Lessons Using Linux and Other Free Software Taught Me

This year marks my 20th anniversary of using Linux. I discovered it when applying for a position at a startup called Stormix Technologies. Stormix long ago had its moment of glory and flamed out, but working for it left me a dedicated Linux user. I didn’t know at the time, but my entire relationship to computing changed permanently as a result.

To begin with, it’s been sixteen years since I bought a piece of software — and that was reluctantly, in order to complete work for a client. It’s been even longer since I was tempted to pirate software. Both facts imply the same thing: unlike most computer users, I stopped being a consumer of software. What I became instead was part of an ecosystem of users, and a potential partner in development if I chose to be. These days, purchasing and pirating software alike seem like a quaint custom of the past, like cranking a car before driving. I look with pity on those who purchase or pirate, regarding them as unnecessarily trapped in a toxic relationship.

Having stopped consuming software, I also changed my relationship with the manufacturers of software. As a consumer, I had almost no contact with those who wrote the software I used. Mostly, I would get news of updates (read: another chance to spend money). If I ran into troubles, I might contact technical support, and more often than not, endure being asked a series of obvious questions while I fumed with impatience waiting to be given a fix. Tinkering on my own was forbidden by license, and mostly impossible since I had no access to the source code.

The PinePhone Pre-order has Arrived

Anyone looking to finally get their hands on an early release of the PinePhone, can now do so as of November 15.

Created by Pine64, the PinePhone is an affordable Linux phone with a price tag of only $149.00. This phone is targeted at Linux enthusiasts and developers looking for privacy-centric open source software and hardware kill switches.

The specs for the PinePhone are humble (to say the least). The device includes an Allwinner A64 1.2 GHz quad-core A53 CPU, 2GB of RAM and 16GB of storage, a 5.9” IPS LCD display, a 2MP front-facing camera and a 5MP rear-facing camera, a Mali 400 MP2 GPU, a 3000 mAh battery, and a USB C port.

Top 5 options for Linux certifications

Linux certifications present an interesting mix of distribution- and brand-agnostic credentials, as well as vendor-specific ones. Many of these offerings provide data center professionals with defined pathways to learn, use and master Linux OS management, features and potential Linux use cases.

Other programs are more ad hoc and specific to certain IT roles, such as systems engineers or IT administrators, but they go beyond self-taught curriculums and forums. Each program includes coursework and an exam. Depending on the certification, admins can buy everything as a bundle or pay separately for study materials and exams.

Desktop

• Pre-Loaded Linux PCs Continue Increasing – TUXEDO Computers Sets Up New Offices

  From System76 setting up their own manufacturing facility for Linux desktops to Dell offering more Linux laptop options, the demand for pre-loaded Linux PCs continues to increase. One of the smaller Linux PC vendors also now expanding is German-based TUXEDO Computers.

  TUXEDO Computers shared that they are moving into new (and larger) offices in the lovely city of Augsburg, Germany. Up to now the company had been located in Königsbrunn, a quaint town in Bavaria, but now they are relocating to the town of Augsburg itself.

• Why we shouldn’t blame ourselves for the Linux desktop’s microscopic marketshare

  Well, that was three interesting articles on the same topic on the same day, namely, billionaires. And read in turn they explain exactly why the Linux Desktop is still at such a marginal market share, and why that’s not because we, who work hard on it, are failures who have been doing the wrong thing all the time. It is in the first place policies, bought with money, that allowed people to build monopolies, taxing individuals and so becoming even more rich and powerful.

  However, what it is about, is the question: why is Bill Gates not in jail for life with all his wealth stripped off? He’s a criminal, and his crime has directly harmed us, the people working on free software, on the Linux Desktop.

  So, to make things painfully clear: Bill Gates made it so that his company would tax every computer sold no matter whether it ran Windows or not. If a manufacturer wanted to sell computers running Windows, all the computers it sold were taxed by Microsoft. He would get paid for the work a Linux distribution was doing, and the Linux distribution would not get that money.

Server

• Linking Linux system automation to the bottom line

• Rise of the Chameleon – SUSE at SC19

  The impact of High-Performance Computing (HPC) goes beyond traditional research boundaries to enhance our daily lives. SC19 is the international conference for High Performance Computing, networking, storage and analysis taking place in Denver November 17-22. SUSE will once again have a strong presence at SC19 – and if you are attending we would love to talk to you! Our SUSE booth (#1917) will include our popular Partner Theater as well as a VR light saber game with a Star Wars themed backdrop. We will showcase SUSE’s HPC core solutions (OS, tools and Services) as well as AI/ML, Storage and Cloud open source products. Plus, during the gala opening reception we will premier our new mini-movie “Sam the IT Manager in The Way of the Chameleon: The Quest for HPC” which you don’t want to miss (we’ll provide the popcorn)!

• IBM

  • How Boston Children’s Hospital Augments Doctors Cognition with Red Hat OpenShift

    Software can be an enabler for healers. At Red Hat, we’ve seen this first hand from customers like Boston Children’s Hospital. That venerable infirmary is using Red Hat OpenShift and Linux containers to enhance their medical capabilities, and to augment their doctors cognitive capacity.

  • Entry Server Bang For The Buck, IBM i Versus Red Hat Linux

    In last week’s issue, we did a competitive analysis of the entry, single-socket Power S914 machines running IBM i against Dell PowerEdge servers using various Intel Xeon processors as well as an AMD Epyc chip running a Windows Server and SQL Server stack from Microsoft. This week, and particularly in the wake of IBM’s recent acquisition of Red Hat, we are looking at how entry IBM i platforms rate in terms of cost and performance against X86 machines running a Linux stack and an appropriate open source relational database that has enterprise support.

    Just as a recap from last week’s story, the IBM i matchup against Windows Server systems were encouraging in that very small configurations of the Power Systems machine running IBM i were less expensive per unit of online transaction processing performance as well as per user. However, on slightly larger configurations of single socket machines, thanks mostly to the very high cost per core of the IBM i operating system and its integrated middleware and database as you move from the P05 to P10 software tiers on the Power S914, the capital outlay can get very large at list price for the Power iron, and the software gets very pricey, too. The only thing that keeps the IBM i platform in the running is the substantially higher performance per core that the Power9 chip offers on machines with four, six, or eight cores.

    Such processors are fairly modest by 2019 standards, by the way, when a high-end chip has 24, 28, 32, or now 64 cores, and even mainstream ones have 12, 16, or 18 cores. If you want to see the rationale of the hardware configurations that we ginned up for the comparisons, we suggest that you review the story from last week. Suffice it to say, we tried to get machines with roughly the same core counts and configuration across the Power and X86 machines, and generally, the X86 cores for these classes of single socket servers do a lot less work.

  • Red Hat Announces Latest Release of Red Hat Enterprise Linux 8.1

Audiocasts/Shows

• 2019-11-11 | Linux Headlines 46

  Steam gets support for Linux namespaces, some distributions are struggling with the shift from Python 2, Arch Linux supports reproducible builds, and GNOME has a new app in beta.

• Will Europe Succeed At Democratizing The Cloud?

  Europe (led by Germany and France) is contemplating Gaia-X, its own cloud infrastructure to create interoperability among clouds and also allow local companies to compete in the cloud market dominated by US companies like AWS, Microsoft and Google. It’s an ambitious effort, but will it work? We sat down with Frank Karlitschek, founder of Nextcloud to discuss.

• Linux Action News 131

  Google steps up support for older Chromebooks, Microsoft Edge is coming to Linux, and the App Defense Alliance teams up to fight Android malware.

  Plus Google Cardboard goes open source, and a neat machine-learning tool to pull songs apart.

Kernel Space

• Kernel prepatch 5.4-rc7

  The seventh 5.4 prepatch is out for testing. “Nothing looks _bad_, but there is too much of it. So I’m leaning towards an rc8 being likely next weekend due to that, but I won’t make a final decision yet. We’ll see.”

• Linux 5.3.10

  I’m announcing the release of the 5.3.10 kernel.

  All users of the 5.3 kernel series must upgrade.

  The updated 5.3.y git tree can be found at:

  git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.3.y

  and can be browsed at the normal kernel.org git web browser:

  https://git.kernel.org/?p=linux/kernel/git/stable/linux-s…

• Linux 4.19.83

• Linux 4.14.153

• Linux 4.9.200

• Linux 4.4.200

• Graphics Stack

  • Linux driver patches indicate AMD is readying integer scaling

    Both Intel and Nvidia have released graphics driver updates to enable integer scaling options this year. Intel made a big song and dance out of the development process with Tweets and blog updates trailing the graphics driver feature. Then integer scaling became available for Intel Gen11 graphics users after a September driver update. Nvidia actually pipped Intel to the post by implementing integer scaling (for Turing GPUs) in its Gamescom driver release in August – it snuck in the update without much fanfare as it simultaneously boosted a number of AAA games performance and added some new image sharpening features.

Benchmarks

• The Disappointing Direction Of Linux Performance From 4.16 To 5.4 Kernels

  With the Linux 5.4 kernel set to be released in the next week or two, here is a look at the performance going back to the days of Linux 4.16 from early 2018. At least the Linux kernel continues picking up many new features as due to security mitigations and other factors the kernel performance continues trending lower.

  With this round of Linux kernel benchmarking on Ubuntu 19.10 and with an Intel Core i9 7960X the tests were done from Linux 4.16 through Linux 5.4 Git. Linux 4.16 was as far back as the system would go while running stable with the Ubuntu 19.10 user-space components — Linux 4.15 ran into stability issues and Linux 4.14 or older wouldn’t boot properly due to systemd or other user-space conflicts. But additional article(s) will be running with an older Ubuntu LTS stack for user-space as well as similarly looking at the performance on AMD hardware too.

Applications

• Gscan2PDF 2.6.0 Released with import-all Option

  The official Gscan2PDF PPA has made the new release packages for all current Ubuntu releases, and their derivatives, including Ubuntu 16.04, Ubuntu 18.04, Ubuntu 19.04, Ubuntu 19.10, Linux Mint 18.x and 19.x

• 5 Tools That Allow You to Make a Free Logo

  2. Gimp

  Unlike Tailor Brands, GIMP is more of a photo editor which means that it comes with way more tools and features.

  If you want to do more than logo designing, then GIMP is your right choice. It comes with a customizable interface that not only covers cosmetics, but also the behavior of the various tools that it has. There are photo enhancement tools that help you to get rid of image distortions, colors, and other imperfections. Another benefit is support for multiple file formats viz. JPEG, PSD, PNG, and GIF.

• Proprietary

  • Reactions To the News That Microsoft’s Edge Browser Is Coming to Linux

    Edge may face a rocky reception. “I am not feeling a tingling all over at the thought of Edge coming to Linux,” posted one commenter on Beta News. “It’s not really necessary to bring Linux down to the level of Windows 10.”

  • Microsoft Edge is coming to Linux. But will anybody use it?

    At Microsoft Ignite last week, a slide announced that Microsoft’s project to rebase its perennially unloved Edge browser on Google’s open source project Chromium is well underway. Release candidates for the new Chromium-based Edge build are available on consumer and server versions of Windows (including Windows 7 and Server 2008, which have already left mainstream support), as well as MacOS, Android, and iOS.

    [...]

    It seems unlikely that the Linux world is going to go ga-ga for what seems to essentially be a reskinning of Chromium—but that might be missing Microsoft’s real thrust here. Many developers—including Linux developers—choose Azure over rival cloud services like Amazon Web Services or Google Cloud, and bringing Edge to Linux may represent little more than a way to offer those developers deeper ties into Microsoft’s profile and identity management services.

Instructionals/Technical

• 5 Practical Examples of the dd Command in Linux

• Four Ways to Open the Terminal in Debian

• How to Install Koel Music Streaming Server on Ubuntu 18.04

• If You Think Producing Good Product Documentation is Expensive, try Calculating the Cost of Not Having It

• How to upgrade to Ubuntu 19.10

• How to change the language in Chrome

• Find Files and Directories on Linux Easily

• How to install Fedora Media Writer on Ubuntu or CentOS

• How to Install LAMP Stack Apache MySQL/MariaDB PHP on CentOS 8

• How to Upgrade CentOS 7 to CentOS 8

• A Brief Introduction To Dockerfile

• How to Enable Linux App Mode on Chromebook

• How To Install Redmine on CentOS 8

• How to Fix Corrupted Ubuntu (Boot-Repaired) 18.04, 19.04 & 19.10- Easily

• How to Set Up Cron Job on CentOS 8

• How to enable Parental Control on Kids account on elementary OS

• Understanding “disk space math”

• A guide to intermediate awk scripting

• Essential System Tools: TLP – power management package

• 3 approaches to secrets management for Flatpak applications

• How to override bug details in Kiwi TCMS

• Autoscaling Red Hat Fuse applications with OpenShift

• Getting Started With ZFS Filesystem on Ubuntu 19.10

  Ubuntu 19.10 gives the ability to install use ZFS on root. What is ZFS filesystem and how to use it? This tutorial answers your questions.

• Cheat sheet for common Linux commands

  The terminal is one of the most efficient ways to interact with a Linux computer. When you type a command into the shell, you tell your computer exactly what you want it to do, specifying both the source and destination of what you need done, and then there’s no further interaction required. Every time you type a valid command into a shell, you’re essentially programming, even though your program may only run for a millisecond.

  Graphical interfaces have one perceived advantage, though: they encourage meandering. You can sit in front of a computer GUI and explore aimlessly until you stumble upon something productive to do. With a Linux terminal, you have to know what command to use before you can explore. Having a cheat sheet with the most common commands can be both relieving and empowering.

