If you're looking for a desktop, the single greatest Linux-powered desktop on the market is the System 76 Thelio. In fact, it might be the best desktop you can buy, period. This beast of a machine comes in three flavors: Thelio, Thelio Major, and Thelio Massive. For everyday use, go with Thelio. If your open source enthusiast is a gamer or needs more power, go with the Thelio Major. If, however, the recipient of this gift is a serious number cruncher, the Thelio Massive will power all of their tasks. Either way, you cannot go wrong with a gift of the Thelio. The Thelio has a base price of $899, the Thelio Major has a base price of $2499, and the Thelio Massive has a base price of $3199.
The client server model is incredibly popular for building Linux applications so I thought it'd be fun to explain how the model works and why it is the perfect choice if following the Unix philosophy is important to the way that you develop your software.
Stuart Langridge, Jono Bacon, and Jeremy Garcia present Bad Voltage, in which things are not necessarily jazzed up versions of other things, we wonder what data truly is...
This week we’ve been upgrading our GPUs. We discuss our experiences using IoT devices, bring you some command line love and go over all your wonderful feedback.
It’s Season 13 Episode 30 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.
The release of WireGuard earlier this year was one of the biggest things to happen to the VPN industry in a long time and now Google has added support for the new protocol to the next version of Android.
WireGuard, which was created by Edge Security's Jason A. Donenfeld, uses state-of-the-art cryptography to provide users with the highest level of privacy, security and speed. The new protocol is faster than existing VPN protocols and it also only contains just 4,000 lines of code compared to OpenVPN's 100,000 lines of code, making it easier to review and audit.
Just after the release of version 1.0.0 of the protocol back in March, it was added to the Linux kernel and made available in Linux 5.6 by Linus Torvalds. As Android is also based on Linux, it makes sense that Google would want to bring native WireGuard support to its mobile operating system by adding it to Android 12's Linux Kernel 5.4 tree.
COVID-19 has entirely changed the way we live our lives. Many businesses are operating from home and the need for a good and secure internet connection has increased more than ever. Why “secure internet”? Because many of us don’t want our internet service provider to know what we’re doing and keep track of our activities.
Now, after WireGuard VPN’s addition to the Linux kernel 5.6, Google has added it to Android 12’s Linux Kernel 5.4 Tree. For starters, WireGuard VPN is a next-gen VPN protocol built on modern cryptography standards to ensure internet security.
The sound subsystem updates were submitted today for the Linux 5.10 kernel with some interesting changes and new hardware support.
The direct rendering manager (DRM) driver updates were sent in overnight for the ongoing Linux 5.10 merge window with a range of improvements for these graphics/display drivers and as usual the Intel and AMD Radeon driver churn is particularly heavy.
In addition to Linux 5.10 supporting SEV-ES as the "encrypted state" for AMD EPYC's Secure Encrypted Virtualization, this kernel is also adding Secure Nested Paging (SNP) support to the AMD IOMMU driver as part of their next-generation SEV-SNP security.
AMD SEV-SNP is an effort to further boost virtual machine isolation and appears to likely be supported with upcoming AMD EPYC 7003 "Milan" processors based on the timing of their original SEV-SNP whitepaper earlier this year and now the timing of this SNP Linux kernel support. SEV-SNP builds on the original AMD SEV and SEV-ES to offer additional hardware-based memory integrity protections for fending off hypervisor-based attacks.
Not only is Btrfs seeing notable improvements with the in-development Linux 5.10 kernel but the XFS file-system also has some prominent changes of its own.
The ability to execute the contents of a file is controlled by the execute-permission bits — some of the time. If a given file contains code that can be executed by an interpreter — such as shell commands or code in a language like Perl or Python, for example — there are easy ways to run the interpreter on the file regardless of whether it has execute permission enabled or not. Mickaël Salaün has been working on tightening up the administrator's control over execution by interpreters for some time, but has struggled to find an acceptable home for this feature. His latest attempt takes the form of a new system call named trusted_for().
Tightly locked-down systems are generally set up to disallow the execution of any file that has not been approved by the system's overlords. That control is nearly absolute when it comes to binary machine code, especially when security modules are used to enforce signature requirements and prevent techniques like mapping a file into some process's address space with execute permission. Execution of code by an interpreter, though, just looks like reading a file to the kernel so, without cooperation from the interpreter itself, the kernel cannot know whether an attempt is being made to execute code contained within a given file. As a result, there is no way to apply any kernel-based policies to that type of access.
Enabling that cooperation is the point of Salaün's work; it is, at its core, a way for an interpreter to inform the kernel that it intends to execute the contents of a file. Back in May 2020, the first attempt tried to add an O_MAYEXEC flag to be used with the openat2() system call. If system policy does not allow a given file to be executed, an attempt to open it with O_MAYEXEC will fail.
Hi list,
I realize that this is a week late, I simply put everything in the calendar one week off. Doh. Anyway, mesa 20.2.1 is now available, this release looks much bigger than it actually is, because of all of the .pick_status commits. there's a bit of everything in here, all and all a nice little .1
Dylan
Mesa 20.2 officially released at the end of September as the Q3'2020 open-source driver stack update providing open-source OpenGL/OpenCL/Vulkan support for much of the graphics hardware on the market. For those that prefer waiting for the first point release before upgrading, that milestone was reached today.
