06.15.20

Gemini version available ♊︎

Links 16/6/2020: CentOS Linux 8.2 and PinePhone postmarketOS Community Edition

Posted in News Roundup at 9:08 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • SpaceX: We launched 32,000 Linux computers in space for ‘Starlink Internet’ [Ed: Not sure if this site is original]

      The company intends to dispatch an open beta of the satellite web access before the finish of the northern half of the globe’s mid year and has won endorsement to convey one million end-client terminals in the US.

      SpaceX as of late applied to the Federal Communications Commission to dispatch 30,000 second-age satellites far beyond the 12,000 that had just been endorsed. Expecting the second-age satellites convey a similar number of Linux PCs, it would mean SpaceX plans to send in any event 2,000,000 Linux PCs into space in the following barely any years.

      It likewise implies that it’s currently sent 32,000 Linux PCs to space for the current heavenly body.

      “The constellation has more than 30,000 Linux nodes (and more than 6,000 microcontrollers) in space right now,” composed Matt Monson, SpaceX’s chief of Starlink software.

    • Why the Success of Edge Computing Relies on a Linux Legacy



      Twenty-five years ago, innovation was a slow, laborious, bug-filled crawl — with any advances crippled by proprietary technology. The breakthrough that paved the way for the continuous, rapid pace of innovation possible today was Linux.
      We need to heed the lessons from the early days around private cloud adoption and, more recently, Linux containers with regards to adaptability. Many man-hours were lost in slash-and-burn style rebuilding of infrastructures. The logistics at the edge make it impractical to have the same learn-as-we-go freedom we had inside the datacenter.
      As we’re likely to see edge computing evolving quickly, the only adaptable architectures will be the ones that can avoid a total tear-down. Adaptable architectures will also be well-positioned to take advantage of the newer capabilities as they become available.

    • Desktop/Laptop

      • Laptops Now Available with Elementary OS Pre-Installed

        The developers of the elementary OS operating system announced that you can now buy select laptops with the OS pre-installed. The move is part of their effort to make elementary OS more “gettable.”

        Rather than build computers themselves, the developers have partnered with the following companies and intend to add more partners in the coming months…

      • System76 Launches Powerful New Linux Laptop

        System76 has announced the new Serval WS laptop, featuring powerful desktop performance driven by AMD Ryzen processors. According to the System76 blog post, the device features “a large selection of performant components to choose from, such as NVIDIA GeForce GPUs and new 3rd Gen AMD Ryzen CPUs.”

        The Serval WS is the company’s highest performing laptop. According to the blog post, it “combines speedy components together to create the ultimate computing experience. Take high-powered AMD processors, NVIDIA GeForce graphics, NVMe storage and up to 64GB RAM, and figuratively dump the components into a blender for a smoothie reminiscent of the esteemed Roadrunner. Or, to put it simply: The Serval WS is fast.”

      • My Linux Story: remixing distributions at 17 years old



        The Lumina desktop was originally developed by iXSystems for TrueOS, which later became Project Trident. It’s well-known as the BSD desktop environment but has been ported to Linux. It introduces desktop elements like a panel, system tray, and so on, to the Fluxbox window manager, and is highly portable. It’s a good desktop, and while it’s generally easy to install, there aren’t many distributions offering it by default.

        I’m the sole contributor and maintainer to the Ubuntu Lumina remix. My work on the Ubuntu Lumina project has been a lengthy process, and much of it has been learning along the way. As of this writing, I’m 17 years old, but I’ve been a technology enthusiast since age six when a friend of mine helped me write my first ever “Hello, world” script.

      • Why I Still Use Linux on the Desktop



        It’s 2020, and there are fewer reasons than ever to use Linux on the desktop. Yet, I am still doing just that–as I have been for the past 15 years. Why? Let me explain

        Let me start by pointing out why using Linux on the desktop may no longer seem as appealing as it once did.

        Back when I started using desktop Linux, circa 2005, the world of computing looked wildly different. Windows Vista loomed on the horizon, and everyone knew it was going to be a disaster. (We didn’t yet know that Microsoft would keep supporting Windows XP all the way through 2014, nor did we know how quickly Microsoft would roll out Windows 7 to provide an alternative to Vista.) Not wanting to use Vista was one of the major reasons why I started exploring the world of Linux on the desktop.

      • Laptop update 2

        Here’s an update on the trials and tribulations encountered with my new Lenovo ThinkPad X1 Yoga gen 4.

    • Server

      • A better Toolforge: a technical deep dive

        In the previous post, we shared the context on the recent Kubernetes upgrade that we introduced in the Toolforge service. Today we would like to dive a bit more in the technical details.

        [...]

        With the Ingress controller, we want to ensure that Ingress objects only handle traffic to our internal domains, which by the time of this writing, are toolforge.org (our new domain) and tools.wmflabs.org (legacy). We safe-list the kube-system namespace and the tool-fourohfour namespace because both need special consideration. More on the Ingress setup later.

        The registry controller is pretty simple as well. It ensures that only our internal docker registry is used for user-scheduled containers running in Kubernetes. Again, we exclude from the checks containers running in the kube-system namespace (those used by Kubernetes itself). Other than that, the validation itself is pretty easy. For some extra containers we run (like those related to Prometheus metrics) what we do is simply upload those docker images to our internal registry. The controls provided by this admission controller helps us validate that only FLOSS software is run in our environment, which is one of the core rules of Toolforge.

      • A Better Docs UX With Docsy

        I’m pleased to announce that the Kubernetes website now features the Docsy Hugo theme.

        The Docsy theme improves the site’s organization and navigability, and opens a path to improved API references. After over 4 years with few meaningful UX improvements, Docsy implements some best practices for technical content. The theme makes the Kubernetes site easier to read and makes individual pages easier to navigate. It gives the site a much-needed facelift.

        For example: adding a right-hand rail for navigating topics on the page. No more scrolling up to navigate!

      • OVHcloud drives flash storage strategy with LXD

        OVHcloud offers a wide range of cloud-based services, and two of them – Public Cloud Block Storage, and Cloud Disk Array – rely on Ceph. About a year and a half ago, the company set its sights on creating a next-generation Ceph solution with all flash storage. However, this kind of solution would require newer versions of Ceph – versions that OVHcloud’s existing software environment could not support.

        Filip Dorosz, DevOps Engineer at OVHcloud, explains: “We quickly realised that it would be impossible to run newer Ceph releases on our legacy software because they required systemd, and we didn’t run systemd at all: neither inside the containers nor on the hosts.”

        OVHcloud effectively uses containers as lightweight VMs and, at the time, it utilised Docker as an entry point. But this was an unusual use case for Docker, and not one that it was well-suited for in the long-term. It became clear that the company needed a new solution, with systemd support, that was designed for running a complete operating system within a container.

        [...]

        LXD had emerged as the ideal solution, and now all that remained was to industrialise it for use on the enterprise scale. OVHcloud’s key requirement was a Puppet module for LXD so that it could manage containers via the host. At the time, there was no such module, so OVHcloud decided to build one itself – and it has recently open sourced the module on GitHub.

        The company is now moving to production with the new solution, enabling the switch to all flash storage with no HDDs.

    • Audiocasts/Shows

      • 2020-06-15 | Linux Headlines

        The Linux Mint 20 beta is available for testing, RiskSense warns of an increasing number of open source security vulnerabilities, and Pine announces that the next Community Edition of its phone will ship with postmarketOS.

    • Kernel Space

      • Linux Patches Provide Corsair Commander Pro Support For Thermal / Fan / RGB Controller

        The Corsair Commander Pro is a controller that offers six 4-pin fan ports with PWM control, two RGB LED channels for RGB LED light strips and fans, and four thermistor inputs. This thermal/cooling/lighting controller is seeing Linux support via a third-party driver.

        With Corsair not having ported their Corsair Link software to Linux, an interested user has reverse-engineered the USB protocol and provided support for this controller on Linux via an open-source driver.

    • Benchmarks

      • Running Linux 5.8-rc1 Benchmarks On The Intel Core i9 10900K + Radeon RX 5700 XT

        Since yesterday’s big release of Linux 5.8-rc1 I have begun benchmarking this new kernel on various systems. Here are some tests on the first system that was being vetted, the Intel Core i9 10900K Comet Lake with Radeon RX 5700 XT graphics.

        See our Linux 5.8 feature overview to learn about all of the changes for this next kernel version. When it comes to overall performance, at least with this i9-10900K system in most benchmarks there wasn’t broad performance differences compared to Linux 5.7/5.6 stable series.

    • Applications

      • Perform Common PDF Editing Tasks Like Merge, Split, Rotate With Free and Open Source PDF Mix Tool

        PDF Mix Tool is a simple, lightweight open-source PDF editing application that lets you extract pages from PDF, merge two PDFs, delete pages from PDF files among a few other things.

