Bonum Certa Men Certa

Links 10/5/2020: AV Linux 2020.5.10 ISO, EndeavourOS 2020.05.08, Pinephone Hacking



  • GNU/Linux

    • 5 reasons you might want to run Linux on your Chromebook

        Although much of my day is spent using the browser on my Chromebooks, I also end up using Linux apps quite a bit. Not everyone does, and that’s fine: Use the tools you need to use, I say.

      But I still get email questions or reader comments essentially asking “Why would (or do) I want to use Linux apps on a Chromebook? It just complicates what’s a simple device.”

      That’s a fair question. After all, one of the three pillars — or “S’s” — of Chrome OS is simplicity. The other two are security and speed in case you’re ever on Jeopardy, by the way.

    • Kernel Space

      • Software Boosting Patches Volleyed For CPPC CPUFreq Driver (Boost / Turbo Frequency)

        The CPPC specification has a "highest performance" bit for indicating the highest performance achievable on a given CPU core, and that basically amounts to the turbo/boost frequency that may or may not work out well depending upon all of the usual caveats around boost/turbo frequencies. It's the "nominal performance" bit for CPPC that is indicative of the base clock frequency / all-core frequency for continuous operation. The Huawei patches are making use of it for determining software boosting values when lacking a frequency table for the system. If the highest performance value is greater than the nominal performance, boosting is available.

      • EXT4 Seeing Work To Speed Up Mount Times For Large File-Systems

        Patches are pending that can sharply speed-up mount times of large EXT4 file-systems.

        A Phoronix reader pointed us to the work this weekend on improving bitmap loading and skip non-loaded groups at cr=0/1.

      • FSGSBASE Patches Sent Out An 11th Time For Boosting CPU Performance Back To Ivy Bridge

        FSGSBASE support is found on Intel CPUs going back to Ivy Bridge. On the AMD side it's there with Zen processors. FSGSBASE support can be checked by looking for its flag in /proc/cpuinfo.

      • Intel Updates Microcode Binaries For Ice Lake On Linux

        Intel on Friday quietly released new Intel CPU microcode files for Linux.

        Normally the "Intel Linux Processor Microcode Data Files" are updated in-step for all supported generations, but this new binary drop is limited to Ice Lake U/Y processors. Unfortunately, no change-log at hand for what has been shifted with this new CPU microcode drop for Linux users.

        [...]

        I'll do some poking at this new Ice Lake microcode release and see if there are any performance ramifications. Those wanting the new release can grab it from Intel-Linux-Processor-Microcode-Data-Files.

      • I is for Introvert

        Social distancing is hitting some people a lot harder than others.

        Of course, there are huge inequities that are making life harder for a lot of people, even if they don't know anyone infected with the coronavirus. Distancing is pointing out long-standing inequalities in living situations (how much can you distance when you live in an apartment with an elevator, and get to work on public transit?) and, above all, in internet access. Here in New Mexico, rural residents, especially on the pueblos and reservations, often can't get a decently fast internet connection at any price. I hope that this will eventually lead to a reshaping of how internet access is sold in the US; but for now, it's a disaster for students trying to finish their coursework from home, for workers trying to do their jobs remotely, and for anyone trying to fill out a census form or an application for relief.

        [...]

        Linus Torvalds, creator of the Linux operating system (which is developed entirely remotely, by developers across the world communicating electronically with each other), was interviewed a few weeks ago on how to work from home effectively: Pet the cat, own the bathrobe: Linus Torvalds on working from home.

        He says, "Don't try to re-create an office from your home. ... If you spend hours in online meetings from home, instead of spending hours in meetings at the office like you used to, you've just taken the worst part of office life, and brought it home, and made it even worse."

        The most important thing, he says, is "make it asynchronous, not some 'now everybody needs to attend this stupid web meeting to let everybody else know what they've been doing or what they should do.'" Decisions in kernel development are made mostly via email; there's no requirement that a developer in India and a developer in London have to be awake at the same time, sitting in hours of video calls while someone drones on about how things should be designed.

        That's something that extroverts don't get. If they don't see your face in front of them the whole time the discussion is taking place, it seems, they aren't comfortable with the decision that results.

      • Graphics Stack

        • AMDGPU Patches Under Discussion For Better External GPU Hot Unplug Handling

          While Radeon graphics cards can work with various external GPU (eGPU) solutions, currently on Linux if trying to hot unplug such a setup can lead to various problems. An experimental patch series out this weekend is seeking to address that problem.

          Andrey Grodzovsky of AMD sent out a patch series in trying to address the issue of when hot unplugging a graphics card (namely through eGPU solutions or also through possible sysfs interfaces) that it would cause "random crashes in user apps."

        • Intel Rocket Lake Platform Support Added To Mesa 20.2

          Last week Intel open-source developers sent out their initial kernel driver patches for Rocket Lake graphics support and now the Rocket Lake platform support has been merged for Mesa 20.2 on the OpenGL/Vulkan driver side.

          The kernel patches last week affirmed that next-generation Rocket Lake graphics processors indeed will sport Gen12 graphics, as a big upgrade over the Gen9 graphics that have been around for the past several years on the desktop side since Skylake. While Rocket Lake will still be a 14nm chip, having Gen12 alone makes it exciting for those utilizing Intel graphics. Gen12 is the same as Tiger Lake and initial Xe Graphics hardware.

    • Benchmarks

      • Pop!_OS 20.04 vs. Ubuntu 20.04 Linux Performance

         

        A Phoronix Premium reader recently asked about whether Pop!_OS 20.04 performance differs from Ubuntu 20.04 given some underlying changes made by System76 to their distribution, besides the plethora of higher-level desktop improvements. Well, here are some benchmarks.

        We recently looked at the Pop!_OS 20.04 vs. 19.10 performance while for this article is a look at Pop!_OS 20.04 against its upstream, Ubuntu 20.04 LTS "Focal Fossa" package set. Tests were again done on the mighty powerful System76 Thelio Major workstation with its AMD Ryzen Threadripper 3990X processor, 128GB of RAM, Samsung 970 EVO Plus 500GB NVMe SSD, and Radeon RX 5700 XT graphics.

    • Applications

      • Tracker 2.99.1 and miners released

        Sometime this week (or last, depending how you count), Tracker 2.99.1 was released. Sam has been doing a fantastic series of blog posts documenting the progress. With my blogging frequency I’m far from stealing his thunder :), I will still add some retrospect here to highlight how important of a milestone this is.

      • Kid3 Tag Editor 3.8.3 Released, How to Install in Ubuntu 20.04

        Kid3 audio tag editor released new version 3.8.3 today. Here’s how to install it in Ubuntu 20.04, Ubuntu 19.10, Ubuntu 18.04, and Ubuntu 16.04.

        Kid3 3.8.3 comes with new keyboard shortcuts to navigate between the file and tag sections, 2 new scripts to apply English title capitalization to tags and transliterate ID3v1 tags to ASCII.

      • Xdman

        There is a new tool available for Sparkers: Xdman.

      • VLC is Bloated | Use These Video Players Instead

        I have used VLC for 10+ years and it is time to change to something better.

      • Why I Don't Like VLC
    • Instructionals/Technical

    • Games

      • The FOSS real-time strategy 0 A.D. gains FXAA, more animals and a lot more ready for Alpha 24

        0 A.D. is a free and open source in-development real-time strategy game from Wildfire Games, one that hasn't seen a big release for quite some time (Alpha 23 was in 2018) but work continues on with it pulling in lots of goodies and Alpha 24 should be quite an exciting one.

        What's always impressed me with 0 A.D. is the quality of the visuals, and they're set to look even better whenever Alpha 24 arrives. Before now it had no Anti-Aliasing but thankfully that was merged into the game earlier this year so it's going to look even better.

      • Odroid-Go Advanced Black Edition Retro Gaming Linux Handheld Gains Wi-Fi, USB-C Power And More

        Retro gaming fans who want to be able to play their favorite classics on the go may want to check out the Odroid-Go Advanced Black Edition. The Black Edition is an upgrade to the Odroid-Go Advance that launched last year with key upgrades fans have been calling for. The significant upgrades compared to the previous generation include Wi-Fi and the elimination of the large barrel power port.

        The portable retro gaming console is powered by a Rockchip RK3326 SoC featuring a quad-core ARM Cortex-A35 processor operating at 1.3 GHz with a Mali-G31 MP2 GPU. System memory is 1GB along with 16MB SPI Flash for bootloading and a microSD card slot for storage. The little display is a 3.5-inch unit with a resolution of 320x480.

      • The Odroid-GO Advance Gets an Upgrade

        What has possibly been the best handheld Linux/emulation device of 2020 so far will be getting even better, thanks to the hardware additions that Hardkernel has made to the Odroid-GO Advance.

        [...]

        The PCB will also now be black in contrast to the white color in the previous model. The post goes on to mention that driver support for the additional L2/R2 shoulder buttons and Wi-Fi have already been incorporated into Hardkernel’s kernel source repository, and a new Ubuntu 20.04 image will be made specifically for these changes later this week or next. The image will still be compatible with the original OGA.

