Simon Coter (Director of Product Management) has pleased to tannounce the latest stable release of Oracle Linux 8 on 18th July 2019.
Oracle Linux 8 ships with Red Hat Compatible Kernel (RHCK) kernel-4.18 and distributed through a combination of BaseOS and Applications Streams.
Oracle Linux (OL, formerly known as Oracle Enterprise Linux) is a Linux distribution packaged and freely distributed by Oracle. It is compiled from Red Hat Enterprise Linux (RHEL) source code, replacing Red Hat branding with Oracle’s.
Tech behemoth IBM has been progressively working in the field of AI and has made several contributions in this domain. The researchers at IBM are continuously trying to detangle the unknown knots behind artificial intelligence.
Recently at Oscon 2019, Data Asset eXchange (DAX) was launched by IBM. DAX is basically an online centre which is built for artificial intelligence developers and data scientists and contains organised datasets under open data license.
IBM on Tuesday launched the IBM Data Asset eXchange (DAX), a repository of free and open datasets for machine learning. While there are plenty of options online for finding open datasets, IBM says DAX is uniquely curated for the enterprise.
IBM unveiled a trio of new open source projects targeted at helping developers more quickly build cloud-native applications for Kubernetes. The moves come on the heels of the company closing its $34 billion acquisition of open source powerhouse Red Hat.
The new projects are Codewind, Appsody, and Kabanero. Appsody uses components from Codewind, while Kabanero uses components from both Codewind and Appsody.
Codewind provides extensions to integrated development environments (IDEs) like VS Code, Eclipse, and Eclipse Che to build applications in containers. It allows developers to iterate, debug, and performance test applications inside of containers similar to how those applications run in a production environment. IBM said that this essentially allows developers to build applications in containers without knowing they are working in containers.
The online hub is created to meet the needs of those developers, who adopt ML models, and need open data that they can use confidently under clearly defined open data licenses
To lower the barriers of entry for developers to use Kubernetes and to bring together different disciplines, IBM has created new open source projects Kabanero, Appsody, and Codewind—that make it faster and easier to develop and deploy applications for Kubernetes
Hot on the heels of acquiring Red Hat, IBM has made two announcements that reconfirm its commitment to open source.
AT&T and IBM forged a new multi-year alliance that will blend IBM’s expertise in the enterprise with AT&T’s networking prowess. AT&T Business will become IBM’s primary provider of SDN and IBM will help AT&T improve and migrate its business applications to IBM Cloud.
AT&T will also use Red Hat’s open source platform to manage workloads and collaborate with IBM on multi-cloud capabilities around 5G, edge computing, and IoT. AT&T’s expanded usage of Red Hat comes just a week after IBM finalized its $34 billion acquisition of the hybrid cloud provider, making it the first major partnership in the telco space since IBM gained control of Red Hat.
Red Hat is an “integral part of today’s announcement” because AT&T can use the technology to convert its business applications with containers, microservices, and make those applications more portable, said Sid Nag, research vice president at Gartner. “AT&T’s always been a big proponent of open source.”
After the International Business Machines Corp. (IBM) completed the acquisition of Red Hat for $34 billion earlier this month, a top executive from the iconic software company with an open source development model has said that it was a "match made in heaven" that will help it accelerate growth globally, including in India.
In India, Red Hat, which specialises in Linux operating systems, has engineering facilities in Pune and Bengaluru.
[...]
Founded in 1993, Red Hat is credited for bringing open source -- including technologies like Linux, Kubernetes, Ansible, Java and Ceph, among others -- into the mainstream for the enterprises.
Today, Red Hat products and services are widely used by government agencies as well as emerging companies in technology, finance, healthcare, civil aviation and other industries.
Armonk, New York-headquartered IBM particularly hopes that Red Hat's open hybrid Cloud technologies would help it position itself as a leading hybrid Cloud provider.
"At the core of what we do is turning projects in the open source communities into products because at the end of the day, our customer is an enterprise software customer," Allessio said.
As a last minute surprise for the Linux 5.3 kernel merge window is support for the keyboard and trackpads on newer Apple MacBooks and MacBook Pro laptops.
Linux up to now hasn't had mainline support for the keyboard and trackpad on recent years of MacBooks: from MacBook8,1 or later or MacBookPro13 and MacBookPro14 models. These IDs roughly correlate to the MacBook systems since the end of 2015. There hasn't been this Linux support since rather than being exposed as USB devices lke all of the other modern laptops, Apple made the strange move of making them SPI devices instead. Beyond that, Apple has never documented its protocol in use with this SPI controller for supporting these keyboards and trackpads.
IO_uring is designed to deliver fast and efficient I/O operations thanks to a re-designed interface introduced in Linux 5.1 with various efficiency improvements compared to the kernel's existing asynchronous I/O code. But it turns out there was a big bottleneck within the current IO_uring code up until now.
IO_uring was a big feature of Linux 5.1 though still needs to become more widely adopted. In working on using IO_uring, a developer discovered that I/O submission time drops terribly when registering a large fixed buffer and I/O is being done on the latter pages of that buffer.
Also today, Carbon Relay announced it has joined the Cloud Native Computing Foundation (CNCF) to support the Kubernetes community and commercial use of cloud native technologies.
Landing this week in Mesa 19.2 for the Lima Gallium3D driver for Arm Mali 400/450 series hardware is a reworked GPIR regiaster scheduler.
The change to their existing scheduler is that the scheduling is now done at value register allocation time and other improvements made in the process.
We all know what Signal is. By using this app, you can easily talk to your friends without all the SMS fees. You can also create groups, share media and all kinds of attachments – it’s all private. The server never gets access to your messages. However, if you don’t like this app, we come with the best 5 alternatives for it.
I have moved the development of switchconf from a private svn repo to a git repo in salsa: https://salsa.debian.org/debian/switchconf Created a virtual host called http://software.calhariz.com were I will publish the sources of the software that I take care. Updated the Makefile to the git repo and released version 0.0.16.