      • Entangle 3.0 Improves Tethered DSLR Shooting on Linux



        Entangle, for those not familiar with is, free, open source software for tethered shooting on Ubuntu (and other Linux distros, obviously). The app lets you control a fleet of popular DSLR cameras including Canon and Nikon models, from the the desktop, over USB.

        Entangle 3.0 pulls a few existing features into sharper focus while also adding a couple of new ones. For instance, you can now flip image in preview (handy for selfies); see remaining shot count & ETA in the repeat shooter plugin; and set up a countdown timer when using the photobox plugin.

      • Entangle 3.0 Released For Tethered Shooting With DSLR Cameras On Linux

        Entangle 3.0 has been released as the newest feature update to this software for controlling your DSLR camera under Linux with tethered shooting capabilities.

        Entangle allows connecting many popular DSLR cameras to Linux systems and obtain a live preview, triggering the shutter from the computer, and other controls are exposed for this open-source tethered camera control solution. In particular, many Canon and Nikon DSLR cameras are supported by this GNOME/GTK-focused desktop application.

      • Linux-Fu: Automation For Chrome And The Desktop By Matching Screenshots

        I will be the first to admit it. This is almost not — at least not specifically — a Linux article. The subject? An automation tool for Chrome or Firefox. But before you hit the back button, hear me out. Sure, this Chrome plugin started out as a tool to automatically test web pages and automate repetitive tasks in the browser. However, it can extend that power to all programs on your computer. So, in theory, you can use it to graphically build macros that can interact with desktop applications in surprisingly sophisticated ways. In theory, anyway; there are a few problems.

        The program has a few different names. Most documentation says UI Vision RPA, although there are some references to Kantu, which appears to be an older name. RPA is an acronym for Robotic Process Automation, which is an industry buzz word.

      • Transmission review

        Transmission is one of the rare torrent clients that comes with a solution for embedded hardware like NAS and home servers. It is free, open source, and offers impressively fast performance levels.

        [...]

        Transmission provides a better user experience compared to the complexity of competing services such as uBittorrent, Tixati and Vuze.

        What makes Transmission great from the user experience standpoint is that it can be configured to download files from folders, RSS feeds or any other source without having to control it manually. Downloading automatically from preferred sources as soon as the content is made available is a very helpful feature indeed.

        Transmission desktop clients can be remotely controlled, too, like most other torrent apps.

        Transmission’s interface is easy to use. In fact, it has the most barebones UI of all torrent clients, and strikes the right balance between functionality and simplicity. Its minimal UI, with no distracting adverts, is another highlight.

    • Instructionals/Technical

    • Games

      • Morrowind lives on with a major new OpenMW release out

        Morrowind is a much loved RPG classic and thanks to open source it continues living on modern platforms with OpenMW. The team behind OpenMW just release version 0.46 and it’s one of the biggest updates ever.

        We’ve been waiting on this one for what feels like forever, especially as it finally brings in real-time shadows making it look a whole lot better. There’s plenty of other changes both big and small and it continues be a very impressive game engine recreation. Modding even got improvements to the point that some previously unplayable mods should now work.

      • ATOM RPG Trudograd is now available for Linux in Early Access

        ATOM RPG Trudograd, the standalone followup to the very well received ATOM RPG is now available for Linux.

        Following in the footsteps of Fallout and Wasteland, the previous game was often compared to being a Russian version of Fallout and in some ways that was very much true. Nice to see Linux support continue in their future games after the first game was crowdfunded. With ATOM RPG Trudograd available in Early Access since early May, it arrived on Linux across the weekend on June 13.

      • Combo-driven roguelite action platformer Fury Unleashed is getting online play

        After launching in May with added Linux support, Fury Unleashed is set to get a big update in a few months adding in online play based on feedback from players.

        Seems the launch went well with Fury Unleashed getting some pretty high praise all around.They had a clear vision with wanting it to feel something of a mix between the likes of Dead Cells, Rogue Legacy and shooters like Metal Slug and they’ve mostly succeeded in that. I’m continually impressed by the visuals in it. This is not a run-of-the-mill action platformer, some of the visuals are absolutely incredible and it’s worth playing for that alone.

      • Werewolf: The Apocalypse – Heart Of The Forest coming from ex-Witcher devs

        Werewolf: The Apocalypse – Heart Of The Forest was announced recently with a very brief teaser, coming from Different Tales and Walkabout.

        Heart of the Forest was designed by Jacek Brzeziński and Artur Ganszyniec, who you might recognise as top names behind the original Witcher game. Also known for working on Dying Light and Hitman so they certainly know their games. If you don’t recognise the name together they recently released Wanderlust: Travel Stories and Wanderlust: Transsiberian, two book-like narrative stories and Heart Of The Forest will seemingly be continuing that same style of story telling with a much different theme.

      • Dear Devere is a beautiful & free voiced visual novel set in 1930s Scotland

        Start your week off with something free and quite sweet. Jasmine Osler released Dear Devere recently, a free voiced visual novel set in 1930s Scotland and it’s quite special.

        Nothing like the Anime styled visual novels you find elsewhere, Dear Devere is a romance / mystery novel told through letters between people. It’s a bit strange and yet I couldn’t help but just continue along to the conclusion. That’s a testament to the great world building, music and voice acting found in Dear Devere. It’s quite a new release too from this year that you might have missed.

      • Little Devil Inside still confirmed for Linux despite PlayStation exclusivity

        During the PlayStation 5 reveal recently, Neostream Interactive had their 2015 crowdfunded title Little Devil Inside shown off as a timed exclusive and they’ve now clarified their plans for platforms.

        The timed exclusive deal caused a bit of a ruckus with backers, with quite a few angry comments aimed at the developers. However, according to what they said, this PlayStation 5 timed exclusive deal will not be affecting the release of the PC version so they’re still firmly aiming for a concurrent launch on PC – the exclusive deal only affects console.

        After reaching out to Neostream directly, they mentioned to me today that the Linux version is still planned to launch alongside Windows, “We’ll be trying to get it to Linux at the same time as Windows. We will be clarifying again on all the precise platforms soon.”.

      • A little preview of the upcoming supernatural horror adventure ASYLUM

        With a full demo of ASYLUM upcoming for the Steam Game Festival, we were given advanced access to a small slice of what to expect so here’s a look.

        ASYLUM was funded on Kickstarter and is one of the most successful campaigns to come from Argentina, although this was way back in 2013 where they managed to get $119K in funding. Since then they’ve continued desperately hacking away at the code to bring it to release and recently managed to get an Epic MegaGrant.

        The full demo is due to go live tomorrow June 16, along with the Steam Game Festival. The game is of course not fully finished with more to come like voice-over, dialogue tweaks and so on. Now I’ve finally had change to get my hands on it, I have to say I’m genuinely intrigued by it and impressed. A first-person point and click adventure, with a thoroughly dark setting that’s pretty unnerving to go through.

      • Don’t Starve Together gets a new free character plus an animated short

        Klei have updated their great co-op survival game Don’t Starve Together with a free update for everyone.

        Arriving today is the new character, Walter, who seems like quite the seasoned explorer. Walter has a Slingshot which is pretty darn handy, as you can get special ammo for it to do things like freeze enemies or fire poop pellets at them to slow them down. I’ll admit the sound of that makes me want to play as Walter because that’s just hilarious.

        Walter is also not afraid of things like other characters, except getting hurt. So Walter doesn’t lose sanity from the dark but will lose sanity while health is below 100%. Since they’re a seasoned explorer, Walter can also craft a portable camping tent too. Just be aware of the bees, they’re allergic.

      • Open source shape-factory building sim shapez.io is now on Steam

        After discovering shapez.io on the game store itch.io recently, and finding out it was open source, I fell a little in love with the idea and now it’s on Steam.

        Taking inspiration from other factory building sims like Factorio, shapez.io takes a more relaxed and casual approach to it with a pretty sweet idea. You’re building up a factory that cuts shapes into other shapes and after a while adds in a splash of colour and then builds up the complication. It’s very cool and wonderful to see more developers choose open source too.

      • Quadrilateral Cowboy, Thirty Flights of Loving & Gravity Bone all now on GitHub

        This follows the same path they went with Flotilla back in February, although this time it’s a little different. These three are under the GPL v2/3 rather than the zlib license, which would be because each of these actually use some form of open source game engine release from id Software (Quake or Doom engines). Each had the source available before from Blendo’s own website but putting it on GitHub now makes them far more accessible and I bet plenty didn’t even know any of it was open source previously.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • KDE Plasma 5.20 Bringing this Stunning Taskbar Feature in Next Release

          KDE Plasma 5.20 which is scheduled to be released later this year, just announced a new taskbar feature for this gorgeous desktop.