• Desktop Linux 101: Reinstall Your Favorite Apps With This Easy Automated Solution

  My job – and sheer curiosity – compels me to distro hop a lot. You know, endlessly trying out new desktop Linux distributions to see what’s new and shiny, and learn stuff along the way. But I found myself repeatedly installing the same set of software after each “nuke and pave.” Along the way I discovered a solution that saves bunch of time: writing a simple bash script!

  Basically it’s a text file that contains a series of commands that you can run as a program. It’s a great way to automate things that would otherwise get pretty tedious.

  In my case, I have a ton of staple software I like to have (like Audacity, Kdenlive, Spotify, Discord, Telegram, Steam, OBS Studio) no matter what PC or Linux distribution I’m using. Sure, I could go to the software store and install them one by one, or batch install them in a Terminal windows, but let’s streamline the process!

Games

• Google reveal Stadia will only have 12 games available at launch, more later in the year

  With the Stadia streaming service from Google launching on November 19th for those with the Founder’s Edition or Premiere Edition, they’re finally revealing what will be available.

  It will only have 12, yes 12, titles at launch and a few of them are sequels. They are: Assassin’s Creed Odyssey, Destiny 2, GYLT, Just Dance 2020, Kine, Mortal Kombat 11, Red Dead Redemption 2, Thumper, Tomb Raider + Rise + Shadow and lastly Samurai Showdown.

  The only title you will get included in the Stadia Pro subscription (three months free with the Founder/Premier Edition) is Destiny 2, all others you have to pay for. If you stop paying for Stadia Pro, you lose access to any free games claimed and only keep those you’ve paid for normally.

• Valve has an Armistice Sale and Singles Day sale on Steam with some good Linux games cheap

  Yet another chance to grab a game or two from your wishlist perhaps? The Armistice Sale on Steam supports the War Child UK charity and there’s also a Singles Day sale.

  For the Armistice Sale, Valve are promoting games with non-violent gameplay (or they got an update for the sale) to support children affected by the world’s deadliest conflicts.

• BorderDoom adds a little Borderlands flavour to classic Doom

  Always on the lookout for the new and interesting, BorderDoom came across the GOL news-desk recently adding a little Borderlands flavour to Doom.

  It’s quite a basic mod, once that would likely work well with the many others out there. The basic idea of it is to add in weapons with random properties like damage, number of bullets fired, firing speed and so on, plus shields that recharge and enemies that have levels to give you more of a challenge.

• BlooM brings together the classics Doom and Blood

  Another quality mashup here, with BlooM merging together elements from both Doom and Blood into something quite different. The team behind it recently put up a fresh demo while they work on the full release which includes new maps, enemies, music and more.

• Design your own plants and animals in the casual sim The Sapling

  Releasing with Linux support in December, The Sapling looks like a nice casual sim where you design your own plants and animals.

  Probably one of the most difficult types of games to get right, many have attempted some sort of evolution sim and it’s always great to see more.

• Red Eclipse 2 is a revamp of the classic free arena shooter coming to Steam

  I will admit this is quite a surprise, Red Eclipse is a first-person shooter I haven’t seen mentioned in a long time and it seems they’re closing in on a big revamped release with Red Eclipse 2.

  A classic free and open source shooter, Red Eclipse hasn’t seen a released update since 1.6 back in December of 2017. Two years later, they’re launching the massive upgrade for it free on Steam. Not a simple update either, they’ve completely changed the rendering engine to bring in Tesseract so they can support more advanced graphical features.

• Deliver pizzas, upgrade your car and smash into everything in Crash World

  Crash World is an upcoming comedy pizza delivery game with some really silly physics and you can try an early demo right now.

  Releasing on Steam next year, it’s a pretty wacky game. Bouncy physics, terrible vehicle handling, a car you can upgrade and an ever-changing city should provide plenty of amusement. This isn’t some GTA-style open-world game though, it’s mission-based but going off-mission is something that will happen often. It did to me anyway, I just couldn’t help myself.

• Cyberpunk Bar Sim fully funded on Kickstarter and coming to Linux

  Currently crowdfunding (successfully!) with a few days left, Cyberpunk Bar Sim takes elements inspired by both Game Dev Tycoon and VA-11 Hall-A to create a new mix of cyberpunk bar ownership.

  Starting off with nothing but a small dive bar with five stools, a counter-top and a handful of customers you will need to grow the business and expand your reach. Eventually you will pull in regulars, who will get chatty and tell you their story.

• Build a busy city on Mars in The Farlanders, an in-development city-builder with a free web demo

  Currently in development and quite early on, The Farlanders is a tile-based city-builder set on the red planet Mars. Created by developer Angry Kid, the same behind Undervault a free roguelike dungeon crawler.

  Even though it’s not finished, it’s starting to really look good and it’s already engrossing enough for me to recommend taking a look at it if you’re in the mood for a city-builder that’s a little different to the rest.

Desktop Environments/WMs

• K Desktop Environment/KDE SC/Qt

  • Interview with Bryan Wong

    There are a lot of features that make me love Krita.

    First, a lot of those features are very useful for game arts, such as clones array, grid and guide, these make making tiles extremely smooth. I can also make a bunch of clone layers with transform mask to generate spritesheets easily.

    Second, the brush engine is powerful. It has masked brush and texture. The soft round brush also allows you to draw your own intensity curve to make an interesting result.

    Third, the developer support is excellent. Whenever I report a bug, the developer will respond quickly and will solve the problem. The team really cares about the program and user experience.

    And many more…

  • KDE Frameworks 5.64.0 Open-Source Software Suite Released with over 200 Changes

    KDE Frameworks 5.64.0 brings more than 200 hundred changes to the open-source software suite used by the KDE Plasma Desktop environment and the KDE Applications software suite, in an attempt to improve the overall performance, stability, security and reliability of the KDE Plasma desktop and related apps.

    Highlights of this release include initial support for the upcoming Qt 5.15 open-source and cross-platform application framework, support for CMake 3.5 series of the open-source and cross-platform package building tools, new and updated icons, as well as fixes for several memory leaks and crashes.

  • The Many Features & Improvements of the KDE Plasma 5.18 LTS Desktop Environment

    With the KDE Plasma 5.17 release out the door last month, it’s time to take a closer look at the new features and improvements coming to KDE Plasma 5.18, which will be released early next year as the next LTS (Long Term Support) version of open-source desktop environment designed to run on GNU/Linux distributions.

    Among the enhancements of the KDE Plasma 5.18 LTS desktop environment, we can mention the ability to select and remove multiple Bluetooth devices simultaneously, support for KSysGuard to display stats for Nvidia graphics hardware, and a new “Home” button in System Settings that will take users back to the main page.

  • SimpleMailQt v2.0.0-beta1

    On my last post I talked about the new async simplemail-qt API that I wanted to add, yesterday I finished the work required to have that.

    SMTP (Simple Mail Transfer Protocol) as the name says it’s a very simple but strict protocol, you send a command and MUST wait for the reply, which is rather inefficient but it’s the way it is, having it async means I don’t need an extra thread (+some locking) just to send an email, no more GUI freezes or an HTTP server that is stalled.

    The new Server class has a state machine that knows what reply we are waiting, and which status code is the successful one. Modern SMTP servers have PIPELING support, but it’s rather different from HTTP PIPELING, because you still have to wait for several commands before you send another command, in fact it only allows you to send the FROM the RECIPIENTS email list and DATA commands at once, parse each reply and then send the mail data, if you send the email data before you are allowed by the DATA command the server will just close the connection.

• GNOME Desktop/GTK

  • Gnome: First Shortwave Beta

    Earlier this year I announced Shortwave, the successor of Gradio. Now, almost 11 months later, I’m proud to announce the first public beta of Shortwave!

    Shortwave is an internet radio player that lets you search for stations, listen to them and record songs automatically.

    When a station is being played, everything gets automatically recorded in the background. You hear a song you like? No problem, you can save the song afterwards and play it with your favorite music player. Songs are automatically detected based on the stream metadata.

  • Shortwave Enters Beta As New GNOME Internet Radio Player

  • Shortwave Internet Radio Player For Linux Has Its First Beta Release

    Shortwave, the successor of Gradio, had it first beta release over the weekend. This is a GTK Internet radio player written in Rust, which uses radio-browser.info as its radio stations database.

    Background: The Gradio developer wanted to rewrite Gradio using Rust, but later started a completely new project called Shortwave. There will be no major Gradio releases, but don’t worry as Shortwave will include all important Gradio features and more.

    Using Shortwave you can search for Internet radio stations, listen to them, automatically record songs, and even stream to Google Cast-enabled (Chromecast) devices.

Distributions

• Screenshots/Screencasts

  • OpenIndiana 2019.10 Run Through

    In this video, we are looking at OpenIndiana 2019.10. Enjoy!

• PCLinuxOS/Mageia/Mandriva Family

  • OpenMandriva Lx 4.1 Enters Development with KDE Plasma 5.17, Linux Kernel 5.3

    OpenMandriva Association announced the release of the first pre-release version of the upcoming OpenMandriva Lx 4.1 operating system, the first major update to the OpenMandriva Lx 4 series.

    OpenMandriva Lx 4.1 is now officially in development, and a firs alpha release is ready for public testing with the latest KDE Plasma 5.17.2 desktop environment, which is accompanied by the KDE Applications 19.08.3 and KDE Frameworks 5.64.0 software suites, all built agains Qt 5.14. It also ships with the Linux 5.3.9 kernel and an updated toolchain built with Clang 9.0 and Glibc 2.30.

    As OpenMandriva Lx is one of the first and few GNU/Linux distributions to use Clang as the default compiler instead of GCC (GNU Compiler Collection), the development team decided that’s it time to ship a Linux kernel that’s also compatible with the Clang compiler.

• SUSE/OpenSUSE

  • SUSE Continues Working On Linux Core Scheduling For Better Security

    SUSE and other companies like DigitalOcean have been working on Linux core scheduling to make virtualization safer particularly in light of security vulnerabilities like L1TF and MDS. The core scheduling work is about ensuring different VMs don’t share a HT sibling but rather only the same VM / trusted applications run on siblings of a core.

    SUSE’s Dario Faggioli presented at the KVM Forum 2019 at the end of October in Lyon, France. Dario’s presentation covered the latest work on core-scheduling for virtualization.

• Arch Family

  • Arch Linux Updates Its Kernel Installation Handling

    Arch Linux has updated the behavior when installing the linux, linux-lts, linux-zen, and linux-hardened kernel options on this popular distribution.

    The actual kernel images for their official Linux, Linux LTS, Linux Zen, and Linux Hardened flavors will no longer be installed to /boot by default. By not having the actual kernel reside on /boot should help those with separate boot partitions that are quite small and avoid running out of space when keeping multiple kernels installed.

• Slackware Family

  • Plasma 5 for Slackware – November ktown release

    Dear all, today I released KDE-5_19.11 and it comes with some upgrades to official Slackware packages. Don’t worry – Pat Volkerding kindly added the shared libraries of the official Slackware packages to aaa_elflibs, so if you have been updating your Slackware-current installation properly then nothing will break when you update Slackware’s exiv2 and LibRaw packages to the newer versions contained in the November release of ‘ktown‘.
    Official Slackware package updates for exiv2 and LibRaw will come sometime soon, but it will require Pat to recompile several other packages as well that depend on exiv2 and/or LibRaw. I needed the new exiv2 to compile the latest digikam, so I was pleased with Pat’s cooperation to make this a smooth ‘ktown‘ upgrade for you.

• Fedora Family

  • Fedora 31 and Control Group v2

    Over the last few years, I have seen the Linux kernel team working on Control Group (cgroup) v2, adding new features and fixing lots of issues with cgroup v1. The kernel team announced that cgroup v2 was stable back in 2016.

    Last year at the All Systems Go conference, I met a lot of the engineers who are working on cgroup v2, most of them from Facebook, as well as the systemd team. We talked about the issues and problems with cgroup v1 and the deep desire to get Linux distributions to use cgroup v2 by default. The last few versions of Fedora have supported cgroup v2, but it was not enabled as the default. Almost no one will modify the defaults for something as fundamental as the default resource-constraint system in Fedora, causing cgroup v2 to languish in obscurity.

• Debian Family

  • Sparky 2019.11 Special Editions

    There are new live/install media of Sparky 2019.11 “Po Tolo” Special Editions available to download: GameOver, Multimedia & Rescue. The live system is based on the testing branch of Debian “Bullseye”.

    GameOver Edition features a very large number of preinstalled games, useful tools and scripts. It’s targeted to gamers.

    Multimedia Edition features a large set of tools for creating and editing graphics, audio, video and HTML pages.

    The live system of Rescue Edition contains a large set of tools for scanning and fixing files, partitions and operating systems installed on hard drives.

• Canonical/Ubuntu Family

  • Firewalla Gold Intel-based Ubuntu Router Enables Multi-Gigabit Cyber Security (Crowdfunding)

    We covered Firewalla based on NanoPi NEO board in mid-2018. The device is a tiny firewall, parental control, ad-blocker, and VPN appliance for end-users.

    Since then they’ve launched Firewalla Blue based on NanoPi NEO2 SBC with Gigabit Ethernet and a faster processor, and now the company has just introduced the even more powerful Intel-based Firewalla Gold.