Just one week after releasing DXVK 1.3, lead developer Philip Rebohle has released DXVK 1.3.1 with a few more features plus a number of bug fixes -- including performance work.
The two principal new features of DXVK 1.3.1 are logging improvements and GPU load monitoring support in the DXVK HUD. The GPU load monitoring are estimates based on Vulkan timing information within DXVK as opposed to using driver-specific queries; Philip acknowledges that the number may be inaccurate when CPU load is very high. Those wanting to try out that GPU load monitoring in the heads-up display can do so via the DXVK_HUD=gpuload environment variable.
Developer Philip Rebohle has given the gift of code this weekend, with a new release of DXVK now officially available.
DXVK 1.3.1 comes just over a week after the last release, as DXVK 1.3 had a regression that needed sorting. Anyway, in this new release there's various logging improvements, which includes the device capabilities supported by the driver and user by the game being logged in addition to supported Vulkan extensions. There's also now a GPU load monitor which you can enable on the HUD with "DXVK_HUD=gpuload", however, this can be innaccurate if CPU load is very high.
Feral developers released a new version of their GameMode Linux game performance optimization daemon/client this weekend in order to allow this update to land in the upcoming Fedora Workstation 31. GameMode 1.4 offers up many features including new interfaces for allowing better GNOME integration and thus the Fedora interest in seeing this version in their autumn Linux distribution update.
What a lovely weekend for some open source releases. Hot on the heels of a new DXVK release, the performance optimization tool GameMode spearheaded by Feral Interactive has a new release out.
Originally starting off as a sort of stop-gap solution due to issues with CPU governors, GameMode has gradually expanded to include a range of features aimed at the performance conscious Linux gamer. It's integrated into some Linux game ports by Feral Interactive including DiRT 4, Rise of the Tomb Raider, Total War: WARHAMMER II, Total War: Three Kingdoms and Total War Saga: Thrones of Britannia.
Overload is possibly the best six-degree-of-freedom shooter I've played in the past few years, sadly it has been overlooked by a lot of gamers.
It's limping on though, with a new Community Level Pack available for around €£3.99. This includes nine single player levels, stitched together to form an entirely new mission. It includes progression, unlocks and a secret level. There's also twelve new challenge mode levels and online leaderboard support.
Here's a fun recent discovery, Songs of Syx an in-development title from Swedish developer Jakob de Laval. It's a city-builder with empire management, tactical battles and rpg-elements and it's looking good.
With an interesting pixel-art top-down view, Songs of Syx reminds me a little of Rise to Ruins, another great pixel-art builder. It's been in development since 2014, with an Early Access release due sometime in March next year with support for Linux, Mac and Windows.
Somehow we’ve gone through 80 weeks of progress reports for KDE’s Usability & Productivity initiative! Does that seem like a lot to you? Because it seems like a lot to me. Speaking of a lot, features are now pouring in for KDE’s Plasma 5.17 release, as well as Applications 19.08. Even more is lined up for Applications 19.12 too, which promises to be quite a release.
With the KDE Plasma 5.17 release, the desktop will make it easy to see a network's QR code for in turn making it super quick and simple for sharing network information with other users and devices.
Plasma 5.17 has merged the support for being able to pull up a QR code for the current network information so that others can quickly take a picture of it. The QR code is a maximized window on the desktop and contains all relevant WiFi information.
About mutter ============
Mutter is a window and compositing manager that displays and manages your desktop via OpenGL. Mutter combines a sophisticated display engine using the Clutter toolkit with solid window-management logic inherited from the Metacity window manager.
While Mutter can be used stand-alone, it is primarily intended to be used as the display core of a larger system such as GNOME Shell. For this reason, Mutter is very extensible via plugins, which are used both to add fancy visual effects and to rework the window management behaviors to meet the needs of the environment.
News ====
* Discard page flip retries on hotplug [Jonas; !630] * Add xdg-output v2 support [Olivier; #645] * Restore DRM format fallbacks [Jonas; !662] * Don't emit ::size-changed when only position changed [Daniel; !568] * Expose workspace layout properties [Florian; !618] * Don't use grab modifiers when shortcuts are inhibited [Olivier; #642] * Fix stuttering due to unchanged power save mode notifications [Georges; !674] * Add API to reorder workspaces [Adam; !670] * Make picking a new focus window more reliable [Marco; !669] * Defer actor allocation till shown [Carlos; !677] * Try to use primary GPU for copy instead of glReadPixels [Pekka; !615] * Unset pointer focus when the cursor is hidden [Jonas D.; !448] * Fix modifier-drag on wayland subsurfaces [Robert; !604] * Fix background corruption on Nvidia after resuming from suspend [Daniel; !600] * Only grab the locate-pointer key when necessary [Olivier; !685, #647] * Misc. bug fixes and cleanups [Florian, Jonas, Daniel, Robert, Olivier, Georges, Marco, Carlos, Emmanuele; !648, !650, !647, !656, !658, !637, !663, !660, !659, !665, !666, !668, !667, #667, !676, !678, #672, !680, !683, !688, !689, !687]
Contributors: Jonas Ãâ¦dahl, Emmanuele Bassi, Adam Bieà âkowski, Piotr DrÃâ¦g, Jonas Dreßler, Olivier Fourdan, Carlos Garnacho, Robert Mader, Florian Müllner, Georges Basile Stavracas Neto, Pekka Paalanen, Marco Trevisan (Treviño), Daniel van Vugt
Translators: Fabio Tomat [fur], Kukuh Syafaat [id]
Florian Müllner released new development versions of GNOME Shell and Mutter today for this week's GNOME 3.33.4 development milestone.
Hooks are an extension feature provided by all package managers that are used in larger Linux distributions. For example, Debian uses apt, which has various maintainer scripts. Fedora uses rpm, which has scriptlets. Different package managers use different names for the concept, but all of them offer package maintainers the ability to run arbitrary code during package installation and upgrades. Example hook use cases include adding daemon user accounts to your system (e.g. postgres), or generating/updating cache files.