Mesa 20.1.10 is a small bug-fix release for GNU/Linux distributions that have not yet upgraded to Mesa 20.2.0. There's not much to see, there's seven for the Intel graphics drivers and two on the AMD side.
home computer makes an ideal appliance to store and stream music. The purpose of a music server is to deliver tracks when requested by a client. The server can deliver music to machines over a local area network as well as computers connected over the internet.
Linux is widely recognized as an ideal operating system to serve web pages. But the server capabilities of Linux extend far beyond merely providing HTTP servers.
There is a wide range of multimedia software available for Linux which turns your machine into a jukebox. There are even dedicated Linux distributions that turn your computer into a music server. This article identifies the best free software which enables your Linux machine to act as a music server, distributing digital tracks over a network. Such software supports popular audio formats such as FLAC, OGG Vorbis, and MP3.
In the first quarter of 2019, Microsoft open sourced the Windows Calculator. Being open source, it allows developers to use it in their own applications.
I couldn’t care less for a calculator application but as some It’s FOSS readers pointed out, they like using the Windows Calculator.
The good folks in the Uno Platform community have ported the open-source Windows Calculator to Linux. And they’ve done it quicker than Microsoft could bring their browser to Linux. The calculator is published in the snapstore and can be downloaded right away. If you’re on Ubuntu or you have snapd installed just run...
Okay, hear me out. You want to keep an eye on your system for things like RAM use, disk space, processor load and more…but you want something a tiny bit flashy that's still simple enough to run in a terminal window? You need to try out bpytop.
It's a fully featured resource monitor with a "game inspired menu system" and it's genuinely great, I've fallen just a little bit in love with it having it open on my second monitor to keep me informed of how my system is doing.
NTP stands for "Network Time Protocol." It is a protocol used by devices connected to the internet to synchronize their systems' time to a time reference. There are various important points as to why it is important to maintain accurate time, and the working principles of NTP are elementary yet amazing.
In this tutorial, we will show you how to install the Vivaldi Browser on CentOS 8. For those of you who didn’t know, Vivaldi is a feature-rich, next-generation web browser application based on the powerful and open-source Chromium project, from which the popular Google Chrome web browser is derived. The application is freely distributed and cross-platform, created by the former CEO of Opera Software, built using modern Web technologies like React, JavaScript, Node.js, and more.
If you’re a Linux user in need of a good Usenet app and aren’t happy with the existing apps out there, consider checking out HelloNZB. It’s a Java-based NZB client that is relatively user-friendly and simple to use.
In this video, we are looking at how to install Inkscape 1.0 on Deepin 20.
This video tutorial shows how to install Ubuntu Kylin 20.04 LTS on VMware Workstation step by step. This tutorial is also helpful to install Ubuntu Kylin 20.04 LTS on physical computer or laptop hardware.
Today we are looking at how to install FL Studio 20 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
We are fortunate to have a good virtual machine tool AQEMU on GNU/Linux operating systems. With AQEMU on your Ubuntu computer, you can virtualize any operating systems very easily. It can replace and works similarly to the proprietary tool VirtualBox or VMWare step by step as you can see in this tutorial. Now let's learn virtualization!
When you are working with directory and files, you may need to know about Linux file timestamps such as change time (ctime), access time (atime), and modification time (mtime). Linux files, directories, sockets have three different timestamps – mtime, ctime and atime.
Probably when working in Linux you have get answers to following questions:
When was the last date of file content modified? When was the file last opened/accessed ? When the properties of the file such as ownership, permissions last changed?
This tutorial explains how to to update an ISPConfig 3.1 server to ISPConfig 3.2. This tutorial is compatible with CentOS, Debian, and Ubuntu operating systems.
NVM stands for Node Version Manager is a command-line utility for managing Node versions. Sometimes you required to deploy multiple node application with different-2 versions. Nvm will help you here.
The ps command is a handy utility that allows us to view important process information. A process is simply a running instance of a program. Whenever we invoke a program, some processes are created. A thorough understanding of the process tree is mandatory if you want to have full control over your machine.
RStudio is a development IDE for R language programmers, however, if you are not on GUI and using CLI server still we can have the benefit of it by installing the Rstudio Server edition. It provides the Rstudio IDE access via a web browser interface, thus if you have some remote Linux server with powerful hardware for high-level computing then installing the Rstudio server will be a nice idea. Because in this way multiple developers can easily use this R language development platform for coding, editing, and sharing of other files with the team. Furthermore, a server environment of Rstudio will give a centralized installation of R, R packages, TeX, and other supporting libraries.
Linux permissions are a concept that every user becomes intimately familiar with early on in their development. We need to execute scripts, modify files, and run processes in order to administer systems effectively, but what happens when we see Permission denied? Do you know why we see this message? If you know the cause of the problem, do you know how to implement the solution?
I will give a quick explanation of the various ways to calculate permissions, and then we will focus on the special permissions within Linux. If you want an in-depth look at the chmod command, check out this article from Sudoer Shashank Hegde, Linux permissions: An introduction to chmod.
After launching for Windows on September 3, porter Feral Interactive has now hooked up Total War: THREE KINGDOMS - The Furious Wild for Linux (and macOS) today.
