Bonum Certa Men Certa

Links 29/7/2019: Academy Software Foundation (ASWF) News, Latte Dock 0.9 and Endless OS 3.6 Reviewed

  • GNU/Linux

    • Server

      • Edge computing: 6 things to know

        As more and more things get smart – from thermostats and toothbrushes to utility grids and industrial machines – data is being created nearly everywhere, making it increasingly urgent for IT leaders to determine how and where that data will be processed.

        Enter the edge. There are perhaps as many ways to define edge computing as there are ways to apply it. At its core, edge computing is the practice of processing data close to where it is generated.

      • IBM

        • 3scale toolbox: Deploy an API from the CLI

          Deploying your API from a CI/CD pipeline can be a tremendous amount of work. The latest release of Red Hat Integration greatly improved this situation by adding new capabilities to the 3scale CLI. The 3scale CLI is named 3scale toolbox and strives to help API administrators to operate their services as well as automate the delivery of their API through Continuous Delivery pipelines.

          Having a standard CLI is a great advantage for our customers since they can use it in the CI/CD solution of their choice (Jenkins, GitLab CI, Ansible, Tekton, etc.). It is also a means for Red Hat to capture customer needs as much as possible and offer the same feature set to all our customers.

        • Red Hat Universal Base Image: How it works in 3 minutes or less
        • Guidelines for instruction encoding in the NOP space
    • Audiocasts/Shows

      • GNU World Order 13x31
      • Linux Action News 116

        Fedora CoreOS introduced its future looks bright, VLC's president debunks security claims, Mozilla debuts an open-source router firmware and the Android flaw that might be our favorite in years.

        Plus how Sailfish OS 3.1 is stepping things up, the first 16-core RISC-V chip is revealed, and more.

      • Docker Best Practices For Python In Production

        Docker is a useful technology for packaging and deploying software to production environments, but it also introduces a different set of complexities that need to be understood. In this episode Itamar Turner-Trauring shares best practices for running Python workloads in production using Docker. He also explains some of the security implications to be aware of and digs into ways that you can optimize your build process to cut down on wasted developer time. If you are using Docker, thinking about using it, or just heard of it recently then it is worth your time to listen and learn about some of the cases you might not have considered.

    • Kernel Space

      • Linux 5.2.4

        I'm announcing the release of the 5.2.4 kernel.

        All users of the 5.2 kernel series must upgrade.

        The updated 5.2.y git tree can be found at:
        git:// linux-5.2.y
        and can be browsed at the normal git web browser:

      • Linux 5.1.21
      • Linux 4.19.62
      • EROFS-Utils Adds LZ4 Compression Bits, Finally Has A README

        While initially the user-space utility for Huawei's EROFS file-system was not publicly available, it came last November and this past April they began rewriting these EROFS user-space bits. Fortunately, since then they have done a better job of keeping EROFS-utils up-to-date against their latest kernel module changes for this read-only file-system.

        With the kernel bits now aligned for LZ4 in-place decompression, the EROFS-utils code was updated this week for supporting this functionality.

      • Linux k10temp Support Pending For AMD Ryzen 3000 Series Processors

        Patches are now queued into the Linux kernel's hwmon subsystem staging area that allow the AMD "k10temp" driver to support the Ryzen 3000 "Zen 2" processors.

        Back during the Zen 2 press briefings I was told no temperature control offset was needed for Zen 2 and that the Linux thermal driver support was all squared away as a result. It was correct no Tctl is thankfully needed but the Linux driver support still wasn't exactly squared away. It turns out the new PCI IDs were missing from the Linux driver and thus no temperature monitoring support under Linux.

      • Linux 5.3-rc2

        Hmm. I reasonably large rc2 to go with a fairly large merge window.

        There are fixes all over, I don't think there's much of a pattern here. The three areas that do stand out are Documentation (more rst conversions), arch updates (mainly because of the netx arm platform removal) and misc driver fixes (gpu, iommu, net, nvdimm, sound ..).

        But there's a smattering of fixes all over (core kernel, netfilter, filesystems, you name it). I don't think anything stands out as particularly damning.

        Shortlog appended for people who want to get an overview of the details.

      • Linux 5.3-rc2 Comes In As Reasonably Large Following The Big Merge Window
      • Linux 5.4 To Support The Buttons On Newer Microsoft Surface Laptops

        Coming for the Linux 5.4 cycle later this year will be support for the buttons on newer Microsoft Surface devices.

        Queued into the input-next's Git tree already is support for newer Surface devices within the soc_button_array driver. In particular, the power and volume buttons are now supported by the Microsoft 5th and 6th generation Surface devices.


        Still a bit silly and unfortunate in 2019 the Linux kernel needs to be battling laptop vendors for supporting items as mundane as power and volume buttons, but it is what it is, especially with Microsoft.