Triggers are a kind of hook which run when other packages are installed. For example, on Debian, the man(1) package comes with a trigger which regenerates the search database index whenever any package installs a manpage. When, for example, the nginx(8) package is installed, a trigger provided by the man(1) package runs.
Over the past few decades, Open Source software has become more and more uniform: instead of each piece of software defining its own rules, a small number of build systems are now widely adopted.
Hence, I think it makes sense to revisit whether offering extension via hooks and triggers is a net win or net loss.
Today we are looking at Sparky Linux 5.8. This point release of Sparky 5 comes with LXQt 0.14.1, Debian Buster, Linux Kernel 4.19 and uses about 350MB of ram when idling.
Sparky Linux LXQt has become one of my favorites, as it has a modern feeling, with the latest of Qt and the stability of Debian, makes it one great combination. Enjoy!
In this video, we look at Sparky Linux 5.8. Enjoy!
As before, after releasing a new stable version of Sparky, there are a few changes to do.
So…
Sparky 4 “Tyche” is moved to oldstable line now. The latest 4.11 release is the last one of the 4 line, but it is still supported, the next 2 years about.
Sparky 5 “Nibiru” just released, moving it from testing to stable line. The stable live/install media are available for i686, amd64 & armhf archs (the same as the older release).
SparkyLinux Team is pleased to announce the latest stable release of SparkyLinux 5.8 on 17th July 2019.
This release is based on Debian 10 “Buster” and codenamed “Nibiru”.
This is the 1st point release of the new stable line 5.8.
DebConf, the annual conference for Debian contributors and users interested in improving the Debian operating system, will be held in Federal University of Technology - Paraná (UTFPR) in Curitiba, Brazil, from July 21 to 28, 2019. The conference is preceded by DebCamp from July 14 to 19, and the DebConf19 Open Day on July 20.
The Open Day, Saturday, 20 July, is targeted at the general public. Events of interest to a wider audience will be offered, ranging from topics specific to Debian to the greater Free Software community and maker movement.
The event is a perfect opportunity for interested users to meet the Debian community, for Debian to broaden its community, and for the DebConf sponsors to increase their visibility.
Less purely technical than the main conference schedule, the events on Open Day will cover a large range of topics from social and cultural issues to workshops and introductions to Debian.
Internet of Things (IoT) is a new predominant technology for this advanced world. This technology can change the lifestyle people lead. Question is what the Internet of Things is? IoT can be described as a network of physical objects connected through the internet. Physical objects could be anything that contains embedded electronics, software, sensor, etc. with the internet. Using the IP addresses, those smart objects can exchange data among the network and can make a decision. A significant number of researches is going on over the IoT trends and projects. In this article, we will talk about a few IoT project ideas based on standard IoT protocols, so that readers get the basic knowledge about the Internet of Things. These internet of things example are keen, useful, and interesting to build.
SparkFun has released the SparkFun Artemis, Engineering Version, an open-source embedded development kit that supports the TensorFlow machine learning environment. Designed for toolchain-agnostic, low-power machine learning development, the 15.5 mm x 10.5 mm Artemis board includes...
[...]
In addition to a secure firmware update system, flexible, serial peripherals, a suite of clock sources, and camera compatibility, the Artemis board features large SMD pads that support carrier board implementations. SparkFun has launched three carrier boards in conjunction with the release of the Artemis, Engineering version board: the BlackBoard Artemis (Arduino Uno footprint); BlackBoard Artemis Nano (smallest form factor); and BlackBoard Artemis ATP (with 48 GPIO pins).
With the shortage of Gemini Lake processors, some manufacturers have taken to releasing new mini PCs using older CPUs
In online spaces, “tolerance” refers to who you allow in the community. To be tolerant means to allow people from all walks of life into your space, regardless of race, sexual or gender identity, or other factors used to marginalize people within society. To go further, a good community should do more than tolerate them, but let them know that they are welcome and that they will not be marginalized within the community.
A person is marginalized when they are abused for their identity, or made to feel less important because of it. In real life, this manifests as workforce discrimination, housing discrimination, police brutality, and many other forms of oppression that make it so that the value of a victim’s life and livelihood are less important than the oppressor’s. In an online space, marginalization is more subtle. It would be if a black person saw someone use the “n word” – or worse, is called one – without reprucussion. It would be if a trans woman had to deal with someone saying that they are “men trying to invade women’s spaces”. It would be if a woman in general had to deal with men making sexual remarks and unwanted advances. These things all make the victims uncomfortable, and the lack of action taken can make them feel unimportant.
Some communities like to think of themselves as “perfectly tolerant”. This means that they would tolerate people that take actions to make marginalized people uncomfortable. When a community does this, they are actually being intolerant, and enabling abusers.
Research institutions and national labs across the globe are pouring hundreds of thousands of research hours into every conceivable aspect of space science. And, overwhelmingly, the high performance computing (HPC) systems used for all research are running open source software.
In fact, 100% of the current TOP500 supercomputers run on some form of Linux.
Therefore, it’s likely that the future of space exploration will be built on the open source philosophy of knowledge sharing and collaboration among researchers and developers. Success will depend on the adoption of open technologies to stimulate collaboration among nations, as well as advances in the field of AI and machine learning.
Although these are ambitious objectives that could take several years to fully implement, we are already seeing great progress: open source software is already running in space, AI and machine learning is used in spacecraft communications and navigation, and the number of commercial companies interested in the space economy is growing.
With the new platform, ElectrifAi’s data scientists – as well as those of its customers – can code and access data in any programming language. According to ElectrifAi, the incorporation of Docker Containers and Kubernetes enables the firm to build and deploy hybrid cloud enterprise solutions at scale.
There has been much dialog, but not much action with regard to the evolution of retail trading platforms in recent years.
For many brokerages, relying on the status quo which represents an unholy alliance between third party vendor MetaQuotes, thereby disabling a broker from owning its own client base or infrastructure and becoming subservient to an affiliate marketing platform rather than empowered by a multi-faceted trading platform, remains.