        • Interview with Albert Weand



          Acouple of years ago, I started to gain interest in GNU/Linux and even considered using it as my main OS. One of my priorities was to find a good painting application compatible with the system. I tried MyPaint and Gimp, but Krita was definitely the best option.

          I really like the user interface, it’s very flexible. I like to keep things simple and just focus on the artwork. The shortcuts to navigate around the canvas are great, they feel very natural. There’s no need to change tools in order to zoom in, zoom out or move around the canvas. I also like the default brushes, they feel organic and the textures help to simulate real brushes in traditional painting.

        • KDE Applications Release Meta-data


          kde.org/applications now has latest release versions and dates on it. Finally you can check your app store or distro is up to date

          This was added to the website by elite new contributor David Barchiesi and there’s been a year of faff in the background getting it added to the release process in various places, but if apps are missing it then talk to the app maintainers to get it added.

        • OpenUK Future Leaders Online Talk on Friday

          Jonathan Riddell will be talking about KDE’s “All About the Apps” goal this Friday at OpenUK’s Future Leader’s Training.

        • GSoC’ 20 Progress: Week 1 and 2

          It’s been two weeks since the coding period began and I would love to share with the community the progress I have made so far.

          In the past two weeks, I focused on implementing a basic class for handling subtitles.

          First, I created a class called SubtitleModel. This class would contain the list of subtitle content included in the uploaded subtitle file. Since the SubtitleModel class would be utilized to implement a basic model based upon a list of strings, the QAbstractListModel provided an ideal base class on which to build. Subtitle files are usually of two basic formats: SubRipText file (.srt) and SubStation Alpha (.ass) type. Subtitles are maintained in these files in totally different formats based on their file type, so the function ought to parse through each file type in a distinctive way.

        • Weekly Report 2

          In the second week of GSoC, I worked on handling projections, instance rendering for multiple stars, updating SkyObject coordinates and worked on porting the existing grid system in KStars to Qt3D.

      • GNOME Desktop/GTK

        • New Patches Aim To Improve Smoothness & Latency Of NVIDIA On GNOME

          Canonical’s Daniel van Vugt who is known for his prolific contributions to GNOME the past several years particularly in regards to performance has a new merge request open for helping with the “smoothness” of the NVIDIA driver on GNOME Shell.

          Stemming from bug reports over non-ideal frame clocks if swap events not supported and NVIDIA on X.Org spending 75% of its time blocked, these are two of the areas Daniel van Vugt has been working to address for GNOME 3.38 / Ubuntu 20.10.

    • Distributions

      • EasyOS 2.3 – The Modern Prometheus Tux

        

        EasyOS looks like a Frankenstein edition of Puppy, in a good way. But as an experimental project, it’s also not something you want to inflict on your unsuspecting grandparents. Actually, it’s not suitable for the majority of users, including nerds, because it does require a fair deal of manual labor early on. I guess that explains the difficulty in getting the image.

        But if you think this happy madness ends there, you be mistaken. There’s an even more Frankensteiny creation, and that’s EasyPup! So there. Anyway, EasyOS 2.3 looks like a really ambitious and quite unique distro, and largely, it works great. If you’re a tinkerer, I’d recommend you grab this and have a thorough go. Otherwise, it’s worth waiting until it matures a bit more, the stack gets rock solid, and some of the usability niggles are resolved. All in all, something super cool and worth following. Stay tuned.

      • Reviews

        • AutoTux Review: A Linux Distro That Fully Automates Installation Process


          There are tons of Linux-based operating systems with each designed for specific use cases. Like, if you’re a beginner, you have Ubuntu, Linux Mint, and Pop!_OS. If you’re a more advanced user and want full control of your OS, you have Arch Linux and Gentoo. Or if you’re an ethical hacker and penetration tester, you may choose Kali Linux, Parrot OS, or Tusurugi Linux.

          But the common thing that each of them possesses is the installation step that everyone has to go through first. Some have the easiest installation process like Ubuntu while others like Arch are a tough nut to crack. So, if you have ever wished someone could install Linux and configure settings for you so that you can just get on and start using it, AutoTux is a perfect Linux distro for you.

      • IBM/Red Hat/Fedora

        • CentOS Linux 8.2 Officially Released, Based on Red Hat Enterprise Linux 8.2



          Derived from Red Hat Enterprise Linux 8.2‘s source code, CentOS Linux 8.2 packs all the new features, improvements, and software updates released since the launch of the Red Hat Enterprise Linux 8 operating system series across all supported architectures and all the enhancements included in version 8.2.

          Red Hat Enterprise Linux (RHEL) 8.2 brought enhanced security by implementing new OpenSCAP profiles for DISA STIG (draft) and Australian Cyber Security Center (ACSC) Essential Eight, by allowing users to specify their own permitted ciphers, and by adding support for custom SELinux policies to containerized workloads.

        • CentOS Linux 8.2 (2004) released and here is how to upgrade it

          CentOS Linux 8.2 (2004) released. It is a Linux distribution derived from RHEL (Red Hat Enterprise Linux) 8.2 source code. CentOS was created when Red Hat stopped providing RHEL free. CentOS 8.2 gives complete control of its open-source software packages and is fully customized for research needs or for running a high-performance website without the need for license fees. Let us see what’s new in CentOS 8.2 (2004) and how to upgrade existing CentOS 8.1.1199 server to 8.2.2004 using the command line.

        • Release for CentOS Linux 8 (2004)

          Release for CentOS Linux 8 (2004)

          We are pleased to announce the general availability of CentOS Linux 8.
          Effectively immediately, this is the current release for CentOS Linux 8
          and is tagged as 2004, derived
          from Red Hat Enterprise Linux 8.2 Source Code.

          As always, read through the Release Notes at :
          http://wiki.centos.org/Manuals/ReleaseNotes/CentOS8.2004 – these notes
          contain important information about the release and details about some
          of the content inside the release from the CentOS QA team. These notes
          are updated constantly to include issues and incorporate feedback from
          the users.

        • CentOS 8 Rebased Against RHEL 8.2

          The CentOS crew maintaining this community enterprise Linux operating system rebuild of Red Hat Enterprise Linux have announced their RHEL 8.2-based release.

          Red Hat Enterprise Linux 8.2 released back in April with tooling improvements to enhance the management capabilities, container/cloud improvements, cgroup v2 was promoted to full support, support for setting NUMA policies for services using systemd, and various other changes.

          CentOS Linux 8 Version 2004 is the new version of the free operating system built from the Red Hat Enterprise Linux 8.2 sources.

        • Build a recommendation engine using Apache Spark and Elasticsearch

          Recommendation engines are among the most well-known, widely used, and highest-value use cases for applying machine learning. Despite this, while there are many resources available for the basics of training a recommendation model, there are relatively few that explain how to actually deploy these models to create a large-scale recommender system.

          The IBM Developer code pattern Build a recommender with Apache Spark and Elasticsearch illustrates how to build and deploy just such a recommender system.

        • Supersonic, Subatomic Java Hackathon: June 15 – July 22 2020

          The Quarkus community is excited to announce the Supersonic, Subatomic Java Hackathon for developers to create Kubernetes-native applications for a chance to win $30,000 in prizes. This hackathon is a great opportunity to learn about the future of cloud-native Java development and showcase your coding skills.

        • Jakarta EE: Multitenancy with JPA on WildFly, Part 1

          In this two-part series, I demonstrate two approaches to multitenancy with the Jakarta Persistence API (JPA) running on WildFly. In the first half of this series, you will learn how to implement multitenancy using a database. In the second half, I will introduce you to multitenancy using a schema. I based both examples on JPA and Hibernate.

          Because I have focused on implementation examples, I won’t go deeply into the details of multitenancy, though I will start with a brief overview. Note, too, that I assume you are familiar with Java persistence using JPA and Hibernate.

        • Cockpit 221

          Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 221.

          [...]

          This pre-compiled stylesheet will be dropped in the future in favor of projects shipping their own CSS. This API is not maintainable, as Cockpit cannot offer a PatternFly 3 API forever, and PatternFly 4 also changes quickly enough that one style sheet for all projects is not robust enough.

          The Cockpit plugins that are using only PatternFly 4 should follow the example from starter-kit on how to import PatternFly 4 stylesheets. g The Cockpit plugins which are still relying on PatternFly 3 should follow the migration from the deprecated API to the new PatternFly stylesheet import approach as implemented in this cockpit-podman commit.

        • Tracking COVID-19 using Quarkus, AMQ Streams, and Camel K on OpenShift

          In just a matter of weeks, the world that we knew changed forever. The COVID-19 pandemic came swiftly and caused massive disruption to our healthcare systems and local businesses, throwing the world’s economies into chaos. The coronavirus quickly became a crisis that affected everyone. As researchers and scientists rushed to make sense of it, and find ways to eliminate or slow the rate of infection, countries started gathering statistics such as the number of confirmed cases, reported deaths, and so on. Johns Hopkins University researchers have since aggregated the statistics from many countries and made them available.