    The device runs Ubuntu Linux so the users will have full access to the operating system with SSH, and will be allowed to install their own packages. Just like the original Firewalla (now Firewalla Red) and Firewalla Blue, Firewalla Gold comes with a web interface to let users easily control what happens on their networks with features such as cyber threats protections, VPN, DDNS, SSH, Adblocker configuration. Additionally, the Firewalla app for Android or iOS enables users to set-up parental control, VPN, monitor bandwidth usage (Monthly / Daily / Hourly), and more…

  • Ubuntu 18.04.4 LTS (Bionic Beaver) Slated for Release on February 6th, 2020

    Released in April 2018, Ubuntu 18.04 LTS (Bionic Beaver) is the latest LTS (Long Term Support) version of the popular Ubuntu Linux operating system, supported by Canonical with software and security updates for 5 years, until 2023, but reaching end of life in April 2028.

    As all Ubuntu LTS series, the Bionic Beaver will receive up to five point releases that bring a new installation medium with up-to-date components to make the deployment of the operating system less painful. The latest point release in the series being Ubuntu 18.04.3 LTS, released on August 8th, 2019.

  • If Your Ubuntu 19.10 Or GNOME-Based Installation Keeps Locking Up, You’re Not Alone

    Carl Richell, CEO of System76, sent me a message this morning that only reinforces why I appreciate that company: they’re nimble and they act as quickly as humanly possible. Here’s what Richell had to say: “We pushed updates to Mutter Friday morning and users have reported that it resolved the issue for them. The same updates will be in Ubuntu soon as well.”

    I can happily confirm that installing the latest update on my Oryx Pro running Pop!_OS 19.10 resolved the issue, so a solution is definitely headed your way.

  • Ubuntu 20.04 LTS Continuing To Work On Python 2 Removal

    The goal for Ubuntu 20.04 is to ship with Python 2 removed since Py2 will be end-of-life after the after the start of the year and this next Ubuntu Linux release is a Long-Term Support release, but there still are many Python 2 depending packages left currently in Debian unstable and Ubuntu’s “Focal Fossa” archive.

    Ubuntu/Debian developer Matthias Klose who has been doing much of the wrangling for getting Python 2 removed for Ubuntu 20.04 LTS sent out the latest update overnight. There still are around 3,300 bugs filed in Debian related to Python 2 packages and of those some 1,500 closed while around 350 packages are only available in Ubuntu’s Focal repository and not upstream Debian.

  • Ubuntu 20.04 LTS and Debian GNU/Linux 11 “Bullseye” Progress on Python 2 Removal

    The removal of an older Python implementation from an entire operating system system and its software repositories is a major deal for any OS vendor as it raises many severity issues due to the fact that numerous packages have not been ported to a newer branch, in this case we’re talking about the removal of Python 2 and its replacements with Python 3.

    For Debian and Ubuntu, whose communities work closely together since the latter is based on the former, the transition from Python 2 to Python 3 started a few years ago, but now it’s time for their next major release to ship without any Python 2 packages, though this appears to be a major deal even for some of the biggest GNU/Linux distributions in the world.

  • The Voyager Linux Distro Offers an Interesting Spin on Xfce

    Well, first things first: I’m not much of a distro hopper these days. I’m old and don’t like the hassle of reinstalling.

    But I do like to keep an eye on what’s happening out there, in the wider Linux community, especially around Linux distros based on Ubuntu.

    This year I’ve spotlighted Regolith Linux, Enso, Peppermint OS 10, and Zorin OS 15 (among others), all based and built on a solid Ubuntu foundation.

    Earlier this week a reader (thanks Ricardo) suggested I take a look at Voyager Live, specifically the LTS release.

    So what’s it like?

  • Ubuntu-Based Linux For All Distro Gets New Release Powered by Linux Kernel 5.4

    LFA (Linux For All) Build 191111 is now available to download based on Canonical’s latest Ubuntu 18.04.3 LTS (Bionic Beaver) operating system, but shipping with a much newer kernel, namely Linux 5.4 RC6. As such, LFA is one of the first distros to adopt the upcoming Linux 5.4 kernel series.

    LFA (Linux For All) Build 191111 is not just an update to previous releases of the Ubuntu-based GNU/Linux distribution, but a total rebuild that now uses packages from the latest Ubuntu LTS (Long Term Support) release instead of those used in the latest Ubuntu Linux release.

  • Canonical at TechWeek Frankfurt

    The TechWeek Frankfurt trade show will explore solutions to technology challenges organisations face across cloud computing and security, DevOps practices, Big Data management and more.

  • Open Infrastructure Summit Shanghai 2019: the highlights

    OpenStack remains a big thing and its adoption is constantly growing. According to the 451 Research Market Monitor (Open Source Software, OpenStack) from September 2019, its combined market size worldwide is $7.7B. This is much more than the combined market size of application containers which is $4.38B.

    During that last development cycle for OpenStack Train, 1,125 developers from 165 organisations contributed their patches and 25,500 of them were accepted. This makes OpenStack one of the three most active open source projects in the world.

    Moreover, by coming to China the OpenStack Foundation clearly declares its openness for the Asia markets and cooperation with local organisations on driving the future of the OpenStack project.

  • Ubuntu Weekly Newsletter Issue 604

Devices/Embedded

• NanoPi R1S Dual Gigabit Ethernet Router Comes with 32-bit or 64-bit Arm Processor

  The company does not currently sell the board barebone, and instead, NanoPi R1S is sold as a router with a yellow enclosure (no other colors available) running either FriendlyWrt based on OpenWrt or FriendlyCore based on Ubuntu 18.04, both shipping with Linux 4.14.

• Open-spec, dual-port router offers a choice of Allwinner H3 or H5

  FriendlyElec’s Linux-driven, $20 “NanoPi R1S-H3” router uses a modified version of the Allwinner H3-based NanoPi R1, upgrading the second LAN port to GbE while removing a USB port. There’s also a similar, $23 “NanoPi R1S-H5” with a quad -A53 H5.

  Back in February, FriendlyElec launched the community-backed NanoPi R1 router SBC, which still sells for $29. Now it has followed up with two more affordable NanoPi R1S routers based on upgraded versions of the NanoPi R1 that that give you dual GbE ports instead of 10/100Mbps and 10/1000/1000Mbps. The mainboards are smaller than the R1 at 55.6 x 52mm, and the board and the case have been entirely redesigned.

• Database of 200+ smartphones that can run Linux (unofficially)

  The vast majority of smartphones in the world ship with some version of Google’s Android operating system. And most of them are only supported by their manufacturers for a few years.

  Have a phone that’s 3-4 years old? Then you’re probably not getting any Android updates anymore. No more security patches. No new features.

  Of course, some folks can run custom ROMs such as LineageOS, which lets you install updates indefinitely… but want to break out of Android altogether? There are a handful of other GNU/Linux-based operating systems including Ubuntu Touch, postmarketOS, and Maemo Leste that are designed to, among other things, help give your phone a longer lifespan.

  One tricky thing can be figuring out which phones are supported. That’s where a new Can My Phone Run Linux database from TuxPhones comes in.

• Ubuntu-ready Apollo Lake mini-PC features Myriad X AI accelerator

  IEI’s rugged, “ITG-100AI” DIN-rail PC runs on an Apollo Lake SoC and a new “Mustang-MPCIE-MX2” mini-PCIe card with dual Myriad X VPUs. The system ships with 8GB RAM and a 128GB SATA SSD plus GbE, serial, USB, and M.2.

  IEI has launched a compact, Intel Apollo Lake based “ITG-100AI” computer for industrial AI that showcases its Mustang-MPCIE-MX2 AI acceleration card. The fanless, 137 x 102.8 x 49.4mm ITG-100AI supports DIN-rail or desktop mounting and offers a 0 to 50°C range with airflow, as well as 5G shock resistance compliant with IEC68-2-27 and vibration resistance per MIL-STD-810G 514.6C-1.

• Mobile Systems/Mobile Applications

  • Why AndroidHackers’ website is the best place for satisfying Android needs

  • Asus ROG Phone 2 Update Brings Slide Gesture Support to AirTriggers; Android 10 Beta Programme Kicks Off

  • Android 10 updates for Nokia 9 PureView and Nokia 8.1 coming in the following weeks

  • Nokia 7.2 & 6.2 get Android 10 via LineageOS 17.0, official TWRP support

  • Xiaomi Mi Band Notification Issue On Android 10 Fixed

  • Huawei P30 Pro starts receiving EMUI 10 update based on Android 10

  • Asus ROG Phone 2 gets Android 10 in beta and you can sign up now

  • LG Aristo 3 (Plus) Android 9 Pie update imminent as per Android Enterprise listing

  • How to get started with the new Office app (preview) on Android

  • Here’s How To Connect PlayStation Controller To Your Android Device

  • Many Android Auto users are having Google Assistant issues, and there’s nothing you can do yet

  • ‘ATFuzzer’ Android Baseband Security Threat Exploits Malicious Bluetooth, USB Accessories: Researchers

  • Top Android Game Deals of the Week

  • Seven novel uses for the camera in your Android smartphone

  • HR Solver for Android and iOS launches for workers seeking advice

  • Android users should delete these ‘amazingly popular’ apps immediately, experts warn

  • USB and Bluetooth accessories can be used to attack Android phones and spy on owners

  • Full list of 60 Android apps you need to delete immediately

  • WhatsApp update drains battery on Android phones, users claim

  • Best microSD cards for NVIDIA Shield TV (2019) in 2019

  • Verizon’s Stream TV box will use Android TV, includes free month of YouTube TV

  • Vulnerability That Allows Hackers To Steal Personal Information Found In 10 Types Of Android Devices

  • BREAKING: Huawei P30/P30 Pro EMUI 10 (Android 10) stable update rolling out

  • Jetpack Compose – Android’s Toolkit to Develop Native UI

  • Dead batteries, free of charge: WhatsApp update reportedly draining Android phones of life

  • Latest WhatsApp version draining battery on OnePlus, Samsung, Xiaomi and other Android phones

  • Android users should delete these ‘amazingly popular’ apps immediately, experts warn

  • Huawei Mate 20 Pro redux: Still a top phone!

  • Nokia 6.2 in for review

  • Gboard: Google’s Android keyboard suggests suitable GIFs for emojis

  • ASUS ROG Phone 2 Android 10 Beta starts now

  • Android 10 Users, Here’s How to Enable Dark Mode for Instagram, YouTube and FB Messenger

  • Google revamps autofill UI for the Android version of Chrome

  • The 15 Best Paid Android Games That Worth Your Money

    Nowadays, Android is the most used platform, and Android gaming is one of the biggest parts of it. From the children to the elders, almost all Android users love to play different types of games on their Android devices. Some of them are so fond of games that free version of some exotic games is not enough for them. This is why they spend some of their pocket money to buy the premium version of those games. If you are looking for a worthy Android game for which you can pay, I suggest you follow a list of best paid Android games.

Free, Libre, and Open Source Software

• Events

  • Mutter & GNOME Shell Hackfest

    A couple of weeks ago, I was fortunate enough to attend the Mutter & GNOME Shell hackfest in Leidschendam.

  • Real Python: PyCon Africa 2019 (Recap)

    PyCon Africa was a wonderful, inspiring, and technically enlightening conference that took place in Accra, Ghana from August 6 to 10, 2019 at the University of Ghana. This conference was the very first pan-African conference for Python developers and was attended by 323 Pythonistas from 26 different countries. Most of the attendees traveled from countries around Africa, and a number of speakers came from the US, the Netherlands, Germany, Brazil, and Italy.

    Python is becoming more and more adopted all across the globe. In Africa, Python is earning a special place for itself, where it’s used extensively for web development and data science. African businesses are looking for developers with Python skills in these areas, and having a PyCon in Africa provides a foundation to help support African programmers.

    [...]

    The day after the main conference was dedicated to sprints! This is where people group up to work on various open source Python projects. I was part of a team that worked on Cookie Cutter and other related projects. I submitted a PR that got merged into the project and I also helped mentor other team members.

    I highly recommend anyone who has not attended a sprint before to do so! It’s a great way to practice your skills, contribute to an open source project, and meet the developers involved with the project.

• Web Browsers

  • Chromium

    • Google Chrome To Begin Marking Sites That Are Slow / Fast

      Chrome has successfully shamed web-sites not supporting HTTPS and now they are looking to call-out websites that do not typically load fast.

      Google announced today that they will begin marking websites that are often either loading slow or fast. Chrome developers are experimenting with ways to show whether a website typically loads fast or slow so the user is aware even before they navigate to a given web page or web app. The changes will be rolled out in future Chrome updates.

• Productivity Software/LibreOffice/Calligra

  • Community Member Monday: Celia Palacios

    I am a Mexican old-guard user of Linux since 2001. I studied Electronic Engineering, and I have been working in that field since 1989. I learnt all sorts of Linux stuff because I love to learn by myself. In addition, I love to read historical detective novels, lots of science fiction, and go to the movies with my husband.

    I love philosophy, symbolism and many alternative ideas about everything. I also like to have long, friendly debates about everybody’s presumptions (or assumptions?). I try to be open-minded, specially in this times when everyone’s getting polarized Mexico about our President. I used to be an athletic gal, but now I am a total coach-potato! Thanks, Netflix!

• Pseudo-Open Source (Openwashing)

  • How telcos can differentiate their 5G offering with open source

    In April 2019, South Korea became the first country to adopt 5G networks on a large scale, marking the beginning of what promises to be a period of radical change in the telecoms industry. For the operators, the 5G era opens a range of opportunities, both in delivering the ultra-low latency that retail customers increasingly expect, and in the enormous capacity and bandwidth that business customers require to push boundaries in IoT, enterprise networking and critical communications.

    However, being able to offer 5G capabilities alone is not enough to safeguard an operator’s market position through the next wave of connectivity. For all the potential 5G use cases that it presents, the business models that worked in the 4G era will continually be challenged by fiercer competition and tighter margins. To grasp the 5G opportunity, telecoms companies will need to develop and deploy new capabilities, leveraging a far greater depth of network insights in order to differentiate their customer offering with innovative services that translate into new revenue opportunities.