FinanceFeeds has attended numerous meetings with brokerage senior executives across the globe, all of whom understand the value and importance of going down the multi-asset product expansion route, and almost all of whom understand the clear virtues of having a bespoke user interface which engenders a loyal customer base, enables brokers to own the entire intellectual property base of its business – which let’s face it is why entrepreneurs start businesses in the first place – and offer differentiating services to specific audiences.
A simple glance at the continuity and geographic location of client bases of companies such as Hargreaves Lansdown or CMC Markets, and the absolute lack of reliance on affiliate networks is testimony to that.
This week, Richard Goers, CEO of Australian professional trading platform development company ManagedLeverage spoke out about a continuing issue which is something that has been prominent in the viewpoint of FinanceFeeds for some years, that being the development of open source platforms.
With open-source software, problems are solved faster than by any other means.
One thing I wanted to say is, don’t be fooled by the internet. It’s cool to get on the computer, but don’t let the computer get on you. It’s cool to use the computer, don’t let the computer use you. Y’all saw The Matrix. There’s a war going on. The battlefield’s in the mind. And the prize is the soul. So just be careful. Be very careful. Thank you.
The diversity in the open source software world can be a boon and a bane to wider adoption in the enterprise.
After all, without the right knowhow, it can be hard to figure out how they are going to work together on existing infrastructure – and if the chosen projects will eventually survive.
That’s where open source companies such as Suse step in. While smaller than US-based rival Red Hat, Suse has found its footing in identifying and supporting open source projects that help to run mission-critical enterprise workloads, improve developer productivity and solve business problems in industries such as retail.
iRODS is open source storage data management software for data discovery, workflow automation, secure collaboration, and data virtualization. By creating a unified namespace and a metadata catalog of all the data and users within a storage environment, the iRODS rule engine allows users to automate data management.
[...]
Alan Clark, SUSE CTO Office lead focused on Industry Initiatives and Emerging Standards and chairman of the OpenStack Foundation board of directors, said, “SUSE is excited to join the iRODS Consortium, lending our open source technical expertise to help advance the iRODS data management software. The integration with SUSE Enterprise Storage helps customers lower total cost of ownership, leveraging commodity hardware to support their iRODS-managed storage environments. As a leading provider of open source software, SUSE helps our customers leverage the latest open source technologies for application delivery and software-defined infrastructure. SUSE tests and hardens our solutions, ensuring they are enterprise ready and backed by our superior support experience.”
To help facilitate future community development, Data Realms have released the game’s source code.
As companies plow more and more investment into AI research, China has finally woken up to the realisation of open source and how it can shape the development of a field that’s becoming increasingly attractive. Over the last few years, open-source has become the foundation of innovation — and the major contributions come from tech giants like Facebook, Microsoft, Google, Uber and Amazon among others. In November 2015, Google made an unparalleled move by open-sourcing its software library — which now rivals Torch, Caffe and Theano.
These are the open-source lessons that big Chinese companies seem to be learning fast. Traditionally, Chinese firms have trailed behind their US counterparts when it comes to the contributions from the US and Europe, but that’s changing now. Over a period of time, Chinese tech companies are trying to grow their influence in the open-source world by building a robust ecosystem. Not only that, they have learnt that open-sourcing tech can help attract great ML talent and increasingly it is also making good business sense. At a time when the AI tool stack is evolving, enterprises are rushing to grab a pie and provide a unified software and hardware technology stack. Internet and cloud Chinese tech giants have woken up to the promise of open source and AI-related datasets and models can serve the bigger business goals of the companies.
Thus, the number of fonts you have currently installed directly affects TenFourFox's performance, and TenFourFox is definitely not the only application that needs to know what fonts are installed. If you have a large (as in several hundred) number of font files and particularly if you are not using an SSD, you should strongly consider thinning them out or using some sort of font management system. Even simply disabling the fonts in Font Book will help, because under the hood this will move the font to a disabled location, and TenFourFox and other applications will then not have to track it further.
Alluxio is one of the many leading open-source projects/companies – including Spark and Mesosphere – that emerged from UC Berkeley Labs. Haoyuan (H.Y.) Li Founder, Chairman and CTO of Alluxio, sat down with Swapnil Bhartiya, Editor-in-Chief of TFIR to discuss how Alluxio is providing new ways for organizations to manage data at scale with its data orchestration platform.
Alluxio’s data orchestration layer has increased efficiency by four times, so companies are finding that work that used to take one year now takes three months.
For many enterprise companies, the path to the cloud starts with an intermediate step of a hybrid cloud approach, Li said. He also sees widespread enterprise adoption of a multi-cloud strategy.
Amidst financial troubles and departure of chief executive Tom Reilly, company says it wants to emulate success of pure open source pioneer Red Hat.
Trying to survive the carnage AWS and the like are causing in the Big Data space, Cloudera is open sourcing its entire product line. [...] Less than six months after closing its merger with Hortonworks, the Big Data company Cloudera has announced it's going all open source.
YugaByte, a provider of open source distributed SQL databases, announced that YugaByte DB is now 100% open source under the Apache 2.0 license, bringing previously commercial features into the open source core.
The transition breaks the boundaries between YugaByte’s Community and Enterprise editions by bringing previously commercial-only, closed-source features such as Distributed Backups, Data Encryption, and Read Replicas into the open source core project distributed under the permissive Apache 2.0 license.
Starting immediately, there is only one edition of YugaByte DB for developers to build their business-critical, cloud-native applications.
YugaByte, the open source distributed SQL databases comapny, announced that YugaByte DB is now 100 percent open source under the Apache 2.0 license, bringing previously commercial features into the open source core. The move, in addition to other updates available now through YugaByte DB 1.3, allows users to more openly collaborate across what is now the world’s most powerful open source distributed SQL database.
This week’s SD Times Open Source Project of the Week is the newly open-sourced YugaByte DB, which allows users to better collaborate on the distributed SQL database.