This is the first proper extension to the map in THREE KINGDOMS, letting you visit the jungles around Southern China and with it, the fearsome tribes of the Nanman. On top of the map expansion you get 4 new playable factions each with their own mechanics with a total of 19 new factions included. There's also over 25 new units, new character artwork, a Nanman-specific tech tree and more. You're also able to play it in the 190 and 194 start dates.
If 2020 couldn't get more peculiar, today the SDL2 project mainlined support for the OS/2 operating system.
While OS/2 is no longer maintained by IBM and was never really a gaming platform for where SDL2 is most commonly used, this software library that serves as an abstraction layer for multimedia/gaming hardware components and software platforms has merged the OS/2 port.
Visit RPCS3’s official site and download the emulator to your hard disk drive. RPCS3 is available for Windows and Linux.
Ready to take the action into space? Runner Duck, developer of the hit Bomber Crew have just released the sequel with Space Crew.
Bomber Crew was something of a surprise hit for the UK-based two-person indie studio Runner Duck, when it became a top seller on Steam. This sequel moves the theatre of war from World War Two to the far flung future with players challenged to fight a conflict on an intergalactic scale. Armed with their own carefully chosen crew and fully customizable spaceship, captains must protect Earth and venture across the galaxy to stave off a new alien threat known as the Phasmids.
Ready to make fun of your friends? The Jackbox Party Pack 7 has been released along with five amusing games. Still one of the best party games around. Well, party game…packs. Then again it should be, it would be a bit weird if a Party Pack was a bit rubbish for a party wouldn't it.
Got Worms? Well, you can get a whole lot of them in the latest Humble Bundle from the classics up to the newer stuff and some of them have Linux builds too.
With sleek arcade-racing action, the bright and colourful Vecter has left Early Access today along with the recently launched Linux version.
Vecter is pretty much an endless runner, and a great one too that's seriously easy to just pick up and play when you have a few minutes to spare. Not easy though, far from it. You need some good reflexes! There's plenty of obstacles and enemies thrown in your way. It's fast, intense and a huge amount of fun. Race as long as possible, rise up the leaderboards and just don't crash.
Following this week's KDE Plasma 5.20 release, KWinFT 5.20 has been released as the fork of KWin and other select components in aiming to offer a better experience.
KWinFT continues to be led by KDE developer Roman Gilg. KWinFT continues to work on not only providing a more robust Wayland compositor but also improved display management and other capabilities.
New versions of the KWinFT projects Wrapland, Disman, KWinFT and KDisplay are available now. They were on the day aligned with the release of Plasma 5.20 this week and offer new features and stability improvements.
Universal display management
The highlight this time is a completely redefined and reworked Disman that allows to control display configurations not only in a KDE Plasma session with KWinFT but also with KWin and in other Wayland sessions with wlroots-based compositors as well as any X11 session.
You can use it with the included command-line tool dismanctl or together with the graphical frontend KDisplay. Read more about Disman's goals and technical details in the 5.20 beta announcement.
At Akademy 2020, the annual KDE conference that was held virtually this year, KDE developer Nate Graham delivered a talk entitled "Visions of the Future" (YouTube video) about the possible future of KDE on commercial products. Subtitled "Plasma sold on retail hardware — lots of it", the session concentrated on ways to make KDE applications (and the Plasma desktop) the default environment on hardware sold to the general public. The proposal includes creating an official KDE distribution with a hardware certification program and directly paying developers.
Graham started by giving some context; the ideas to be presented were a followup on the KDE accessibility and productivity goals from 2017. One of the objectives was to get Plasma and KDE applications ready to work on all kinds of hardware. Graham thinks that this has been achieved and it is the time to move to the next step: creating an official KDE operating system. He commented: "we have to, if we want to have direct relations with hardware vendors".
KDE already has an official distribution called neon, he said. Neon is, however, a "halfway product", because it showcases current KDE products on top of a distribution (Ubuntu 20.04 LTS) that may otherwise be outdated. On the other hand, it is good enough to be shipped on Slimbook laptops. A member of the audience requested an explanation of what has changed from the inception of neon, which was not called an official KDE OS at that time. Graham responded that there was a fear of harming the relationships between KDE and distributors, but agreed that a good way to go forward would be to call neon what it really is: the official KDE distribution.
Graham continued by presenting his list of requirements for such an OS. First, it needs the latest software, including a current Linux kernel, which is necessary for hardware enablement. The applications should be newer than those found in Ubuntu; they could be installed from Flatpaks or Snaps. The last requirement was to make it possible to rebase this system onto another distribution. With such features, this system "will be more awesome", he said.
If you are interested in openSUSE, sooner or later you will probably learn how packages and specfiles work. But packaging is not static knowledge that you learn once and are good to go. The rules change over time, new macros are created and old ones are erased from history, new file paths are used and the old ones are forgotten. So how can one keep up with these changes?
In this article, we will serve you with all recent news and important changes in openSUSE packaging on a silver platter. Whether you are a pro package maintainer or just a casual packager who wants to catch up, you will definitely find something you didn’t know here. We promise.
Merged just minutes ago into systemd Git is the new systemd-oomd component pushed along by Facebook.
Systemd-oomd has been developed to improve the Linux out-of-memory / memory pressure behavior and based on Facebook's out-of-memory daemon code that's been extended to not only work for Linux servers but also desktop systems.