      • Unikernels: the next stage of Linux’s dominance [Ed: cites this PDF]

        Unikernels have demonstrated enormous advantages over Linux in many important domains, causing some to propose that the days of Linux’s dominance may be coming to an end. On the contrary, we believe that unikernels’ advantages represent the next natural evolution for Linux, as it can adopt the best ideas from the unikernel approach and, along with its battle-tested codebase and large open source community, continue to dominate. In this paper, we posit that an up-streamable unikernel target is achievable from the Linux kernel, and, through an early Linux unikernel prototype, demonstrate that some simple changes can bring dramatic performance advantages.

      • Linux Foundation

        • Academy Software Foundation Announces Amazon Web Services as a New Premier Member

          "We are pleased to welcome Amazon Web Services as a new Premier member. Many open source projects and developers rely on cloud services from AWS for content creation and production. We look forward to their contributions as our projects continue to evolve and grow," said David Morin, Executive Director of Academy Software Foundation. "We are also excited to have Rodeo FX and MovieLabs join our community. Rodeo FX has a deep expertise in visual effects and developing artist-driven tools that will be beneficial as our Foundation continues to grow. MovieLabs has a history of bringing together studios and tech companies to develop common technology goals, which aligns with our goal of driving collaboration and shared development of open source technologies across the motion picture and media industries."

        • Netflix Joins the Academy Software Foundation

          The Academy Software Foundation (ASWF), a neutral forum for open source software development in the motion picture and media industries, today announced that Netflix has joined the Foundation as a member.

        • Netflix, Amazon Web Services Join Hollywood Open Source Group

          Netflix and Amazon Web Services are among the newest members of the Academy Software Foundation, a group dedicated to promoting the use of open source software in Hollywood that is being spearheaded by the Linux Foundation and the Academy of Motion Picture Arts and Sciences.

        • Amazon Web Services, RodeoFX, and MovieLabs Join Academy Software Foundation

          The Academy Software Foundation (ASWF), a neutral forum for open source software development in the motion picture and media industries, today announced that Amazon Web Services has joined the Foundation as a Premier member, Rodeo FX as a General member, and MovieLabs as an Associate member.

          “We are pleased to welcome Amazon Web Services as a new Premier member. Many open source projects and developers rely on cloud services from AWS for content creation and production. We look forward to their contributions as our projects continue to evolve and grow,” said David Morin, Executive Director of Academy Software Foundation. “We are also excited to have Rodeo FX and MovieLabs join our community. Rodeo FX has a deep expertise in visual effects and developing artist-driven tools that will be beneficial as our Foundation continues to grow. MovieLabs has a history of bringing together studios and tech companies to develop common technology goals, which aligns with our goal of driving collaboration and shared development of open source technologies across the motion picture and media industries.”

        • Netflix Joins the Academy Software Foundation

          The Academy Software Foundation (ASWF), a neutral forum for open source software development in the motion picture and media industries, today announced that Netflix has joined the Foundation as a member.

          The Academy Software Foundation also announced today that OpenTimelineIO has been accepted as a Foundation-hosted project and is one of the first projects Netflix will contribute to as a member of the Foundation. Initially created by Pixar Animation Studios, OpenTimelineIO (OTIO) is an Open Source API and interchange format that facilitates collaboration and communication of editorial data and timeline information between a studio’s Story, Editorial, and Production departments all the way through Post-Production. You can read more about the announcement here.

        • OpenTimelineIO Becomes Fifth Project Hosted at Academy Software Foundation

          Initially created by Pixar Animation Studios, OpenTimelineIO (OTIO) is an Open Source API and interchange format that facilitates collaboration and communication of editorial data and timeline information between a studio’s Story, Editorial, and Production departments all the way through Post-Production. Since 2016, there have been eleven OTIO releases with contributions from many studios and vendors including Pixar, Lucasfilm and Netflix. It has been used in production for films including Coco, Incredibles 2, and Toy Story 4.

          “Picture-less data produced by editorial departments is very useful across the pipeline. We developed OpenTimelineIO to provide an open source alternative to proprietary formats and enable our community to easily and efficiently interchange editorial timelines,” said Guido Quaroni, Vice President of Research and Development at Pixar. “As an Academy Software Foundation project, we hope OpenTimelineIO can help facilitate content creation within the motion picture and other similar industries.”

          OTIO makes it easier to build tools that use editorial timeline information, filling a gap in film production pipelines that was previously underserved by similar, proprietary technologies. It supports clips, timing, tracks, transitions, markers, and metadata in an API that is easy for studios to integrate with their tools and for vendors to integrate with their software. Use cases include tracking shot length changes, providing context shots in dailies, communicating shots added or removed, conforming new renders into a cut, and dealing with picture-in-picture shots.