The move to the open-source core project distributed under the Apache 2.0 license makes previously closed-sourced features such as distributed backups, data encryption and read replicas more accessible, according to the team. By doing this, YugaByte plans to break the boundaries between YugaByte’s Community and Enterprise editions.
“YugaByte DB combines PostgreSQL’s language breadth with Oracle-like reliability, but on modern cloud infrastructure. With our licensing changes, we have removed every barrier that developers face in adopting a business-critical database and operations engineers face in running a fleet of database clusters, with extreme ease,” said Kannan Muthukkaruppan, co-founder and CEO of YugaByte.
Open source code is more than just a way to create new technology. It’s a disruptive force that changed the way software is built, from taking individual developers and turning them into thriving communities to changing how enterprises do business–building open ecosystems versus restricted walled-gardens.
BTCPay Server hopes the Tor crowdfunding campaign will demonstrate the impact of bitcoin-based fundraising for open-source initiatives.
On June 19, Chaincode developer John Newbery gathered a group of developers to examine a proposed change to bitcoin’s code.
Taking place via Internet Relay Chat (IRC), the topic was whether the change, which would help prevent a group of rogue miners from speeding up the rate at which bitcoin’s blocks are produced, is a positive one with limited security risks or adverse impacts.
Yet more overseas blockchain firms are coming to Switzerland to set up foundations. British company Atlas City will establish a non-profit entity for its Catalyst project. But what’s in it for commercial enterprises that develop cutting-edge technologies?
[...]
Part of the reason for setting up a foundation lies in the ethos of blockchain and other distributed ledger technology (DLT) systems: to offer decentralised platforms that anyone can use to store and transmit their data – a so-called “open source” model.
OPNsense Team is pleased tannounce the latest stable release of OPNsense 19.7 on 17th July 2019.
It’s codenamed “Jazzy Jaguar”. OPNsense is open source, FreeBSD-based firewall and routing distribution.
This release improved statistics and visibility of rules, reliable and consistent live logging and alias utility improvements in firewalls.
OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing.
The tech industry is being plagued by moral and ethical issues as top players are increasingly becoming explicit about prioritizing profits over people or planet. Recent times are rift with cases of tech companies actively selling facial recognition technology to law enforcement agencies, helping ICE separate immigrant families, taking large contracts with the Department of Defense, accelerating the extraction of fossil fuels, deployment of surveillance technology. As the US gets alarmingly dangerous for minority groups, asylum seekers and other vulnerable communities, it has awakened the tech worker community to organize for keeping their employers in check. They have been grouping together to push back against ethically questionable decisions made by their employers using the hashtag #TechWontBuildIt since 2018. Most recently, several open source communities, activists and developers have strongly demonstrated against Palantir for their involvement with ICE.
Palantir, a data analytics company, founded by Peter Thiel, one of President Trump’s most vocal supporters in Silicon Valley, has been called out for its association with the Immigration and Customs Enforcement (ICE). According to emails obtained by WNYC, Palantir’s mobile app FALCON is being used by ICE to carry out raids on immigrant communities as well as enable workplace raids.
Over the years, the IT industry has witnessed massive growth and meaningful transformation, especially in terms of the software that the industry use. From closed-source, proprietary, off-the-shelf software solutions to embracing open-source, the industry was witnessing a dramatic shift not only in terms of the advantages of open-source over closed-source but also in terms of the developer and professional satisfaction.
That is not all, open-source even caught the attention of investors — they started showing handsome amounts of capital on open-source software. The transformation was real and today, it has gone way too far from that. Open source is rapidly becoming the go-to for almost every organisation across the world.
[...]
Copyleft: Many people misunderstand this concept as they think that Copyleft is just the opposite of copyright. However, that is not true. Copyright is the restriction of using any content or work without the owner’s permission. And talking about copyleft, the concept is slightly different. Under the same copyright license, the owner issues a statement that others use the work. However, there are some obligations that need to be maintained by the one using the work. Example of copyleft licenses: GPL, Affero GPL (AGPL), Lesser GPL (LGPL), Mozilla Public License (MPL), Eclipse Public License (EPL), Common Development and Distribution License (CDDL).
Tidelift and Ruby Together today announced a collaboration to support essential open source infrastructure projects maintained by the non-profit Ruby community initiative. Tidelift now provides recurring income to Ruby Together to pay the maintainers of vital projects, enabling them to manage the projects to standards that support the work of enterprise software development teams. In addition, Tidelift's managed open source subscription customers will receive maintenance, security, and licensing assurances for key projects supported by Ruby Together.
Community support for Python 2 will expire on Jan. 1, 2020. After that date, the Python core team and many third-party package authors will no longer be supporting, maintaining or updating any of their Python 2.x releases. Organizations with Python 2 deployments are faced with a key decision: whether to rewrite, migrate or maintain their existing applications. No matter which option they choose, the safety net of a commercial support provider can help reduce risk and save developer time.
Microsoft Security Response Center (MSRC) is waxing lyrical about the risks inherent in C and C++ coding, arguing it may be time to dump "unsafe legacy languages" and shift to more modern, safer ones.
The Redmond-based biz has long been a C++ shop when it comes to the programming that matters most to the company – the Windows operating system and the core Office applications, for example.
In just a few weeks, from the 6th to 10th of August, the first ever pan-African PyCon will take place in Accra, Ghana.
PyCon Africa 2019 is an amazing step for the rapidly growing Python community in Africa.
I recall watching on live TV in 1969 Neil Armstrong stepping on the Moon for the first time. I still think the Apollo programme is mankind?s greatest technological achievement to date, especially taking into account the state of the art in the 1960s, albeit massive funding, around 400,000 professionals and some 5,000 companies working on the project helped immensely. If you have a technical background and are interested in learning a bit about the technical aspects of the equipment and the mission, I can recommend W. David Woods? book ?How Apollo Flew to the Moon?. I found the sections on guidance particularly interesting. The book even addresses eating, ablution, urinating, defecating and waste disposal on the journey. On the 40th anniversary of Apollo 11 I wrote a short post in the Sabayon Linux forums on using Audacity to analyse the recording of Neil Armstrong?s famous ?One small step?, which I refreshed in this blog for the 42nd anniversary (see One small step for [a] man? revisited using Audacity).
