful discussions there. At the Maintainers Summit, Miguel Ojeda stepped away from Plumbers to talk about Rust in a different setting. What will it take to get the Rust patches merged? The answers he got were encouraging, even if not fully committal.
Ojeda started by asking the group whether the community wanted Rust in the kernel. If it goes in, he said, it should do so as a first-class citizen. In his discussions he has encountered a number of kernel developers who are interested in the language; many of them are quite open to it. He has gotten help from a number of those developers in the process. Some groups, including the Android team, actively want it, he said.
The final session of the Kernel Maintainers Summit is traditionally given over to Linus Torvalds, who uses the time to talk about any pain points he is encountering in the process and what can be done to make things run more smoothly. At the 2021 Summit, that session was brief indeed. It would appear that, even with its occasional glitch, the kernel development process is working smoothly.
Torvalds started by saying that the 5.15 merge window was not the easiest he has ever experienced. Part of the problem, he suggested, was that the merge window came at the end of the (northern-hemisphere) summer; much of Europe had been on vacation, and that led to a lot of pull requests showing up at the end of the merge window. In general, though, things are working. His biggest annoyance, perhaps, is having to say the same things over and over during each merge window. The core maintainers know how the process works, those in less central positions tend to make the same mistakes repeatedly; when he takes over 100 pull requests during a merge window, it can add up to a fair amount of irritation.
Opera Browser has been updated to 80.0.4170.16 and shipped to the software repository.
Vivaldi Browser has been updated to version 4.3.2439.39 and shipped to the software repository.
The Brave browser has been gaining in both popularity and userbase for some time now and for good reason. The privacy-centric browser is full of nifty features that make it a top contender against Google Chrome. Let’s find out what these useful features are that make Brave a good alternative.
For the better part of the past decade Google has been pursuing performance improvements to their Chrome/Chromium web browser as the "RenderingNG" initiative to provide faster web page performance, lower memory consumption, and better battery life. This current work is finally wrapping up in 2021 to great success.
In a new blog post on Wednesday, Google is talking up "150% or more faster graphics rendering" compared to older versions of Chrome along with a "6x reduction in GPU driver crashes on problematic hardware". Or even with the new Chrome 93 to 94 transition alone they are proclaiming up to 8% more responsive web pages, up to 1400 years of CPU time per day saved, and up to 0.5% improved battery life.
The saga has been going on for a couple of weeks. I am compiling chromium in EasyOS. Each build takes 13 hours, running on a Lenovo PC with Intel 8th gen. i3 CPU, 32GB RAM, swap partition on internal SSD, the source on an external USB3 SSD.
[...]
I don't recommend installing in a container, as video playing is choppy, with audio out of sync. I think that the other chromium SFS, the official build, does play OK in a container -- from memory -- but as it runs with the "--no-sandbox" option you get that warning message. Note to pup and *dog users. SFSs in EasyOS are a bit different, the SFS won't work for you, as-is. EasyOS has glibc 2.33, and if your pup has an older glibc then it probably won't work. Also, you would need to open it up and modify /usr/bin/chromium script so that it runs as 'spot'. There is folder '.control' that you won't need. Very ambivalent about compiling chromium. So many issues, so many patches. Think maybe should just use the official build from Google. I read some comments, some other distro maintainers are thinking the same thing, mostly because of the API keys problem.
It will be almost three years since we landed initial support for screensharing on Wayland with the use of PipeWire in the WebRTC project. This enabled screensharing support in both major Linux browsers. Last year I implemented support for window sharing, added support for PipeWire 0.3 and added support for DMA-BUF and MemFD buffer types. Problem was, as it turned out, the DMA-BUF support was not implemented in a correct way.
The original implementation was using mmap() to get the buffer content. This worked correctly for current Intel GPUs, but was terrifically slow on e.g. AMD GPUs. Proper solution is to use OpenGL context to get the content from buffer. However, there were many implementations using mmap() already, including WebRTC and we needed a way how to properly communicate between the server and the client that when the client advertises DMA-BUF support, it means it doesn’t use mmap() and goes through OpenGL context instead.