• FSF/FSFE/GNU/SFLC

  • FSF: New Respects Your Freedom website

    The Free Software Foundation’s Respects Your Freedom program provides a certification for hardware that supports your freedom. A new website listing certified products has been launched. “In 2012, when we announced the first certification, we hosted information about the program and retailers as a simple page on the Free Software Foundation (FSF) Web site.

• Programming/Development

  • Creating a Kirigami application, the easy way

    Interested in getting started with Kirigami development in a few minutes? Since version 5.63 of the Kirigami framework, there is an easy way to do so: an application template. The template facilitates the creation of a new application, using CMake as the build system, and linking to Kirigami dynamically as a plugin at runtime.

    Let’s see how it works. As a starting point, we will use a virtual environment running the latest KDE Neon User edition. This is by no means a requirement, any Linux distribution with Kirigami 5.63 or later perfectly fits our needs. KDE Neon has been chosen just because it provides -by design- the latest Qt, KDE frameworks and applications. Moreover, a virtual machine will let us play fearlessly with the system directories.

  • New features in Red Hat CodeReady Studio 12.13.0.GA and JBoss Tools 4.13.0.Final for Eclipse 2019-09

    JBoss Tools 4.13.0 and Red Hat CodeReady Studio 12.13 for Eclipse 2019-09 are here and waiting for you. In this article, I’ll cover the highlights of the new releases and show how to get started.

  • PyDev of the Week: Vuyisile Ndlovu

    This week we welcome Vuyisile Ndlovu (@terrameijar) as our PyDev of the Week! Vuyisile is a contributor to Real Python and a Python blogger on his own website. He is also active in the Python community in Africa. You can find out more about Vuyisile on his website or by checking out his Github profile. Let’s take some time to get to know him better!

    [...]

    I don’t have a favorite language yet because I haven’t been programming for a long time and I know that different languages are suited for different things. I’m learning JavaScript and back in college, I took C++ and Visual Basic classes. I teach programming classes at a High School using VB.Net because I find that using Visual Basic makes building GUIs in a Windows environment easy and the language is relatively simple to teach to beginners.

    The work projects I work on are web projects and I enjoy using Python and Django to build those out.

  • Twisted 19.10.0 Released

    On behalf of Twisted Matrix Laboratories, I am honoured to announce the release of Twisted 19.10!

    [...]

    Many thanks to everyone who had a part in this release – the supporters of the Twisted Software Foundation, the developers who contributed code as well as documentation, and all the people building great things with Twisted!

  • Tutorial: How to Read Stata Files in Python with Pandas

    We are soon going to practically answer how to open a Stata file in Python? In Python, there are two useful packages called Pyreadstat, and Pandas that enable us to open .dta files. If we are working with Pandas, the read_stata method will help us import a .dta into a Pandas dataframe. Furthermore, the package Pyreadstat, which is dependent on Pandas, will also create a Pandas dataframe from a .dta file.

  • Python Software Foundation: Seeking Developers for Paid Contract Improving pip

    The Python Software Foundation Packaging Working Group is receiving funding to work on the design, implementation, and rollout of pip’s next-generation dependency resolver. (We’ll be able to publicly name the funders later this month and in early December.)

    pip is the official package installer for Python. pip aims to make it easy for the millions of people who use Python to download and install Python libraries and applications (open source and closed source, source and binary, globally and within isolated virtual environments). It’s a foundational component of the Python ecosystem and broader computer software and technology landscape.

    This project aims to complete the design, implementation, and rollout of pip’s next-generation dependency resolver. This will lower the barriers to installing Python software, empowering users to get a version of a package that works. It will also lower the barriers to distributing Python software, empowering developers to make their work available in an easily reusable form.

    Because of the size of the project, funding has been allocated to secure two contractors, a senior developer and an intermediate developer, to work on development, testing and building test infrastructure, code review, bug triage, and assisting in the rollout of necessary features.

  • Rename all files in a directory to the md5 hash

Science

• This computing pioneer was among the first to read an email in Thiruvananthapuram in 1984

  CV Radhakrishnan, a typesetting veteran and free software enthusiast, has a neurological disorder called perennial muscular dystrophy.

  [...]

  As Radhakrishnan’s words jumps between the years – the 1980s when it all began for him and the present – he reminisces about the ‘old days’ with his friend. Like when he became one of the first people in Thiruvananthapuram to read an email on a Unix server (using Unix-to-Unix Copy or UUCP). Or when he got a 20 MB hard disk in the early 1990s and thought it was such a big deal.

  “Today a photo would be that size,” he laughs. He is 67, and obviously one of the pioneers of computing in Kerala. He was 31 when he was introduced to the idea of computers, working at the University. Staying at the university hostel in Karyavattom, he’d see Professor Nambooripad coming to play badminton and the two began talking technology. Nambooripad introduced Radhakrishnan to computing, to Tex the typesetting tool whose manual and software came to him in two floppy disks (for kids today – yes, there was such a thing).

Security (Confidentiality/Integrity/Availabilitiy)

• Security updates for Monday

  Security updates have been issued by Debian (ampache, chromium, djvulibre, firefox-esr, gdal, and ruby-haml), Fedora (chromium, file, gd, hostapd, nspr, and rssh), openSUSE (bcm20702a1-firmware, firefox, gdal, libtomcrypt, php7, python-ecdsa, python3, samba, and thunderbird), SUSE (apache2-mod_auth_openidc, libssh2_org, and rsyslog), and Ubuntu (bash).

• Security improvements in AMO upload tools

  We are making some changes to the submission flow for all add-ons (both AMO- and self-hosted) to improve our ability to detect malicious activity.

  These changes, which will go into effect later this month, will introduce a small delay in automatic approval for all submissions. The delay can be as short as a few minutes, but may take longer depending on the add-on file.

  If you use a version of web-ext older than 3.2.1, or a custom script that connects to AMO’s upload API, this new delay in automatic approval will likely cause a timeout error. This does not mean your upload failed; the submission will still go through and be approved shortly after the timeout notification. Your experience using these tools should remain the same otherwise.

• Reproducible Arch Linux Packages

  Arch Linux has been involved with the reproducible builds efforts since 2016. The goal is to achieve deterministic building of software packages to enhance the security of the distribution.

  After almost 3 years of continued effort, along with the release of pacman 5.2 and contributions from a lot of people, we are finally able to reproduce packages distributed by Arch Linux!

  This enables users to build packages and compare them with the ones distributed by the Arch Linux team. Users can independently verify the work done by our packagers, and figure out if malicious code has been included in the pristine source during the build, which in turns enhances the overall supply chain security. We are one of the first binary distributions that has achieved this, and can provide tooling down to users.

  That was the TL;DR! The rest of the blog post will explain the reproducible builds efforts, and the technical work that has gone into achieving this.

• Vulnerability Values Fluctuate Between White, Grey and Black Hats

  A black hat selling vulnerabilities can make as much money as a white hat researcher using bug bounty programs, or a grey hat working for a nation state doing reverse engineering.

  Speaking at a Tenable conference in London last week, director of research Oliver Rochford said that to have people do vulnerability research is expensive, and all of the white, black and grey markets are symbiotic, as despite the difference between being legal and illegal, the different factors “mirror each other as it starts with vulnerability discovery.”

  Rochford said that this “shows how professional cybercrime has become,” pointing to the fact that the main difference between criminal and legal sides are ethics. In one slide, Rochford pointed out vulnerability discovery, exploit research and development are the same for both offense and defensive sides, while the differences fall at the “operationalization” side, where offensive sides look at espionage, sabotage and fraud, while defense sides look at threat intelligence and compensating control adaptation.

  In his research, Rochford showed that in some cases you can earn more as a white hat vulnerability manager than as a black hat, with a black hat able to earn around $75,000 in this sort of work. Rochford said this “is achievable and attractive” and while it was more lucrative to do it legally, if it is not “it is a way to make a living.”

• Name That Toon: Endpoint Protection

Environment

• If Money Is Tight, Climate Change Is Your Issue

  If you’re poor in America, climate change is your issue.We’ve already seen why. In 2004, Hurricane Katrina ravaged the Gulf Coast, leaving many thousands displaced and unemployed. In 2017, Hurricane Maria fell upon Puerto Rico, destroying homes and disabling the power grid for more than two years.

Finance

• Inequality and the Iron Law of Decaying Public Services

  Fires are raging everywhere in California these days, and firefighters are having enormous trouble keeping up. Chronically understaffed local fire departments simply don’t have the resources to handle act one of what climate change has in store for us.

AstroTurf/Lobbying/Politics

• By Trying to Silence Sanders, the Corporate Media Delegitimize Themselves

  “The system was suffering a crisis of legitimacy: nobody believed the official narrative anymore.”Bernie Sanders’ campaign has finally gone full-throat with the obvious: the Democrat-aligned corporate media have thrown all journalistic principles to the wind to impose a “Bernie Blackout.” 

• Defrauded Students and DeVos

  That shut her up real horrorshow and lovely. —A Clockwork Orange, Anthony Burgess

• ‘Close But No Cigar’: PBS Plan to Run Impeachment Hearings Online Not Enough to Show Whole Story of Trump’s Misdeeds, Says Moyers

  “This is a moment in American history where the arc of justice will either be bent forward or it’ll be bent backward. So everyone who wants to see it should have the chance to see the whole story.”

Censorship/Free Speech

• Self-Righteous Immorality: The Dangers of Cancel Culture

  Cancel culture constitutes a practice of acting on an accusation of problematic behavior or speech by socially ostracizing the accused individual and/or their professional, artistic or academic practices. Cancel culture goes against some of the ideals and morals that make up the fabric of modern, post-colonial South Africa. From free expression to the principles of Ubuntu. Those who perpetrate it tend to do so with a self-righteous outrage which they believe gives them the right to silence and shut-down any one who disagrees with them.

  The Constitution of the Republic of South Africa, 1996 enshrines in the Bill of Rights the ‘Right to Freedom of Expression’ under s16. This free expression extends deeply, even to those who may be expressing so-called ‘problematic viewpoints’. The only check on this freedom of expression is in s16(2) which prohibits war propaganda, incitement to violence and incitement to cause harm based on race, gender, ethnicity or religion. All of these restrictions are carefully put in place to maximise the rights of all involved. Something being ‘problematic’ or ‘offensive’ is not enough to be deemed as breaching these provisions, and any response that attempts to forcefully silence people who are not in breach of s16(2) is, in itself, contravening these constitutional values.

  [...]

  Even if we disregard these points – we must question the morality of simply ‘cancelling’ someone based on accusations of misconduct. To refuse to engage with an individual and hear their side of a story, or offer them a fair trial is immoral and unjust.A common argument is that the crime they are being accused of is even more immoral or unjust, and that is as may be. However, the fact that one wrong has been committed is not justification to retaliate with another wrong – especially if the accusation is unproven. So it appears that whichever way we unpack it, cancel culture is immoral, it does not achieve justice and it is against the values of the constitution.

Civil Rights/Policing

• UN Should Focus on Protester Deaths in Iraq Rights Review

  Today the UN Human Rights Council will hold a Universal Periodic Review (UPR) session to examine Iraq’s human rights records. The rash of killings of protestors by Iraqi security forces over the past month should at the front of diplomats’ minds as they shape their recommendations.

• Justices Take Up High-Profile DACA Case Over Young Immigrants

  The Supreme Court is taking up the Trump administration’s plan to end legal protections that shield 660,000 immigrants from deportation, a case with strong political overtones amid the 2020 presidential election campaign.

• Immigration: “Loving Justice”

  The United States recently hit a new low in its demonstration of inhumanity. During relief efforts in the Bahamas in the wake of hurricane Dorian, people who didn’t have a US visa were told to leave a rescue ship that could have taken them to Florida. Even a temporary suspension of document requirements during the crisis of a deadly category 5 hurricane was rejected. | By

• The Struggle of Nation and Religion in Lebanon

  More than three weeks have passed since the start of the protests in Lebanon, and things are beginning to show signs of change on the ground. The protestors are more organized (in general), more goal-oriented. They are protesting in areas known to be dens of corruption, in the neighborhoods of corrupt officials, banks, ministries, etc…

Internet Policy/Net Neutrality

• Telcos Need 5G Innovation, but Who will Pay?

  Ren Zhengfei doesn’t think 5G is such a big deal.

  The Huawei boss told one of his public seminars last week that he thinks the importance of the new standard has been exaggerated. His perspective from the eye of a geopolitical storm may be partisan, but he can’t be the only telecom industry exec bemused by the intensity of sentiment over next-generation mobile.

  For most of its development over the past decade, 5G has proceeded as unremarkably as the previous technologies, albeit with richer and broader functionality.

Monopolies

• Spousal Rights to Inventions: A Latent Threat to Corporate Patent Portfolios

  The intersection between patent law and family law principles has the potential to create an irreconcilable conflict in the area of patent ownership. These two legal worlds operate by virtue of different statutory provisions of automatic vesting of title that appear to be unable to coexist. Under U.S. patent law, ownership of a patent automatically vests, as personal property, in the individual inventor. Many, if not most, inventors are employees who, under some written obligation (such as a routine employment agreement), assign their ownership rights to the inventions created as part of their jobs to their employers. At the same time, however, property acquired by a married individual (in most, if not all states) is considered marital or community property of the married couple. In that case, then, when an employee invents something and acquires an interest in a patent (which the employee does automatically upon invention under U.S. law), that patent may become marital property of the couple before the employee assigns the employee’s interest to the employer. In other words, an employer who receives an assignment from the employee alone of only the employee’s interest may end up owning the patent jointly with the spouse who has his or her own undivided interest in the marital property.

  This problem is particularly acute when, as is commonly the case, the assignment from the employee to the employer is a present assignment of an expectant interest which transfers legal title in the patent to the employer as soon as the patent arises. In that case, the two property regimes — patent law and marital property law — have competing, incompatible automatic vesting regimes. Patent law automatically vests ownership of patents in inventors and, by virtue of most common employment agreements, their employees; marital law, at least in community property states, automatically vests ownership of property in the spouse. The result, never previously explored, is that vast corporate patent portfolios may be subject to co-ownership with thousands of individual employee spouses (or ex-spouses).

  Federal courts may not be able to resolve this conflict without wading into family law, an area traditionally left to the states. In addition, federal courts have long maintained that patent ownership is a matter of state property and contract law, making a judicial remedy on the basis of preemption unlikely. In Spousal Rights to Inventions: A Latent Threat to Corporate Patent Portfolio, we propose new federal legislation is necessary to create predictability in corporate patent ownership. Additionally, we provide some practical suggestions for employers confronted with this dilemma.

• From Venetian Glass to Contemporary Intellectual Property: Revisiting Tailored Patent Regimes (Book Review)

  This piece reviews Stefania Fusco’s “Murano Glass Vase” and “Lessons from the Past.” In Murano Glass Vase, Fusco recounts the history of the glassmaking industry in Venice, framing it as the natural experiment from which the patent system sprang into the world. Fusco emphasizes the mix of exclusionary rights and trade secrecy that formed the backbone of Venetian innovation policy against the backdrop of a heavily regulated and protectionist economy. In “Lessons from the Past,” Fusco draws on original research performed at the Venetian State Archives to further the Murano narrative by looking at how the Venetian government fueled an ad hoc patent regime across industries by tailoring it to specific technologies.

• Athena Rising? Brief of Professors Jeffrey A. Lefstin and Peter S. Menell as Amici Curiae in Support of Petition for a Writ of Certiorari in Athena Diagnostics v. Mayo Collaborative Services

  In Bilski v. Kappos (2010), this Court explained that its interpretation of 35 U.S.C. § 101 has been guided by over 150 years of historical practice. Yet two years later in Mayo Collaborative Services v. Prometheus Laboratories (2012), the Court triggered the most radical redefinition of patent-eligible subject matter in U.S. history by engrafting an inventive application requirement for patenting practical applications of scientific discoveries.

  Mayo based this requirement on three critical assumptions: (1) Congress has never addressed the question of the patentability of scientific discoveries; (2) foundational precedent of the English courts and of this Court excluded scientific discoveries and demanded inventive application as a condition of patent eligibility; and (3) a new extra-textual limitation on patentability was necessary to address the undue preemption of laws of nature and other scientific discoveries. Unfortunately, inadequate briefing in Mayo led the Court astray.

  The Nation’s patent statutes, stretching back to the founding era, unmistakably afford patent protection to technological innovations and scientific discoveries. Congress has expressly sought to encourage both technological inventions and scientific discoveries. The legislative concern has not been with preemption of inventive fields, which the durational limits and disclosure constraints of the Patent Act address, but rather with “min[ing]” the “exhaustless” “treasures” and “unlimited reach of science.” Specific legislative enactments in 1930, 1952, and 1954 refute any requirement of inventive application for patent eligibility.

  Furthermore, the Mayo briefs failed to address critical context and meaning of key cases bearing on patent eligibility of applications of scientific discoveries. Both Parker v. Flook (1978) and Mayo relied on a mistaken reading of Neilson v. Harford (1841) to conclude that English and American courts restricted patents to inventive applications of new discoveries. To the contrary, Neilson became the primary authority in England and the United States for the position that practical applications of discoveries were patentable without any invention in the means of application.

  Finally, contrary to Mayo’s supposition that a new extra-statutory doctrine was necessary to limit undue preemption of scientific discoveries, this Court has long held that this role was served by patent law’s express disclosure requirements. See O’Reilly v. Morse (1854) and subsequent cases. As reflected in the eight opinions in Athena Diagnostics, Inc. v. Mayo Collaborative Services, as well as clear signals in numerous other cases, the Patent Office’s frequent revision of examiner guidance documents, and legislative hearings, the Federal Circuit, district courts, Patent Office, and inventors have struggled unsuccessfully to apply the Mayo/Alice decisions coherently and predictably. These decisions have imposed massive costs upon all of these institutions and the public, thereby undermining the patent system.

• Canadian Patent Rules Cut Filing Delay Time for Multinationals

  Canada is shortening the time multinational companies have to apply for patents there after applying in another jurisdiction, under new rules that Canadian officials say could save applicants millions of dollars over the next decade.

  Canada’s new patent rules, which take effect Oct. 30, align the country with the international Patent Cooperation Treaty, which Canada joined in 1990, and the Patent Law Treaty, which it signed in 2001.

• Patents and Software Patents

  • Berkeley Files Opposition to Broad’s Substantive Motion No. 1 in Interference

    On October 18th, Junior Party (the University of California, Berkeley; the University of Vienna; and Emmanuelle Charpentier (collectively, “CVC”) filed its authorized opposition to Substantive Motion No. 1 from Senior Party the Broad Institute (and its partners as Senior Party, Harvard University and MIT), which asked for judgment in Interference No. 106,115 on the basis that CVC was estopped by prior judgment of no interference in fact in Interference No. 106,048 between these parties.

    [...]

    The Broad argued that CVC had the opportunity in the ’048 interference to file a responsive motion to the Broad’s motion of no interference-in-fact to add claims directed to eukaryotic applications of CRISPR technology but did not. The Broad argues that this was a strategic decision by CVC to have only its “environment-free” claims in the interference. Furthermore, the Broad contends that it was intentional, citing to CVC’s colloquy before the Board when the parties discussed which motion the Board would authorize, where CVC expressly “reserved” the ability to file such responsive motions.

  • Collabo: v. Sony: Due Process Violation and a Takings

    Everyone will admit that a lot has changed in patent law since Collabo’s U.S. Patent 5,952,714 issued in September 1999. Although ex parte reexamination was available, the American Inventors Protection Act (AIPA) authorizing inter partes reexamination was not enacted until November 1999. However, inter partes reexamination only applied to patents issued from applications filed after November 1999. Pub. L. 106–113 Then, in 2011, Congress created inter partes review — and this time made it retroactive.

    After Collabo sued Sony for infringement, Sony responded with petitions for inter partes review. The PTO instituted review and found the claims unpatentable by a preponderance of the evidence and the Federal Circuit affirmed. With regard to Collabo’s due process and takings claim, the court found itself bound by a parallel decision in Celgene Corp. v. Peter, 931 F.3d 1342 (Fed. Cir. 2019). Celgene is pending petition for en banc rehearing on the question…

    [...]

    The basic setup here is that the AIA makes it easier to invalidate patents with its lower presumption; lower standard of proof; and (until recently) broader interpretation of patent scope.

• Trademarks

  • It may be the name of a fashion style, but is it trade mark use?

    Murphy J dismissed both claims, finding that there was no infringement as Triangl did only use the name Delphine as a style name and not as a trade mark, and Triangl did not establish any prior use by another person of Pinnacle’s DELPHINE mark. The judge stated that the proceedings brought by Pinnacle were ‘ill-advised’ and that, even if Pinnacle had been successful, any damages awarded would have been far outweighed by the legal costs it incurred in bringing the infringement proceeding.

  • Bentley Motors found to have infringed small clothing firm’s ‘Bentley’ trade marks

    The claimants in the case were Brandlogic, a family firm which sold clothing under the brand ‘Bentley’, as well as Bentley 1962 Ltd, which held the IP rights it claimed to license exclusively to Brandlogic (the two referred to collectively in proceedings as ‘Bentley Clothing’). The Bentley clothing business had been acquired from a line of predecessors – the original business beginning in 1962 – with the business and associated trade marks (the oldest of which was registered in 1982) eventually being assigned to Bentley Clothing in 1998.

    Sometime around 1987, Bentley Motors began selling a limited range of clothing, featuring the B-in-wings logo, but not ‘Bentley’. In 1998, Bentley Clothing made itself known to Bentley Motors, offering a licence to the car maker. However, sporadic discussions at various times after 1998 did not yield results. From 2000, Bentley Motors began to expand its clothing range and to use ‘Bentley’ (mainly as part of the ‘Combination Sign’) on the clothes.

    [...]

    Despite the large amount of publicity that this case received for its somewhat ‘shocking’ outcome given the relative fame of the parties, on the basis of law the conclusion reached is not surprising, and indicates the strength of current trade mark protection, such that even a renowned car brand like Bentley Motors cannot win if the odds are against it.

    But what will this decision mean in the long run? Bentley Motors has suggested that it may appeal. There is also the separate issue of damages – given how long proceedings have gone on between these two parties, it will be interesting to see what the actual amount will come to.

    Out of curiosity, this InternKat looked to see if she could find clothing on the Bentley (Motors) website following this decision, but instead was greeted with a message informing that: “…there are no products in this collection”. It seems as through the consequences of this decision are already being felt (and that this InternKat will have to look elsewhere for Christmas ideas…).

  • Elizabeth Rowe: does eBay apply to trade secret injunctions?

    Elizabeth Rowe has a highly informative new empirical paper, called “eBay, Permanent Injunctions, & Trade Secrets,” forthcoming in Washington and Lee Law Review. Professor Rowe examines—through both high-level case coding and individual case analysis—when, and under what circumstances, courts are willing to grant permanent injunctions in trade secret cases. (So-called “permanent” injunctions are granted or denied after the trade secret plaintiff is victorious, as opposed to “preliminary” injunctions granted or denied prior to on-the-merits review. They need not actually last forever).

    Rowe assesses cases spanning a fifteen-year period. Rowe designed this study from her prior study on damages. She assesses only federal court cases; only Uniform Trade Secrets Act (UTSA) claims, no federal Defend Trade Secrets Act (DTSA) claims; and has 157 usable cases total. The cases run from around the years 2000 to 2015. (pp. 16-17).

    [...]

    The upshot is that—as usual in trade secrets—it’s sort of the Wild West. There aren’t enough published opinions. Courts are granting or denying injunctions based on sometimes unrevealed reasoning. There are divided rules across the different states and federal circuits. Entry of DTSA claims is unlikely to make this less of a mess. I am grateful for Rowe’s empirical work and clear writing to help shed some light.

  • Canadian Agency Applies To Trademark ‘Fake News’, Sends Trump Cease-And-Desist Letter

    Donald Trump often uses the term “fake news”—especially, critics might say, when he is the subject of a story he does not like. Now one ad agency and a journalist have attempted to take a legal stand against the practice.

    Calgary advertising agency Wax Partnership and the Florida Chapter of the Society of Professional Journalists have teamed up and applied for a trademark on the term.

    They sent a cease-and-desist letter to Trump, in a tongue-in-cheek move they hope will spark a conversation about the difference between credible news and the mountains of incorrect information being disseminated, according to CBC.

No Disney+ on Linux

With the new version 4.10.1582.1 of the Widevine DRM plugin package for Chromium that I uploaded today (chromium-widevine-plugin) I really hoped that this would fix the playback error on Linux of the new Disney+ streaming service.

As you may know, Disney is preparing for the official launch of its movie streaming service this week tuesday, 12 November. But we in the Netherlands could enjoy a free test period of two months before the go-live and so I watched several episodes of the Agents of S.H.I.E.L.D. series and the Captain Marvel movie, casting from my phone at first but now via an official app on my smart TV. The bad performance of the app and frequent freezes of the video streams have largely been taken care of and fixed during the test period. If you are a fan of the Disney and Fox movie portfolio or enjoy the Marvel and Star Wars movies, then I guess this new platform is for you. It’s still rather limited in scope of course.

Worse in my opinion is the fact that Disney did the Linux community a disservice. The streaming of video does not work – on any browser. The web site works fine, you can browse and explore, but video playback is not possible and an annoying “Error 83” appears instead.

Server

• IBM

  • Obsidian joins Red Hat Forums in South Africa to highlight the power of open source

    Leading open source technology and services provider Obsidian Systems has confirmed its participation as a silver sponsor of the EMEA Red Hat Forum 2019. This will be held at Century City Conference Centre in Cape Town on November 19 and at the Gallagher Convention Centre in Johannesburg on two days later.

    The Red Hat Forum is an opportunity for business leaders to deep dive into the opportunities represented by technology and technology trends including open source cloud computing, platforms, virtualisation, middleware, storage and system management.

    “We endorse the central theme of the Red Hat Forum which is that in as far as establishing a firm technical foundation for your business, the thinking and rationale around strategy should be flexibility, achieving scale, expansion and clever control,” said Muggie van Staden, Managing Director of Obsidian Systems.

    “Interoperability, adjustability and elasticity – these are the hallmarks of a market that is fast maturing and ready to benefit from hybrid cloud, from Linux and containers, and positioning the business to build using open source infrastructure.”

Audiocasts/Shows

• Open Source Security Podcast: Episode 169 – What happens when leadership doesn’t care about security?

  Josh and Kurt talk about government security incidents. The security concerns at the government level often have real life and death consequences. What happens when the leadership knowingly disregards security policy?

• GNU World Order 13×46

  Finishing up the **s** section of **/usr/bin** from the util-linux package. This episode covers **script**, **scriptreplay**, **setarch**, **setsid**, and **strings**. shasum -a256=addb70fb5b278871341b3ba3a20e0700fe2a63973208d4755af7180e7a27c7e3

• SMLR 317: Ohio Linux Fest Recap

Kernel Space

• Reiser4 File-System Is Still Ticking In 2019 – Now Updated For Linux 5.3 Compatibility

  Edward Shishkin continues near single-handedly maintaining the out-of-tree Reiser4 code that at this point still has no apparent trajectory towards mainline. The former Namesys developer previously indicated it’s unlikely to see Reiser4 merged unless there is a company backing it to get it through the review process for merging into mainline. While Reiser4 was quite promising for its early time, it’s only getting more difficult with Reiser4 effectively stagnating for years now while SUSE/openSUSE continues backing Btrfs, Ubuntu increasingly investing in ZFS support, Red Hat developing Stratis, XFS continuing to be advanced by Red Hat and others as well, Google continuing to invest in the likes of EXT4/F2FS, and there also being Bcachefs and other open-source storage solutions that are more promising than Reiser4 in 2019. Nevertheless, the out-of-tree kernel patches continue to be updated.

• Linux 5.4-rc7

  Another week, another rc. Nothing looks all that scary, but we
  definitely do have more changes than I would wish for.
  
  In terms of pure lines of code, we have the new 'vboxsf' staging
  driver, but ignoring that (and you should) everything looks normal.
  Except we've got closer to 300 non-merge commits, and I really wish we
  didn't have that many.
  
  It's all over the place - about 55% is drivers (and that's ignoring
  the vboxsf thing), the rest is networking, misc filesystem fixes
  (octfs2, btrfs, ceph), arch updates (x86, arm64), tooling fixes, and
  some core kernel and vm fixes.
  
  Nothing looks _bad_, but there is too much of it.
  
  So I'm leaning towards an rc8 being likely next weekend due to that,
  but I won't make a final decision yet. We'll see.
  
  Last time around, v5.3-rc7 was even bigger. We did do an rc8 for that
  one (although there were other reasons for that rc8).
  
  We'll see how this week goes and how I feel about it next Sunday.
  Maybe I'll feel like there's no reason to do an rc8 at that point.
  
  But it would be lovely if you all went out and kicked the tires and
  tested it all out..
  
  Linus
  

• Linux 5.4-rc7 Kernel Released With VirtualBox Shared Folder Driver In Place

  Notable for Linux 5.4-rc7 is VirtualBox Guest Shared Folder Support coming as a late addition with the “vboxsf” kernel driver making it into the staging area of the kernel. While the merge window for Linux 5.4 has long passed, this new driver is allowed as it doesn’t risk regressing any existing support. Also in Linux 5.4-rc7 is a “critical” scheduler fix among other bug/regression fixes.

• Graphics Stack

  • Virtual KMS Driver To Work On Virtual Refresh Rate Support (FreeSync)

    Over the past year and a half the VKMS Linux DRM driver has come together as the “virtual kernel mode-setting” implementation for headless systems and other environments not backed by a physical display. Interestingly being tacked on their TODO list now is VRR (Variable Refresh Rate) support. Separately, the prominent VKMS developer is now employed by AMD.

    The VKMS code got into shape originally back in 2018 when Rodrigo Siqueira was a student participating in Google Summer of Code. Since this past August, however, he began working for AMD in Toronto as a software engineer on their new display technologies, new ASIC/hardware bring-up, and other driver work focused on the display side. He is though still working on the open-source VKMS effort albeit not as much as previously and doesn’t appear to be doing so in an official capacity for AMD.

Benchmarks

• Windows 10 vs. Ubuntu 19.10 vs. Clear Linux Performance On The Dell Ice Lake Laptop

  Last month I posted benchmarks looking at the Windows 10 vs. Linux OpenGL and Vulkan graphics performance for the Ice Lake “Gen11″ graphics. But for those wondering about the CPU/system performance between Windows and Linux for the Core i7-1065G7 with the Dell XPS 7390, here are those benchmarks as we compare the latest Windows 10 to Ubuntu 19.10 and Intel’s own Clear Linux platform.

Applications

• HandBrake 1.3.0 Released with UI Tweaks, Discord Presets + More

  A new version of HandBrake, the free open source media convertor utility, has been released.

  HandBrake is a powerful tool you can use to convert one video format in to another, with broad support for modern and widely used video codecs.

  HandBrake 1.3.0 includes a crop of improvements to its video transcoding features, including new presets, and intros support for AMD VCE encoding on sported hardware).

• HandBrake 1.3.0

  HandBrake is an open-source, GPL-licensed, multiplatform, multithreaded video transcoder, available for MacOS X, Linux and Windows. Handbrake can process most common multimedia files and any DVD or BluRay sources that do not contain any kind of copy protection.

  [...]

  This release includes a redesigned queue interface, new presets for the PS4 Pro and Discord, support for Ultra HD Blu-ray discs (without copy protection), AV1 decoding, WebM container support, many new and updated translations, and much more.

Instructionals/Technical

• The Sudoers File in Ubuntu

• All About Sudo on a Debian 10 Buster System

• How to add multi-line raw.lxc configuration to LXD

• Installing Node.js on CentOS 8

• Fedora 31 : Use bash script to see all the permissions.

• How to install WPS Office 2019 on Ubuntu 19.10

• How to install the OieIcons icon theme on Linux

• How to Configure and Manage the Firewall on CentOS 8

• How to Install Tomcat 9 on Debian 10

• create a nicely formatted example of a shell command and its output

• New kernel packages and mkinitcpio hooks

Games

• Tencent Wants to Make Games for the U.S. With Nintendo, DJ Says

  Tencent Holdings Ltd is looking to make more of its partnership with Nintendo Co. to create video games for the U.S. market, Dow Jones reported.

• Steam for Linux client adds support for Linux namespaces

  The Steam client for Linux now supports using namespaces (a.k.a containers) to run game titles.

• Steam For Linux Beta Adds Experimental Namespaces/Containers Support

  Longtime Linux game developer Timothee Besset has outlined the support introduced by Valve this week in their latest Steam Linux client beta for supporting Linux namespaces / containers. This experimental functionality may in the end provide better support for 32-bit compatibility as more Linux distributions focus solely on x86_64 packages, reducing some of the fragmentation/library conflicts between some Linux distributions and Steam, and other headaches currently plaguing the Steam Linux space.

• Steam for Linux can now run games in a special container

  In the latest Steam Beta Client for Linux, Valve have added a new way to run Linux games through a special container.

  This is something that was being hinted, as we noticed when the new Steam Library was rolled out (noted at the bottom) you could briefly install the Steam Linux Runtime from the Tools menu before it was hidden again. Now we know why!

  It’s a new experimental feature, allowing you to better isolate games from the host system as detailed in a post on Steam from developer Timothee Besset. As the post from Besset states, it can help Valve support older titles on newer distributions, allow developers to test directly against it reducing QA time, other runtimes can be added using newer compilers and libraries, allow you to isolate your Home folder and a whole lot more.

Desktop Environments/WMs

• Analyzing XFCE keyboard shortcuts

  Hello one more time! Last week I analyzed GNOME keyboard shortcuts because I’m in an endeavor to analyze keyboard shortcuts in most major DEs just so that I can provide insight into what the best defaults would be for KDE Plasma.

  I must say, this one brings me memories since XFCE was my second Desktop Environment, and it also rendered quite some nice insight since a significant basis for comparisons has already been established—my blog should target primarily Plasma users, after all, and GNOME, a keyboard-enabling environment, was already verified.

  With that said, let’s start our analysis of XFCE keyboard shortcuts.

  Preparations

  For testing XFCE, I installed full xubuntu-desktop on my work machine which includes Kubuntu 19.04 (with backports).

  I also used a Xubuntu 19.10 live USB on both my home and work machines. Oh, how I missed that squeaky mascot placeholding the interactive area of whisker menu!

  I checked MX Linux, Sparky Linux, Arco Linux, EndeavourOS and Void musl XFCE on VMs for comparison. Generally speaking, Xubuntu, MX Linux and Arco Linux had very different keyboard shortcuts, and I must say beforehand: the distro which comes closest to that seems to be Void, which does not even include a panel by default (similarly to Openbox) and does not seem to change anything about XFCE keyboard shortcuts, whereas the most complete experience was Xubuntu. As it has the most polish and is arguably the most popular one, I’ll talk first about Xubuntu and comment on the others using it as parameter.

  For sources, since XFCE themselves do not provide lists with keyboard shortcuts, I initially used this random but minimally comprehensive page to acquire the typical modifier combos so that I could experiment; however, afterwards I would learn that XFCE, unlike Plasma and GNOME, stores its keyboard shortcuts in a single file, which made my life easier. It is stored in /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml, and it is the default configuration for XFCE; distros however instead prepare a user config file stored in ~/.config/xfce4/xfconf/xfce-perchannel-xml/xfce4-keyboard-shortcuts.xml, even if no significant changes were made.

  I must mention two things: first, it would be useful for readers to pay particular attention to when I mention “XFCE” and when I mention “Xubuntu”, as those are not used interchangeably. In addition, reading of my previous post on workspace dimensions should make things more clear for those who never read my blog or this series before.

• K Desktop Environment/KDE SC/Qt

  • Using Heaptrack and Hotspot

    Some weeks ago at the Open Source Summit & Embedded Linux Conference there was also a talk by David about using heaptrack and hotspot. Since these tools are extremely valuable, I thought I’d blog to make these tools a bit more visible in the KDE community.

Distributions

• Fedora Family

  • Review: Fedora 31 Workstation

    Fedora 31, like all recent Fedora releases, has a wide selection installation media available, each focused on some different function or desktop environment. The Fedora website treats the Workstation edition, which is the desktop version featuring the GNOME desktop, and the Server edition as the main downloads. Below Workstation and Server are three emerging Fedora versions: Fedora CoreOS, “an automatically updating, minimal, container-focused operating system”; Fedora Silverblue, “an immutable desktop operating system aimed at good support for container-focused workflows”; and Fedora IoT, which is designed to “[provide] a trusted open source platform as a strong foundation for IoT ecosystems”. Tucked down closer to the bottom of the page are the options to download Fedora Spins, which are installation media with different default desktop environments, and Fedora Labs, which provide a preselected set of packages designed around a specific task. For the purposes of this review, I mostly look at Fedora 31 Workstation, but also take a brief look at Fedora Silverblue to see how that project is progressing.

    [...]

    Fedora 31 is another in a long line of recent Fedora releases that are slightly more polished and updated than the previous version. Fedora 31 brings in updated packages and some nice polish, but it is a very boring release for anyone looking to try something different. However, users looking for a combination of mature, polished GNOME desktop should be very happy with what Fedora 31 Workstation offers. There are a few minor issues, but those should be fixed shortly. If you are looking for a distribution that fits nicely between mature and bleeding edge, Fedora 31 Workstation is an excellent choice. If you want to try something very different, Fedora Silverblue is also an excellent choice, but be aware that is does take more effort to get the system to a usable state.

• Debian Family

  • Markus Koschany: My Free Software Activities in October 2019

    Welcome to gambaru.de. Here is my monthly report that covers what I have been doing for Debian. If you’re interested in Java, Games and LTS topics, this might be interesting for you.

Devices/Embedded

• Mobile Systems/Mobile Applications

  • 5 Android apps you shouldn’t miss this week! – Android Apps Weekly

  • Android Phone Review: The Powerful Asus ZenFone 6

  • Huawei Mate 20 Pro redux: Still a top phone!

  • Xbox Game Pass to offer Discord Nitro subscriptions for free, per Android leak

  • Android ecosystem is not ready for adolescent Pixel 4

  • The New Google Assistant Is Coming To Older Android Phones

  • Moyinoluwa Adeyemi named Google developer expert for Android

  • Stop being jealous of iMessage. What you need to know about Android’s fancy texting update

  • How to enable dark mode for Android

  • Android 10: How To Connect Nintendo Switch Pro Controller

  • Gearbest Featuring H96 Max Android Mini-Computer Box Deal

  • Kasperksy rolls out P1 a day Android mobile security

Free, Libre, and Open Source Software

• The future of innovation is collaboration — Tech Leaders Summit keynote 2019

  The culmination of innovation over the last 50 years has been the invention of internet — Sir Tim Berners-Lee’s creation. However, in its nascent stage, connectivity hindered the convergence of the internet with tech. Brock pointed to smart tablets and fridges — these are nothing new and existed in the 1990s, but were unable to scale because of a lack of connectivity.

  What was the game changer? According to Brock, it was the arrival of the smartphone, specifically Apple’s iPhone in 2007. “You have to give credit where credit is due,” she said. The arrival of the smartphone was the beginning of interactive and converged devices. Since 2007 and the emergence of the smartphone, the number of applications and connected interactions has skyrocketed, and data has become the new oil. Where has all this taken place? For the most part, in the cloud; which is now “largely outsourced,” explained Brock, moving onto the next part of her keynote.

  Innovation in the cloud has stemmed from open source. “Red Hat,” explained Brock, “went hammer and tong against Canonical, but both collaborated on Open Stack [the open source software platform.

  “It created an environment where competitors could sit at the table together, something I call, coopetition.”

  But, there was another factor stifling this innovation in the cloud… software patents.

• The challenge of making money through open source software [Ed: Overlooking the point that proprietary software can also be extremely difficult to profit from. What proportion of 'secret code' programs actually make money? Very tiny.]

• Waves Releases WavesFX, a New Open Source Crypto Wallet for Desktop

  Waves is an open blockchain platform and toolset development for Web 3.0 applications and decentralized solutions. The platform has recently introduced WavesFX, its new wallet product, according to CryptoNinjas.

• Binance CEO: New Open-Source Wallet Solution Will “Reshape the Landscape” of Custodial Services

  Changpeng Zhao, the CEO of Binance, is known for making big strides in the cryptocurrency industry, and he seems to have a lot of faith in their new solution available to wallet providers and custodians. In fact, CZ states that the open-sourced option is “far superior” to the multi-sig security presently offered by many custodians, and he believes that its introduction will reshape the entire industry.

• The Apache Software Foundation Announces Apache® SINGA™ as a Top-Level Project

  The Apache Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today Apache® SINGA™ as a Top-Level Project (TLP).

  Apache SINGA is an Open Source distributed, scalable machine learning library. The project was originally developed in 2014 at the National University of Singapore, and was submitted to the Apache Incubator in March 2015.

• Chinese companies fuelling OpenStack adoption in APAC

  Led by Chinese tech giants such as Tencent and China Mobile, the Asia-Pacific region will account for a third of the global OpenStack market by 2023

• OpenStack Foundation and China Electronics Standardization Institute Create Partnership to Advance OpenStack in China

  Today at the Open Infrastructure Summit in Shanghai, representatives from the OpenStack Foundation (OSF) and China Electronics Standardization Institute (CESI) announced a strategic partnership to implement new technology, assessment and certification for OpenStack software in China. The collaboration highlights the validation of OpenStack as the open source infrastructure cloud standard in China partnered with the OSF’s commitment to the growing OpenStack community in China, a region expecting significant growth in a global market valued at 53.9 billion yuan ($7.7 billion USD) in 2023.

• Capitalize on the advantages of open source software in IT

  Another advantage of open source software is always a major business factor: cost. Open source tools are inherently free to use, which means businesses can reallocate their budget to hire better talent to use and support the tools. For instance, Git is a completely free open source IT tool that developers commonly use for software version control.

  In addition, open source tools offer enterprises the ability to further customize software to meet their specific needs.

• NearForm clocks in with hackable open source JavaScript AI smartwatch
  

  The Irish county town of Kilkenny is known for its medieval buildings and castle, its rich history of brewing, its distinctive black marble and as the home of White House architect James Hoban.

  In more recent times, Kilkenny has become known as the home of the NodeConf EU conference, a coming together of Node.js specialists who all gravitate towards this open source cross-platform JavaScript runtime environment that executes JavaScript code outside of a browser.

  This year’s event saw NearForm Research and Espruino surprise delegates by giving out something better than plain old lanyards and name tags — the two companies came together to offer an arguably rather more exciting Machine Learning (ML)-driven smartwatch to act as attendee’s conference badges.

  Bangle.js is said to be the first open source JavaScript (JS) smartwatch to be powered by Machine Learning via Google’s TensorFlow Lite. It is hoped to be a step towards the mainstream adoption of JS and ML in low cost consumer electronics.

• Deezer Releases AI Tool That Quickly Isolates Vocal Tracks

• Deezer releases open-source AI tool that splits vocals from finished tracks

• Journalism

  • What is Datashare? FAQs about our document analysis software

    Datashare is free, open-source software built by the International Consortium of Investigative Journalists that helps users better analyze information, in all its forms.

    Datashare allows you to index, search, star, tag, filter and analyze the key content in your own documents – whatever the format (text, spreadsheets, pdf, slides, emails, etc). Datashare will automatically highlight and extract the names of people, locations and organizations in your documents, as well as email addresses.

    [...]

    Datashare won’t give you access to any of ICIJ’s leaks or data, of course. But it will help you search through your own documents.

    Datashare has been developed by ICIJ’s tech team under an open-source license. Anyone can read the code, use it and suggest contributions.

• Web Browsers

  • Mozilla

    • Hacktoberfest 2019

      I’ve been marking student submissions in my open source course this weekend, and with only a half-dozen more to do, the procrastinator in me decided a blog post was in order.

      Once again I’ve asked my students to participate in Hacktoberfest. I wrote about the experience last year, and wanted to give an update on how it went this time.

      I layer a few extra requirements on the students, some of them to deal with things I’ve learned in the past. For one, I ask them to set some personal goals for the month, and look at each pull request as a chance to progress toward achieving these goals. The students are quite different from one another, which I want to celebrate, and this lets them go in different directions, and move at different paces.

• Linux Foundation

  • Linux Foundation bans person for Tone Policing.

    On November 6th, The Linux Foundation made a public statement that it had banned an individual from one of their upcoming events (KubeCon) — the banning was based on that individuals public tweets (including a picture with a red “Make America Great Again” hat) and statements, unrelated to KubeCon, that were determined to violate the Linux Foundation Events Code of Conduct.

    This action by the Linux Foundation promptly drew both praise and criticism.

    Regardless of the personal opinions of any one of us, this moment provides an interesting opportunity to observe, and evaluate, the efficacy of this sort of Code of Conduct, along with the process and methods used to enforce it. Due to the unusually public nature of how all of this transpired, it also allows us to see how individuals (and groups) can impact the outcome — and be personally impacted in return.

    With that in mind, as we walk through the events, this writer will endeavor to keep personal opinions at bay… focusing purely on the known facts, with as much input from those involved as possible.

• CMS

  • Here’s why Indians are joining open-source social network Mastodon in large numbers

    Mastodon is a “free and open-source project” that is Indian cyberspace’s latest obsession. The network, named after an extinct elephant-like mammal (reflected in its logo), was launched almost two years ago.

    [...]

    Mastodon is clean and clutter-free, and the social network has gained immense popularity in the country over the past 24-36 hours. Local search interest has spiked significantly November 6 onward, according to Google Trends.

• Pseudo-Open Source (Openwashing)

  • Cesium Takes City Visualizations Into the 3rd Dimension Through Open-Source Collaboration [Ed: Openwashing of Uber]

    The collaboration with Cesium supports Uber Air, Uber’s aerial ridesharing initiative. The implementation of the 3D Tiles feature allows Uber to achieve an unprecedented level of geospatial detail within urban environments.

  • Chronosphere launches with $11M Series A to build scalable, cloud-native monitoring tool

    Chronosphere, a startup from two ex-Uber engineers who helped create the open-source M3 monitoring project to handle Uber-level scale, officially launched today with the goal of building a commercial company on top of the open-source project.

    It also announced an $11 million investment led by Greylock, with participation from venture capitalist Lee Fixel.

    While the founders, CEO Martin Mao and CTO Rob Skillington, were working at Uber, they recognized a gap in the monitoring industry, particularly around cloud-native technologies like containers and microservices. There weren’t any tools available on the market that could handle Uber’s scaling requirements — so like any good engineers, they went out and built their own.

  • Scaling the ladder: IBM leverages Watson tools and open source to bridge AI gaps [Ed: Just openwashing and AIwashing of proprietary software Watson]

  • Singapore startup to build world’s first open-source satellite network

  • Perlin, Singaporean companies & govt to launch open source blockchain commodity trade platform

  • Open Source Is The Backbone Of A Sophisticated Cloud Strategy — How Can Enterprises Take Advantage?

  • Open Source E-Commerce Platform: The Pros & Cons

  • New open source Design Thinking for Health curriculum launched for nurses

• BSD

  • DNSSEC enabled in default unbound(8) configuration

    DNSSEC validation has been enabled in the default unbound.conf(5) in -current. The relevant commits were from Job Snijders (job@)

• FSF/FSFE/GNU/SFLC

  • GNU Health HMIS 3.6 released !

    I am very proud to announce the release of the GNU Health 3.6 series !
    This version is the result of many developments and integration of ideas from the community.
    We are now 11 years old. We should all be very proud because not only we have built the best Libre Health and Hospital Information System, but we have created a strong, committed and friendly international community around it.

  • GNS@ICANN66

    The ICANN Annual General Meeting is concluded. We were invited to join a panel discussion on Emerging Internet Identifier Technologies in order to share our ideas and work on the GNU Name System (GNS). You can find the presentation on GNS in our video section. The handshake.org project, which proposes a decentralized, blockchain-based governance of the root zone (as opposed to governance by ICANN), joined us on the panel. The full video including questions and answers can be found here.

• Openness/Sharing/Collaboration

  • What does open government mean for digital transformation?

    Openness is a critical tenet for democracy. It enables transparency, which enables accountability, which in turn drives better public outcomes and ideally a useful check and balance on power. But openness is also a critical tenet for modern public sectors if they are to be capable of responsiveness and resilience in the face of dramatic and rapid change, and to best ensure evidence-driven policy, programs, and service delivery. As part of this Public Sector Pia Review, I wanted to talk about open government as it applies to digital transformation of the public sector, beyond the usual (but important!) scope of transparency and freedom of information.

    I do recommend you also check out the Open Government Partnership (including Australia’s participation and the community around it), the great work of Open Australia over many years, and the Digital 9 (a collection of governments committed to open digital government), all three of which sit in the interesting intersection of open and digital government. I also encourage you to look closely at how Taiwan is dramatically raising the bar for open inclusive government in a digital world. There are also a lot of initiatives around the non-digital specific world of open government, including the Accountability Roundtable, Transparency International Australia, and many more. I also encourage you to read some of the great case studies that explore the intersection of digital and open government in this report on ‘Upgrading Democracy’ by the Centre for Policy Development from 2009.

  • Open Data

    • (the struggle) Towards an open source policy

      Public availability and tracability of results from publically-funded work is a topic that gets more and more attention from funding agencies and scientific policy makers. However, most policies focus on data as the output of research. In this contribution, we focus on research software and we introduce the ASTRON Open Source Policy. Apart from the license used (Apache 2.0), the policy is written as a manual that explains how to license software, when to assign a Digital Object Identifier (DOI), and defines that all code should be put in an ASTRON managed repository. The policy has been made publically available, a DOI has been assigned to it and it has been put in a repository to stimulate the ADASS community to start a conversation on how to make our code publically accessible and citable.

    • Philadelphia to dissolve Office of Open Data and Digital Transformation

      ODDT’s Open Data team has joined OIT’s centralised data team under Chief Geographic Information/Data Officer, Henry Garie. Content strategists, user experience designers and visual designers are moving to OIT at the end of the year. ODDT developers will also join OIT’s software engineering team, led by the Director of Software Engineering, Dan Lopez.

      ODDT service designers and design researchers will spin off into the Service Design Studio, led by Dragoman. The Studio will work on City-wide process-improvement efforts.

  • Open Hardware/Modding

    • Google Open-Sources Cardboard To Keep ‘No-Frills’ VR Widely Available

    • Gigantic FPGA In A Game Boy Form Factor, 2019 Supercon Badge Is A Hardware Siren Song

      Look upon this conference badge and kiss your free time goodbye. The 2019 Hackaday Superconference badge is an ECP5 FPGA running a RISC-V core in a Game Boy form factor complete with cartridge slot that is more open than anything we’ve ever seen before: multiple open-source CPU designs were embedded in an open system, developed using the cutting-edge in open-source FPGA tools, and running (naturally) open-source software on top. It’s a 3,000-in-one activity kit for hardware people, software people, and everyone in between.

      The brainchild of Jeroen Domburg (aka Sprite_TM), this design has been in the works since the beginning of this year. For more than 500 people headed to Supercon next week, this is a source of both geeky entertainment and learning for three action-packed days and well beyond. Let’s take a look at what’s on the badge, what you need to know to hack it, and how the design serves as a powerful development tool long after the badge hacking ceremonies have wrapped up.

    • CHIPS Alliance announces technical milestones, three new workgroups including Chisel and the 3rd Chisel Community Conference

      CHIPS Alliance, the leading consortium advancing common, open hardware for interfaces, processors and systems, today announced the creation of Interconnects, Rocket and Chisel workgroups. In addition, a November verification workshop in Munich and a Chisel conference in January will be held giving engineers an opportunity to learn about open source development efforts in CHIPS Alliance. Lastly, the CHIPS Alliance toolchain and cores workgroups have made contributions to open source development tools.

      CHIPS Alliance is the project hosted by the Linux Foundation to foster a collaborative environment to accelerate the creation and deployment of open SoCs, peripherals and software tools for use in mobile, computing, consumer electronics, and Internet of Things (IoT) applications. The CHIPS Alliance project develops high-quality open source Register Transfer Level (RTL) code and software development tools relevant to the design of open source CPUs, RISC-V-based SoCs, and complex peripherals for Field Programmable Gate Arrays (FPGAs) and custom silicon.

    • Elk Audio OS goes open source with a Raspberry Pi development kit

      Elk Audio OS is an audio operating system from Elk (formerly MIND Music Labs) that can run plug-ins on hardware instruments and audio devices in realtime with low latency. The company has now made the system open source and has released a development kit for Raspberry Pi. This could be a good solution for hosting some of those CPU heavy software instruments and effects at an affordable price.

      You can get your hands on the Elk Audio SDK and Development Kit for Raspberry Pi today through the Elk Audio website, but the company is working on a beta version of the OS to be released in the upcoming weeks. The Raspberry Pi Development Kit includes a custom Elk Pi Audio Hat, which Elk say is “one of the most advanced pro Audio Hats in the markets with down to 1ms latency”.

    • BCN3D Releases Open Source Files for Sigma R19 and Sigmax R19 Printers

    • Xaxxon’s OpenLIDAR sensor is tiny, inexpensive and open source

      Xaxxon’s OpenLIDAR Sensor is a rotational laser scanner with open software and hardware, intended for use with autonomous mobile robots and simultaneous-location-and-mapping (SLAM) applications.

      Xaxxon Technologies is a Vancouver-based developer and manufacturer of open source robotic devices. Its most recent offering is a standalone, OpenLIDAR sensor for robotic developers, educators and hobbyists. It consists of a Garmin Lidar-Litev3 sensor that is wired through a rotational slip ring, with stepper motor drive, two 3D-printed frame parts, and an Arduino compatible printed circuit board (PCB). The resulting offering weighs 180 grams and has a maximum range up to 40m, a sample rate up to 750Hz, a resolution of 1 to approximately 2.5cm and a scanning speed up to 250 RPM.

    • Traffic Updates On The Seven Seas: Open Source Chart Plotter Using A Raspberry Pi

      Automatic Identification System (AIS) is a GPS tracking system that uses transponders to transmit a ship’s position data to other ships or receiver stations in an area. This is used for collision avoidance and by authorities (and hobbyists) to keep an eye on shipping traffic, and allow for stricken vessels to be found easily. [James]’ DIY chart plotter overlays the received AIS data over marine charts on a nice big display. A Raspberry Pi 3B+, AIS Receiver Hat, USB GPS dongle and a makes up the core of the system. The entire setup cost about $350. The Pi runs OpenCPN, an open source chart plotter and navigation software package that [John] says is rivals most commercial software. As most Pi users will know the SD card is often a weak link, so it’s probably worth having a backup SD card with all the software already installed just in case it fails during a voyage.

      We’ve seen AIS receiver stations built using the RTL-SDR, as well as a number of projects around the AIS equivalent in aviation, ADS-B. Check out [John]’s video after the break.

    • The Open Source Smart Home

      [Tijmen Schep] sends in his project, Candle Smart Home, which is an exhibit of 12 smart home devices which are designed around the concepts of ownership, open source, and privacy.

      The central controller runs on a Raspberry Pi which is running Mozilla’s new smart home operating system. Each individual device is Arduino based, and when you click through on the site you get a well designed graphic explaining how to build each device.

    • Supercon Keynote: Dr. Megan Wachs On RISC-V

      The RISC-V isn’t a particular chip, but rather it’s a design for how a CPU works, and a standard for the lowest-level language that the machine speaks. In contrast to proprietary CPUs, RISC-V CPUs from disparate vendors can all use the same software tools, unifying and opening their development. Moreover, open hardware implementations for the silicon itself mean that new players can enter the space more easily, bring their unique ideas to life faster, and we’ll all benefit. We can all work together.

      It’s no coincidence that this year’s Supercon badge has two RISC-V cores running in its FPGA fabric. When we went shopping around for an open CPU core design, we had a few complete RISC-V systems to pick from, full compiler and development toolchains to write code for them, and of course, implementations in Verilog ready to flash into the FPGA. The rich, open ecosystem around RISC-V made it a no-brainer for us, just as it does for companies making neural-network peripherals or even commodity microcontrollers. You’ll be seeing a lot more RISC-V systems in the near future, on your workbench and in your pocket.

      We’re tremendously excited to hear more about the project from the inside, and absolutely looking forward to Megan’s keynote speech!

• Programming/Development

  • Keith Packard: Picolibc Hello World Example

    It’s hard to get started building applications for embedded RISC-V and ARM systems.

  • Fedora 31 : another FASM tutorial with Linux.

    Today I wrote another tutorial about FASM and assembly language on my website.
    Because I used the Fedora distro I add my tutorial here.
    If you want to learn assembly programming for Windows O.S. or Linux with the Intel C.P.U. then you need the FASM tool and this manual.
    Today I will show you how to create a file using my Fedora 31 Linux distro and FASM tool.

  • Shell scripts – What can you change

    In most, if not all, shells, you have a script that starts your shell. Learn how to change it and you can have your own environment in the terminal. These settings most obvious use is changing the looks and the prompt you are shown when the shell starts. On a more functional note, you can set aliases, environment variables and daemons that change your prompt depending on the directory you are in. If you use the command line rarely and only with a few odd commands, you might not be interested. However, you will loose out on the power of the command line. With a little bit of scripting skills, you can enhance your experience and make many tasks much easier. Above all, you can become faster with some administrative tasks. The graphical choice is usual for a very special case, as soon as you know scripting, you can do exactly what you want. It is also more fun than most people think to have written any code, even just a few lines and you get it to do what you intended.

  • Scheduling tasks Using Python

    Some tasks in our life are really time taking and we get bored doing those tasks repeatedly. In order to avoid those boring tasks we automate those tasks in our system. Python has many automation modules which can be used to automate our stuff. Below we will discuss the importance of automation and how to automate our stuff using python. We will also discuss some automation modules in python which help to automate our stuff. Then we will see some use cases of automation using python. At the end we will see how we can schedule our python script to run automatically at start up.

  • Open software platform GitLab considers suspending hires in China and Russia

    San Francisco-based GitLab, an open platform for developing and collaborating on coding, is looking at suspending new hiring for sensitive positions in China and Russia because of customer feedback in the “current geopolitical climate.”

    In a post published on GitLab’s website, one of the company’s executives said the venture wanted to enable a “job family country block” for team members who have access to customer data and singled out two countries involved in the decision – China and Russia. The post also says current team members should be prevented from moving to these two countries.

  • SD Times Open-Source Project of the Week: Titan

    Data is becoming more important than ever, and developers are beginning to realize they need better ways to harness and work with data. The problem, however, is that data isn’t handled the same way development is and therefore it can become a time-consuming and complex process.

    “The rise of git, docker, and DevOps has created a new world where developers can easily build, test, and deploy right from their laptop. Despite these advances, developers still struggle to manage structured data with the same speed and simplicity. Techniques like SQL scripts, database dumps, and plain text exports still leave a lot of work for developers,” the Delphix Titan team wrote on a website.

    To address this, Delphix open sourced Titan earlier this year. Titan is an open-source project that enables developers to treat data like code.

  • Using Open Source for Better DevOps Outcomes

    Many insurers have jumped on the DevOps bandwagon in order to improve the efficiency and effectiveness of their systems and systems implementations. Very few insurers, however, spend much time thinking about the open source software community as a way to improve their DevOps approach–and the skills of their developers–and in that regard they’re missing a golden opportunity. In fact, insurers often restrict their developers from updating or contributing to open source libraries because they don’t realize the potential benefits available to them by participating more actively in the open source community.

  • Survey Surfaces Uneven Approaches to DevSecOps

    A survey of 57 cybersecurity professionals conducted by ZeroNorth, a provider of a platform for orchestrating vulnerability scanning tools, highlights the extent of the DevSecOps challenge. The survey finds 63% of respondents said their organization currently employs six or more scanning tools. The most widely employed are network scanning (53%) and vulnerability scanning (51%). However, a quarter (25%) don’t know if their organization is using interactive application security testing (IAST), while 19% don’t know if they are using software composition analysis (SCA) tools.

82-year-old British cyclist completes 1 million miles

Mantle has been building up miles since 1952 and has kept detailed, handwritten logs of his time on the saddle, recording not only the total mileage, but also the names of towns he rides through and even the cafes where he stops during his rides.

Security (Confidentiality/Integrity/Availabilitiy)

• Critical Remote Code Execution Flaw Found in Open Source rConfig Utility

  The network configuration management utility has two unpatched critical remote code execution vulnerabilities.

  Two bugs in the network configuration utility rConfig have been identified, both allowing remote code execution on affected systems. Worse, one is rated critical and allows for a user to attack a system remotely – sans authentication.

  RConfig is a free open-source configuration management utility used by over 7,000 network engineers to take snapshots of over 7 million network devices, according the project’s website.

  The vulnerabilities (CVE-2019-16663, CVE-2019-16662) are both tied to rConfig version 3.9.2. The more serious of the two vulnerabilities (CVE-2019-16662) allows an attacker to execute system commands on affected devices via GET requests, which can lead to command instructions.

• Scammers are exploiting an unpatched Firefox bug to send users into a panic

  The exploit spotted by Segura is a common subclass of browser lock attacks. This subclass relies on authentication popups. Earlier this year, Mozilla shipped a comprehensive fix for these types of attacks some 12 years after being reported. Chrome and other browsers have also been vulnerable to this variety of attacks.

  Segura said he’s aware of a separate Firefox browser lock bug that remains unfixed two years after it was reported. Although it was actively exploited in the past, Segura said, he hasn’t seen any recent attacks targeting the flaw.

  For many people, it’s not clear what to do when a browser becomes unresponsive while displaying a scary or threatening message. The most important thing to do is to remain calm and not make any sudden response. Force quitting the browser can be helpful, but as Segura has found, that fix is far from ideal since the offending site can reload once the browser is restarted. Whatever else people may do, they should never call the phone number displayed.

• How can using open source frameworks hook students in STEM?

  The U.S. Department of Labor predicts a shortage of 1.8 million cybersecurity professionals by next year, and educators will play a critical role in meeting this challenge for years to come.

  From our vantage point as instructors working at the intersection of education and technology, we believe we’ll meet our goals if we take an open approach to educating tomorrow’s cybersecurity experts. And we mean “open” in terms of both software and mindset.

  Here at Murray State University in Kentucky, we’ve done just that for the last decade.

  Being recently recognized by the NSA as a Center for Academic Excellence in Cyberdefense (CAE-CD), we’re using open principles gleaned from open source software communities to empower students to train themselves in the use of tools to resolve problems. In so doing, we prepare students not simply for cybersecurity jobs, but for careers that involve continuous learning — which is critical given the current pace of technological, societal and business change.

• County unveils new election machines

  The machine is “not a bad one,” said Coastsider Brent Turner, secretary of the California Association of Voting Officials, a nonprofit whose mission is to develop new voting systems that utilize open-source software.

  But Turner said he objects to the system “because it is not open-source — the public has no oversight regarding the software code.”

  Some reports suggest closed-source voting system vendors like DVS use vulnerable software, have outdated equipment, and provide faulty voting machines.

  “So, we don’t know if the final tabulation is correct or not,” said Turner. “There’s no way to subpoena that code.”

  Irizarry said the new DVS machines address this problem.

  “This system leaves a paper-audit trail and a digital one,” said Irizarry. “We will know every step of the way who touched that ballot, what scanner scanned it, what vote center processed it, and how it was adjudicated.”

  However, multiple reports suggest these new machines still have vulnerabilities: They auto-fill the parts of any ballot that are left blank, and they do not allow voters to verify that the information in the printed barcode matches their voting choices.

  Support for open-source voting has gained traction over the years. In a letter sent to the country’s three largest voting system vendors, including DVS, four U.S. senators noted the potential for open-source voting systems to overcome technical vulnerabilities in existing voting machines.

  Government agencies like the Defense Advanced Research Projects Agency are currently funding research and development of an open-source voting system. Microsoft, in an effort to make elections more secure and transparent, recently released ElectionGuard, an open-source voting platform for handling voting data.

  The security of open-source voting systems, however, depends on its users.

  According to a 2018 report by a San Francisco civil grand jury, since the source code in an open-source project is available for anybody to inspect, it becomes easier to find vulnerabilities and potentially exploit them. However, the larger the number of people inspecting and maintaining the source code, the more secure the system will be. A 2016 report by the University of Pennsylvania concluded the same.

Defence/Aggression

• NRA Turmoil Creates Rift Among Some Big Donors

  Joe Olson was once such a passionate supporter of the National Rifle Association that he pledged to bequeath several million dollars from his estate to the gun organization upon his death.

Environment

• Climate ‘Is the Election Priority’ for the UK

  The real issue facing the United Kingdom in next month’s general election is not whether to choose Brexit, to stay in the European Union or leave it, a prominent lawyer says, because the climate “is the election priority” for the UK.

• Energy

  • Iran Discovers New Oil Field That Could Boost Its Reserves by 33%

    Iran has discovered a new oil field in the country’s south with over 50 billion barrels of crude, its president said Sunday, a find that could boost the country’s proven reserves by a third as it struggles to sell energy abroad over U.S. sanctions.

AstroTurf/Lobbying/Politics

• Progressives Declare Victories in San Francisco District Attorney and Seattle City Council Races

  “Americans are more humane and compassionate than institutions created and controlled by the powerful few.”

• Sri Lanka: Next President Faces Major Rights Challenges

  The winner of Sri Lanka’s presidential election on November 16, 2019 will face enormous challenges to deliver justice for past crimes and prevent future abuses.

• Bolivia President Resigns Amid Military, Public Pressure

  Bolivian President Evo Morales announced his resignation Sunday under mounting pressure from the military and the public after his re-election victory triggered weeks of fraud allegations and deadly protests.

Civil Rights/Policing

• ‘Simply Barbaric’: Trump Administration Proposes Charging Asylum Fee for Refugees Fleeing Violence and Poverty

  “It’s an unprecedented weaponization of government fees.”

• Papua New Guinea: Video Shows Police Abuse

  (Sydney) – Papua New Guinean authorities should promptly investigate the vicious beating by police officers of three men in Port Moresby that was captured on video and shared on social media on November 4, 2019.

Monopolies

• Copyrights

  • Spammers Abuse Medium.com to Spread ‘Pirate’ Scams

    Scammers are using the online publishing platform Medium to spread links to supposedly pirated movies and TV-shows. The issue plagues many platforms, but as one of the world’s most visited websites, Medium is an ideal tool to lure prospective pirates into signing up for dubious subscriptions.

  • ACE Hits Two More Pirate Streaming Sites, Seizes More Openload Domains

    Global anti-piracy coalition Alliance for Creativity and Entertainment is continuing its drive to purge pirate sites from the Internet. In addition to the dramatic taking down of Openload last week and a related domain seizure run, another two streaming services have succumbed to the Alliance’s wishes by closing down their operations and handing their domains to the MPA.