The first is an assertion that email is inherently insecure and can’t be made secure. There are some fairly convincing arguments to be made on that score; as it currently stands, there is little ability to hide metadata from prying eyes. And any format that is capable of talking on the network — as HTML is — is just begging for vulnerabilities like EFAIL.
But PGP isn’t used just for this. In fact, one could argue that sending a binary PGP message as an attachment gets around a lot of that email clunkiness — and would be right, at the expense of potentially more clunkiness (and forgetfulness).
What about the web-of-trust issues? I’m in agreement. I have never really used WoT to authenticate a key, only in rare instances trusting an introducer I know personally and from personal experience understand how stringent they are in signing keys. But this is hardly a problem for PGP alone. Every encryption tool mentioned has the problem of validating keys. The author suggests Signal. Signal has some very strong encryption, but you have to have a phone number and a smartphone to use it. Signal’s strength when setting up a remote contact is as strong as SMS. Let that disheartening reality sink in for a bit. (A little social engineering could probably get many contacts to accept a hijacked SIM in Signal as well.)
How about forward secrecy? This is protection against a private key that gets compromised in the future, because an ephemeral session key (or more than one) is negotiated on each communication, and the secret key is never stored. This is a great plan, but it really requires synchronous communication (or something approaching it) between the sender and the recipient. It can’t be used if I want to, for instance, burn a backup onto a Bluray and give it to a friend for offsite storage without giving the friend access to its contents. There are many, many situations where synchronous key negotiation is impossible, so although forward secrecy is great and a nice enhancement, we should assume it to be always applicable.
[...]
My current estimate is that there’s no magic solution right now. The Sequoia PGP folks seem to have a good thing going, as does Saltpack. Both projects are early in development, so as a privacy-concerned person, should you trust them more than GPG with appropriate options? That’s really hard to say.
Exchanging data using USB devices is something that we do on a daily basis. But how often do you think that the next USB device that you’ll plug into your PC’s port could be malicious? In the past, researchers have unveiled 29 types of USB attacks that could compromise your sensitive data by simply plugging in a USB device.
Globotron’s Armadillo is a device that you could use to protect yourself from USB attacks.
In the automotive industry, in-vehicle infotainment (IVI) systems were one of the early adopters of open source operating systems, namely Linux. Today’s innovation and success with IVIs can largely be attributed to this approach.
Collaborative efforts such as the GENIVI Alliance and Automotive Grade Linux—where automakers, suppliers, and their competitors agree to share common elements of the IVI software stack—are enabling rapid development in this area.
The Galahad software will be deployed to AWS and provides a nested hypervisor on AWS instances. There, it will monitor role-based virtual machines virtually across all levels of the application stack including the docker container: the basic unit of software that packages an application to run quickly between computing environments.
The private keys of Dash crypto coins being held in online software “hot wallet” called MyDashWallet have been exposed to hackers for two months, and anyone using the wallet should immediately move funds out.
A “hot wallet” is any cryptocurrency software “wallet” connected to the Internet.
Iranian Foreign Minister Javad Zarif said Monday that if President Donald Trump truly wants to engage in good-faith negotiations over Iran's ballistic missile program, his administration must stop selling tens of billions of dollars in weapons to Saudi Arabia, the United Arab Emirates, and other U.S. allies in the Middle East.
Zarif, who is in New York on United Nations business, told NBC's Lester Holt that the influx of American weapons is "making our region ready to explode."
It’s easy to be confused about what’s happening between the U.S. and Iran.
On July 10, President Trump again accused Iran of violating the Obama-era nuclear deal, in a tweet that he concluded by promising to increase U.S. sanctions “substantially.”
Similarly, headlines — such as a recent New York Times article that originally proclaimed, “With a New Threat, Iran Tests the Resolve of the U.S. and Its Allies” — strongly suggest that Iran is the aggressor, and taking steps that heighten tensions in the Middle East.
That view is driven by Trump administration officials like Special Representative for Iran Brian Hook, National Security Advisor and long-time proponent of invading Iran John Bolton, and other right-wing officials like Arkansas Senator Tom Cotton. Cotton said in an interview on Fox News Sunday that he sees “Iran steadily marching up the escalation chain,” which he said justifies U.S. air strikes against the country.
In June, administration officials made the serious allegation that Iran had attacked two cargo ships in the Gulf of Oman — only to see their account disputed by a captain on one of the very ships that was attacked. Then there was a week of movement toward military action — at the height of which the acting secretary of defense stepped down because stories of horrific domestic violence toward his wife came to light.
Iran shot down a U.S. surveillance drone, with Iran and the U.S. asserting conflicting stories about whether or not the aircraft was in Iranian airspace. And then, of course, the president ordered an airstrike on Iran — only to cancel it with U.S. planes presumably moments away from killing up to 150 Iranians, which would have dramatically escalated the conflict.
Throughout these twists and turns, Trump, his Secretary of State, and other officials have repeated the phrase “we don’t want war.” If that’s the case — that the U.S. wants to avoid war, even as Iran is supposedly taking a hostile posture and unilaterally escalating tensions — then the Trump administration’s instability and incompetence is surely worrisome. As a result, critics in both the media and Congress, not to mention the Democratic presidential field, are warning the administration could “bumble” into a war.
But whatever officials say, and as erratic as the sequence of events has been, one thing is clear: It’s the U.S. that is belligerently threatening Iran, not the other way around. And if a war breaks out, it won’t be because the administration “bumbled” into one.