Following my first article on quantum computers, I now explore and attempt to explain the equally fantastic and challenging world of quantum networks. With quantum computing comes quantum networks, and the best tech we have for that is fiber optics. Even though quantum computers are close to absolute magic, they still need networks to communicate, and, for the most part, we are not looking at copper. Fiber optics is the thing, but there is a strange challenge in sending out tiny little photons all on their own. And even if the future looks all quantum, you can bet there will still be loads of old tech working in parallel for years, so ensuring they all can coexist and stay safe will be one of the bigger challenges for sysadmins.
The release of Red Hat Data Grid 8.1 offers new features for securing applications deployed on Red Hat OpenShift. Naturally, I wanted to check them out for Quarkus. Using the Quarkus Data Grid extension made that easy to do.
Data Grid is an in-memory, distributed, NoSQL datastore solution based on Infinispan. Since it manages your data, Data Grid should be as secure as possible. For this reason, it uses a default property realm that requires HTTPS and automatically enforces user authentication on remote endpoints. As an additional layer of security on OpenShift, Data Grid presents certificates signed by the OpenShift Service Signer. In practice, this means that Data Grid is as secure as possible out of the box, requiring encrypted connections and authentication from the first request. Data Grid generates a default set of credentials (which, of course, you can override), but unauthenticated access is denied.
In this article, I show you how to configure a Quarkus application with Data Grid and deploy it on OpenShift.
In the previous article in this series, we outlined some simple open practices to start forming a team using the Open Practice Library. Now, we will describe some practices that can be used to define the team’s work.
If you’re new to Chrome OS or perhaps just learning your way around the recently added Linux terminal, you may be unaware that Google transitioned the Linux container from Debian 9 to Debian 10 (Buster) with the release of Chrome OS 80 back in March. If you have been tinkering with Linux on Chrome OS for some time, you’ve likely already forced the updated to Debian 10 by removing the Linux container and reinstalling it.
Devices that haven’t received the update due to the fact that they have been sitting on a shelf or whatever other reason you can think of, can now upgrade to the newer Debian 10 container with the simple push of a button. This feature will only show up if you are on Chrome OS 86 and your device is still using Debian 9 (Stretch). You will find the “upgrade” button by heading to the Linux (Beta) tab of your Chrome OS settings menu. If you have an upgrade available, you will see the message at the top of the settings.
Linux (Beta)
Linux (Beta), also known as Crostini, is a feature that allows you to access a library of Linux apps on your Chromebook, such as Microsoft Visual Studio Code, Inkscape, or Steam.
Canonical today announced autonomous high availability (HA) clustering in MicroK8s, the lightweight Kubernetes. Already popular for IoT and developer workstations, MicroK8s now gains resilience for production workloads in cloud and server deployments.
High availability is enabled automatically once three or more nodes are clustered, and the data store migrates automatically between nodes to maintain quorum in the event of a failure. “The autonomous HA MicroK8s delivers a zero-ops experience that is perfect for distributed micro clouds and busy administrators”, says Alex Chalkias, Product Manager at Canonical.
Designed as a minimal conformant Kubernetes, MicroK8s installs and clusters with a single command.
If you've been hiding under a rock -- and who could blame you these days? -- you may have missed how totally Kubernetes now dominates container orchestration. One way to quickly get up to speed on Kubernetes is with Canonical's MicroK8s. This is an easy-to-run and install mini-version of Kubernetes. And now Canonical has added autonomous high availability (HA) clustering to it.
Seriously.
MicroK8s, already popular for IoT and developer workstations, now gains resilience for production workloads in cloud and server deployments. Canonical has announced autonomous high availability (HA) clustering in MicroK8s, the lightweight Kubernetes.
The AI gateway runs the usual Petalinux distributions plus Vitis AI stack that includes pre-optimized deep learning models from mainstream frameworks such as Tensorflow, Caffe, Darknet, and PyTorch.
The company provides a FreeRTOS BSP, as well as an iMX RT1064 uCOM developer’s kit for development. I understand i.MX RT1064 is very similar to i.MX RT1062 processor found in Teensy 4.1 with the main difference being the 4GB on-chip QSPI flash. Just like with other i.MX RT processor, the solution is best suited for fast applications requiring real-time response with ultra-low latency as well as application processor level of performance.
VIA provides Android 10 and Yocto 2.6 Linux BSP’s for the module and board, as well as optional 10.1ââ¬Â³ WUXGA LCD display and 4G LTE mPCIe module.
ICOP’s Linux-ready, Apollo Lake based “PINT-090T-APL” panel PC provides an IP65-protected, 9-inch touchscreen plus GbE, HDMI, 3x USB, 2x COM, and mini-PCIe and M.2 expansion.
The Novasom-M9 is a compact SBC that runs Android or Linux on the Rockchip RK3399 with GbE, HDMI, eDP, MIPI-DSI and -CSI, USB 3.0, 40-pin GPIO, and an M.2 slot.
Thank you everyone for being so patient while waiting for us to ship Pocket P.C. We want to ship a well-tested well-built product to you. This means that we have iterated through multiple prototypes and revisions before deciding to enter mass production.
It’s October and everything is coming together for final assembly next month in November. We have begun to purchase all the components with lead-times of 4 weeks or more. This includes the battery and LCD Display Modules. The plastic injection molding is being machined and we are awaiting initial injected plastic samples.