      • Graphics Stack

        • Destiny 2 Works on Ryzen 3000 Finally: Test Chipset Driver to Fix RDDAND Issue

          The Linux folks over at Phoronix covered this in their performance overview of Ryzen 3000. Their conclusion was that third-gen Ryzen delivered fantastic performance on Linux, especially in multithreaded applications, but that the RDRAND issue made running newer distros impossible at the moment.


          We don’t have an update yet on whether or not the new driver enables support for new Linux distros, but it appears that Destiny 2 works just fine, so if not being able to run and gun was your issue, it’s been resolved. If you were looking forward to running the latest version of Ubuntu, we’ll update you soon on whether Linux support has been fixed, too.

    • Instructionals/Technical

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • KDE Plasma 5.17 Linux Desktop to Modernize the Settings, Add Many UI Changes

          One of the nicest changes to be implemented in the upcoming KDE Plasma 5.17 desktop environment is a totally revamped System Settings window, which now features a modern look and feel to make setting up various aspects of the KDE Plasma desktop a breeze for newcomers and advanced users alike.

          "This design is months in the making, and it took quite a bit of work to pull it off," said developer Nate Graham in his latest weekly report. "This is the first of several user interface changes we’re hoping to land in the Plasma 5.17 timeframe, and I hope you’ll like them."

        • Latte Dock v0.9, "...a world to discover..."

          After a full year of development a new stable branch is finally available! This is a version full of innovations, improvements and enhancements that improve the entire experience at all areas. I have written plenty of articles for introduced major features and in the same manner this article will focus only on highlights.

        • Latte Dock 0.9 Brings Better Settings, Layout Enhancements

          Latte Dock 0.9 brings new indicators, settings improvements, improved badgets. better Wayland support though still a technology preview, and a variety of other polishing and additions to this KDE-focused dock.

        • My KDE Onboarding Sprint 2019 report

          This week I took part on the KDE Onboarding Sprint 2019 (part of what's been known as Nuremberg Megasprint (i.e. KDEConnect+KWin+Onboarding) in, you guessed it, Nuremberg.

          The goal of the sprint was "how do we make it easier for people to start contributing". We mostly focused on the "start contributing *code*" side, though we briefly touched artists and translators too.

        • Strokes are Working Now

          Okay, good news today. I have been porting DefaultTool to the new node-replacing system and it is working now, finally, at least for the part I have already done.

          The work involves combining a number of different modules in Krita: the stroke system,KoInteractionTool and its interaction strategies, and, well, the COW mechanism in Flake.

          KoInteractionTool is the class used to manage the interaction with vector shapes, and is subclassed by DefaultTool. The behaviours of KoInteractionTool (and thus DefaultTool) are defined by KoInteractionStrategys. Upon the press of the mouse button, DefaultTool creates an instance of some subclass of KoInteractionStrategy, say, ShapeMoveStrategy, according to the point of the click as well as keyboard modifiers. Mouse move events after that are all handled by the interaction strategy. When the mouse is released, the interaction strategy’s finishInteraction() is called, and then createCommand(). If the latter returns some KUndo2Command, the command is added to the undo history. Till now it sounds simple.


          A problem I found lies in the final stage–if the mouse is released as soon as being pressed and no undo command is created, Krita will simply crash. It does not happen when I use gdb to start Krita so it seems to be a timing issue though it leads to difficulty for debugging as well. Dmitry used a self-modified version of Qt to produce a backtrace, indicating the problem probably lies in KisCanvas2‘s canvasUpdateCompressor, which is not thread-safe. However, after I changed it to KisThreadSafeSignalCompressor, the crash still happens, unfortunately.

      • GNOME Desktop/GTK

        • GNOME's Pango 1.44 Released With Many Text Rendering Improvements

          GNOME's Pango text layout and rendering library is now in much better shape with the brand new 1.44 release following receiving some attention by Red Hat's developer team.

          The Pango layout library had been suffering from rot in recent years and basically in a maintenance mode but recently was revived thanks to Red Hat's Matthias Clasen and work by other developers. This is important with Pango being used by the likes of the GTK tool-kit. In the process of improving Pango, there's also been some enhancements made to the Cairo renderer too.

        • The Plan

          So I started my GSoC project with understanding and retrieval of MusicBrainz Identifiers. That was a slow start, other than that I added mappings for MBIDs in grilo. This is required because, we’ve tracker properties for MBIDs and we’ve grilo properties for MBIDs, but there’s no linkage between them. So we needed to add mapping from grilo to tracker.

          Last week one more thing which I tried was finally retrieving MBIDs in GNOME Music. That was very exciting, because for past one month, I’ve been dealing with extraction of MBIDs through different extractors especially GStreamer extractor. So finally seeing those tags in Music made me really excited. It wasn’t hard retrieving those tags in Music, there’s already tracker plugin launched by Music which retrieves different tags, so I just added MBIDs in query module. Once you get the required MBIDs in Music, all you need to do is launch already existing cover-art grilo plugin with required tags and automatically cover art will be updated!