When Donald Trump and Kim Jong Un shook hands on June 30 at the line dividing the two Koreas, the pictures that appeared on front pages all over the world depicted two very different leaders. Trump is a tall, 73-year-old white man who leads the world’s most powerful democracy. Kim is a short, plump, 35-year-old Korean who heads up the world’s most notorious non-democracy. They look like the Laurel and Hardy or the Penn and Teller of geopolitics.
Appearances can be deceptive. Beyond their superficial differences, the two leaders share a great deal in common. In fact, their underlying similarities have helped cement an unlikely friendship.
But what is beneficial for international peace is ominous for the future of American democracy.
Back in 2011, Polish politician Lech Kaczynski looked longingly at how the right wing had taken over Hungary. Viktor Orban was running roughshod over Hungarian democracy, rewriting constitutions, controlling the press, suppressing civil society. Kaczynski said that he couldn’t wait to remake Warsaw, the capital of Poland, as a “Budapest on the Vistula.” When his party won both the presidency and a parliamentary majority, Kaczynski set about doing just that.
Former British ambassador to the US Kim Darroch alleged in a diplomatic cable that Trump’s motivation in breaching the 2015 Iran nuclear deal was motivated by nothing more than spite, according to the Daily Mail , which saw the text.
Surrounded by trigger happy Tonkinesque gunboats and drowning in debt, the Islamic Republic of Iran has made the risky decision to play the last card left in their deck; to defy the P5+1 Deal in order to save the P5+1 Deal. It’s a hell of a gambit but it already has those pussies in the EU clamoring for new talks with the embattled nation. Under the circumstances, I would argue that Iran’s decision to enrich Uranium past the amount allowed in the deal but still far short of anything potentially lethal isn’t just tactically savvy, it’s the right thing to do.
Iran offered Europe and the US everything but a weekly colonoscopy with that deal and we’ve given them jack shit in return for their patience. While Trump shredded the agreement in a reckless Israel-friendly hissy fit, Europe has sheepishly reneged on their promises to stand up to Orange-Man-Bad and ease their own sanctions. Their indecision isn’t just an embarrassing display of geostrategic cowardice that would gag Charles de Gaulle like a gimp, it’s a brazen violation of the very deal they claim to remain committed to. In this dire situation, for Iran to continue to sit on their hands, would be a betrayal of both international diplomacy and their long suffering citizenry who these values are supposed to protect.
But this move also begs a bigger and rather uncomfortable question for peaceniks like me. Could Nukes be good for peace? Just typing those words feels blasphemous on my fingertips, but history speaks for itself. Iraq and Libya both forfeited their own nuclear weapons programs for the sake of self-preservation and both ended up brutally mugged for their efforts by the world’s preeminent nuclear superpower. Further more, international law on this regard, is little more than a sick fucking joke. Iran has been hounded for decades by an illegally nuclear armed Israel and the only nation to ever use one of those goddamn things while even the intelligence agencies of these very rogue states admits that this program is a total fiction. Meanwhile, India and Pakistan continue their own flagrantly illegal arms race while being bathed in buckets of western aid. And evil Iran should what, be the last boy-scout while they get ransacked? It clearly doesn’t make any fucking difference whether they actually have the bombs or not, so why not arm up?
JCPOA was the deal negotiated with great effort by Iran and the P5+1 (China, France, Germany, Russia, the UK, and the U.S.) and signed in 2015. At the time, Europe had substantially lost access to three of its main sources of energy—Russia, Libya, and Iran. Desperation for Iranian oil drove the European pressure on the administration of U.S. President Barack Obama to come on board the JCPOA. The U.S. was forced, kicking and screaming, into the agreement.
Iran signed the deal even though Iran’s government disagreed with its premise. The deal implied that Iran had a nuclear weapons program, which it did not have, and that the agreement would constrain it from building a nuclear weapons arsenal, which it has pledged never to have. Threats of war by the United States and its regional partners (namely, Saudi Arabia and Israel) and terrible sanctions had raised the threat level in West Asia. It was to prevent war and to undo the sanctions that Iran came to the table.
Cue the shots, take the snaps: US President Donald Trump was back entertaining his fetish with firm handshakes proclaiming the making of history in the last round of discussions with Kim Jong-un. The press were, despite periodic attacks of bafflement, ever obliging. The meeting of Trump with the leader of the DPRK was deemed historic, because everything the president does these says has to be, by definition, shatteringly historic. Respective handshaking took place across the demarcation line of North and South Korea before Trump “briefly crossed into North Korea, a symbolic milestone,” noted the BBC.
Kim, in turn, crossed into South Korea alongside Trump, cheeks bunched and aglow: “I believe this is an expression of his willingness to eliminate all the unfortunate past and open a new future.” An hour-long discussion followed in the Freedom House. At one point, South Korea’s President Moon Jae-in joined the gathering for a collegial cameo. Again “unprecedented”, came the observations.
Trump’s diplomatic fake book is an untidy compilation of zigs and zags; amidst the lack of neatness lies a scratchy pattern. Each accommodating approach must come with its selective targets of incoherent demonization. Every hand shake on one side of the diplomatic ledger must be accompanied by the cold shoulder on the other, if not a good deal of spiked bile. There is Iran, which serves the purpose for potential military engagement and cartoon gangster pose, and China, which supplies the Trump administration with a target for hard bargaining.
As each day goes by, military digs and pokes are being directed at Tehran by US officials now more accustomed to poking tongues than using them. This is far from a bright move, but serves the object of brinkmanship Trump has managed to cultivate in Washington.
US policy on that front is that of the bull acting in disregard of the precious china. The china, for one, involved adherence by Iran to the restrictive nuclear agreement that saw the destruction of its plutonium reactor and an opening up to the peering eyes of inspectors for a period ranging between ten and twenty-five years. Economic losses would be made up by a more liberal trade regime with European powers. But Trump, consistently with his campaign promises on redrafting, if not tossing various agreements out altogether, was determined to find a marketable enemy. Evidence was less important than necessity, however confused.