About a year after introducing a concept for a handheld Linux computer priced at $199, Popcorn Computer is getting closer to actually being able to deliver that little PC to customers.
It’s up for pre-order for $199 and according to the latest progress update, production is on track to begin next month and if everything goes well, the first units could ship before the end of November.
There are a lot of interesting things about the PinePhone. At $150 it’s the most affordable smartphone designed to run free and open source operating systems. It gives you more privacy controls by letting you physically disable hardware you’re not using. And it supports add-on modules that can bring new features to the phone.
Until now there haven’t been any official modules released for the PinePhone, but developer Martijn Braam demonstrated the potential for add-on modules this summer when he hacked together an infrared camera for the PinePhone.
Now Pine64 has announced that a set of official add-ons are coming. By swapping out back covers for the PinePhone you will eventually be able to add support for Qi wireless charging, NFC, or even a physical keyboard.
When the PinePhone began shipping earlier this year, it was only available in one configuration: with 2GB of RAM and 16GB of storage. But this summer Pine64 began selling a 3GB/32GB model as part of PinePhone Convergence Packs, which also come with a USB-C dock that lets you connect a keyboard, mouse, and monitor to use the company’s Linux smartphone like a tiny Linux desktop.
Now Pine64 says customers who already have a 2GB PinePhone and want to upgrade without buying a new device will be able to purchase a new mainboard starting in November.
You may have seen an interesting paper cross your radar a couple months ago: Everything Old is New Again: Binary Security of WebAssembly, by Daniel Lehmann, Johannes Kinder and Michael Pradel. The paper makes some strong claims and I would like to share some thoughts on it.
reader-response theory
For context, I have been working on web browsers for the last 8 years or so, most recently on the JavaScript and WebAssembly engine in Firefox. My work mostly consists of implementing new features, which if you are familiar with software development translates as "writing bugs". Almost all of those bugs are security bugs, potentially causing Firefox to go from being an agent of the user to an agent of the Mossad, or of cryptocurrency thieves, or anything else.
Mitigating browser bug flow takes a siege mentality. Web browsers treat all web pages and their corresponding CSS, media, JavaScript, and WebAssembly as hostile. We try to reason about global security properties, and translate those properties into invariants ensured at compile-time and run-time, for example to ensure that a web page from site A can't access cookies from site B.
In September there were 153 alerts generated, resulting in 25 regression bugs being filed on average 7.75 days after the regressing change landed.
Every time a code is pushed to autoland there is a chance that performance tests such as benchmarks and page loads will be run. The results from these tests are ingested by Perfherder (the performance oriented sibling to Treeherder). If a significant and sustained change (either a regression or an improvement) is detected in the results for any test, an alert will be generated. Performance sheriffs monitor these alerts, identify the push that caused it, and notify the patch author of the change, who then helps to determine the best course of action. This helps us to catch and prevent regressions from reaching our users, and also provides valuable feedback on our efforts to improve performance and to celebrate these wins.
For a little over a year I have been sending a newsletter to several groups within Mozilla with various metrics related to our regression detection and sheriffing efficiency. Each month I have improved and added to the report, often in response to feedback received. Looking back, my first report from July 2019 included just 5 visualisations, whereas my most recent report from August 2020 included 23. As a result of this growth, the report has become rather dense and overwhelming, and so I’m trying something new. Instead of sending a snapshot of the report by email each month, I’m going to publish an article on our performance blog with a short summary and highlight a few of the findings. For those with access, the full dashboard will be available on Mozilla’s redash instance.
In unusually stark terms, Mozilla is trying to rally the troops to take back the internet from the forces of evil—or at least "misinformation, corruption and greed"—that have overtaken it. In a September 30 blog post, the organization behind the Firefox web browser warned that "the internet needs our love". While there is lots to celebrate about the internet, it is increasingly under threat from various types of bad actors, so Mozilla is starting a campaign to try to push back against those threats.
The effort is, to a certain extent, an attempt to raise the profile of Firefox, which does generally have a better track record on respecting privacy than its competitors. That should not come as a huge surprise since the other major browsers come from companies that stand to profit from surveillance capitalism. The Mozilla Foundation, on the other hand, is a non-profit organization that is guided by a pro-privacy manifesto.
[...]
Two other Firefox add-ons are suggested. Facebook Container is meant to make it harder for Facebook to track users across the web by making use of Firefox Multi-Account Containers. The idea is that interaction with a site is done only in a color-coded tab that doesn't share identity information (and cookies) with other containers. Facebook Container ensures that links from Facebook pages are followed in a separate container so that Facebook cannot track the user; using Facebook "Share" buttons outside of the container will route them through the container as well.
Unfck the Internet also recommends the RegretsReporter extension to report on YouTube videos that were recommended but turned out to be objectionable. The idea is to try to crowdsource enough information about the YouTube recommendation system to better understand it—and the AI behind it.
The Document Foundation (TDF) was formed in 2010 as a home for the newly created LibreOffice project; it has just celebrated its tenth anniversary. As it begins its second decade, though, TDF is showing some signs of strain. Evidence of this could be seen in the disagreement over a five-year marketing plan in July. More recently, the TDF membership committee sent an open letter to the board of directors demanding more transparency and expressing fears of conflicts of interest within the board. Now the situation has advanced with one of the TDF's largest contributing companies announcing that it will be moving some of its work out of the foundation entirely.