    • Distributions

      • Reviews

        • Review: Endless OS 3.6

          They sell computers, small computers, with up to 4GB of RAM, HDMI and VGA on most, and all the other usual accouterments like USB 3 and Bluetooth. They definitely aren't powerful machines, and there is no price listed, instead you need to submit a form with contact information and they will get back to you. The computers are sleek and some seem to be design pieces. With the lower end specs, they are probably able to get the price down pretty well to match their marketing agenda towards lower income audiences. One other thing the company offers is a pay-as-you-go system (which they call PAYG) that allows lower income people to more easily afford their computers. On the surface this seems like an admirable cause, but if you dig a little you can see that their system, "was designed to de-risk loans through a PC locking mechanism, built into the Endless OS, that is tied to the payment status of a loan. If a customer is not able to make their loan payment the laptop locks until payment is made. While locked the users' data, files and settings are all perfectly preserved and protected. Endless PAYG is a completely offline code based locking mechanism. Users receive unlock codes over SMS once they make a payment. These codes then unlock the PC for different time intervals (1 day, 1 week, 1 month, etc)."

          In the free and open source world that we as Linux users have become accustomed to, it is hard to remember that companies exist - companies have employees and employees need to make money to feed their families and put a roof over their head. Still, this mechanism upset me a great deal. I understand Endless is a company and needs to make money, but this feels akin to hackers who hold data ransom. If a person is paying as-they-go to use a computer because they cannot afford it outright, maybe we as a society should give them a little more grace than locking up their data when they cannot afford to pay. I would recommend, personally, a more gentle approach - perhaps locking functionality to only educational purposes and LibreOffice would be more appropriate.

          Overall, I am impressed with Endless OS. I would never use it because I am a tinkerer and Endless OS does not allow tinkering. Endless has a good little thing going, and if they are able to bring Linux to the whole world, I support them in their endeavors. (I do not have to approve of all the ways they go about doing that.)

      • Debian Family

        • Q4OS Operating System Brings the Trinity Desktop to Debian GNU/Linux 10 "Buster"

          Based on the recently released Debian GNU/Linux 10 "Buster" operating system series, Q4OS 3.8 "Centaurus" comes more than seven months after the Q4OS 2.7 "Scorpion" release and it is the first stable version in the 3.x series, which was in heavy development during the last few years.

          For a long time, Q4OS was shipping with the Trinity Desktop Environment (TDE) by default, which offers users, especially those who want to switch from Windows to Linux, a very familiar interface. However, it looks like the Q4OS 3.8 "Centaurus" series uses the latest stable KDE Plasma desktop by default.

        • Deepin 15.11 Released with Could Sync and Many Other Improvements

          It preinstalls Deepin Desktop Environment (DDE) and nearly 30 deepin native applications, as well as several applications from the open source community to fulfill user expectations.

          There are thousand applications are offered in Deepin Store, which users can install on demand.

          There are lot of fixes applied to Kwin (KDE Window Manager) and optimized for better stability and compatibility.

        • Dirk Eddelbuettel: anytime 0.3.5

          A new release of the anytime package is arriving on CRAN. This is the sixteenth release, and comes a good month after the 0.3.4 release.

          anytime is a very focused package aiming to do just one thing really well: to convert anything in integer, numeric, character, factor, ordered, … format to either POSIXct or Date objects – and to do so without requiring a format string. See the anytime page, or the GitHub for a few examples.

        • DebConf20 Conference Takes Place August 23-29 for Debian GNU/Linux 11 "Bullseye"

          With the DebConf19 event closed, the Debian Project announced the dates for next year's DebConf20 Debian GNU/Linux developer conference, which will be hosted in Haifa, Israel.

          Next year, in 2020, the Debian Project will celebrate 12 years from the launch of the first DebConf Debian developer conference, and they selected Israel's Haifa instead of Portugal's Lisbon for DebConf20 despite Israel's political system. Now, they announced the official dates for DebConf20, which will take place between August 23rd and 29th.

      • Canonical/Ubuntu Family

        • Canonical Outs Linux Kernel Security Patch for Ubuntu 16.04 LTS to Fix Six Flaws

          This new Linux kernel security patch comes hot on the heels of the security update released earlier this week for the Ubuntu 19.04 (Disco Dingo) and Ubuntu 18.04 LTS (Bionic Beaver) operating system series, but it's only available for users of the Ubuntu 16.04 LTS (Xenial Xerus) operating system series running the stock Linux 4.4 kernel.

          It addresses a total of six flaws, including an integer overflow (CVE-2019-10142) discovered in Linux kernel's Freescale (PowerPC) hypervisor manager and a race condition (CVE-2018-20836) discovered in the Serial Attached SCSI (SAS) implementation, which could allow a local attacker to execute arbitrary code or cause a denial of service (system crash).