A group of more than 30 Microsoft employees is lobbying coworkers to stop donating to the company’s political action committee in an effort to starve the PAC of funds, multiple Microsoft workers with knowledge of the efforts told OneZero. While Microsoft pitches itself as an inclusive and progressive company — especially during Pride Month, with tweets and donations to LGBTQ+ causes — employees who have donated to the PAC say they have no control over which candidates are being supported, meaning that they have no say when the PAC financially supports candidates whose views the employees don’t want to support. Microsoft employees who spoke to OneZero — on the condition of anonymity to avoid reprisals — say that the PAC doesn’t ask employees for input or supply avenues to suggest or control which candidates should be supported.
Amazon was founded almost exactly 25 years ago. Initially it sold books, and people saw it as an interesting early example of e-commerce, but probably assumed that it would remain a fairly small player in a relatively unexciting market. Nothing could be further from the truth. Amazon soon started selling goods in other sectors, and adding operations in countries outside the US. People gradually woke up to the fact that Jeff Bezos was not aiming to become one of the top online book sellers, but intended to become the e-commerce platform for everything.
However, even that ambition now seems too small for Bezos. He has started exploring completely new markets that have little to do with the core Amazon business. One of particular interest to readers of this blog is based around surveillance, although the company obviously doesn’t frame it in those terms. For example, in 2014, the Amazon Echo “smart speaker” was launched. It listens in on conversations in the home, and then sends voice data to the cloud for analysis. Last year Privacy News Online wrote about Amazon’s cloud-based facial recognition system Rekognition.
By his side was his embattled Justice Minister Sérgio Moro. Until recently, Moro had been the county’s top corruption crusader, the former judge overseeing the landmark investigations into Brazil’s Car Wash corruption scandal, in which billions were paid in bribes through the state oil company Petrobras, in exchange for government contracts. Moro was lifted to superhero status by fans and a benevolent press, and seen as a shoo-in for the next spot on the Supreme Court and a potential contender for the presidency in 2022 or 2026.
Not anymore.
[...]
The Intercept’s revelations, known on social media as #VazaJato, (a play on the title of the Car Wash corruption scandal, meaning #WashLeaks), stem from a massive trove of millions of Telegram chat app messages from federal prosecutors involved in the car wash scandal task force, which were acquired by The Intercept. The messages show that prosecutors schemed about how to block Lula’s Workers’ Party from returning to power, and questioned the trial against Lula because of a lack of evidence. They show that Moro encouraged prosecutors to let slide proof of corruption by former right-wing president Fernando Henrique Cardoso because he was an ally and a supporter of their corruption probe. The leaks also clearly show Moro illegally and consistently guided prosecutors in the car wash operation, while also presiding over the proceedings as a supposed impartial and independent judge.
“Moro left impartiality aside and acted on the side of the accusers,” wrote the authors of a joint investigation by The Intercept and the right-wing outlet Veja, whose team reviewed 649,551 messages in the Telegram archive. “The messages examined by our team are true & our investigation shows that the case is even more serious. Moro committed irregularities.”
Moro’s once-saintly status has crumbled. His approval rating dropped 10 points in the first poll released after the revelations. The Brazilian Lawyers Guild has called for the ex-judge to step down. He is currently taking a five-day leave of absence in the United States with his family.
But a concerted, right-wing counter campaign has also been underway to discredit the leaks and silence The Intercept and its lead journalists. It involves intimidation, faked documents, distorted news, Twitter bots, and attacks on leading members of The Intercept and their families.
FOUR OF THE seven Google employees who organized a 20,000-person walkout in November have resigned from the company, including two women who claimed Google retaliated against them for their internal activism. The latest to leave is Meredith Whittaker, who ran Google Open Research and has emerged in the past couple of years as a prominent voice demanding increased accountability from tech companies around uses of artificial intelligence.
In April, Whittaker claimed Google had retaliated against her for her role in the walkout and her advocacy work on AI ethics through AI Now, a research institute she cofounded that has received funding from Google. She had already been told her AI ethics work was no longer a fit for Google’s Cloud division. “It’s clear Google isn’t a place where I can continue this work,” Whittaker wrote in a farewell note posted on Medium, which urged employees to unionize, protect whistle-blowers, and insist on transparency around the technology they are building and how it will be used.
In the Medium post, Whittaker, who worked for the company for 13 years, said Google’s advantages in AI have propelled the company into new markets, like health care, fossil fuels, and city development. “The result is that Google, in the conventional pursuit of quarterly earnings, is gaining signi€ficant and largely unchecked power to impact our world,” Whittaker wrote. “I’m certain many in leadership—who learned what Google was and why it was great over a decade ago—don’t truly understand the direction in which Google is growing. Nor are they incentivized to.”
Between making threats of actual war with North Korea and Iran, Donald Trump has also gotten us into a trade war with China. Trump’s ostensible reason for this trade war — the large US trade deficit with China — actually did have some basis in reality, but in practice the trade war is straying into turf that is likely to offer few gains for US workers and could actually lead to sizable losses.
A major theme in Trump’s campaign was that China is a world-class currency manipulator that deliberately keeps down the value of its currency to give its products an advantage in international trade. The basic story is true; China did intervene heavily in currency markets to keep the value of its currency from rising against the dollar.
However, it would probably be more appropriate to say that China managed its currency rather than manipulated it. There was nothing hidden or sneaky about China’s intervention; it has an official exchange rate that it acts to maintain.
Most economists acknowledge, in retrospect, that China managed its currency in the last decade (they didn’t at the time), but now say that China has stopped buying large amounts of reserves of foreign currencies, the tool used to suppress the value of the yuan. What these economists ignore is that China continues to hold massive amounts of reserves, which lowers the value of the yuan relative to its value if China held more normal amounts in reserve.
China’s reserve holdings have the same effect on the value of its currency as the Fed’s asset holdings do in keeping down long-term interest rates. While most economists acknowledge the impact of the Fed’s asset holdings, for some reason they ignore the impact of China’s reserve holdings. No one ever said economists were consistent.