The dispute over the marketing plan has its roots in money, as is often the case. Developing a large system like LibreOffice requires the work of dozens of engineers, who need to be paid to be able to put a full-time effort into the project. Some of the companies employing those developers — Collabora in particular — think that TDF has succeeded too well; the free version of LibreOffice is solid enough that attempts to sell commercial support for it are running into a wall. The proposed marketing plan was designed to better differentiate "community-supported" LibreOffice from the professionally supported offerings from TDF member companies. This idea did not sit well with community members, who worried that LibreOffice was being pushed into a second-class citizen status.
The tension is at its highest around LibreOffice Online, which provides for collaborative editing of documents hosted on a central server. Evidently, what revenue does exist in the LibreOffice ecosystem is mostly focused on LibreOffice Online, which is a relatively hard service to set up and maintain without having somebody dedicated to the task. TDF has encouraged potential users to go with commercial offerings by, among other things, allowing the system to suggest commercial support to users and not offering binary builds of the LibreOffice Online server. Currently, if you want to establish a LibreOffice Online instance, you must start with the source and build it from there.
We are happy to announce that Kiwi TCMS is going to partner with Vola Software to provide 2 interns with opportunities for hacking open source and bootstrapping their careers!
Vola Software is a custom software development company in one of the poorest regions of the European Union and a long-time contributor to their local ecosystem via Vratsa Software Community. They are located in Vratsa, Bulgaria.
The first preview of Ruby version 3.0 was released on September 25. It includes better support for type checking, additional language features, and two new experimental features: a parallel execution mechanism called Ractor, and Scheduler, which provides concurrency improvements.
According to a 2019 keynote [YouTube] by Ruby chief designer Yukihiro "Matz" Matsumoto, type checking is a major focus of Ruby 3. In his presentation, he noted that Python 3, PHP, and JavaScript have all implemented some version of the feature. In fact, Ruby already has type-checking abilities in the form of a third-party project, Sorbet. For Ruby 3.0, type checking has been promoted into the core project, implemented as a new sub-language called Ruby Signature (RBS). This mirrors the approach taken by Sorbet, which implemented a sub-language called Ruby Interface (RBI). Sorbet allows annotations to exist within Ruby scripts, something that the community wanted to avoid, according to a presentation [YouTube] (slides [PDF]) by contributor Yusuke Endoh; by keeping RBS separate from Ruby, he explained, the project doesn't have to worry about conflicts in syntax or grammar between the two languages. In a recent blog post, the Sorbet project committed to supporting RBS in addition to its RBI format.
In a post introducing RBS, core developer Soutaro Matsumoto provided a detailed look at the feature. Conceptually, RBS files are similar to C/C++ header files, and currently are used in static code analysis with a project called Steep. As a part of the 3.0 release, Ruby will ship with a full collection of type annotations for the standard library.
The Zig programming language is a relatively recent entrant into the "systems programming" realm; it looks to interoperate with C, while adding safety features without sacrificing performance. The language has been gaining some attention of late and has announced progress toward a Zig compiler written in Zig in September. That change will allow LLVM to become an optional component, which will be a big step forward for the "maturity and stability" of Zig.
Zig came about in 2015, when Andrew Kelley started a GitHub repository to house his work. He described the project and its goals in an introductory blog post in 2016. As he noted then, it is an ambitious project, with a goal to effectively supplant C; in part, that is done by adopting the C application binary interface (ABI) for exported functions and providing easy mechanisms to import C header files. "Interop with C is crucial. Zig embraces C like the mean older brother who you are a little afraid of but you still want to like you and be your friend."
A new release of the dang package is now on CRAN, roughly one year after the last release. The dang package regroups a few functions of mine that had no other home as for example lsos() from a StackOverflow question from 2009 (!!) is one, this overbought/oversold price band plotter from an older blog post is another. More recently added were helpers for data.table to xts conversion and a git repo root finder.
This release adds two functions. One was mentioned just days ago in a tweet by Nathan and is a reworked version of something Colin tweeted about a few weeks ago: a little data wrangling off the kewl rtweet to find maximally spammy accounts per search topic. In other words those who include more than ‘N’ hashtags for given search term. The other is something I, if memory serves, picked up a while back on one of the lists: a base R function to identify non-ASCII characters in a file. It is a C function that is not directly exported by and hence no accessible, so we put it here (with credits, of course). I mentioned it yesterday when announcing tidyCpp as I this C function was the starting point for the new tidyCpp wrapper around some C API of R functions.
Traditionally C++ has been seen by many (and you know who you are) as just plain bad: the code is unreadably verbose, error messages are undecipherable, it's unsafe, compilation takes forever and so on. In fact making fun of C++ is even a fun pastime for some. All of this was certainly true in the 90s and even as recent as 10 years ago. But is it still the case? What would be a good way to determine this?
JupyterLab is the next-generation web-based Jupyter user interface. It allows you to work with Jupyter Notebooks, as well as editors, terminals, and more, to produce interactive documents for data science, statistical modeling, data visualization, and more.
It has native viewers for PDF, CSV, JSON, images, and more. It is also extensible to support other formats.
You might have heard these words together : AI, Machine Learning and Python. The reason behind this is that Python is one of the most suitable languages for AI and ML. Python is one of the simplest programming languages and AI and ML are the most complex technologies. This opposite combination makes them to be together.
In simple words, I would like to make this clear that Machine learning is a really complex technology. Its algorithms are really complex and difficult to understand. And on the other hand, Python is considered to be one of the most simplest languages. Its syntax structure and coding length is really short to understand. That is why Python is considered to be the most suitable language as it can manage complex algorithms in the simplest way.
Getting the number of elements in a list in Python is a common operation. For example, you will need to know how many elements the list has whenever you iterate through it.
Python is a dynamically typed language. A variable, initially created as a string, can be later reassigned to an integer or a float.
DigitalOcean's new App Platform is a Platform-as-a-Service (PaaS) offering, which (much like Heroku) allows you to deploy an application from a git repository.
This article looks at how to deploy a Django application to DigitalOcean's App Platform.
In this tutorial, we will show you how to use bash for loop on Linux systems. For those of you who didn’t know, Loops are one of the fundamental concepts of programming languages. Loops are handy when you want to run a series of commands over and over again until a certain condition is reached. Like any other programming language, bash shell scripting also supports ‘for loops’ to perform repetitive tasks. It helps us to iterate a particular set of statements over a series of words in a string, or elements in an array.
Have you ever heard your father telling you to grab a glass of water? You have a choice to say No, but computers don’t have that choice. Computers are going to do exactly what you would tell them to do. Bash is just a shell that allows you to communicate with the computer and allow you to give instructions to it. A script is basically just a set of instructions given to the computer to execute different meaningful tasks. A script helps you automate different tasks along with the luxury to accomplish results faster than the normal procedure. Normally, in the terminal, you write a basic or advance bash command and it executes on it right away. In bash scripts, you could give multiple instructions or commands at once and the computer would execute all of them only when you would execute the script. In a nutshell, single bash command can be executed in the terminal but to execute a combination of multiple commands at once, you need to create a bash script.
Buffalo, N.Y.—In memory, my Aunt Dolor is a big woman. Big hair, big sunglasses, big jewelry, big bold colors, with geometric shapes in the 1960s and ’70s especially, when our families saw each other most. Her husband, my mother’s brother, called her Doll.
Finnish carrier Finnair says it will start selling business class-style airline meals in a nationwide supermarket chain in a move to both keep its catering staff employed and also to offer the airline experience to those missing flying in the COVID-19 times.
I spent the first 35 years of my working life in a big northeastern city. I was a weekend spendthrift like many a callow youth, but even that could never quite explain how I was always struggling to stay solvent from paycheck to paycheck, even in those spans when I made (relatively) good money.
"It's being presented as if it's a major alternative view that's held by large numbers of experts in the scientific community. That is not true."
Vivaldi web browser released new stable 3.4 version that features configurable context menus, automatic reloading pages, and Vivaldia, the real 80s arcade-style game.
[...]
(Optional): To remove Vivaldi apt repository from you system, launch Software & Updates and navigate to Other Software tab.
Percepio, the specialist in visual trace diagnostics for embedded and IoT software systems, has announced the immediate availability of Tracealyzer version 4.4 with new support for embedded Linux.
[...]
Percepio CEO and founder Dr. Johan Kraft commented, “Percepio Tracealyzer is firmly established as the leading solution for visual trace diagnostics in the RTOS space. Linux is the single largest platform for embedded and IoT systems today and has an even greater need for better debugging support at system level. We are therefore thrilled to release an even better version of Tracealyzer that is now also optimised for the needs of embedded Linux developers.”
Version 4.4 of the Percepio Tracealyzer tool with support for embedded Linux is now shipping after an open beta programme
After extensive public beta testing, Percepio has launched version 4.4 of its Tracealyzer development tool with support for embedded Linux alongside its real time operating systems.
The Linux Foundation has long served as the home for many of the world’s most important open source software projects. We act as the vendor-neutral steward of the collaborative processes that developers engage in to create high quality and trustworthy code. We also work to build the developer and commercial communities around that code to sponsor each project’s members. We’ve learned that finding ways for all sorts of companies to benefit from using and contributing back to open source software development is key to the project’s sustainability.
Over the last few years, we have also added a series of projects focused on lightweight open standards efforts — recognizing the critical complementary role that standards play in building the open technology landscape. Linux would not have been relevant if not for POSIX, nor would the Apache HTTPD server have mattered were it not for the HTTP specification. And just as with our open source software projects, commercial participants’ involvement has been critical to driving adoption and sustainability.
Security updates have been issued by Arch Linux (chromium), Debian (httpcomponents-client), Fedora (claws-mail), SUSE (bcm43xx-firmware, crmsh, libqt5-qtimageformats, libqt5-qtsvg, php53, php7, and rubygem-activesupport-4_2), and Ubuntu (php5, php7.0, php7.2, php7.4, python2.7, python3.4, python3.5, python3.6, and vim).
Yesterday evening, Google and Intel published a new set of software vulnerabilities that affect machines running Linux Kernels that use Bluetooth. The set of vulnerabilities, called BleedingTooth, impact SUSE Linux Enterprise systems with enabled Bluetooth hardware.