Jan Grulich has been working on a new DMA-BUF implementation within the WebRTC code as the original DMA-BUF buffer sharing code was found to be inadequate. In particular, the original DMA-BUF mmap-based approach was found to perform very slow with the AMD Radeon Linux graphics driver and instead this new implementation allows using an OpenGL context to get the context from the buffer. Long story short, after a lot of work that new WebRTC DMA-BUF code is now good to go.
Last year, during lockdown, many discovered the importance of PDF forms when having to deal remotely with administrations and large organizations like banks. Firefox supported displaying PDF forms, but it didn’t support filling them: users had to print them, fill them by hand, and scan them back to digital form. We decided it was time to reinvest in the PDF viewer (PDF.js) and support filling PDF forms within Firefox to make our users’ lives easier.
While we invested more time in the PDF viewer, we also went through the backlog of work and prioritized improving the accessibility of our PDF reader for users of assistive technologies. Below we’ll describe how we implemented the form support, improved accessibility, and made sure we had no regressions along the way.
The Apache€® Software Foundation (ASF), the world’s largest Open Source foundation, announced today Apache OpenOffice€® 4.1.11, the popular Open Source office-document productivity suite.
Used by millions of organizations, institutions, and individuals around the world, Apache OpenOffice delivered 317M+ downloads* and provides more than $25M in value to users per day. Apache OpenOffice supports more than 40 languages, offers hundreds of ready-to-use extensions, and is the productivity suite of choice for governments seeking to meet mandates for using ISO/IEC standard Open Document Format (ODF) files.
The Apache Software Foundation today announced the release of Apache OpenOffice 4.1.11 as their 14th release while stewarding this open-source office suite.
The Apache Software Foundation talks up this new v4.1.11 release as providing "dozens of improvements, features, and bug fixes" and they say "Apache OpenOffice delivered 317M+ downloads* and provides more than $25M in value to users per day. Apache OpenOffice supports more than 40 languages, offers hundreds of ready-to-use extensions, and is the productivity suite of choice for governments seeking to meet mandates for using ISO/IEC standard Open Document Format (ODF) files."
We recently posted the first batch of videos from the LibreOffice Conference 2021. Now, here are some more! Check out the playlist, using the button in the top-right – or scroll down for links to individual videos (PeerTube also to come)...
The fourteenth edition of the Free Software Foundation's (FSF) conference on technology and social justice will be held in spring 2022, online. The Call for Sessions is now open, and will close on December 1, 2022. Potential talks should examine free software through the lens of this year's theme: Living Liberation.
The LibrePlanet call for sessions is open now, will be open until December 1, and we want to hear from you!
Speaking at a conference, and even submitting a proposal, can be intimidating or hard. Luckily, some great, experienced speakers are volunteering their time to help out during the CFS office hours.
Whether you want to propose a talk and want feedback on your idea, proposal wording, talk title, or just advice on how to deal with nerves, there is one more office hour slot scheduled over the next few weeks.
Version 5.5 brought the option --minibar, for a minimized user interface, and version 5.6 brought the spotlighting of a search match, in black on yellow by default. Subsequent versions added a few minor things and fixed some bugs.
The legendary open source text editor GNU Nano has released version 5.9. Take a look at what features this new release brings.
Nano is a simple command-line text editor inspired by Pico and included by default in the most Linux distributions. It aimed to “emulate Pico as closely as is reasonable and then include extra functionality”. Released as free software by Chris Allegretta in 1999, today nano is part of the GNU Project.
Besides basic text editing, nano offers features like undo/redo, syntax highlighting, interactive search-and-replace, auto-indentation, line numbers, word completion, file locking, backup files, and internationalization support.
Intel's CM Compiler is out with its first big update since earlier in the year for advancing their "C For Metal" GPU programming language effort.
One of Intel's (open-source) GPU computing projects we don't often hear too much talk about is their C for Metal (CM) compiler. Intel C for Metal is a general purpose GPU programming language designed to provide close-to-Assembly level performance on Intel graphics hardware. C for Metal can be used for media processing and other domains at great speed. Those looking for a tutorial / sample code around CM can find Intel's documentation on 01.org.
A new release 0.4.14 of RQuantLib was uploaded to CRAN earlier today, and has by now been uploaded to Debian as well.