          In this article, we demonstrate how to build a website that shows a series of COVID-19 graphs. These graphs reflect the accumulated number of cases and deaths over a given time period for each country. We use the Red Hat build of Quarkus, Apache Camel K, and Red Hat AMQ Streams to get the Johns Hopkins University data and populate a MongoDB database with it. The deployment is built on the Red Hat OpenShift Container Platform (OCP).

        • Curious case of image based email signatures and Kmail
        • Compressed RAM disks
        • Join us for the Red Hat Summit Virtual Experience Open House

          On July 15 Red Hat is opening its virtual doors for an Open House, building on the Red Hat Summit 2020 Virtual Experience from April with an additional set of sessions, more “Ask the Experts” sessions, and live access to C-level tech experts.

          If you missed the Red Hat Summit Virtual Experience the first time around, that content is still available on demand. You can log back in, or register for the first time, and watch the on-demand content through April of 2021. Registration is still free and grants access to hundreds of sessions about Red Hat’s technologies, customer successes, and much more.

        • Red Hat CEO: we have a ‘head start’ over VMware, competitors in Kubernetes

          After 19 years at Red Hat, Paul Cormier, employee 120 and longtime product chief, ascended to the top job at the open-source software giant.

          But plans for the traditional world tour taken by new CEOs looking to confab with customers and partners were clipped by a global pandemic—Cormier took the helm of Red Hat as he and most other employees were working from home and grounded from travel.

          While the coronavirus crisis limited his ability to meet-and-greet and was replaced by virtual platforms, Cormier, who previously was responsible for roughly 60 percent of the company as president of products and technologies, already knew almost every facet of Red Hat’s business and had deep relationships with the ecosystem.

        • IBM Cloud Now: Intellect Design, IBM Edge Application Manager v4.1, and Watson Annotator
      • Debian Family

        • Lampone Pi, a live readonly Raspbian

          Lampone Pi is a live Debian GNU/Linux Buster arm64 operating system for the Raspberry Pi microcomputer boards. At the time of writing, it’s the only live operating system for the Pi. Although it is not affiliated or derived from Raspbian, it’s the homologous of Raspbian Lite (they both derive from Debian), but differently it’s a 64bit live OS.

          Why this project? If the header image looks familiar to you, you already have the answer : )

          So, technically it’s a Debian derivative with a unique partitioning scheme crafted for maximizing the strength against filesystem corruption: the ISO9660 system partition is read-only by design at filesystem-level. The data persistence partition contains only the delta: system updates and your data lay there. The data partition mounted on top of a read-only system partition makes the resulting operating system resistent to filesystem-corruption. Moreover, you can do complete system backups by just tar-ring only the files contained within that partition.

        • Emmabuntüs Debian Edition 3 Switches to LXQt, Now Based on Debian GNU/Linux 10.4

          The Emmabuntüs Collective announced today the release and general availability of Emmabuntüs Debian Edition 3 version 1.02, a release that brings new features and apps, as well as improvements and latest software updates.

          Based on the latest Debian GNU/Linux 10.4 “Buster” release, Emmabuntüs Debian Edition 3 1.02 is here exactly three months after the previous Emmabuntüs Debian Edition 3 1.01 release to replace the LXDE desktop environment with the more modern LXQt by default, along with the Xfce desktop environment.

          If you choose to use Emmabuntüs DE with the LXQt desktop, there are a few perks compared with the LXDE desktop, such as Falkon as default web browser, updated installation and presentation tutorials, as well as support for all of the in-house built scripts that are preset in the distribution for various tasks.

      • Canonical/Ubuntu Family

        • Ubuntu Unity 20.10 “Groovy Gorilla” Enters Development, First Alpha Is Ready for Testers


          Last month, I wrote about a new, unofficial Ubuntu flavor called Ubuntu Unity Remix, which had its first ever release based on the Ubuntu 20.04 LTS (Focal Fossa) operating system, but featuring the good old Unity 7 user interface as default desktop environment.

          You remember Unity, right? Well, Ubuntu Unity Remix brought back good old memories for me, back when Unity was a thing and promised to be the future of the Linux desktop. But it didn’t happen, at least not on the Linux desktop, as Canonical decided to terminate the project.

        • Ubuntu Unity brings back one of the most efficient desktops ever created



          I will admit, Ubuntu Unity isn’t everyone’s cup o’ tea, but for those that did appreciate what Ubuntu was doing, prior to the Unity 8/Mir debacle, you’ll welcome Ubuntu Unity with fingers ready to remain on the keyboard. Ubuntu Unity was a thing of efficient beauty and no other desktop could compare to what it offered. Now, thanks to Ubuntu Unity, we can all go back in time when the Ubuntu desktop interface was something unique and unifying.

          Although the Linux community is widely divided on which desktop/distribution/file system/init system/text editor/browser/cursor/theme is best, there can be no doubt that choice is generally considered a good thing and when using Linux, choices abound. To me, that’s always been one of the best selling points of the open source desktop operating system: If there’s something you don’t like about what you’re using, change it. For those that did enjoy the Unity desktop, you can once again enjoy that incredibly efficient and elegant interface, thanks to Ubuntu Unity.

        • Small Things that Bug Me in Ubuntu: The Blank Snap Folder

          I had to take new screenshots for our list of the best GTK themes this weekend and in doing become acutely aware of how much the “Snap” folder bugs me.

          Petty, I know.

          But you don’t need a magnifying glass or a particularly pedantic persuasion to appreciate why the directory irk. Heck, a quick glance at the hero image above should avail you of what the gripe is.

          Perhaps you’ve even noticed it yourself.

          See, Ubuntu badges each of the default Home directories (e.g., Downloads, Music, Videos etc) with a symbolic emblem to denote the content type apart from two: Desktop (which is shaped like a desktop, so it gets a pass), and the (annoyingly lowercase) ~/snap folder.

          Now appreciate I’m stating the obvious here but wouldn’t adding the Snapcraft logo to the Snap folder help roundup the aesthetic?

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Devs can now dig around in the source code for three games from Blendo Games
      • Web Browsers

        • Mozilla

          • Friend of Add-ons: Juraj Mäsiar

            Our newest Friend of Add-ons is Juraj Mäsiar! Juraj is the developer of several extensions for Firefox, including Scroll Anywhere, which is part of our Recommended Extensions program. He is also a frequent contributor on our community forums, where he offers friendly advice and input for extension developers looking for help.

            Juraj first started building extensions for Firefox in 2016 during a quiet weekend trip to his hometown. The transition to the WebExtensions API was less than a year away, and developers were starting to discuss their migration plans. After discovering many of his favorite extensions weren’t going to port to the new API, Juraj decided to try the migration process himself to give a few extensions a second life. “I was surprised to see it’s just normal JavaScript, HTML and CSS — things I already knew,” he says. “I put some code together and just a few moments later I had a working prototype of my ScrollAnywhere add-on. It was amazing!”

      • SaaS/Back End/Databases

        • What is PostgreSQL? How Does PostgreSQL Work?

          PostgreSQL is the world’s most advanced enterprise-class open source database management system that is developed by the PostgreSQL Global Development Group. It is a powerful and highly-extensible object-relational SQL (Structured Query Language) database system popular for its reliability, feature robustness, and high performance. It is known to be highly scalable both in the amount of data it can store and manage and in the number of concurrent users it can accommodate.

          PostgreSQL is available and distributed under the PostgreSQL License, a liberal open source license. This implies that you can download the software, use, modify, and distribute it free of charge for any purpose. It is also cross-platform, it runs on Linux, Windows, and macOS, and many other operating systems.

      • Productivity Software/LibreOffice/Calligra

        • Simulated Animation Effects – Week #2

          Last week my implementation lacked creating the current slide environment in the box2d world, meaning for the demo in the last blog post I had to hard code the environment.

          So this week I wanted to get rid of this big flaw and start creating the environment from the slide on the fly. To achieve this goal, I needed current shapes in the slide. Therefore, to get shapes in the current slide I’ve implemented a new getter for ShapeManager and LayerManager classes. You can check out the patch at: https://gerrit.libreoffice.org/c/core/+/95967

      • FSF

        • GNU Projects

          • Guix Further Reduces Bootstrap Seed to 25%

            We are delighted to announce that the second reduction by 50% of the Guix bootstrap binaries has now been officially released!

            The initial set of binaries from which packages are built now weighs in at approximately 60~MiB, a quarter of what it used to be.

            In a previous blog post we elaborate on why this reduction and bootstrappability in general is so important. One reason is to eliminate—or greatly reduce the attack surface of—a “trusting trust” attack. Last summer at the Breaking Bitcoin conference, Carl Dong gave a fun and remarkably gentle introduction and at FOSDEM2020 I also gave a short talk about this. If you choose to believe that building from source is the proper way to do computing, then it follows that the “trusting trust” attack is only a symptom of an incomplete or missing bootstrap story.