At SUSE, we are actively looking to find technology alignment with the Partners in our ecosystem that are looking to drive open source innovations. An important function of that partner community is our close collaboration with Independent Software Vendors that are looking to help power digital transformation and enable our customers to innovate and grow. These collaborative partnerships help support our joint customer in their digital journey from on-prem infrastructures towards hybrid- and multi-cloud environments. That’s the reason why our engagement with Alcide definitely makes sense. The cloud-native company seeks to bridge the gap between DevOps and Security by providing real-time visibility of operations, with deep analysis and control in order to manage complex Kubernetes deployments.
We are aware that, as of this writing, our website is not 100% https. Our website is hosted by Canonical. There is an open ticket to get everything changed-over, but these things take time. There is nothing the Ubuntu Studio Team can do to speed this along or fix it ourselves. If you explicitly type-in https:// to your web browser, you should get the secure SSL version of our site.
A new Bluetooth security vulnerability has appeared, and this time Linux is under the gun. Andy Nguyen, an information security researcher, discovered the vulnerabilities. They are collectively known as BleedingTooth, which allows for zero-click remote code execution on Linux devices within Bluetooth range. The code can be executed with kernel privileges, and Intel has rated the exploit at an 8.3 on the common vulnerability scoring system (CVSS).
According to the research page for CVE-2020-12351, BleedingTooth is a "Heap-Based Type Confusion in L2CAP." What this means is that a malicious user can send data to the Bluetooth subsystem (BlueZ program) in Linux, after which the code for the subsystem does not check the type of payload. As a result, the injection is read into the subsystem, and it can lead to further code execution. As the research page explains, "A remote attacker in short distance knowing the victim's bd [Bluetooth Device] address can send a malicious l2cap packet and cause denial of service or possibly arbitrary code execution with kernel privileges." Andy Nguyen showcased this vulnerability in the video below, where he launched a calculator program on a remote machine.
"What use is a country if you can't work to better the lives of yourself and your neighbors?"
"We expect this decline to continue," predicted one of the study's authors, who said that unless urgent climate action is taken, "the reef will be unrecognizable."€
The plot to kidnap Gov. Gretchen Whitmer reveals the depths of militia lunacy in Trump’s America.
It's not about fundamental change—it’s about saving lives and the planet.
"We have not received a direct commitment from Secretary Esper that he will refuse commands from an illegitimate president," lamented Rep. Mikie Sherrill.€
Environmentalists were appalled — if not necessarily surprised — by Supreme Court nominee Amy Coney Barrett’s statement Tuesday that she does not “have firm views” on climate change, an ostensibly neutral comment that critics said is tantamount to denial of the science.
During her confirmation hearings on Wednesday, President Donald Trump’s Supreme Court nominee, Judge Amy Coney Barrett, refused to give her opinion on an important question that’s come up over the past four years: whether sitting presidents have the power to pardon themselves.
Two years ago, 11 Latin American countries gathered in solidarity to coordinate a progressive response to an unprecedented regional exodus. But COVID-19 has since crippled their economies and far-reaching migration reforms have stalled, leaving the lives and livelihoods of millions of Venezuelan migrants in the balance. The 2018 Quito Declaration affirmed Latin America’s commitment to improving migrants’ access to regular status, health services, skills training, and the labour market. Signatories agreed to accept expired travel documents and to create an Information Card for Regional Mobility so Venezuelans could easily migrate and integrate.
But even before the pandemic, several countries began decreasing access to regularisation, with Chile, Peru, and Ecuador all introducing new or renewed entry protocols requiring unexpired passports or visas that many Venezuelans find difficult or impossible to acquire.
“Rather than follow-up, we’re seeing some extreme back-sliding, particularly in the last few months with the pandemic,” Geoff Ramsey, director for Venezuela at the Washington Office on Latin America (WOLA) think tank, told The New Humanitarian. “What started as a noble initiative for a comprehensive regional response has become a race to the bottom.”
The result is that less than half of the 5.1 million Venezuelans known to have fled their homeland since 2015 have permits allowing them to reside and work legally in host countries, and the real fraction is considerably lower since many governments neglect to include migrants with no regular status in their numbers.
Amy Coney Barrett: (57:01)
So, without commenting on any particular cases, which actually I have to be completely honest and confess to, I can’t think of what particular cases you might be thinking of in the patent eligibility. But without commenting on those cases in any event, I think I would say that clarity in decision-making is always something that courts should strive for. And I know on the seventh circuit, we try and I’m trying to be attuned to in writing opinions, whether it gives good guidance to lower courts and then to also those who are trying to order their conduct in compliance with the law. So, I think clarity is certainly a virtue in this context.
[...]
Amy Coney Barrett: (58:29)
Most of the things you’re identifying sound to me like matters of policy. And so, those seem like matters that are best addressed by the legislature, a democratically elected body, not policy made by courts.
I feel really bad about this, but whenever I see a Snyders lawsuit, I cant stop thinking back to the late 1990’s when I used to eat Snyder’s mustard flavored pretzels.
This case is not about pretzels, but rather focuses on Snyders artificial heart valve patent US6540782. Eat your heart out?
Snyders sued St. Jude for infringement in D.Minn and St. Jude responded with a pair of inter partes review (IPR) petitions. The PTAB initiated the IPRs and eventually ruled that some of the claims were anticipated by a prior patent.
OIN, the largest patent non-aggression community in history, says the action helps reduce patent risk associated with core Linux and adjacent open source code. This expansion includes 520 new software components, which brings the total number of protected packages to 3,393, according to the announcement.