    • Devices/Embedded

  • Free, Libre, and Open Source Software

    • KITE to help offices install digital signature

      The Kerala Infrastructure and Technology for Education (KITE) has come up with a system for integrating digital signatures in free and open-source software (FOSS)-based operating systems used in most government offices.

      The State government had recently instructed all government offices to use digital signatures compulsorily for preparing salaries and other benefits of employees on the Spark (Service and Payroll Administrative Repository for Kerala) portal.

    • OpenHMD: Open Source Project for VR Development

      A universal distortion shader was added to OpenHMD. This additions “makes it possible to simply set some variables in the drivers that gives information to the shader regarding lens size, chromatic aberration, position and quirks.”

      They also announced plans to change the build system. OpenHMD added support for Meson and will remove support for Autotools in the next (0.4) release.

      The team behind OpenHMD also had to remove some features because they want their system to work for everyone. Support for PlayStation VR has been disabled because of some issue with Windows and mac OS due to incomplete HID headers. NOLO has a bunch of firmware version, many will small changes. OpenHMD is unable to test all of the firmware versions, so some version might not work. They recommend upgrading to the latest firmware release. Finally, several devices only have limited support and therefore are not included in this release.

    • API Fortress launches open source app, 3loa Helper, to automate 3-legged OAuth 2.0 flows

      API Fortress, the leader in continuous API testing, announces 3loa Helper, an open source application that automates 3-legged OAuth 2.0 flows from the world’s largest social and search providers.

      By simply integrating API Fortress with 3loa Helper, developers and test engineers can test and validate 3-legged OAuth flows.

      “Too many tests today don’t truly reproduce the user flows a production API sees,” says Patrick Poulin, CEO and co-founder at API Fortress, “This leaves risky holes in a test plan, and ignores what is often the very first step for users.”

      It is difficult to automate 3-legged OAuth 2.0 flows for API testing because 3-legged OAuth 2.0 was specifically designed to require user intervention.

    • Productivity Software/LibreOffice/Calligra

      • Week 9 Report

        First of all, This week was the second Evaluation Result of the Project and I am happy on working on this project and thanks to all LO family.


      • GNU Stow 2.3.1 released

        This release improves ease of installation by dropping some module dependencies which were introduced in 2.3.0. It also fixes an issue with the test suite, and improves the release procedure. See for more details.

    • Licensing/Legal

      • Building a Successful Open Source Management Strategy

        When software is deployed continuously, composition analysis for quality, compliance, and security within code needs to be managed strategically. Ensuring that the benefits of open source are not outweighed by risks, software developers and corporate counsel must align around tools and practices to help manage their open source code responsibly to drive business value. Building and Maintaining a Successful Open Source Management Strategy discusses:

    • Openness/Sharing/Collaboration

      • Open Access/Content

      • Open Hardware/Modding

        • China's Alibaba is making a 16-core, 2.5 GHz RISC-V processor

          Why it matters: What do you do when the US is threatening to cut off access to every piece of important tech ever? Join the open-source RISC-V Foundation, of course. Unrestricted access to some of the most advanced existing processor technologies, and a guaranteed window to peek at what the other Foundation members, including Google and Nvidia, are doing. Chinese retail giant Alibaba has established a new R&D branch to take advantage of the open-source RISC-V instruction set and their first product is here: the Xuantie 910.

        • RISC Is Fundamentally Unscalable
    • Programming/Development

      • How to structure a multi-file C program: Part 1

        It has often been said that the art of computer programming is part managing complexity and part naming things. I contend that this is largely true with the addition of "and sometimes it requires drawing boxes."

        In this article, I'll name some things and manage some complexity while writing a small C program that is loosely based on the program structure I discussed in "How to write a good C main function"—but different. This one will do something. Grab your favorite beverage, editor, and compiler, crank up some tunes, and let's write a mildly interesting C program together.

      • Get top exchanges by volume for a currency pair

        In this chapter, we will create a button which will call a function to retrieve the top 50 exchanges and the trading volume for a cryptocurrency/currency pair. The API needs the selected cryptocurrency and the selected currency symbol to make the call.

      • Speed Matters: Python and Lua

        Python is great, but pure Python code sometimes has one problem: It’s slow.

        Fortunately there are several great solutions to improve the performance, like Numpy, Cython, Numba, Pypy.

        All of the above solutions have different drawbacks:

        Numpy and Numba are big modules. In addition Numpy is not always fast enough. Pypy is not 100% compatible and a heavy solution if it is used in addition to CPython. Cython is complex and you need a C-compiler. Recently I’ve found one more solution which maybe is not that well known: Lua integration in Python programs.

        Lua is another scripting language with dynamic data types.

  • Leftovers

    • Do you prefer a live demo to be perfect or broken?