          • Alternate options for Adobe Acrobat, Photoshop, Illustrator, InDesign

            GIMP (GNU Picture [sic] Manipulation System) provides 130-furthermore awesome filters and exclusive consequences. See Alvin Alexander’s blog for all the neat stuff GIMP can do. I especially like the Borders Sparkles, Reflections, and Gradient Flare consequences and the Whirl and Pinch attributes. I also appreciate that GIMP is effective on several platforms, works by using minimum system resources, and is super-effortless to use.

      • Programming/Development

        • First Qt 6.0 Snapshot Available

          While Qt 5.15 LTS release is just out, we have also been working for some time now towards the next major version of Qt. Today, we are releasing a snapshot of Qt 6.0 for the first time. While we are still very early in the release process, and far from having the feature freeze, the first snapshot is offering binaries for a limited set of platforms and focused on the essential Qt modules. Given that we are approximately six months from the planned release date for Qt 6.0, we cannot guarantee all parts of the pre-release snapshot will work as intended.

          In the first snapshot, we are providing binaries for desktop platforms only. The mobile platforms and embedded Linux are being worked on; therefore, to test those you need to build from source. Qt 6.0 requires C++17 support from the compiler and we are in general focusing on fairly recently released compilers. If you want to use an older compiler, Qt 5.15 is the way to go.

        • Qt 6.0 Sees Its First Development Snapshot

          Being about six months out from the planned release of Qt 6.0, The Qt Company has issued its first snapshot of this forthcoming tool-kit update.

          This first Qt 6.0 snapshot offers a current look at the state of Qt 6 on various supported platforms. These pre-release snapshots are available through The Qt Company’s Qt Installer.

        • Programming languages: Java still rules over Python and JavaScript as primary language

          JetBrains makes the popular IntelliJ IDEA Java IDE, which is also the foundation for Google’s Android Studio, as well as Kotlin, a programming language that Google officially supports for Android development, and the widely used PyCharm IDE.

          JetBrains’ survey of almost 20,000 developers found on the other hand that JavaScript is the most used overall programming language.

          JetBrains asked developers to pick up to three languages they consider their primary programming language. In this context, JavaScript comes out on top (39%), followed Java (37%), and Python (31%).

          JetBrains analyst Sichkarenko Anastassiya explained the apparent discrepancy by saying each languages’ position – first, second or third – was assigned a weighting to produce an overall popularity ranking.

          The company also told The Register that Java’s superior ranking as a primary language comes down to lots of developers using JavaScript as part of a project, but its use falls when considering where developers spend most of their time.

        • Perl/Raku

          • Report of the Debian Perl Sprint 2020

            Eight members of the Debian Perl team met online between May 15 and May 17 2020, in lieu of a planned physical sprint meeting. Work focussed on preparations for bullseye, and continued maintenance of the large number of perl modules maintained by the team.

          • Contacting author of Net::Azure::StorageClient

            I have sent two emails now to the public email address listed in his public github profile and have received no bounce or response.

          • The Perl Ambassador: Gabor Szabo

            This is the launch interview of a monthly series of interviews I’ll publish on perl.com. I can promise you, fun and entertaining interviews every month. So please watch this space. If you’d like me to interview you, or know someone you’d like me to interview, let me know. Take the same set of questions and send me your answers!

            Gabor Szabo is a long time Perl developer and DevOps trainer and the author of the Perl tutorial and of Perl Maven and on Code Maven. He received a White Camel Award in 2008. He teaches training courses in Israel and around the world. He wears the hat of the chief editor of Perl Weekly newsletter, and is always happy to receive notable Perl news items for inclusion in its next issue.

        • Python

          • Django 3.1 beta 1 released

            Django 3.1 beta 1 is now available. It represents the second stage in the 3.1 release cycle and is an opportunity for you to try out the changes coming in Django 3.1.

            Django 3.1 has a potpourri of new features which you can read about in the in-development 3.1 release notes.

            Only bugs in new features and regressions from earlier versions of Django will be fixed between now and 3.1 final (also, translations will be updated following the “string freeze” when the release candidate is issued). The current release schedule calls for a release candidate in a month from now with the final release to follow about two weeks after that around August 3. Early and often testing from the community will help minimize the number of bugs in the release. Updates on the release schedule schedule are available on the django-developers mailing list.

          • How to Convert JSON to Excel in Python with Pandas

            The post How to Convert JSON to Excel in Python with Pandas appeared first on Erik Marsja.

            In this Pandas tutorial, we will learn how to import data from JSON to Excel in Python. This guide will cover 4 simple steps making use of Python’s json module, and the Python packages requests and Pandas.

            The structure of this tutorial is as follows. In the first section, we will have a quick look at a basic example of how to convert JSON to an Excel file with Pandas and Python. After we have seen and briefly learned, the syntax we will continue with a section covering some examples on when this knowledge may be useful. In the third section, we will have a look at the prerequisites of this Python tutorial and how to install Pandas. After we are sure we have everything needed, we will go through four steps on how to save JSON to Excel in Python. Here, we will start by reading the JSON file from the hard drive and saving it as an Excel file. Furthermore, we will also look at an example when reading JSON from a URL and saving it as a .xlsx file. Finally, we will also use the Python package JSON to excel converter.

            [...]

            Now, there is one very easy way to install both Python and Pandas: installing a Python scientific distribution such as Anaconda, ActivePython, or Canopy (see here for a list of Python distributions). For example, if you install Anaconda you will get a library with useful Python packages, including Pandas.

          • PyDev of the Week: Kyle Stanley

            This week we welcome Kyle Stanley (@Aeros1415) as our PyDev of the Week! Kyle is a core developer of the Python programming language.

            [...]

            Hi, my name is Kyle Stanley. I’m a 23 year old college student finishing up the last year of my B.S. degree (Information Systems Technology, Programming spec.). Most notably, I was recently promoted to the role of core developer for CPython, the default/reference implementation of the Python programming language (in April 2020). I mostly contribute to the standard library through reviews and my own authored changes, as both a hobby that I enjoy and a means of building my professional experience in the software development industry. Most of my significant contributions have been to the modules asyncio and concurrent.futures.

            [...]

            I have a few ongoing CPython projects, but my most substantial current project is probably asyncio.ThreadPool, which is a high-level asynchronous thread pool designed to be used as a context manager (e.g. “async with asyncio.ThreadPool() as pool:“). The primary use case for it in CPython is concurrent execution of long-running, IO-bound subroutines (non-async functions/methods) that would normally block the event loop (such as for network programming, DB connectors, inter-process communication, file IO, etc.), particularly for existing code or libraries that can’t be easily converted to use async/await. Threads have a bit more overhead than using coroutines (`async def` functions/methods), but when it’s not a realistic or available option to convert the existing code to use them, it’s often far more efficient to execute the subroutine in a thread pool rather than blocking the event loop for a significant period of time.

          • hashin 0.15.0 now copes nicely with under_scores

            tl;dr hashin 0.15.0 makes package comparison agnostic to underscore or hyphens

          • Richer Django logging

            Note the file and line at the right hand of the terminal which shows were the log function was called. If your terminal supports hyperlinks, you can click that link to open the file!

          • Python Keywords: An Introduction

            Every programming language has special reserved words, or keywords, that have specific meanings and restrictions around how they should be used. Python is no different. Python keywords are the fundamental building blocks of any Python program.

            In this article, you’ll find a basic introduction to all Python keywords along with other resources that will be helpful for learning more about each keyword.

          • PyCharm: Tutorial: Visual testing with pytest

            If you are like many Python developers out there you LOVE writing code! Tests? Not so much. Whether it’s the concept of testing or the interface of testing tools, testing is a chasm not all developers cross. The Visual Testing with pytest tutorial aims to bring Python testing to the masses, taking a new approach to first contact with Python testing.

            Join this journey with us and improve your testing skills in this 9-step tutorial!

          • Anwesha Das: PyLadies India June meetup

            We, PyLadies, have started our journey for quite a sometime now. Every year since 2016, we are growing in numbers and chapters. Currently, we have eight active chapters and counting. The COVID pandemic has somehow stopped our course of having physical meetups. But on a brighter note, the situation has opened up a new opportunity for us—the chance to be united. Therefore we, the PyLadies groups in India, have decided that we are going to have one collective meetup every month.

            This month we are having our PyLadies India meetup on 20th June 2020, coming Saturday at 8 pm. I will be talking about who we are, PyLadies India, and explain our course of action.

          • Build A Personal Knowledge Store With Topic Modeling In Contextualize

            Our thought patterns are rarely linear or hierarchical, instead following threads of related topics in unpredictable directions. Topic modeling is an approach to knowledge management which allows for forming a graph of associations to make capturing and organizing your thoughts more natural. In this episode Brett Kromkamp shares his work on the Contextualize project and how you can use it for building your own topic models. He explains why he wrote a new topic modeling engine, how it is architected, and how it compares to other systems for organizing information. Once you are done listening you can take Contextualize for a test run for free with his hosted instance.