QuantLib is a very comprehensice free/open-source library for quantitative finance; RQuantLib connects it to the R environment and language.
It has often been said that the competition between the GCC and LLVM compilers is good for both of them. One place where that competition shows up is in the area of security features; if one compiler adds a way to harden programs, the other is likely to follow suit. Qing Zhao's session at the 2021 Linux Plumbers Conference told the story of how GCC successfully played catch-up for two security-related features that were of special interest to the kernel community.
For the second year in a row, the GNU Tools Cauldron (the annual gathering of GNU toolchain developers) has been held as a dedicated track at the online Linux Plumbers Conference. For the 2021 event, that track started with a talk by David Malcolm on his work with the GCC -fanalyzer option, which provides access to a number of static-analysis features. Quite a bit has been happening with -fanalyzer and more is on the way with the upcoming GCC 12 release, including, possibly, a set of checks that have already found at least one vulnerability in the kernel.
When GCC is invoked with -fanalyzer, it runs a module that creates an "exploded graph" combining information on the state of the program's control and data flow. That state includes an abstract representation of memory contents, known constraints on the values of variables, and information like whether the code might be running in a signal handler. The analyzer then uses this graph to try to explore all of the interesting paths through the code to see what might happen.
The GNU toolchain (initially with the GNU Assembler) has begun landing support for RISC-V's Zbs instructions that are part of the Bitmanip extension to the processor ISA.
Zbs is part of RISC-V's Bitmanip extension, the "bit manipulation" additions to the RISC-V architecture focused on delivering code size reduction, better performance, and lower energy consumption. The 1.0 Bitmanip extension was frozen this summer and thus now moving on to compiler/toolchain support. More details on Bitmanip and the specific Zbs instructions via this repository.
We are really happy to tell you that following the Qt release, Qt for Python is also available!
Many things happened on this release, we decided to communicate a little more on the details of the major milestones that we achieved on this release.
You might have notice that last week only the Windows wheels are available on PyPi, that was due to the wheel size increase from the new modules, but luckily the PyPi team managed to address this quickly.
Nim is a statically typed compiled systems programming language. It combines successful concepts from mature languages like Python, Ada and Modula. The syntax of Nim resembles that of Python.
It is designed to be “efficient, expressive, and elegant” supporting metaprogramming, functional, message passing, procedural, and object-oriented programming styles by providing several features such as compile time code generation, algebraic data types, a foreign function interface (FFI) with C, C++, Objective-C, and JavaScript, and supporting compiling to those same languages.
The compiler and the standard library are licensed under the MIT license.
We always have mixed feelings about the drag-and-drop programming languages. But we were impressed with [SirDan’s] Morse code decoder built with the graphical MakeCode. Granted, it is reading 5 element groups from a button on the BBC micro:bit and not worrying about details such as intercharacter or interelement spacing or word spacing. But it is still a nice demo for MakeCode.
A couple installments into this series of blog posts, I realized an introduction to Perl warnings would be appropriate, with some words on how to turn them off, and why you probably do not want to. Yes, this should have been the first post in the series, but I didn't know it would actually be a series, and, well, maybe better late than never.
The Perl compiler/interpreter can emit warnings when it finds things that may indicate a problem with the code. These are not (yet) enabled by default, but experience has shown that enabling them can highlight conceptual and logic errors.
Back in the early days of Perl 5, these were enabled using the -w command-line option, or by setting the $^W variable to a true value. But this mechanism had two drawbacks: it was all-or nothing, and it was global in scope. Certainly the value of $^W could be localized, but localization does not prevent a called module from seeing changes made by its caller.
In the previous post, I talked about how we could write our own impl Iterator for dyn Iterator by adding a few primitives. In this post, I want to look at what it would take to extend that to an async iterator trait. As before, I am interested in exploring the “core capabilities” that would be needed to make everything work.
A controversy about the handling of the Time Zone Database (tzdb) has been brewing since May, but has come to a head in recent weeks. Changes that were proposed to simplify the main database file have some consequences in terms of time-zone history and changes to the representation of some zones. Those changes have upset a number of users of the database—to the point where some have called for a fork. A September 25 release of tzdb with some, but not all, of the changes seems unlikely to resolve the conflict.
The time-zone database is meant to track time-zone information worldwide for time periods starting at the Unix epoch of January 1, 1970. But, over the years, it has accumulated a lot of data on time zones and policies (e.g. daylight savings time) going back many years before the epoch. As with anything that governments and politicians get involved with, which time zone a country (or part of a larger country) is in, whether it participates in daylight savings time (DST), and when the DST switches are made, are arbitrary and subject to change, seemingly at whim. Tzdb has been keeping up with these changes so that computer programs can handle time correctly since 1986 or so, when it was often called the "Olson database" after its founder, Arthur David Olson.
Oculus is part of Facebook, a company that does many evil things including surveillance, censorship and tax avoidance, The Quest cannot be used without a Facebook account and it runs Android, a nonfree OS. Installing a free OS such as PureOS or the GUIX system seems to be impossible, since the bootloader is most likely locked down. Of course I don’t want to play nonfree games such as VRChat, which most likely spy on the player. By contrast VSekai is free software built on top of the Godot engine. The Godot engine runs on my Talos II and most likely it will also run on the Librem 5, and future hardware based on the Libre-SOC which I have been contributing to. Cardboard is great if ungoogled.
This offering from Google is false advertising. There is no means for an electricity customer to select the source of the electricity provided to their premises.
NXP has launched a headless “i.MX8X Lite” SoC for automotive telematics, V2X, and IIoT, with up to 2x Cortex-A35 cores plus a Cortex-M4 core and a security block with V2X acceleration and NXP EdgeLock security.
Automotive telematics was one of the key applications mentioned by NXP when it announced the up to quad-core, Cortex-A35 i.MX8X system-on-chip back in 2017. Now, NXP has announced a headless, 1x or 2x -A35 i.MX8X Lite variant with an even greater emphasis on telematics and a special focus on emerging automotive systems that support V2X (Vehicle-to-Everything) communications.
The Linux-driven SoC is also suitable for industrial IoT applications that require low power consumption, security, and connectivity, but do not require graphics. NXP announced the i.MX8X Lite via sites such as NewElectronics.
The PICMG consortium is better known for COM Express and COM HPC standards for x86 industrial computers-on-module, but last year they started catering to the IIoT sector with the introduction of the microSAM System-on-Module (micro Sensor Adapter Modules) standard for microcontrollers and IIoT sensors.
The consortium has now ratified the IoT.1 firmware specification defining a communication standard between sensors/effecters and local IoT controllers such as microSAM specified by PICMGs IoT.0 specification.
Two years ago, we noted Energous’ WattUp hearables developer kit that would charge earbuds with the company’s WattUp near-field wireless charging technology. The company has now introduced the WattUP 1W active energy harvesting developer kit capable of charging multiple IoT devices with at-a-distance wireless charging.
The kit is said to be “active” because there’s a 6-inch transmitter, let’s call it a power gateway, and several IoT devices that harvest energy from it. Traditional passive solutions will harvest ambient energy from the surrounding environment, and may not deliver enough power, and do so unpredictably.
Finland on Thursday paused the use of Moderna's COVID-19 vaccine for younger males due to reports of a rare cardiovascular side effect, joining Sweden and Denmark in limiting its use.
As a matter of urgency generated update of http-server Apache 2.4.50, which eliminated already actively exploited 0-day vulnerability ( the CVE-2021-41773 ), allowing you to access your files from areas outside the site root. The vulnerability can be used to load arbitrary system files and source texts of web scripts that are readable by the user under which the http server is running. The developers were notified of the problem on September 17, but were able to release the update only today, after cases of using the vulnerability to attack sites were recorded on the network.
The danger of the vulnerability mitigates the fact that the problem manifests itself only in the recently released version 2.4.49 and does not affect all earlier releases. The stable branches of conservative server distributions have not yet used the 2.4.49 release ( Debian , RHEL , Ubuntu , SUSE ), but the issue has affected continuously updated distributions such as Fedora , Arch Linux and Gentoo , as well as the FreeBSD ports .
According to a security advisory dated October 5, the bug is known to be actively exploited in the wild.
Apache HTTP Server is a popular open source project focused on the development of HTTP server software suitable for operating systems including UNIX and Windows.
The release of Apache HTTP Server version 2.4.49 fixed a slew of security flaws including a validation bypass bug, NULL pointer dereference, a denial-of-service issue, and a severe Server-Side Request Forgery (SSRF) vulnerability.
Following responsible disclosure, the issue has been rectified in Yamale version 3.0.8. "This release fixes a bug where a well-formed schema file can execute arbitrary code on the system running Yamale," the maintainers of Yamale noted in the release notes published on August 4.
Security updates have been issued by Debian (firefox-esr), Mageia (cockpit, fail2ban, libcryptopp, libss7, nodejs, opendmarc, and weechat), openSUSE (curl, ffmpeg, git, glibc, go1.16, libcryptopp, and nodejs8), SUSE (apache2, curl, ffmpeg, git, glibc, go1.16, grilo, libcryptopp, nodejs8, transfig, and webkit2gtk3), and Ubuntu (linux-oem-5.10 and python-bottle).
ESET researchers have discovered a previously unknown malware family that utilizes custom and well-designed modules, targeting systems running Linux. Modules used by this malware family, which we dubbed FontOnLake, are constantly under development and provide remote access to the operators, collect credentials, and serve as a proxy server. In this blogpost, we summarize the findings published in full in our white paper.
When you take out a loan or get a credit card, the headline figure is the "APR" – the annual percentage rate of interest. But anyone who's ever borrowed because they were poor and needed money has learned the hard way that APRs are pure fiction.
To get the true APR (what economists politely call the "effective" APR) you have to factor in the fees, penalties and other gotchas that turn reasonable seeming interest rates into perennial, inescapable debt-traps.
On 30 September, the Committee of Legal Affairs (JURI) in the European Parliament approved its draft report on a Single Market For Digital Services (Digital Services Act). We had expressed our concerns about negative fundamental rights implications€ of some proposed measures in the report to the Members of the European Parliament. However, it did not stop the JURI Committee from giving them their green light.
In courtrooms across the globe, arguments continue to rage as to the extent of an SEP owner's FRAND undertaking. In exchange for getting their technology incorporated into a standard (meaning that, if essential to the standard, that technology has to be used by users of the standard), SEP owners have to give an undertaking - known as a FRAND undertaking. This undertaking obliges SEP owners to be prepared to licence their patents on Fair, Reasonable and Non-Discriminatory (FRAND) terms. Otherwise, unlike normal patents where competitors do not have to use the technology, SEP owners are in a position which could allow them to extract extremely high and possibly anti-competitive royalties from their competitors or stop them from participating in the standard and market completely (which were vices the European Commission wished to be addressed with the ETSI IPR Policy). Thus, the FRAND undertaking is a safeguard that seeks to balance users' interests with SEP owners' interests in protecting their IP. But the courtroom debates in the US, Germany, UK and China have raised numerous unanswered questions about what this means. How wide or narrow is this FRAND undertaking? To whom is the FRAND undertaking owed? What does FRAND even mean? The second question was subject to the CJEU referral in the Nokia v Daimler (see previous posts here), but which has so far remained unanswered in Europe. In the second of a two-parter opinion piece, two US patent and anti-trust litigators in the form of Mark Selwyn, Tim Syrett and Alix Pisani of WilmerHale (who have acted in some of these cases) discuss their view of what is going on and where the answer might, and should lie.
This guest post, addressing Monsanto’s OA18791A patent, is brought to you by Lodewijk Van Dycke. Lodewijk is a PhD candidate and affiliated researcher at KU Leuven Centre for IT & IP Law (CiTiP) and a scholarship holder at Max Planck Institute for Innovation and Competition. His main areas of research include law, agricultural policy and international development.
[...]
This article is about Monsanto’s OA18791A patent. The initials OA give away that the patent is an OAPI patent. OAPI (Organisation Africaine de la Propriété Intellectuelle) is an IP organisation that has subsumed the IP competence of 17 West and Central African countries. The closing initial A suggests the patent is just an application, but this is not true. OAPI granted the patent on 31 May 2019. It belongs to a patent family whose priority goes back to the US provisional patent application US62/249,758 or US201562249758P. The PCT number of the family, which includes applications in the EPO, China and Australia, is WO2017079266A1.