      • Enjin (ENJ) Launches Enjin SDK on Open-Source Game Engine Godot

        Leading blockchain ecosystem developer Enjin (ENJ), in partnership with open-source game engine Godot, has announced the launch of the Enjin SDC for Godot. The launch of the open-source Enjin SDK – now available on the Godot Asset Library – allows all developers, irrespective of their work experience, to develop and implement next-generation blockchain assets into their games. Developers will be able to manage advanced economic gameplay mechanics with no requirement of prior blockchain coding experience.

      • Enjin Releases SDK for Godot, the World's Leading Open-Source Game Engine
      • [boilingsteam] Are Trying Out PeerTube

        Just a quick announcement, you may have noticed that for a few articles we have published our videos as PeerTube embeds. This is an experiment for now, but it looks like it’s working out reasonably well. Note that our Youtube channel will also remain active and up to date, but treated as a “backup” of the PeerTube channel from now on.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Why the animations in your Plasma 5.18 feel slow now, and when it will be fixed

          KDE Frameworks 5.70 was just released and should be trickling out to users of rolling release distros at any time. Various Arch users who have already received the update have been complaining about slow animations in Plasma, and I wanted to write a blog post to explain what’s going on here. It is a bit technical so let me start with the TL;DR version: “releasing software is complicated and this will be fixed once Plasma 5.19 comes out next month.”

    • Distributions

      • [Old] NixOS 17.03 "Gorilla"

        NixOS Have you heard of NixOS? If not, it may be time to pay attention. NixOS is an independently developed distro from the Netherlands. If you have heard of NixOS you already know - this distro is different. And it is a good type of different. It is slick, compartmentalized, and very forgiving (unlike some distros). It is lightweight out of the box, and it gives you the ability to configure everything and anything just the way you want. Let's take a deeper look.

      • NixOS on a Raspberry Pi: creating a custom SD image with OpenSSH out of the box

        NixOS has a great out-of-the-box support for ARM64v8 systems, but that comes with a catch: you have to use the prebuilt images to install the system, which are (obviously) not customizable, and come without OpenSSH enabled by default. Unfortunately, this requires to attach a display to the Raspberry Pi to complete an installation – not ideal! This article is the story of my journey to build a custom NixOS image for my Raspberry Pi, with all the pitfalls and errors I had to solve to eventually reach the objective.

    • Reviews

      • Hands on Ubuntu 20.04: The Long-Awaited LTS

        Ubuntu 20.04 LTS flavors, such as Ubuntu MATE, Xubuntu, Ubuntu Budgie and Lubuntu have shipped newer versions of their desktop environments with many additional features too. We’ll put all of them under separate reviews, but for now it’s worthy to note that Ubuntu MATE and Xubuntu were the most updated ones yet.

        We do not recommend upgrading to the new 20.04 release from older releases at the moment, neither for desktops nor for servers. If you are going for a fresh install then go for it, but an upgrade process could be risky as things are still new and upgrade bugs are still being cleaned out. You may also face some issues in switching to Snap applications (E.g your Chromium browser will become a Snap). It would be a better option to wait for the 20.04.1 release.

    • New Releases

      • AV Linux 2020.5.10 ISO fix Released!

        A month has passed since AV Linux 2020.4.10 was released and although it was a very well received release (Donald Trump reportedly said it was “tremendous” with “all of the best people” involved!) it was plagued by a rather annoying bug in “Systemback” (the application used to create the ISO image and install to the Users system). Systemback is currently unmaintained but it was independently forked to add support for installing to NVMe drives and this fork had a bug in it which caused the AV Linux installs to be twice the size they should be. Two people deserve thanks for getting this situation remedied.. Dan Kinzelman for the bug report and Franco Conidi (the developer of the forked Systemback version) for responding to my out-of-the-blue request to fix it.

      • The May release has arrived

        We’re proud to announce the release of our latest ISO.

        In this release, we’ve taken care of some bugs on certain hardware and the actual performance.

      • Arch-Based EndeavourOS Sees New Release With Faster Installation, i3 Improvements

        EndeavourOS 2020.05.08 has been released as the latest monthly install media for this Arch-based Linux distribution born out of the ashes of the former Antergos Linux.

        This month's install media features the Arch-based environment updated against Linux 5.6.11 and Mesa 20.0.6 along with other updated components like Firefox 76.

    • Screenshots/Screencasts

    • IBM/Red Hat/Fedora

      • Red Hat’s new CEO ready for new challenge: ‘My excitement is about what is yet to come’

        Paul Cormier never wanted to be a suit in the corporate suite, but now that he is the chief executive officer of Red Hat his attitude is different. He’s ready to lead, determined to make the Raleigh-based software firm an integral part of new corporate parent IBM.

        But he’s not replacing Red Hat’s red with IBM’s big blue. There’s his 20-year legacy he has built as a Hatter [he joined the company as vice president of engineering in 2001] — the free-spirit culture, devotion to the world of open source – not proprietary software – and a belief in the Linux operating system as the kernel of innovation for all things tech.

      • Lightbend Wins Red Hat North American Partner Award

        Lightbend, the leader in Reactive Architecture and creator of the popular cloud-native application platform Akka, is proud to announce it has been named Collaboration Technology Partner of the Year by Red Hat, Inc., the world's leading provider of open source solutions. This award is part of the annual Red Hat North American Partner Awards, which aim to honor partners for continued efforts to support customers on the path to IT modernization.

        Lightbend was honored for its dedication to providing innovative open source solutions to customers in the commercial sector. Specifically, Lightbend was recognized as Collaboration Technology Partner Of The Year honoring Red Hat partners whose collaborative efforts for jointly engineered solutions through combined value components has enabled insightful and innovative opportunities across industries.

      • Intel collaborates with IBM and Red Hat on enterprise move to the hybrid cloud [Ed: This is a paid-for puff piece, paid for by IBM, to cover IBM, by the publisher's own admission]

        In August 2021, the tech industry will mark the 40th anniversary of the introduction of the IBM PC. It contained an Intel 8088 microprocessor and cost well over $5,000 in today’s dollars.

        After many decades, IBM and Intel are continuing to partner up. Only this time, instead of joint work on an early personal computer, the two firms, along with Red Hat Inc., now collaborate on solutions for the hybrid cloud.

      • Latest enhancements for the open hybrid cloud help fill Red Hat’s wish list [Ed: As above]

        Take virtual machines and bring them into containers? Check. Announce a new version of OpenShift with software to help developers manage application workloads? Check. Create a single control point for cluster management? Check. Make the three major cloud providers and VMware Inc. squirm a little over parent company IBM Corp.’s focus on the evolving hybrid cloud landscape? Double check.

      • IBM open sources toolkit for AI development with Jupyter Notebook

        The initial release of Elyra AI Toolkit has been announced. This toolkit developed by IBM consists of different extensions for Jupyter Notebooks. They are designed to extend its capabilities for developing artifical intelligence models, so let’s take a closer look.

      • IBM and Red Hat services help expedite edge computing in a 5G world

        During the IBM Think Digital conference on Tuesday, IBM announced a new series of edge services and multicloud solutions for the enterprise. The new tools include IBM Edge Application Manager, IBM Telco Network Cloud Manager, and a bevy of edge-enabled applications and services.

      • IBM and Red Hat expand their telco, edge and AI enterprise offerings
    • Debian Family

      • Debian GNU/Linux 10.4 “Buster” Now Available for Download with 53 Security Updates

          Coming three months after the Debian GNU/Linux 10.3 point release, Debian GNU/Linux 10.4 is here as the fourth installment in the latest Debian GNU/Linux 10 “Buster” series.

        As usual, this is a snapshot release that includes all the important corrections and security updates released through the official repositories during the past three months.

        By my count, the Debian GNU/Linux 10.4 images include a total of 108 package updates with miscellaneous bug fixes, as well as 53 security updates for various packages, including the Linux kernel.

      • Debian 10.4 “Buster” Officially Announced

        Debian 10.4 “Buster” is now available for everyone, and users can simply install the new packages on their devices if they’re already running version 10.

        As every update for a stable Debian release, this new version comes with small improvements here and there, and more importantly, with security fixes that users should deploy as soon as possible.

        “This point release mainly adds corrections for security issues, along with a few adjustments for serious problems. Security advisories have already been published separately and are referenced where available,” the Debian project explains.

        “Please note that the point release does not constitute a new version of Debian 10 but only updates some of the packages included. There is no need to throw away old buster media. After installation, packages can be upgraded to the current versions using an up-to-date Debian mirror.”

      • Andrew Cater: CD image testing for Buster release 4 - 202005091950 - Most install images checking out well

        Lots of hard work going on. schweer has just validated all of the Debian Edu images. Most of the normal install images have gone through tests with only a few minor hitches. Now moving on to the Live images. These take longer to download and test but we're working through them gradually.

        As ever: a point release doesn't mean that the Debian you have is now obsolete - an apt-get / aptitude update will bring you up to the latest release very quickly. If you are updating regularly, you will have most of these files anyway. One small thing: the tools may report that the release version has changed. This is quite normal - base files have changed to reflect the new point release and this causes the notification. The notification is a small warning so that you are not taken by complete surprise but it is quite normal in the circumstances of a Debian point release.

      • CD / DVD testing for Buster release 4 - 202005092130 - Slowing down a bit - but still going.