          • PSF GSoC students blogs: Weekly Check-in | GSoC’20 | #3
          • PSF GSoC students blogs: Weekly Check-in #3
          • PSF GSoC students blogs: Weekly Check-in #3
          • PSF GSoC students blogs: Weekly Check-in #2
          • PSF GSoC students blogs: Week 2 Check-in
          • PSF GSoC students blogs: Second Weekly Check-In
          • PSF GSoC students blogs: Check-in for week 2
          • PSF GSoC students blogs: Images Images Images – Weekly Check-in 3
          • PSF GSoC students blogs: Weekly Check In 2
          • PSF GSoC students blogs: GSoC Weekly Check-In #2
          • PSF GSoC students blogs: Weekly Check-in #3
          • PSF GSoC students blogs: GSoC: Week 3: Awaiting the Future
          • PSF GSoC students blogs: GSoC Week 3: try except finally:
          • PSF GSoC students blogs: Inside look of the EOS feature request system in GSOC’20
          • PSF GSoC students blogs: Week 2 : Complete Migration to Fastkml
          • A Hundred Days of Code, Day 045

            Wrote a basic login form today.
            Short story short, it shows up, but it does not respond like Miguel shows in the course. It justs sits there … staring back at me … like an obstinate goat.

            Will go spelunking into what I could have done wrong, tomorrow.

            Learnt about adding routes and creating views and making templates.
            Thoroughly confused though.

        • Shell/Bash/Zsh/Ksh

  • Leftovers

    • Book Club: Zettlekasten

      Recently I was part of a call with Daniel and Lars to discuss Zettelkasten, a system for building up a cross-referenced archive of notes to help with research and study that has been getting a lot of discussion recently, the key thing being the building of links between ideas. Tomas Vik provided an overview of the process that we all found very helpful, and the information vs knowledge picture in Eugene Yan’s blog on the topic (by @gapingvoid) really helped us crystalize the goals. It’s not at all new and as Lars noted has a lot of similarities with a wikis in terms of what it produces but it couples this with an emphasis on the process and constant generation of new entries which Daniel found similar to some of the Getting Things Done recommendations. We all liked the emphasis on constant practice and how that can help build skills around effective note taking, clear writing and building links between ideas.

      [...]

      We were all concerned about the idea of using any of the non-free solutions for something that is intended to be used long term, especially where the database isn’t in an easily understood format. Fortunately there are free software tools like Zettlr which seem to address these concerns well.

    • Health/Nutrition

      • Hard lessons from COVID-19 on looking after the dead

        Gaps in dead body management have been left badly exposed by COVID-19: bodies left outside homes for days before being collected; family members picking through piles of decomposing corpses outside hospitals to try to identify loved ones; mass, unmarked graves dug for the poor and the homeless.

        [...]

        Oran Finegan, head of forensics for the International Committee of the Red Cross, said the ICRC aimed to remind authorities of the importance of communicating clearly with people about care after death, and of helping people deal with what was a “traumatising situation”.

        “We have to look at the impact this has on the communities, in terms of uncertainty, the loss of their loved ones, and the need to ensure the dignity of the dead,” he said. “The dead themselves matter, and it is very important that they be afforded a dignified burial, or a process aligned with their cultural or religious beliefs.”

        Data collected by the Financial Times shows the scale of the problem that morgues in the worst-hit urban areas have been dealing with. In Guayaquil, deaths increased 332 percent compared to previous years; in New York, 364 percent; and in Bergamo, in northern Italy, 496 percent.

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

          • Entrapment (Microsoft GitHub)

            • GitHub to replace master with main across its services

              GitHub will drop the term “master” as the default branch name from its hosted repositories in response to protests about ingrained racism.

              Activists in the software community have long campaigned to replace the terms “master” and “slave” with terms that don’t invoke actual human slavery. They argue that continuing to use such terms isn’t inclusive, is insensitive, and highlights the tech industry’s problems with diversity.

              Nat Friedman, the GitHub’s chief exec, confirmed the upcoming change in a Twitter post saying that the Microsoft-owned outfit would change the default branch name from “master” to “main”, or perhaps something similar.

        • Security

          • It’s Time to Step Up Linux Server and Container Workload Security

            Linux Security Pros, are you happy with the state of Linux Server security? Can you reliably secure your server and container workloads across multiple distributions with real-time visibility into suspicious and malicious activity? Do Linux security tools tend to “break” whenever you upgrade your operating system? And finally, can you query for incidents and alerts across your estate, with IOCs aligned to the MITRE ATT&CK Framework for Linux?

          • Wailing Wednesday follows Patch Tuesday as versions of Windows 10 stop playing nicely with plugged-in printers

            Windows 10 users woke up to borked printers following the monthly Microsoft bugfix party, Patch Tuesday.

            The issues appear connected to KB4557957 and KB4560960 for Windows 10 2004 and 1903/1909 respectively.

            “KB4560960″ was “stopping users from printing to [the] locally attached Brother printer,” according one Reg reader. The resolution was to remove the offending cumulative patch. Those connected to a network printer, he reported, continued rocking along as normal.

          • Another Attack Vector Uncovered For Bypassing Linux Lockdown Via ACPI Tables

            This weekend we reported on how injecting ACPI tables could lead to bypassing Linux’s lockdown / UEFI Secure Boot protections and let attackers load unsigned kernel modules. That earlier issue was found on a patched version of the Ubuntu 18.04 LTS kernel while now a similar attack vector has been discovered on the mainline Linux kernel.

            WireGuard lead developer Jason Donenfeld discovered both of these vulnerabilities in recent days. This newest discovery is more pressing in that it works on a current mainline Linux kernel rather than just Ubuntu’s heavily patched older kernel code-base. Fortunately, Donenfeld has already sent off a patch to the mailing list for addressing this issue.

          • Nordic Semi nRF52 WiSoCs are Susceptible to Debug Resurrection using APProtect Bypass

            Nordic Semi nRF52 are popular wireless Cortex-M4 SoCs with Bluetooth 5.0 and 802.15.4 radios. APProtect (Access Port Protection) is a new security feature of nRF52 MCUs designed to enable readback protection and disable the debug interface. This is supposed to prevent an attacker to obtain a copy of the firmware that would allow him/her to start the reverse engineering process or access some sensitive data such as keys and passwords.

            It’s all good, except “LimitedResults” managed to bypass APProtect and permanently resurrect the debug interface on nRF52840-DK and a Bluetooth mouse. This requires physical access to the hardware and relies on a fault injection technique.

          • Latest Intel CrossTalk Vulnerability Now Patched in Debian GNU/Linux, CentOS and RHEL

            

            The recent SRBDS (Special Register Buffer Data Sampling) hardware vulnerability (CVE-2020-0543) also known as CrossTalk, was discovered by researchers from Vrije Universiteit Amsterdam in some Intel processors. The flaw could allow local attackers or virtual machine guests to expose sensitive information like cryptographic keys from other users or VMs.

            Already patched in all supported Ubuntu releases, the vulnerability has also been patched last week in the Debian GNU/Linux 10 “Buster,” Debian GNU/Linux 9 “Stretch,” CentOS Linux 7, CentOS Linux 6, Red Hat Enterprise Linux 7, and Red Hat Enterprise Linux 6 operating system releases.

          • Security updates for Monday

            Security updates have been issued by Debian (intel-microcode, libexif, mysql-connector-java, and thunderbird), Fedora (gnutls, grafana, kernel, kernel-headers, mingw-gnutls, mod_auth_openidc, NetworkManager, and pdns-recursor), Gentoo (adobe-flash, ansible, chromium, firefox, glibc, mailutils, nokogiri, readline, ssvnc, and webkit-gtk), Mageia (axel, bind, dbus, flash-player-plugin, libreoffice, networkmanager, and roundcubemail), openSUSE (java-1_8_0-openjdk, kernel, nodejs8, rubygem-bundler, texlive-filesystem, and thunderbird), Oracle (libexif and tomcat6), Red Hat (chromium-browser, flash-plugin, and libexif), Scientific Linux (tomcat6), SUSE (libEMF), and Ubuntu (fwupd).

          • Intel Confirms CET Security Support For Tiger Lake

            CET works by preventing ROP and COP/JOP style attacks through indirect branch tracking and a shadow stack. For nearly three years we have been talking about Control-Flow Enforcement Technology with the open-source Intel developers doing a fairly punctual job plumbing it into the open-source compilers, the necessary Linux kernel changes, etc. Just last month I provided the current state of Intel CET on Linux with most patches under review or landed but due to the GCC 11 requirement will not be all stabilized until early next year.