      At DevFest DC in June, Sara Robinson, developer advocate at Google Cloud, gave the most seamless live demo I've ever witnessed.

      Sara live-coded a machine model from scratch using TensorFlow and Keras. Then she trained the model live, deployed it to Google's Cloud AI platform, and used the deployed model to make predictions.

      With the exception of perhaps one small hiccup, the whole thing went smoothly, and I learned a lot as an audience member.

    • Survival Analysis for Deep Learning

      Most machine learning algorithms have been developed to perform classification or regression. However, in clinical research we often want to estimate the time to and event, such as death or recurrence of cancer, which leads to a special type of learning task that is distinct from classification and regression. This task is termed survival analysis, but is also referred to as time-to-event analysis or reliability analysis. Many machine learning algorithms have been adopted to perform survival analysis: Support Vector Machines, Random Forest, or Boosting. It has only been recently that survival analysis entered the era of deep learning, which is the focus of this post.

      You will learn how to train a convolutional neural network to predict time to a (generated) event from MNIST images, using a loss function specific to survival analysis. The first part, will cover some basic terms and quantities used in survival analysis (feel free to skip this part if you are already familiar). In the second part, we will generate synthetic survival data from MNIST images and visualize it. In the third part, we will briefly revisit the most popular survival model of them all and learn how it can be used as a loss function for training a neural network. Finally, we put all the pieces together and train a convolutional neural network on MNIST and predict survival functions on the test data.

    • Security (Confidentiality/Integrity/Availability)

      • Linux's 32-Bit Kernel Has Been Buggy Since Being Mitigated For Meltdown

        Whether you like it or not, the Linux kernel's x86 32-bit support has already begun suffering some minor forms of bit rot. Most kernel developers are no longer actively testing x86-32 and distribution vendors are beginning to drop 32-bit support. The latest example of x86 32-bit's effectively demoted state is some buggy undefined behavior functionality living within the mainline kernel for the past year since the Meltdown mitigations landed.

        Not only did it take months after Intel's Meltdown vulnerability was published (and x86_64 being mitigated) to see Linux KPTI support for x86 32-bit to mitigate Meltdown (from January's disclosure to mainline readiness in July), but it turns out it ended up exposing a 32-bit only bug that has lived in the kernel from summer 2018 until now with the Linux 5.3.

      • Russia Suspected In Attempted ProtonMail Client Hack

        ProtonMail, an email service based in Switzerland, has been targeted in a sophisticated cyber attack aimed at journalists investigating Russian intelligence activities, the company says.

        The target was Bellingcat, an open-source investigative website that has been probing the involvement of Russia and its GRU intelligence service in the downing of flight MH17 over Ukraine in 2014.

        On Saturday, ProtonMail posted a blog saying that these attempts have failed, and that reports stating that ProtonMail itself had been hacked were inaccurate.

      • 5 Free Linux Antivirus – Anti-Ransomware, Server Malware And Spyware [Ed: Very poor, weak article. Compares NSA back doors in Windows to Linux and speaks of security problems one actually needs to recklessly install.]

        The WannaCry ransomware epidemic hit customers on Home windows like wildfire, however what can it do on a Linux system operating wine? Is Linux proof against Ransomware? Will Linux shield you from ransomware assaults?

      • Fernando Corbato: Scientist who fostered the digital revolution and the computer password

        Fernando Corbato’s achievements in computer science have had a huge impact on daily life. His work drastically expanded the usefulness of the computer and put its benefits at the reach of all. But he also made his mark on the modern world by conceiving and applying the idea of controlling computer access by passwords.

        Corbato, who has died aged 93, was a professor emeritus at the Massachusetts Institute of Technology, where he was interested in the problem of increasing access to computers while protecting individual privacy and data. Passwords seemed to be the solution, and he found himself drawn to the discipline that would become known as computer science.

        He entered the new arena in its early days, when the slide rule or the mechanical calculator were mainstays of computation. In 1956, when Corbato began at the MIT Computation Centre, machines and their operations were characterised by such items as vacuum tubes, paper tape and stacks of the infamous punch cards – the last giving rise to the slogan, “Do not fold, spindle or mutilate.”

      • After Two Years, Malwaretech Is A Free Man

        The judge them emphasized that, on top of everything else, Hutchins had been away from home for two years.

        That’s when what every lawyer watching in the courtroom I spoke with called unprecedented. The Judge suggested Hutchins should get a pardon, which would enable him to come back to the US to work. “While court has no pardon power, matter reserved to the executive. Truly left for another day.”

        He then imposed Hutchins’ sentence. “We reach a point in balancing these considerations, court left to make final call. Final call is a sentence of time served with one year of supervised release.” He went on to make it clear that, once Hutchins finishes packing up his life in LA, he wanted to be sure that Immigration doesn’t get custody. “Nothing in this judgement requires he stay in the United States. I’m seeking to avoid him being taken into custody by Immigration and Customs. We don’t need any more publicity or another statistic.”

      • Arduino Selects Auth0 as Standardized Login for Open-Source Ecosystem

        Auth0, a global leader in Identity-as-a-Service (IDaaS), today announced it has been selected as the identity management platform of choice for Arduino€®, the world’s leading open-source hardware and software ecosystem. With a global community of 30 million “makers”, Arduino will use Auth0 to replace its own Single Sign On solution for all of its public facing web properties, including Arduino Create and community apps.

    • Defence/Aggression

      • France wants to arm satellites with guns and lasers by 2030 [iophk: France advances the probability of achieving the kessler syndrome]

        Minister Florence Parly announced that the country would be reallocating €700 million from the military budget for space defense, with more than €4.3 billion to be spent by 2025. That money would go towards upgrading France’s network of Syracuse military communications satellites, which are operated by the French Navy. The military wants the next generation of satellites to come with cameras to identify adversaries, with a followup generation equipped with submachine guns and lasers to attack and disable other satellites.

    • AstroTurf/Lobbying/Politics

      • Robert Reich: The Real Reason We Need to Impeach Trump Immediately

        By issuing a blanket refusal to respond to any congressional subpoena, Trump is saying Congress has no constitutional authority to oversee the executive branch. He’s telling America that Congress is a subordinate branch of government rather than a co-equal branch.

    • Censorship/Free Speech

      • Pakistan censorship: 'Hovering above the mute button'

        The interview, between one of Pakistan's best-known TV news anchors, Hamid Mir, and leading opposition politician Asif Ali Zardari, was only a few minutes into its transmission when it was suddenly interrupted by an unscheduled ad break and news bulletin.

    • Privacy/Surveillance

      • Did Facebook CEO Mark Zuckerberg Intend To Deceive?

        Sounds great. Only, it wasn't true. According to the FTC, Facebook kept handing over user data secretly — without consent — to dozens of outside developers (like Cambridge Analytica, the political research firm that worked on President Trump's campaign).

    • Monopolies

      • Patents and Software Patents

        • Implicit Overruling And Foreign Lost Profits

          How does one know when the Supreme Court has implicitly overruled a circuit panel precedent? Despite the fact that circuit courts are faced with this question on a regular basis, the answer is not clear. The Power Integrations case currently pending before the Federal Circuit provides an interesting case study in implicit overruling, as well as an opportunity for the court to clarify how extraterritoriality relates to proximate causation in the law of patent damages, in light of the Supreme Court's recent opinion in WesternGeco.

        • Why Is Big Pharma Heading To Canada For Its Cannabis Patents?

          Currently, seven of Canada’s top ten cannabis patent holders are major multi-national pharmaceutical companies, according to a joint research project by Washington D.C.-based New Frontier Data and London-based cannabis bio-technology firm, Grow Biotech. The list includes Ciba-Geigy AG (Switzerland) with 21 patents; Pfizer Products (United States) with 14; and Telefonaktiebolaget LM Ericsson (Sweden) with 13. Merck Sharp and Dohme Corporation, the fourth largest pharmaceutical company in the world, has 11 cannabis-related patents, and recently announced a partnership to pursue collaborations with Intec Pharma Ltd., a clinical-stage biopharmaceutical company that has developed a propriety oral drug delivery system for delivery of CBD and THC in treating pain. This got me wondering: why are the mega companies choosing to file their cannabis patents in Canada as opposed to the United States?

        • New Apple patent filing shows a mixed reality headset that tracks your whole face

          Apple has filed a patent for a complex mixed reality headset, potentially including sensors that track users’ facial features, eyes, and hands. Variety reported on the patent application earlier today; it was published last week and originally filed in March 2019. It’s part of a long string of Apple mixed (or augmented) reality patents, and, like its predecessors, it indicates that Apple is broadly examining how AR might translate from phones to glasses.

          The “Display System Having Sensors” patent covers a head-mounted display, a collection of cameras and other sensors that track the external environment, and a different set of sensors that track the wearer’s eyes. The components all work together to display a virtual 3D image that’s somehow based on the real world. Beyond that, there are a lot of potential variations. The headset could include hand sensors, “head pose sensors,” sensors that capture detailed information about real-world lighting conditions, “eyebrow sensors,” and “lower jaw sensors” that track movement of the mouth and jaw.

        • Apple Pays $1 Billion for Part of Intel’s Modem Business

          Apple said on Thursday that it would buy most of Intel’s smartphone-modem business for $1 billion, aiding its push to gain more control over faster wireless technology in iPhones.

          Apple will add about 2,200 Intel employees, as well as patents and equipment. The deal is expected to close in the fourth quarter and is subject to regulatory approval.

          Analysts say Apple will develop a 5G iPhone by late next year. Those iPhones are expected to use chips from Qualcomm, another chip maker that, until recently, was in a legal fight with Apple over royalties and other business practices.

      • Copyrights

        • Secretly Public Domain

          The two datasets are in different formats, but a little elbow grease will mesh them up. It turns out that eighty percent of 1924-1963 books never had their copyright renewed. More importantly, with a couple caveats about foreign publication and such, we now know which 80%.

Recent Techrights' Posts

Microsoft Has Managed to Make GNU/Linux Users Scared of Updating Their GNU/Linux PCs (Thanks to UEFI 'Secure' Boot's Boosters!)
How many people know who's responsible for this mess?
Geminispace Growing and Getting More Free (Independent)
Because self-signed certificates are the way to go
WikiLeaks Wonders: Major Leaks That Shook the Worlds
Published 14 hours ago
No Outage Here
Microsoft seems to have lost control of the narrative
Links 20/07/2024: Tesla's UK Lawsuit for 5G Patents Licence Thrown Out by UK Court, Censorship Examples Surface
Links for the day
Gemini Links 20/07/2024: Why Sleep Is So Important, Bot Problems Online
Links for the day
[Meme] Truth Hurts
"Saying that I physically assaulted women is 'defamation'"
Techrights Turns 18 in About 3 Months
Nothing can stop us
When (Software) Freedom is the Goal
Freedom of thought also
Giving the False Impression That the R blogosphere is Microsoft's Microcosm
Curation that culls "astrotrufing" isn't censorship but quality control for relevance
Expect Many More Microsoft Layoffs After the Latest Windows Outages (Bonus: More Media Says Microsoft Has Cut Half the Staff in Nigeria)
after the latest worldwide blunder we can expect many businesses to gradually ditch Windows
Today GNU/Linux Broke All-Time Record in statCounter Again
Expect more people to hop over to GNU/Linux after the Windows fiasco
Joab Jackson and "The New Stack" Publishing Microsoft Spam (E.E.E. Against Linux) for a Payment From Microsoft
It's not a real news site
Links 20/07/2024: Patents on Software Squashed, Further Attacks on Independent News Sites
Links for the day
Links 20/07/2024: Shopping Mall in Southwestern China and New Health Crises
Links for the day
Microsoft/Windows Has Fallen Well Below 1% (Now 0.7%) in American Samoa
statCounter Sees Microsoft Windows at Below 1% in American Samoa
The Thelio Mega Is a Dual-GPU Linux Supercomputer
System76 sells many desktops and laptops built to run Linux. The company has now revealed its new high-powered Linux desktop, the Thelio Mega
[Meme] "System of a Down"
The latest international catastrophe kills people
Why Microsoft is Laying Off So Many People in Nigeria
Nigeria is a place Microsoft has lost
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, July 19, 2024
IRC logs for Friday, July 19, 2024
Gemini Links 20/07/2024: Gopher Catchup and Old Computer Challenge
Links for the day
Microsoft Lays Off Half of Its Workforce in Nigeria
Microsoft continues to implode in Africa
Links 19/07/2024: Microsoft Breaks Down and Amdocs Has 1,500-3,000 More Layoffs
Links for the day
Washington's WARN Site/Portal (That Excludes Many Microsoft Layoffs) is Now Down for Many Hours, Microsoft Causes Major Outages and Incidents Worldwide (Even Deaths)
The mass layoffs (lots of them in Azure since 2020) probably worsen resilience and security some more
UEFI 'Secure Boot' Once Again Bricking PCs and Fake Security Models Are Perishing in Geminispace
Let's Encrypt has just fallen again
[Meme] Conservative (and Fake) Nuclear Physicist Bill Gates
Didn't even graduate from college, media treats him like a world-renowned expert in nuclear energy
The Gemini Capsule of Tux Machines Turns 2 in Six Days
Many people actually use Gemini, some participate in it by creating their own capsule (or capsules)
GNU/Linux Rises to 4% in Saudi Arabia, Says statCounter, Windows Has Fallen to 11% (Android Exceeds 60%)
Microsoft might soon fall below 10% in KSA (Saudi Arabia)
IRC Proceedings: Thursday, July 18, 2024
IRC logs for Thursday, July 18, 2024
GNU/Linux news for the past day
GNU/Linux news for the past day
1901 Days in High-Security Prison (and 8 More Years in Severe Confinement) for the 'Crime' of Exposing War Crimes and Corruption
Julian Assange clip = Microsoft Lobbying (Openwashing)
Here's the latest pair of blog posts
In Northern Mariana Islands, Where Julian Assange Pled Guilty 4 Weeks Ago, Windows Remains Second to Android, and GNU/Linux Still Grows in Oceania
It was the first month ever that statCounter saw more Web requests there from Android than from Windows
If GitLab Gets Sold (Datadog and Google Named Among Potential Buyers), It'll Prove Our Point About GitLab
Beware the bait on the hook