        Last few architectures are being built in the background. Schweer has just confirmed successful testing of all the Debian Edu images - thanks to him, as ever, and to all involved. We're slowing up a bit - it's been a long, hot day and it's not quite over yet. The images release looks to be well on course. As ever, the point release incorporates security fixes and some packages have been removed. The release announcement at https://www.debian.org/News/2020/20200509 gives the details.

      • Hermetic packages (in distri)

        In distri, packages (e.g. emacs) are hermetic. By hermetic, I mean that the dependencies a package uses (e.g. libusb) don’t change, even when newer versions are installed.

        For example, if package libusb-amd64-1.0.22-7 is available at build time, the package will always use that same version, even after the newer libusb-amd64-1.0.23-8 will be installed into the package store.

        Another way of saying the same thing is: packages in distri are always co-installable.

        This makes the package store more robust: additions to it will not break the system. On a technical level, the package store is implemented as a directory containing distri SquashFS images and metadata files, into which packages are installed in an atomic way.

      • Norbert Preining: Updating Dovecot for Debian

        A tweet of a friend pointed me at the removal of dovecot from Debian/testing, which surprised me a bit. Investigating the situation it seems that Dovecot in Debian is lagging a bit behind in releases, and hasn’t seen responses to some RC bugs. This sounds critical to me as dovecot is a core part of many mail setups, so I prepared updated packages.

      • Russell Coker: IT Asset Management

        One problem that I’ve seen at many places is treating small items like keyboards and mice as “assets”. I think that anything that is worth less than 1 hour’s pay at the minimum wage (the price of a typical PC keyboard or mouse) isn’t worth tracking, treat it as a disposable item. If you hire a programmer who requests an unusually expensive keyboard or mouse (as some do) it still won’t be a lot of money when compared to their salary. Some of the older keyboards and mice that companies have are nasty, months of people eating lunch over them leaves them greasy and sticky. I think that the best thing to do with the keyboards and mice is to give them away when people leave and when new people join the company buy new hardware for them. If a company can’t spend $25 on a new keyboard and mouse for each new employee then they either have a massive problem of staff turnover or a lack of priority on morale.

    • Canonical/Ubuntu Family

      • Why Is Ubuntu Studio Choosing KDE Plasma? All You Need To Know!
        News of the changing default desktop environment in Ubuntu Studio was announced with the release of Ubuntu 20.04 and its flavors. But it took almost a week to get the Linux community’s attention over the fact that Ubuntu Studio will replace default the Xfce desktop with KDE plasma.

        Ubuntu Studio 20.04 is the latest LTS release with a pre-installed Xfce, and now starting with the upcoming 20.10, it will include KDE plasma. When the news was made public, it resulted in a mix of reactions from the community — some welcomed the decision, while others disliked it.

      • Ubuntu 20.04 LTS (Focal Fossa) Is Now Certified for the Raspberry Pi
        Launched on April 23rd, 2020, the Ubuntu 20.04 LTS (Focal Fossa) release brings lots of goodies for fans of one the most popular GNU/Linux distributions, along with a 10-year support promise from Canonical.

        Among the new features included in Ubuntu 20.04 LTS, there’s the latest and greatest GNOME 3.36 desktop environment, as well as the long-term supported Linux 5.4 kernel series.

        Another cool new feature is out-of-the-box support for the latest Raspberry Pi devices. This means that it you’re installing Ubuntu 20.04 LTS on a Raspberry Pi board, it will “just work” as Canonical promises.

      • Ubuntu 20.04 LTS Feels Like Home on the Raspberry Pi

          Ubuntu 20.04 LTS received certification for the Raspberry Pi the same day when it was released, Canonical confirms, so everything should work just as expected out of the box.

        In other words, Canonical guarantees that it performed “thousands of tests” to make sure that Ubuntu is running just flawlessly on the Raspberry Pi. And at the same time, updates are supposed to roll out at a great pace, with new improvements and security patches to go live every three weeks.

  • Devices/Embedded

  • Free, Libre, and Open Source Software

    • Running a Medical Practice on Open Source

      Many medical organizations around the world were forced to change the way they work and rapidly adapt to new technologies due to the novel Covid-19 outbreak. Large organizations such as these are finally seeing the importance of open source, where everyone can collaborate on a specific unified goal or problem and work on solving it together, instead of feeding the greed of proprietary solutions and those who stand behind them.

      But open source goes beyond than this. Since the open source ecosystem has grown largely in the last years to cover almost every possible area in computing, medical organizations and companies are starting to fully depend on it to build their infrastructure and fulfill their duties.

      Here's how you can do that too, as we try to answer the most important questions in this regard on the form of points.

    • Hyundai signs deal for open source software management

      Hyundai Motor Group said Friday it has signed a memorandum of understanding with the National IT Industry Promotion Agency for strategic development and management for open source software.

      Under the MOU, they will support each other to make use of open source softwares in the automotive manufacturing business to increase global competitiveness, as well as to establish a system for supply network of open source software, the carmaker said.

      Open source software is based on publicly unveiled source code. Based on the source code, anyone can mutate the software but needs clear understanding of license on based copyright, according to Hyundai.

      The automaker said amid accelerating convergence of automotive and ICT sectors, the need for effectively managing open source software has become significant.

    • Hyundai auto group partners with state agency to establish management system for open-source software distribution

      South Korea's Hyundai auto group forged a partnership with a state agency to establish a management system for the distribution of open-source software to nurture future car technologies including autonomous driving and connected cars.

      Hyundai Motor and its affiliated Kia Motors said in a joint statement on Friday that they have signed a memorandum of understanding with the National IT Industry Promotion Agency to verify and manage open-source software licenses and nurture future car technologies.

    • Open source underpins coronavirus IoT and robotics solutions

      The tech sector is quietly having a boom during the COVID-19 pandemic. Open source developers are getting involved with many aspects of the fight against the coronavirus, using Python to visualize its spread and helping to repurpose data acquisition systems to perform contact tracing.

      However, one of the most exciting areas of current research is the use of robotics to contain the spread of the coronavirus. In the last few weeks, robots have been deployed in critical environments—particularly in hospitals and on airplanes—to help staff sterilize surfaces and objects.

    • Open source database ScyllaDB 4.0 promises Apache Cassandra, Amazon DynamoDB drop-in replacement

      ScyllaDB has made a name for itself as a fast drop-in replacement for Apache Cassandra. Now it ups the ante, offering Amazon DynamoDB compatibility and new features, promising superior performance, lower total cost of ownership and no vendor lock-in

    • Open source YouTube client “NewPipe” adds Android TV support and a YouTube Music parser

      Along with the aforementioned changes, NewPipe v0.19.3 also brings a ton of improvements and bug fixes to the client.

    • Team of PhD Researchers Unveil AI-powered Platform to Open Source COVID-19 Vaccine Development
    • FreeType 2.10.2
    • FreeType 2.10.2 Released With Support For WOFF 2 Fonts

      FreeType 2.10.2 while seemingly a minor version bump is significant in that it brings support for WOFF 2 fonts. Version 2.0 of the Web Open Font Format (WOFF) has been a W3C Recommendation since early 2018 as a successor to the older WOFF format. WOFF 2 makes use of Brotli compression and other improvements leading to smaller font files. WOFF 2 has been supported by all major web browsers for a number of years while now FreeType has support for dealing with these font files. This support was initially written for FreeType during Google Summer of Code 2019.

    • The Latest Pango + HarfBuzz Is Leading To A Messy Font Rendering Situation For Some

      You may recall towards the end of last year when the Pango layout engine library dropped support for bitmap fonts, causing frustrations among some users. There now appears to be another Linux font debacle brewing.

      With that former Pango font situation, one of the developers recommended users replace their displays with HiDPI panels if unsatisfied with the font presentation. There now seems to be a similar but different situation at hand.

      Pango prior to version 1.44 used kerning hints provided by FreeType but now makes use of the hints provided by HarfBuzz. But HarfBuzz doesn't support all of the hints supported by FreeType and thus a regression for some users depending upon their font hinting preferences and what visibly looks the best to them and their displays.

    • Events

      • All Things Open goes virtual to host ‘Open Source 101 At Home’ event [Ed: All Things Open canceled. Now it pretends that a bloody webstream is "conference" (to save face). Deep in denial...]

        All Things Open is hosting a special virtual conference with TED-style talks and workshops covering open source processes and technologies.

        Open Source 101 At Home runs from 12 p.m. to 5 p.m. on May 12. The keynote speakers are Dr. Shallon Brown, CIO of Canada-headquartered web development and digital marketing agency North Studio, and Jono Bacon, founder of community strategy and development firm Jono Bacon Consulting. Brown’s talk will cover the hallmarks of a great open source engineer and Bacon will discuss open source community best-practices.

        Throughout the day, several TED-style sessions will cover a range of topics under two content categories: Processes and Technologies. Talks under the “Processes” category include everything from turning an open source project into a company, to formatting open source documentation, to software licensing and compliance. “Processes” topics include how to use Linux securely in the cloud, new features of MySQL 8.0, how WebAssembly works, how to enable two-factor authentication in open source applications, and more.

    • Productivity Software/LibreOffice/Calligra

      • LibreOffice: All the best extensions for the free Word alternative

        As well as just built-in features, however, LibreOffice also offers access to an extensive library of useful extensions, add-ons, and plugins that offer even more functionality to LibreOffice users. That is what we are here for today. In this article, we are going to walk you through the best extensions for LibreOffice that will help you be more productive and how you manage them using the extension manager. Whether you’re working from home or heading into the office, this guide will help make your life easier.

    • CMS

      • Acquia & friends: open source and the COVID-19 pandemic

        When you’re in the middle of a global pandemic and the COVID-19 (Coronavirus) contagion has drastically altered a massive proportion of the aspects of life around you… then that old chestnut the ‘press conference’ goes flying out the window.

        As many companies have taken to online collaboration platforms and various forms of video conferencing, so the press conference (and indeed the industry convention) has moved to a web-based virtual version of itself.

        [...]

        Aquia reminds us that many open source projects are working hard to conquer COVID-19. So the panelists congregated (as noted above) including Markforged who are 3-D printing face shields and The Robot Report who are developing automated manual resuscitators to ease the burden on healthcare workers.

        The conversation was intended to look at how open source can help tackle COVID-19 testing, information sharing, data collection and how open source companies can encourage developers to find solutions to a variety of problems related to the pandemic.

    • Programming/Development

      • Eradani Announces Eradani Connect Release 3.1 Providing Simple RPG to Open Source Connections

        RPG programmers can now call open source programs and web services just like calling another program – no JSON parsing in RPG necessary

      • Virtual Background using webcam

        It depends on docker, GPU, v4l2loopback (only works on Linux), so I want to make more generic solution. To make as a webpage, and using OBS

      • Dart 2.8 is out with a Flutter as Google claims to have solved the cross-platform dev puzzle

        Google's first 2020 update of its cross-platform development toolkit has brought Flutter up to version 1.17 and the associated Dart language to 2.8.

        There are countless cross-platform libraries and frameworks out there, but a few things distinguish Flutter. First, it is entirely focused on GUI applications, primarily Android and iOS but with support for web applications in progress, and desktop applications in early preview. You can compile Flutter code to a native macOS application (this project is alpha status), or on Windows and Linux in "early technical preview".

        Next, Flutter is a strategic project for Google, and turns up not only in the context of Android but also in Fuchsia, a forthcoming new operating system. It is not clear yet what role Google plans for Fuchsia, but you can think of Flutter as a handy way to hedge your bets in case it turns out to be a successor to Android. If Google can persuade developers to target Flutter, rather than Android or iOS or even the web, then it can easily migrate them to a new platform like Fuchsia.

      • How big our fileserver environment is (as of May 2020)

        Right now we have six active production fileservers, with a seventh waiting to go into production when we need the disk space. Each fileserver has sixteen 2 TB SSDs for user data, which are divided into four fixed size chunks and then used to form mirrored pairs for ZFS vdevs. Since we always need to be able to keep one disk's worth of chunks free to replace a dead disk, the maximum usable space on any given fileservers is 30 pairs of chunks. After converting from disk vendor decimal TB to powers of two TiB and ZFS overheads, each pair of chunks gives us about 449 GiB of usable space, which means that the total space that can be assigned and allocated on any given fileserver is a bit over 13 TiB. No fileserver currently has all of that space allocated, much less purchased by people. Fileservers range from a low of 1 remaining allocatable pair of chunks to a high of 7 such chunks (to be specific, right now it goes 1, 2, 5, 6, 6, 7 across the six active production fileservers, so we've used 153 pairs of chunks out of the total possible of 180).

      • Perl/Raku

        • Perl Weekly Challenge 59: Linked Lists and Bit Sums

          These are some answers to the Week 59 of the Perl Weekly Challenge organized by Mohammad S. Anwar.

          Spoiler Alert: This weekly challenge deadline is due in a few hours. This blog post offers some solutions to this challenge, please don’t read on if you intend to complete the challenge on your own.

        • PWC 059: Task #1, Linked List & Task #2, Bit Sum
        • The Weekly Challenge #059

          This week, I changed the format of my weekly blog slightly. Why? Well, I wanted to keep the Perl and Raku solutions next to each other so that it is easier for reader (me, mostly) to see the difference. It gives me immense pleasure to see the end result when I am done translating Perl solutions into Raku. It looks lot cleaner and precise. The only thing it is behind is performance when I do comparison. For that I would blame myself partly as I am still learning the magic of Raku. For now, my objective is to wire my brain according to the rules of Raku. Once it is wired properly and stable then I would start playing the trick with it. That is the plan, how far I am going to succeed is another matter. I am not in rush to be honest. The central GitHub Repository is the collection of many gems by so many Raku experts. I know for sure, if I struggle in future then I can easily look for better solutions in the bank.

          I noticed more and more Team PWC members blogging about their solutions these days. For me it is a bonus as I could easily find the explanation if I don’t understand any bit. In fact, I read the blog first before checking out the solutions. I enjoy the story behind each solutions and the journey itself. Everyone has a unique style, I don’t get bored reading the blog. There are a bunch of Raku experts active on official Twitter handle who share top of the range solutions. I must confess that I don’t understand everything in the first attempt. If I am still struggling after a while, I just throw the question back and get an instant answer. The best part of this conversation is that I get different solutions by other experts as well. I am so grateful to all of them (you know who I am talking about).

      • Python

        • Fangs open for Python-only web dev from Anvil

          Anvil was founded with the aim of making it simple and fast to create and deploy powerful web apps, using only the Python language.

          It is a web-based development environment and was a spin-out from the University of Cambridge’s computer laboratory in 2017.

          [...]

          “Anvil’s goal is to fix web development, by making it easier and faster for the world’s growing base of Python developers to create web apps,” said Meredydd Luff, Anvil’s CEO and co-founder. “By extending our platform and embracing open source, we’re enabling developers to create their own apps in the Anvil Editor, export them and run them anywhere on their own hardware. This gives developers even more choice and control. It also enables apps to run without needing an internet connection, making it ideal for IoT applications, remote locations or offline enterprise deployments.”

        • SD Times Open-Source Project of the Week: Anvil App Server

          Traditionally, developing and deploying web applications doesn’t require a developer to know just one language. An app can be built using multiple languages and frameworks, and this can shut out many beginner developers and slow down development. Anvil’s platform aims to reduce those bottlenecks and enable developers to develop and deploy an application using just one language, Python, which is known for being one of the easiest programming languages to learn.

        • Python-Only Web Development for Everyone: Anvil Open-Sources its Runtime Server to Speed Web App Creation

          Software startup Anvil today announced a major extension of its powerful web app development environment, which makes it simple for Python developers to quickly design, build and ship web apps in minutes.

          By making its runtime server open source, any of the 8 million developers worldwide who know the Python language can now choose to deploy their apps on their own machines, or on specialized Internet of Things (IoT) devices, as well as within their employer’s or Anvil’s clouds.

        • "Coder's Cat": Understanding Recursion and Continuation with Python

          In the article How To Learn All Programming Languages, I explained learning programming language concepts is an effective way to master all programming language.

          Recursion, continuation, and continuation-passing style are essential ideas for functional programming languages. Have an understanding of them will help much in knowing how programming languages work; even we don’t use them in daily programming tasks.

        • Weekly Python StackOverflow Report: (ccxxvii) stackoverflow python report
        • Stepping back…

          As the PSF election cycle begins, I’d like to share the news that I won’t be running for re-election to the board of directors.

        • Stepping back from the board

          As we head into the PSF election cycle, I'd like to let everyone know that I will not be running for re-election to the PSF Board of Directors and consequently from mid June I will no longer be serving as chair of the PSF.

          Announcements like this always strike me as awkward, since they make two rather unlikely assumptions: that people will even notice, and that they will care if they do. But in the interests of transparency I'm going to go ahead as if both were true and share my reasons for this decision.

          FIrst of all, I truly do believe that limited terms are good for the sustainability of an organization like ours. If someone is in a key role for too long, their inevitable departure and replacement can be unnecessarily disruptive and difficult, even with the best intentions. Of course "too long" can be hard to define, but I think it's safer to err on the side of leaving sooner rather than later. I also think it will be good for the PSF to practice handing off board leadership.

      • Java

        • Introducing Heapothesys, an open source Java GC latency benchmark with predictable allocation rates

          The Amazon Corretto team introduces the open source Heapothesys benchmark, a synthetic workload that simulates fundamental application characteristics that affect garbage collector (GC) latency. The benchmark creates and tests GC load scenarios defined by object allocation rates, heap occupancy, and JVM flags, then reports the resulting JVM pauses. OpenJDK developers can thus produce reference points to investigate capability boundaries of the technologies they are implementing.

          We are working on enhancing Heapothesys to better model and predict additional application behaviors (issue-12), for example, sharing available CPU power with the application, fragmentation effects, more dynamic and varied object demographics, and operating system scheduling symptoms. We would love to collaborate on where we go from here. We track ideas in our issue list.

  • Leftovers

    • Little Richard - Lucille (1957)
    • My Job Interview at Google

      Two weeks ago (in October 2008) I had an on-site job interview at Google. The position I was interviewing for was a Google SRE. SRE stands for Site Reliability Engineering. Site reliability engineers (SREs) are both software engineers and systems administrators, responsible for Google's production services from end-to-end.

      I interviewed with eight separate people. The first three were over the phone and the remaining five were on-site. The first interview was with the recruiter and was not very technical but the other seven were technical.

      Unfortunately, I just learned that I'm not getting hired. The recruiter said that "the morning interviews were not that great" and "I should get more experience to work in their mission critical team."

      Here is how it all happened.

    • Google says that the majority of its employees will work from home until 2021

      Google has extended its work-from-home policy for the remainder of 2020. After previously telling employees that they would be working remotely until June 1st, CEO Sundar Pichai has told employees that they’ll likely work from home until the end of the year, via The Information.

  • Science

    • ‘We Can Pool the World’s Science to Develop Better Medical Tools’
    • Scientists Have Developed a Membrane That Separates CO2 From Other Gases

      Scientists have developed a new type of self-assembling silver membrane that could be used to capture carbon dioxide (CO2) emissions before they have a chance to spread in the atmosphere.

      [...]

      "We didn't build the entire membrane from silver," explains carbon capture engineer Greg Mutch from Newcastle University in the UK.

      "Instead, we added a small amount of silver and grew it within the membrane, adding the functionality we desired."

      The process is an example of what's called carbon capture and storage (CCS, aka carbon sequestration), a vast range of approaches for filtering CO2 emissions, with the aim of preventing them from flowing into the atmosphere and contributing to anthropogenic global warming.

      A diverse number of industrial CCS projects have been implemented around the world, some going back decades. But the field is still evolving, with advancements in the science and economics of carbon capture being made all the time.

  • Health/Nutrition

    • Trump Isn’t the First to Threaten WHO, but His Threat Is the Most Dangerous

      The story line from Reagan to Trump is the same: undermining global public health to serve narrow interests. Only now, we’re in a pandemic.

    • Farmers Are Destroying Mountains of Food. Here's What To Do About It

      The Covid-19 pandemic has revealed the cracks in a corporate-focused system supported by polices that favor profits at any cost.

    • Employers in Ohio Urged to Snitch on Workers Who Stay Home to Avoid COVID-19

      Ohio officials are encouraging employers to report what they’ve designated “Covid-19 fraud” as the state begins reopening some industries. Workers who refuse to report to work in light of the pandemic, which has killed more than 1,300 Ohio residents so far, can be reported via a government website and have their unemployment benefits taken away.

    • Why We Shouldn’t Quantify the COVID-19 Pandemic in Terms of 9/11

      On April 7, news agencies reported that New York City’s death toll from COVID-19 surpassed that of the September 11, 2001, attacks. I imagine the comparison was made in an attempt to highlight the gravity of the pandemic and, in a way, to encourage Americans to take seriously social distancing measures. Some of it, too, no doubt was sensational: an eye-catching headline that the talking heads at major news networks like CNN, MSNBC and Fox News could run with.

    • I’m an Investigative Journalist. These Are the Questions I Asked About the Viral “Plandemic” Video.

      The links to the viral video “Plandemic” started showing up in my Facebook feed Wednesday. “Very interesting,” one of my friends wrote about it. I saw several subsequent posts about it, and then my brother texted me, “Got a sec?”

      My brother is a pastor in Colorado and had someone he respects urge him to watch “Plandemic,” a 26-minute video that promises to reveal the “hidden agenda” behind the COVID-19 pandemic. I called him and he shared his concern: People seem to be taking the conspiracy theories presented in “Plandemic” seriously. He wondered if I could write something up that he could pass along to them, to help people distinguish between sound reporting and conspiracy thinking or propaganda.

    • ‘We had no other choice’ Photos from Minsk’s Victory Day parade

      On May 9, despite a lockdown across much of the world, Minsk went ahead with its Victory Day Parade to mark the 75th anniversary of Nazi Germany’s surrender to the USSR. Belarus was the only former Soviet republic not to cancel its full holiday celebrations in the midst of the coronavirus pandemic. “We simply couldn’t have done otherwise; we had no other choice. Because we are watched by the Soviet soldiers who died for our freedom, and the partisans and underground resistance fighters tortured by the Gestapo, and the elderly and the women and children who perished at Khatyn,” said President Alexander Lukashenko in a speech explaining why he refused to cancel the parade. In recent days, independent journalists in Belarus reported that staff members at state enterprises and universities were being actively encouraged and in some cases even ordered to attend Saturday’s parade. In the end, however, crowds at Minsk’s festivities were noticeably smaller than in years past. The evening’s festivities included a public ceremony and fireworks.

    • Meatpacking Jobs Were Dangerous Before Pandemic -- Now They’re Life-or-Death

      Slaughterhouse workers, who have one of the most dangerous jobs in the country, are walking off the job to protest even more hazardous working conditions during the COVID-19 pandemic.

    • The U.S. Response to Covid-19 Has Lavished Wealth on the Rich

      While the pandemic ravages American workers, the federal government has orchestrated a monumental transfer of wealth from the bottom of the economic ladder to the top.

    • Let's Imagine a Post-Pandemic Era With Less Policing and No New Jails

      Right now, the “impossible” is happening every day.

    • New Inflammatory Syndrome Linked to COVID-19 Found in Delaware Children
    • Are People Getting Sick Staying Home Alone? That’s Not What a Misinterpreted Survey Said

      “Who Are the New Covid-19 Hospitalizations in New York?” asked a WNBC headline (5/6/20). “The Breakdown Is Worrisome.”

    • Seen 'Plandemic'? We Take A Close Look At The Viral Conspiracy Video's Claims

      However, two years after its publication, the paper was retracted by the authors, an unusual occurrence in a peer-reviewed scientific journal. Science wrote at the time that "multiple laboratories, including those of the original authors, have failed to reliably detect" the mouse retrovirus in chronic fatigue syndrome patients. "In addition, there is evidence of poor quality control in a number of specific experiments in the Report."

      The second controversy came the same year the paper was retracted and involved Mikovits being fired from Whittemore Peterson Institute, a laboratory located on the University of Nevada campus in Reno, where she was research director.

      The lab claimed that she "wrongfully removed lab notebooks and other proprietary information," according to a contemporaneous report by KRNV TV in Reno.

    • Vietnam and the Indian state of Kerala curbed covid-19 on the cheap

      Some suggest that having relatively young populations may have lessened the toll of the disease in both places. Others speculate that universal inoculation with BCG, a vaccine against tuberculosis and leprosy, has made locals less susceptible. Todd Pollack, a specialist in infectious diseases based in Vietnam, says the reasons for its success are simpler: “Countries that took early, aggressive action, using proven methods, have severely limited the virus. If you reduce it fast enough, you never reach the point of exponential growth.”

    • South Dakota governor threatens legal action if Native American tribes don't remove coronavirus checkpoints

      The Oglala Sioux and Cheyenne River Sioux tribes have put up traffic checkpoints to monitor highway traffic and contain the spread of COVID-19, according to South Dakota Public Radio (SDPR). The tribes closed their borders as soon as they detected their first case.

      In April, the U.S. Bureau of Indian Affairs warned that tribes could not put up checkpoints unless they consulted the state. According to SDPR, the tribal and state governments have not reached an agreement.

    • Facebook and YouTube are rushing to delete “Plandemic,” a conspiracy-laden video

      Anti-vaccine activists have drawn millions of views on social media by promoting covid-19 conspiracy theories. As we reported earlier, this isn’t an accident: activists are seeking out larger audiences in the middle of the pandemic by using the same techniques that YouTube creators and influencers use to get views. They’ve sought out interviews with bigger, more mainstream YouTubers, latched on to existing trends, encouraged their fans to amplify their messages, and built presences on every social platform they can find. Renee DiResta, a researcher at the Stanford Internet Observatory who works to combat this type of misinformation, told us this week that if anti-vaccine activists feel they “can create content people will find if they search for a specific term,” they’ll invest the time.

  • Integrity/Availability

    • Proprietary

      • Former Sonos CEO Says Spotify’s Complaint About Apple Being Closed Is ‘Solid Irony’

        That’s some fascinating insight from someone who spent 14 years creating hardware with third-party integrations. Apple’s response to the EU complaint says Spotify’s core customer is its ad-supported listener. Those listeners don’t contribute anything to App Store revenues, Apple argues.

      • Europe’s Largest Private Hospital Operator Fresenius Hit by Ransomware [iophk: Windows TCO]

        Overall, Fresenius employs nearly 300,000 people across more than 100 countries, and is ranked 258th on the Forbes Global 2000. The company provides products and services for dialysis, hospitals, and inpatient and outpatient care, with nearly 40 percent of the market share for dialysis in the United States. This is worrisome because COVID-19 causes many patients to experience kidney failure, which has led to a shortage of dialysis machines and supplies.

        On Tuesday, a KrebsOnSecurity reader who asked to remain anonymous said a relative working for Fresenius Kabi’s U.S. operations reported that computers in his company’s building had been roped off, and that a cyber attack had affected every part of the company’s operations around the globe.

      • Snake Ransomware hits Europe’s largest private hospital operator Fresenius during COVID-19 outbreak [iophk: Windows TCO]

        Snake ransomware operators, like other ones, also steal unencrypted files before encrypting the infected systems, then they threaten the victims to release the data if they don’t pay the ransom.

      • [Old] Windows 10 users on alert over terrifying new SNAKE attack [iophk: Windows TCO]

        While locking away your treasured data, SNAKE will also automatically disable any remote management tools or remote management software. That means your local IT technicians won’t be able to remote take-over your machine to have a snoop around and try to help resolve the problem. Instead, your computer will now be locked off from the system.

      • [Old] Snake alert! This ransomware is not a game… [iophk: Windows TCO]

        Once it’s scrambled your data, Snake dumps a “What happened to your files?” document on your desktop: [...]

        This malware actually writes this file, called Fix-Your-Files.txt, into what Windows calls the ‘public desktop’, usually in the directory C:\Users\Public, where it shows up in the background for every user on the system.

      • Modern versions of systemd can cause an unmount storm during shutdowns

        One of my discoveries about Ubuntu 20.04 is that my test machine can trigger the kernel's out of memory killing during shutdown. My test virtual machine has 4 GB of RAM and 1 GB of swap, but it also has 347 NFS mounts, and after some investigation, what appears to be happening is that in the 20.04 version of systemd (systemd 245 plus whatever changes Ubuntu has made), systemd now seems to try to run umount for all of those filesystems all at once (which also starts a umount.nfs process for each one). On 20.04, this is apparently enough to OOM my test machine.

      • Report: Microsoft’s GitHub Account Gets [Cr]acked

        GitHub is a popular software development platform that provides hosting software to about 40 million developers, who use it for version control of their software. Microsoft acquired GitHub for $7.5 billion in October 2018.

      • What one cybersecurity company has learned from responding to Maze ransomware [iophk: Windows TCO]

        Maze ransomware has wreaked havoc across North America and Europe in the last year, leading to warnings from the FBI and the Department of Homeland Security. They have hit over a dozen sectors, from construction to financial services to transportation. But some of the hackers’ most effective tactics are less novel than reflective of broader trends of how savvy ransomware gangs operate, according to Mandiant, FireEye’s incident response team. Maze is a microcosm for a type of criminality that needs to be studied carefully to be countered.

        Like others involved in ransomware, the people behind Maze are not one group but a series of distinct teams with specialties, according to Mandiant. One team develops the malware, another distributes it and, when the victim pays a ransom, the developers get a commission.

        This leads to jockeying among criminals looking to maximize their profits.

      • Pseudo-Open Source

        • Openwashing

        • Privatisation/Privateering

          • Linux Foundation

            • IBM, R3, Mastercard join open source digital identity consortium

              Today the Linux Foundation announced the launch of the Trust over IP (ToIP) Foundation with the aim of creating digital standards to enable parties to share data with trust. It’s about ensuring interoperability between different solutions for trusted data and digital identity.

              The 17 founding steering committee members include Accenture, Evernym, IBM and Mastercard with contributing members such as DIDx and R3.

              Motivations for forming the initiative were cited as the business challenge of managing digital assets and data as well as low consumer confidence with personal data. The combination, the group believes, is hampering the adoption of digital identity.

            • Trust Is Foundational

              When Drummond Reed, the current Executive Director of the Trust Over IP Foundation (TOIP), newly inducted into the Linux Foundation told me about the name TOIP, which John Jordan, from the British Columbia Provincial Government had coined; he was very excited. This was at Consensus 2019, last May, in New York City. It was a totally different era, we were at a coffee shop, in Midtown Manhattan, downstairs from the conference venue. A good name was one that had to fall into place, before the work that had already being going on for many years could advance. Now one year later, that project has come closer to wider adoption, creating a collaborative inside the famed open source Linux Foundation.

            • A Fresh Way to Think About Your Next Site Build

              OSS is cost-effective. According to research from the Linux Foundation, OSS helps speed up development by relying on resources that are already there while cutting down on costs compared with commercial solutions by 20 to 55 percent. And community support is strong: Because so many people use the same tool, it prevents the risk of vendor lock-in and allows for more maintenance flexibility. These tools have track records, and they can be used to bolster the things you care about, such as personalization.

            • Fintech Open Source Foundation Adds New Members: Adaptive Financial Consulting, genesis, Itaú Unibanco, Brazil’s Largest Bank

              The Fintech Open Source Foundation (FINOS) revealed on May 6, 2020, that it added three newly established financial services and technology firms to its team – which includes major financial institutions, Fintech service providers, and several consulting companies.

              The three new Silver members include Adaptive, a global Fintech consultancy; genesis, a “low-code” application platform (LCAP) for financial markets; and Itaú Unibanco, the largest bank in Brazil.

              FINOS operates as a non-profit entity that aims to promote the worldwide adoption of open-source protocols, open standards, and the establishment of collaborative software development projects in the Fintech sector.

            • FINOS Continues Expansion In Response To Increased Demand For Open Source With The Addition Of Three New Members In Financial Services And Fintech - Foundation’s New Members Offer Strong Financial Services Leadership And Technology As Open Source Community Sustains Momentum

              FINOS (the Fintech Open Source Foundation), a nonprofit whose mission is to foster adoption of open source, open standards, and collaborative software development practices in financial services, today announces the addition of three new leading financial services and technology companies to its prestigious membership roster already comprised of leading financial institutions, fintechs and consultancies. The three new Silver members include: Adaptive, a global financial technology consultancy; genesis, the Low Code Application Platform (LCAP) for capital markets; and Itaú Unibanco, Brazil’s largest bank.

            • FINOS Continues Expansion in Response to Increased Demand for Open Source with the Addition of Three New Members in Financial Services and Fintech
            • Open source non-profit FINOS expands with three new members in financial services and fintech

              The Fintech Open Source Foundation (FINOS) has added three new leading financial services and technology companies to its membership roster already comprised of leading financial institutions, fintechs, and consultancies.

              The three new Silver members are: Adaptive, a global financial technology consultancy; genesis, the low code application platform (LCAP) for capital markets; and Itaú Unibanco, Brazil’s largest bank.

        • Entrapment (Microsoft GitHub)

          • Micron Releases Open Source Storage Engine

            Growing enterprise demand for object-based storage along with the proliferation of all-flash memory infrastructure has prompted one hardware vendor to release an open source version of its memory-class storage technology.

            Micron Technology Inc. promotes its fast key-value storage engine as offering lower latency along with the ability of tweak accompanying software-defined platforms such as open-source Ceph distributed storage.

            Micron (NASDAQ: MU) claims to be the first memory chip maker to offer an open source version of what it calls a heterogeneous-memory storage engine (HSE) designed for solid-state drives, memory-based storage and, ultimately, applications requiring persistent memory. The “heterogeneous” in HSE refers to its ability to simultaneously use different media, including SSDs, flash memory and emerging 3D XPoint technologies.

          • AWS unveils open source model server for PyTorch [Ed: Amazon outsources a proprietary software trap of AWS to proprietary software trap of Microsoft]
          • Software flaws often first reported on social media networks, PNNL researchers find [Ed: they focus only on proprietary software platforms, mostly Microsoft]

            The research focused on three social platforms -- GitHub, Twitter and Reddit...

            [...]

            It makes sense that GitHub would be the launching point for discussions about software vulnerabilities, the researchers wrote, because GitHub is a platform geared towards software development. The researchers found that for nearly 47 percent of the vulnerabilities, the discussions started on GitHub before moving to Twitter and Reddit. For about 16 percent of the vulnerabilities, these discussions started on GitHub even before they are published to official sites.

          • GitHub Announces Remote Open Source Internship Initiative [Ed: Major League Hacking (MHL) works with and for criminals. Hardly about "hacking", more to do with monopoly. Nothing "Open Source" about working on and for a proprietary software trap of Microsoft.]
          • GitHub Takes Aim at Open Source Software Vulnerabilities [Ed: No, Github itself it the vulnerability and letting Microsoft and the NSA control your code and downloads is ignoring leaks and piles of evidence about how back doors are spread]
          • Microsoft's GitHub launches Discussions, Codespaces, security features [Ed: More proprietary 'features' to keep people 'addicted', locked in, stuck in Microsoft proprietary software that spies, censors and worse]
          • Telegram’s TON OS to Go Open Source on GitHub Tomorrow [Ed: Telegram’s TON OS to enter a proprietary software prison of Microsoft and NSA -- hardly something to be celebrated]
          • TON Labs Releases its TON OS as Open Source Today [Ed: Outsourcing to Microsoft is merely losing software freedom and control over one's own project]
          • Lumi Wallet Announces That it is Now Officially Open-source [Ed: It has been outsourced to a proprietary software prison of the NSA and Microsoft]
          • CursedChrome turns your browser into a hacker's proxy [Ed: Malicious software goes to Microsoft's GitHub, which is itself malicious]

            The tool, named CursedChrome, was created by security researcher Matthew Bryant, and released on GitHub as an open-source project.

          • Covid-19 and contact tracing — an open source approach is vital [Ed: NHSX outsourced surveillance "app" to proprietary software trap of Microsoft]

            NHSX, a Department of the NHS, has been working on the app at full tilt since early March. On 24 April, CEO Matthew Gould and Public Health doctor Geraint Lewis discussed how the NHSX digital contact tracing app was developed. Once installed, the app collects identifying information from other nearby mobile phones. When a person becomes sick, the app uses this identifying information to notify all the people with whom the sufferer has come into contact.

          • GitHub usage analysis measures COVID-19 impact [Ed: GitHub is builder of concentration camps for ICE, so here it is exploiting a pandemic for cheap PR stunts in media that Microsoft is bribing (IDG admits this)]
          • GitHub ups security game as Microsoft crawls into the platform. Also: Devs' days get longer [Ed: This must be a joke; proprietary software of forefront NSA partner does not enhance security. This is pure spin and inversion of truth, for money.]
          • GitHub Code Scanning aims to prevent vulnerabilities in open source software [Ed: No, this isn't what it does; it enables the NSA and Microsoft to tinker with people's code, without telling them and without consent, e.g. to add cleverly-coded back doors]
          • The trendy five: April 2020 open source GitHub repos entertain during lock-down [Ed: JAXenter still perpetuates the idea that "Open Source" is just Microsoft and nothing else exists!]
          • 20 GitHub Projects Getting Popular During COVID-19 [Ed: Does Dice want us to believe only projects controlled and spied on by Microsoft exist and count? And nothing else? Today's media has no interest whatsoever in fact-finding; it just picks press releases and disseminates corporate lies for money; want some money? Repeat my lie, I'll pay you...]
      • Security

        • Nmap Basics - The Security Practitioner's Swiss Army Knife

          To elaborate on Xavier's and Bojan's excellent nmap diaries over the last few days, I thought that today might be a good day to go back to basics on nmap and demonstrate why nmap really is a security practitioner’s swiss army knife and should be in each of our testing toolkits.

        • SaltStack Salt vulnerabilities actively exploited by attackers, patch ASAP!

          Salt is used for configuring, managing and monitoring servers in datacenters and cloud environments.

          The Salt installation is the “master” and each server it monitors runs an API agent called a “minion”. The minions send state reports to the master and the master publishes update messages containing instructions/commands to the minions. The communication between the master and its minions is secured (encrypted).

        • US drafts rule to allow Huawei and US firms to work together on 5G standards, sources say

          The U.S. Department of Commerce is close to signing off on a new rule that would allow U.S. companies to work with China's Huawei Technologies on setting standards for next generation 5G networks, people familiar with the matter said.

        • Tool fatigue prompts IBM to deploy open-source-based security solution

          One problem confronting the enterprise world today is that when data is stored in multiple platforms, it also takes multiple security tools to keep that information safe.

          A SANS Institute survey found that nearly half of respondents lacked visibility into data processed within their own organizations and 55% struggled with the lack of integration between security analytics tools and cloud platforms.

        • OSS vulnerabilities

          The enticement of OSS is undeniable, and the vibrant open source community has rallied, resulting in significant contributions to the open source movement. As a result, developers are increasingly turning to OSS to aid their organisation’s transformation.

          By embracing OSS, companies realise major economic and productivity benefits, in addition to a positive impact on their bottom line. OSS enables organisations to move even faster by harnessing prefabricated building blocks to bootstrap the software development process and drive forward innovation.

          [...]

          Open source plays a pivotal role in the success and/or failure of software development teams. However, whilst the benefits of OSS are generally understood by the software developer community, the risks may not. It should be fully understood by developers that OSS is not immune to potential security risks. The core security risks in using OSS are like other types of software assets. All code comes with security risks and developers mustn’t put undue trust in OSS code. As companies use a greater amount of open source code, it introduces vulnerabilities that expose a company to risks and possible breaches.

        • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

          • New ‘Kaiji’ Linux Malware Targeting IoT Devices

            Intezer came across this piece of Linux malware in April, when the security firm’s researchers observed the botnet targeting IoT devices and servers with SSH brute-force techniques. They also noticed that the threat, dubbed “Kaiji” for one of its function names, differed from other IoT botnets in that it didn’t derive much of its attack functionality from established malware families, such as the open-source Mirai. Instead, those responsible for the malware had written Kaiji entirely from scratch using Golang, a rare programming language for the IoT botnet scene.

        • Privacy/Surveillance

          • We Need Urgent Answers About the Massive NHS Covid Data Deal

            Why is the UK government refusing to release details of its ‘unprecedented’ data transfer to US tech giants? If we don’t get answers, we may seek them in the courts.

          • Hungary suspends some GDPR privacy protections as part of COVID-19 "state of emergency"

            The Hungarian government is suspending portions of the GDPR as part of their COVID-19 response. They are allowed to do so because the country is under a state of emergency – which may never end. Under the new measures, authorities will no longer need to abide by key provisions of the GDPR which protects the privacy and personally identifiable information of Europeans, sans Hungarians now. Specifically, the authorities no longer need to provide notice that personal information is being siphoned and stored as long as they’re acting under the guise of “coronavirus case prevention, recognition, exploration, as well as prevention of further spreading.” Citizens no longer have the right to request access or erasure of their personal information and the government has given itself longer to respond to freedom of information requests.

          • Facebook and the Folly of Self-Regulation

            What problems does the new Facebook review board propose to solve?

            In an op-ed in The New York Times, the board’s new leadership declared: “The oversight board will focus on the most challenging content issues for Facebook, including in areas such as hate speech, harassment, and protecting people’s safety and privacy. It will make final and binding decisions on whether specific content should be allowed or removed from Facebook and Instagram (which Facebook owns).”

            Only in the narrowest and most trivial of ways does this board have any such power. The new Facebook review board will have no influence over anything that really matters in the world.

          • India is forcing people to use its covid app, unlike any other democracy

            India is currently the only democratic nation in the world that is making its coronavirus tracking app mandatory for millions of people, according to MIT Technology Review’s Covid Tracing Tracker, a database of global contact tracing apps.

            While official policy is that downloading the app is voluntary, the truth is that government employees are required to use it, while major private employers and landlords are mandating it as well. The city of Noida is now reportedly fining and even threatening to arrest anyone who fails to install the app on their phone.

          • Facebook Filters, Fundamental Rights, and the CJEU’s Glawischnig-Piesczek Ruling

            The Court of Justice of the European Union’s (CJEU) 2019 ruling in Glawischnig-Piesczek v Facebook Ireland** addresses courts’ powers to issue injunctions requiring internet hosting platforms to proactively monitor content posted by their users. It answers important questions about limitations on such injunctions under the eCommerce Directive (Directive 2000/31/EC). But, as this Opinion explains, it leaves some much thornier questions unresolved.

            Glawischnig-Piesczek holds that courts may, consistent with Art. 15 of the eCommerce Directive, require platforms to monitor for and remove specific content. Monitoring orders may not, however, require platforms to carry out an ‘independent assessment’ of the content. The ruling does not closely examine what kinds of injunctions or filtering technologies are permissible, nor does it explore fundamental rights considerations when courts are asked to order platforms to monitor their users. This Opinion lays out the case’s technological, legal, and policy backdrop, and identifies important questions it leaves open for Member State courts. In particular, the Opinion suggests that Glawischnig-Piesczek’s limitation on ‘independent assessment’ will make it difficult for courts to devise injunctions that simultaneously follow the CJEU’s guidance under the eCommerce Directive and meet the requirements of fundamental rights. It lists key fundamental rights considerations for future cases involving potential monitoring injunctions, including procedural considerations in cases affecting the rights of absent third parties.

          • Report: Open joint letter to Palantir

            We, a collection of privacy and civil liberties organisations, write to you for further information about your work with the UK’s National Health Service (NHS) during the Covid-19 public health crisis. Your website says that you have a “culture of open and critical discussion around the implications of [your] technology” but you have so far provided little meaningful insight about your current collaboration with the NHS.

            In spirit of such “open and critical discussion”, we write with ten questions: [...]

  • Defence/Aggression

    • US Blocks UN Global Ceasefire Resolution, Objecting to Indirect Reference to World Health Organization

      "It's bad enough that Trump is responsible for so many deaths in his own country, now he is actively complicit in causing even more across the globe."

    • Celebrating War Criminal George W. Bush to “Own” Donald Trump
    • Spurious Chart on 'Jihad' Leads to 'Insulting Religion' FIR Against Zee News Editor

      The show titled ‘DNA’ was anchored by Chaudhary and the complainant has objected to the segment on “Zameen Jihad”, or “Land Jihad”, which featured a chart listing what the channel claimed were various types of ‘jihad’ aimed at destroying India, such as “love jihad”, etc..

    • Swedish Journo Сlaims Muslim Brotherhood Gaining Foothold Within Country's Defence

      Westerholm cited several reports that concluded Ibn Rushd from its founding onwards rested on the Brotherhood's ideological and theological interpretation of the Quran, and raised concerns about Ibn Rushd's history of inviting hate preachers, its problematic ties, and adverse public image. Also in late 2019, two senior Swedish researchers and associate professors Magnus Ranstorp and Aje Carlbom sounded the alarm over Islamic parallel societies being indirectly funded through taxpayer money. Among others, they highlighted the example of Ibn Rushd, which received an annual SEK 23 million (roughly $2.3 million) grant from the Adult Education Council (FR). According to researchers, it promotes “insitutionalised segregation” by specifically targeting marginalised Muslims from vulnerable neighbourhoods.

    • US Pulling Patriot Missiles, Warplanes Out of Saudi Arabia Amid Dispute

      As a security matter, this is unlikely to matter, as there was no indication that Iran or anyone else was really liable to attack the Saudis. This should also mean no real added security premium on the price of oil, though since the US goal is a price increase, any increase from the pullout would be welcomed.

    • U.S. to remove Patriot missile batteries from Saudi Arabia

      Two U.S. jet fighter squadrons also have left the region, and U.S. officials also will consider a reduction soon in the U.S. Navy presence in the Persian Gulf, the officials said. The redeployment of the Patriot systems, which now is under way, hasn’t been previously disclosed.

      The Pentagon’s removal of the Patriot antimissile batteries from Saudi Arabia, as well as the other reductions, are based on assessments by some officials that Tehran no longer poses an immediate threat to American strategic interests.

    • US is reportedly pulling Patriot missiles from Saudi Arabia

      The US is removing four Patriot missile batteries and dozens of troops deployed to Saudi Arabia amid heightened tensions with Iran, according to a report published Thursday, Anadolu Agency reported.

  • Transparency/Investigative Reporting

    • Ari Melber on Fact-Checking a Feckless President

      Melber, an attorney-turned-journalist, sees his responsibility as presenting the news as it happens and then adding context, including by bringing in experts. Frequently on his recent shows, he has had medical experts like emergency physician Dr. Peter Tippett, UCLA epidemiologist Dr. Anne Rimoin and Brown University emergency physician Megan Ranney responding to the president’s misinformation in real-time.

      “My first obligation is to tell you, well, here’s what happened, and here are the facts around it. And if someone’s lying and we can prove it, let me show you why, and let me bring on the experts to show you why. And if someone is saying something that’s probably not true, but we’re not certain scientifically, and we don’t know whether they’re deliberately lying,” he says, adding that he’d rather give his audience nuance instead of “branding someone” as untruthful: “Sometimes the hardest thing to do is get into all of that nuance while clearly presenting the facts rather than taking a black and white position.”

      He is also cautious when choosing guests, saying he is “looking for a diversity of ideas and experiences, but not a diversity of empirical truth.”

  • Environment

  • Finance

  • AstroTurf/Lobbying/Politics

  • Censorship/Free Speech

    • Top White House officials buried CDC report on reopening the country

      The files also show that after the AP reported Thursday that the guidance document had been buried, the Trump administration ordered key parts of it to be fast-tracked for approval.

      The trove of emails show the nation’s top public health experts at the Centers for Disease Control and Prevention spending weeks working on guidance to help the country deal with a public health emergency, only to see their work quashed by political appointees with little explanation.

    • EU Allows China to Edit Op-Ed Article, Removing Mention of Virus Origins

      China’s foreign ministry had said the article could only appear in the paper if the reference to the coronavirus originating in China was removed, according to the EU’s External Action Service.

  • Civil Rights/Policing

    • Tibetan Man Dies After Years of Ill Health Following Torture in Prison

      ”He was not really free even after his release, though,” the source said. “Like other former political prisoners, he lived under constant surveillance by the Chinese authorities, and his movements, activities, and speech were restricted.”

      Also speaking to RFA, a former Tibetan political prisoner confirmed accounts of the harsh conditions endured by Tibetans arrested for challenging Beijing’s rule.

    • Black People Are Being Arrested at Higher Rates for Social Distancing Violations

      On April 17 in Toledo, Ohio, a 19-year-old black man was arrested for violating the state stay-at-home order. In court filings, police say he took a bus from Detroit to Toledo “without a valid reason.” Six young black men were arrested in Toledo last Saturday while hanging out on a front lawn; police allege they were “seen standing within 6 feet of each other.” In Cincinnati, a black man was charged with violating stay-at-home orders after he was shot in the ankle on April 7; according to a police affidavit, he was talking to a friend in the street when he was shot and was “clearly not engaged in essential activities.”

  • Monopolies

    • Copyrights

      • Most Pirate Bay Users Stay Away From the Site After ISP Blockades

        New research from the Netherlands shows that the local Pirate Bay blockade is having an effect, with roughly 80% of survey respondents staying away from the site. This success rate is in part due to dynamic blocks, which include over 181 domains at the moment, including dark web portals. Whether the former Pirate Bay users have stopped torrenting is another question.

      • Italian Supreme Court applies CJEU Cofemel decision to makeup store layout

        A couple of years ago, The IPKat reported on the interesting decision of the Court of Appeal of Milan in a case concerning, inter alia, copyright protection of makeup producer and retailer KIKO's store layout under Italian law.

        The ruling, which upheld the decision at first instance, confirmed that the layout of KIKO concept stores – notably the way in which the various elements used to furnish such stores are combined, coordinated and assembled – is eligible for protection under Article 2 No 5 of the Italian Copyright Act as as an architectural plan. It also found that defendant WYCON’s stores had infringed copyright in it.



Recent Techrights' Posts

SoylentNews Grows Up, Registers as a Business, Site Traffic Reportedly Grows
More people realise that social control media may in fact be a passing fad
 
Garden Season Starts Today
Outdoor time, officially...
More Information About Public Talks That Richard Stallman Gave This Week in Europe
Two talks in Switzerland
Engadget is Still a Spamfarm, It's Just an Amazon Catalogue (SPAM/SEO), a Sea of Junk Disguised as "Articles" With Few 'Fillers' (Real Articles) in Between
Engadget writes for bots now, not for humans
Richard Stallman's Talks in Switzerland This Week
We need to put an end to 'cancer culture'; it's trying to kill people and it is even swatting people
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, March 28, 2024
IRC logs for Thursday, March 28, 2024
[Meme] EPO's New Ways of Working (NWoW), a.k.a. You Don't Even Get a Desk at Work and Cannot be Near Known Colleagues
Seems more like union-busting (divide and rule)
Hiding Microsoft's Culpability in Security Breaches and Other Major Blunders (in the United Kingdom, This May Mean You Can't Get Food)
Total Cost of Ownership (TCO) is vast
Giving back to the community
Reprinted with permission from Daniel Pocock
Links 28/03/2024: Sega, Nintendo, and Bell Layoffs
Links for the day
Open letter to the ACM regarding Codes of Conduct impersonating the Code of Ethics
Reprinted with permission from Daniel Pocock
With 9 Mentions of Azure In Its Latest Blog Post, Canonical is Again Promoting Microsoft and Intel Vendor Lock-in, Surveillance, Back Doors, Considerable Power Waste, and Defects That Cannot be Fixed
Microsoft did not even have to buy Canonical (for Canonical to act like it happened)
Links 28/03/2024: GAFAM Replacing Full-Time Workers With Interns Now
Links for the day
Consent & Debian's illegitimate constitution
Reprinted with permission from Daniel Pocock
The Time Our Server Host Died in a Car Accident
If Debian has internal problems, then they need to be illuminated and then tackled, at the very least in order to ensure we do not end up with "Deadian"
China's New 'IT' Rules Are a Massive Headache for Microsoft
On the issue of China we're neutral except when it comes to human rights issues
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, March 27, 2024
IRC logs for Wednesday, March 27, 2024
WeMakeFedora.org: harassment decision, victory for volunteers and Fedora Foundations
Reprinted with permission from Daniel Pocock
Links 27/03/2024: Terrorism Grows in Africa, Unemployment in Finland Rose Sharply in a Year, Chinese Aggression Escalates
Links for the day
Links 27/03/2024: Ericsson and Tencent Layoffs
Links for the day
Amid Online Reports of XBox Sales Collapsing, Mass Layoffs in More Teams, and Windows Making Things Worse (Admission of Losses, Rumours About XBox Canceled as a Hardware Unit)...
Windows has loads of issues, also as a gaming platform
Links 27/03/2024: BBC Resorts to CG Cruft, Akamai Blocking Blunders in Piracy Shield
Links for the day
Android Approaches 90% of the Operating Systems Market in Chad (Windows Down From 99.5% 15 Years Ago to Just 2.5% Right Now)
Windows is down to about 2% on the Web-connected client side as measured by statCounter
Sainsbury's: Let Them Eat Yoghurts (and Microsoft Downtimes When They Need Proper Food)
a social control media 'scandal' this week
IRC Proceedings: Tuesday, March 26, 2024
IRC logs for Tuesday, March 26, 2024
Over at Tux Machines...
GNU/Linux news for the past day
Windows/Client at Microsoft Falling Sharply (Well Over 10% Decline Every Quarter), So For His Next Trick the Ponzi in Chief Merges Units, Spices Everything Up With "AI"
Hiding the steep decline of Windows/Client at Microsoft?
Free technology in housing and construction
Reprinted with permission from Daniel Pocock
We Need Open Standards With Free Software Implementations, Not "Interoperability" Alone
Sadly we're confronting misguided managers and a bunch of clowns trying to herd us all - sometimes without consent - into "clown computing"
Microsoft's Collapse in the Web Server Space Continued This Month
Microsoft is the "2%", just like Windows in some countries