          • Customizing System-wide Cryptographic Policies in RHEL 8.2
          • Privacy/Surveillance

    • Defence/Aggression

      • In the news: ‘Horror’ and ‘shock’ at Libya mass graves

        Last week’s discovery of at least eight mass graves in a town southeast of the Libyan capital of Tripoli has led to expressions of “horror” and “shock” from the UN, and the promise of an investigation in the midst of war.

        On Thursday, the UN’s mission in Libya said it “notes with horror reports” of the graves in a town called Tarhouna, a former stronghold of eastern forces led by Khalifa Haftar that was retaken last week by groups loyal to the internationally recognised Government of National Accord (GNA).

        The two sides have been fighting for control of Tripoli and the country since last April, forcing hundreds of thousands of people to go on the run, and, in recent months, leaving doctors and nurses to try to fight the spread of COVID-19 at the same time as they treat the war-wounded.

      • 35 years after MOVE bombing, communities denounce police terror

        A protest against Philadelphia Police Terror on June 13 drew around 1,500 demonstrators to the Osage Avenue site where Philadelphia police dropped a military-grade bomb on the MOVE organization on May 13, 1985. Eleven Black men, women and children were murdered after police and city officials ordered fire fighters to “let the fire burn.” Police shot at MOVE members who tried to escape.

        [...]

        Mike Africa, whose parents, MOVE 9 members Mike Africa Sr. and Debbie Africa, spent over 40 years in prison, called out city officials who are currently offering up apologies for prior blatant acts of racism, as if they were enough to stop the growing movement. “The politicians are dragging their feet as if nothing has happened. People want justice, and we want it now!” Africa said. “And we want Mumia free now!”

        Following the rally, a spirited march made its way through predominantly Black neighborhoods in West Philadelphia. The response from community residents was electrifying. People came out on their porches to cheer and join in chants. Several joined the march.

        At a closing rally at Malcolm X Park, speakers raised 13 demands from the radical Black organizing community in Philadelphia. Among the final speakers were high school students from the Philadelphia Student Union who demanded that “every single cop in schools must be out by the time schools reopen. The $30 million used to keep police in schools should go to have safe learning environments. We want police abolition — not more reforms!”

    • Civil Rights/Policing

      • Doing good and being racist

        His original logic was sound. Honestly, I’m glad to hear the UN acknowledge it. But owning up to racism while simultaneously denying your staff of colour the right to openly protest felt particularly cruel. It also feels incredibly familiar from my time in the humanitarian world.

        During my time as an employee of a UN agency in Geneva, I was the only black person on my team. In fact, I’d often be the only black person in many meeting rooms. Although I would describe each of my former colleagues as “good people”, I would be lying if I said I never experienced any racism while at the UN. Because, yes, it’s everywhere. And, while we’d like to think we’re good people because of the very nature of our work, our humanitarianism does not preclude us from exhibiting racism. In many ways our humanitarianism reinforces it.

      • Bostick v. Clayton County Georgia

        It is a slow patent news day, but the Supreme Court offered a big employment discrimination decision in Bostick v. Clayton County Georgia (Supreme Court 2020).

        The opinion joins together several cases challenging employment discrimination on the basis of gender identity (transgender) and also sexual orientation (homosexuality). Title VII of the Civil Rights Act of 1964 prohibits employment discrimination on the basis of an “individual’s race, color, religion, sex, or national origin.” Here, the Supreme Court holds that gender identity and sexual orientation both fall with the ambit of “sex” and thus are also protected against discrimination.

    • Monopolies

      • Patents

        • USPTO Announces Extension for Petitioning for Restoration of Right of Priority or Benefit

          In a notice posted on its website on Thursday, June 11, the U.S. Patent and Trademark Office announced that it was extending the time period for petitioning for certain rights of priority or benefit, as well as waiving the corresponding petition fee. As the result of the President’s declaration on March 13, 2020 of a national emergency under the National Emergencies Act due to the COVID-19 pandemic, the notice indicates that USPTO Director Andrei Iancu “determined that the emergency prejudiced the rights of applicants, patent owners, or others appearing before the USPTO in patent matters and may have prevented them from filing documents or fees with the Office,” and that the effects of the COVID-19 pandemic created an extraordinary situation for affected patent applicants and patentees. Therefore, the USPTO, pursuant to the Coronavirus Aid, Relief, and Economic Security Act (CARES Act) and 37 C.F.R. § 1.183, is providing an extension for petitioning for the restoration of certain rights of priority or benefit.

          The notice explains that to be entitled to a claim of priority to or benefit of a prior-filed foreign or provisional application, an application seeking priority or benefit must be filed within twelve months (or six months in the case of a design application claiming foreign priority) of the prior-filed foreign or provisional application. After that period expires, U.S. patent law allows an applicant to two more months to file an application seeking priority or benefit along with a petition for restoration of the right to claim priority to or benefit of a prior-filed foreign or provisional application under 37 C.F.R. §§ 1.55(c) or 1.78(b), provided that the delay in filing the application seeking priority or benefit was unintentional.

          [...]

          The notice advises applicants who file a petition under 37 C.F.R. §§ 1.55(c), 1.78(b), or 1.452 in accordance with the above provisions via the USPTO’s patent electronic filing systems (EFS-Web or Patent Center) to use document code PET.RELIEF for the petition. The Office also highly recommends that applicants use form PTO/SB/449 to make the required statement that the delay in filing was due to the COVID-19 outbreak.

        • Japan: Guidelines on the ‘Fair Value Calculation of SEP for Multi-Component Products’

          The guidelines represent an important intervention into the ongoing debate concerning the tension between standard essential patents (SEPs) (which offer their owners R&D incentives/rewards in the form of monopolistic rights) and technology standards (which should be widely used by all players in the market to ensure interoperability). Without a framework to promote harmonious licensing, SEPs owners could, if they wished, use the patent enforcement system to ‘hold up’ or prevent their competitors from launching rival products that use the same standards. There is a related risk that the exercise of monopoly power by SEP owners could lead to the need for implementers to obtain multiple licences – this is known as the problem of ‘royalty-stacking’.

          The need to obtain multiple licences is particularly evident when it comes to multi-component products that contain many parts, such as game machines, construction machines, personal computers, and automobiles. In these circumstances a variety of manufacturers are involved in the production process, thus forming a hierarchical supply chain. The risk of ‘hold-up’ is therefore very high in these industries. To minimise risks SEP owners typically must commit to licensing their SEPs on ‘FRAND’ terms (fair, reasonable, and non-discriminatory). At times the parties cannot agree on what the FRAND terms should be, which can lead to acrimonious disputes and costly litigation. Guidelines on FRAND from independent policy-makers or courts can be useful to provide a measure of clarity to negotiating parties.

          Against this background, the Japanese Study Group proposes three general principles, which could be useful for determining the FRAND royalty for multi-component products to be paid to SEP owners.

          [...]

          Attention to the needs of SMEs is not unusual when it comes to SEPs. The EU institutions have also paid heed to these companies. For example, concerns were expressed by the Commission in its Communication of 29 November 2017 on the EU approach to SEPs. One of the burning issues highlighted in that document is the lack of transparency in the context of SEP licensing frameworks managed by standard setting organisations (SSOs). Indeed, the Commission states that being able to access accurate information on the scale of exposure to SEPs is vital to the users of standards, especially SMEs that have little experience of licensing practices and seek to enter the relevant markets looking for connectivity. However, this information is not always easy to access. The Communication notes, in particular, that ‘… currently the only information on SEPs accessible to users can be found in declaration databases maintained by SSOs which may lack transparency’ – a scenario that leaves companies, particularly SMEs and start-ups, in a difficult situation with respect to licensing negotiations and risk management.

          Overall, the Guidelines produced by the Japanese Group Study are a positive intervention in this field. They should assist implementers of standardised and patented technology to strike favourable licensing deals, thus counter-balancing the strong monopolistic position SEP owners often find themselves in. This in turn can benefit final consumers via better value products capable of interoperability.

        • Assignor Estoppel

          In Hologic, Inc. v. Minerva Surgical, Inc., 957 F.3d 1256 (Fed. Cir. 2020), the court upheld the doctrine of “assignor estoppel” but also found that it could be collaterally attacked via IPR since the PTO does not enforce the doctrine. The panel – led by Judge Stoll — also called for reconsideration of the doctrine “as it applies both in district court and in the Patent Office.”

          The patentee in this case want the the court to broadly hold that assignor estoppel cannot be circumvented via IPR proceeding; the defendants are asking that the court go the other way and narrow assignor estoppel associated with claims added or amended after the assignment.

        • Software Patents

          • $3,000 for Trust & Verify Data Protection LLC prior art

            On June 15, 2020, Unified Patents added a new PATROLL contest, with a $3,000 cash prize, seeking prior art on at least claims 37 (system) and 25 (method) of U.S. Patent 7,137,140. The patent is owned by Trust & Verify Data Protection, LLC, an NPE. The ’140 patent generally relates to a customer computer and vendor computer that are interconnected by means of a network. The customer can initiate a transaction, such as the purchase of information from the vendor, however, the vendor will not proceed until verification of the transaction has been received from the site.

      • Copyrights

        • US Copyright Office Review Board allows registration of Abercrombie & Fitch’s Store Front Sculpture

          In a decision issued in June 2020, the US Copyright Office Review Board (CORB) reversed the earlier findings of the US Copyright Office concerning an application to register Abercrombie & Fitch’s Store Front Sculpture. The CORB found that this work exhibits copyrightable authorship.

          [...]

          Furthermore, in Atari Games Corp. v. Oman, 888 F.2d 878, 883 (D.C. Cir. 1989), the US Court of Appeals (District of Columbia Circuit) considered that simple shapes, when selected or combined in a distinctive manner indicating some ingenuity, have been accorded copyright protection both by the Register and in court. For instance, the choice of location, orientation, and dimensions of glass panes in a work has showed “far more than a trivial amount of intellectual labour and artistic expression” and the earlier use of “geometric shapes like squares, triangles, and trapezoids has not precluded copyright protection”.

          In the present case, the Store Front Sculpture combines multiple geometric shapes – a circle and a square – with letters, symbols, and lighting elements created from several different materials into a sculpture that exhibits creative choices in the selection, positioning, and arrangement of elements in the overall work. In line with Feist, copyright protection is available so long as there is at least some creative spark, ‘no matter how crude, humble or obvious’ it might be. Therefore, considered as a whole, the work satisfies the originality requirement.

          The CORB pointed out that the protection only relates to the work as a whole, and does not extend individually to any of the standard and common elements depicted in the work, such as a circle, rectangle, “A,” “F,” “&,” or “Co.,” the choice of materials, or the lighting elements. It is the overall combination of those elements into the work that makes it protectable.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. Gemini Gone Mainstream: German Media Now in Geminispace

    With the likes of TAZ embracing Geminispace/Gemini Protocol we seem to have reached some sort of inflection point; taz.de did in fact add official presence to Geminispace



  2. Links 28/1/2022: LSFMM 2022 and 2021 UI Study Results From Elementary's Distro

    Links for the day



  3. IRC Proceedings: Thursday, January 27, 2022

    IRC logs for Thursday, January 27, 2022



  4. Links 28/1/2022: GNU Poke 2.0 and OPNsense 22.1 Released

    Links for the day



  5. Links 27/1/2022: Archinstall 2.3.1 and Nix 2.6.0

    Links for the day



  6. On the Internet, Trust Should Not Become Centralised

    “Trust” is a word that lost its meaning in the era of “TPM” and fancier names for 'Palladium'; we need to reject this idea that computers need to check with Microsoft if the operating system is trusted (not just Windows!), check with Gulag/Chrome if a Web site is trusted, and whether it's OK to run some application/s on one's own computer (as if Jim Zemlin et al get to decide what is trusted)



  7. Microsoft-Connected Publishers Suffer and Perish With Microsoft (While Peddling 'Fake News' for Their Beloved Sponsor)

    IDG and other fake news outlets/networks/sites (selling to companies flattering articles about themselves or renting out 'news space' to them, not just ad space) want us to think Microsoft is doing very well, but it's just that same old Ponzi scheme



  8. Links 27/1/2022: Mabox Linux 21.11 Herbolth and PipeWire 0.3.44

    Links for the day



  9. IRC Proceedings: Wednesday, January 26, 2022

    IRC logs for Wednesday, January 26, 2022



  10. [Meme] EPO: Pursuing an Eastern and Western District of Europe (for Patent Trolls and Software Patents)

    With the EPO so flagrantly lying and paying for misinformation maybe we should expect Benoît Battistelli and António Campinos to have delusions of grandeur… such as presiding over the Eastern and Western District of Europe, just like Mr. Gilstrap and Mr. Albright (political appointment by Donald Trump, ushering in “the swamp”)



  11. Gemini at 2,000: 86% of Capsules Use Self-Signed Certificate, Just Like the Techrights Web Site (WWW)

    As shown in the charts above (updated an hour ago), the relative share of ‘Linux’ Foundation (LE/LF; same thing, same office) in the capsules’ certificates has decreased over time; more and more (in terms of proportion) capsules choose to sign their own certificate/s; the concept of ‘fake security’ (centralisation and consolidation) should be rejected universally because it leaves nobody safe except plutocrats



  12. [Meme] UPC: Many Lies as Headlines, Almost Exclusively in Publishers Sponsored by EPO and Team UPC to Produce Fake News (Lobbying Through Misinformation)

    Lest we forget that EPO dictators, like Pinky and the Brainless Benoît Battistelli and António Campinos, have long littered the EPO's official Web site as well as publishers not directly connected to the EPO (but funded by it) with disinformation about the UPC



  13. EPO as the 'Ministry of Truth' of Team UPC and Special Interests

    The 'Ministry of Truth' of the patent world is turning the EPO's Web site into a propaganda mill, a misinformation farm, and a laughing stock with stock photography



  14. Microsoft 'Delighted' by Windows 11 (Vista 11) Usage, Which is Only 1% Three Months After Official Launch and Six Months After Release Online

    Microsoft boosters such as Bogdan Popa and Mark Hachman work overtime on distraction from the failure Vista 11 has been (the share of Windows continues to fall relative to other platforms)



  15. Links 27/1/2022: Preinstalled GNU/Linux (Ubuntu) and Arch Linux-Powered Steam Deck 30 Days Away

    Links for the day



  16. Don't Fall for Microsoft's Spin That Says Everything is Not Secure and Cannot be Secured

    Microsoft keeps promoting the utterly false concept that everything is not secure and there's nothing that can be done about it (hence, might as well stay with Windows, whose insecurity is even intentional)



  17. At Long Last: 2,000 Known Gemini Capsules!

    The corporate media, looking to appease its major sponsors (such as Web/advertising giants), won't tell you that Gemini Protocol is rising very rapidly; its userbase and the tools available for users are rapidly improving while more and more groups, institutions and individuals set up their own capsule (equivalent of a Web site)



  18. Links 26/1/2022: Gamebuntu 1.0, PiGear Nano, and Much More

    Links for the day



  19. IRC Proceedings: Tuesday, January 25, 2022

    IRC logs for Tuesday, January 25, 2022



  20. Links 26/1/2022: No ARM for Nvidia, End of EasyArch, and WordPress 5.9 is Out

    Links for the day



  21. Why the Unified Patent Court (UPC) is Still Just a Fantasy and the UPC's Fake News Mill Merely Discredits the Whole Patent 'Profession'

    Patents and science used to be connected; but now that the patent litigation 'sector' is hijacking patent offices (and even courts in places like Texas) it's trying to shove a Unified Patent Court (UPC) down the EU's throat under the disingenuous cover of "community" or "unity"



  22. Links 25/1/2022: Vulkan 1.3 Released, Kiwi TCMS 11.0, and antiX 19.5

    Links for the day



  23. Gemini Milestones and Growth (Almost 2,000 Known Gemini Servers Now, 39,000 Pages in Ours)

    The diaspora to Gemini Protocol or the transition to alternative 'webs' is underway; a linearly growing curve suggests that inertia/momentum is still there and we reap the benefits of early adoption of Gemini



  24. [Meme] Get Ready for Unified Patent Court (UPC) to be Taken to Court

    The Unified Patent Court (UPC) and Unitary Patent system that’s crafted to empower EPO thugs isn’t legal and isn’t constitutional either; even a thousand fake news 'articles' (deliberate misinformation or disinformation) cannot change the simple facts because CJEU isn’t “trial by media”



  25. The EPO Needs High-Calibre Examiners, Not Politicians Who Pretend to Understand Patents and Science

    Examiners are meant to obstruct fake patents or reject meritless patent applications; why is it that working conditions deteriorate for those who are intellectually equipped to do the job?



  26. Free Software is Greener

    Software Freedom is the only way to properly tackle environmental perils through reuse and recycling; the mainstream media never talks about it because it wants people to "consume" more and more products



  27. Links 25/1/2022: Git 2.35 and New openSUSE Hardware

    Links for the day



  28. IRC Proceedings: Monday, January 24, 2022

    IRC logs for Monday, January 24, 2022



  29. Links 25/1/2022: GPL Settlement With Patrick McHardy, Godot 4.0 Alpha 1, and DXVK 1.9.4 Released

    Links for the day



  30. Proprietary Software is Pollution

    "My daughter asked me about why are we throwing away some bits of technology," Dr. Andy Farnell says. "This is my attempt to put into words for "ordinary" people what I tried to explain to a 6 year old."


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts