Bonum Certa Men Certa

Links 4/3/2020: OpenShot 2.5.1, Kali Linux 2020.1a, Let’s Encrypt Fiasco

  • GNU/Linux

    • How to launch IoT devices – Part 3: make vs buy decisions
    • How to assess your organization's technological maturity
    • Desktop/Laptop

      • TUXEDO Computers Unveils New InfinityBook S 14 Linux Laptop

        The new InfinityBook S 14 laptop from TUXEDO Computers is the perfect computer for people who are always on the go and love Linux. It’s an ultra-mobile device that wights less than 1.1 kg and offers huge battery life boots designed to keep you working all day long.

        But what’s more exciting about the new InfinityBook S 14 laptop is that it can be opened up to 180 degrees. The beautiful and unique display will immediately catch your attention with its narrow bezel frame, very high contrast ratio of 1200:1, and a luminance of 320-350 cd/qm.

        Even at full brightness, the 14-inch low-power display will consume up to 50% less energy than traditional displays found in other similar laptops. On top of that, the magnesium alloy chassis has a great feeling to it and will definitely turn heads.

      • System76 Expands Their Lineup Of Hand-Built Thelio Computer Cases
      • Ubuntu Linux computer-maker System76 launches Neptune Blue, Martian Red, and Dark Matter Black Thelio colors

        System76 as an organization is a hero to the Linux community. For many years, the company has sold computers running Ubuntu, lending a legitimacy to the idea of Linux on the desktop. System76 even evolved beyond just selling computers — it now makes them too. Best of all, the computers are made in the USA. The company even maintains its own Linux distribution called “POP!_OS.”

        Today, the company announces a cool new option for its homemade Thelio desktop computers. No, it isn’t anything that will impact performance, but still, it is very exciting — thee new color options!

        "System76 continues to push the boundaries of form and function by adding three new, hand polished wood veneer colorways to their Thelio Desktop computer line. All hand sanded, finished, and polished at their Denver, CO factory, these computers are meant to not only be powerful tools, but also beautiful additions to any workspace," says System76.

    • Server

      • CloudScale365 Acquires Hosting Firm EApps To Spread Linux Services

        The acquisition expands CloudScale365’s solutions portfolio with the technology and staff to provide services in a “Linux cloud” to companies of any size, said the firm.

      • Oracle Announces Oracle Cloud Data Science Platform

        Oracle today announced the availability of the Oracle Cloud Data Science Platform. At the core is Oracle Cloud Infrastructure Data Science, helping enterprises to collaboratively build, train, manage and deploy machine learning models to increase the success of data science projects. Unlike other data science products that focus on individual data scientists, Oracle Cloud Infrastructure Data Science helps improve the effectiveness of data science teams with capabilities like shared projects, model catalogs, team security policies, reproducibility and auditability. Oracle Cloud Infrastructure Data Science automatically selects the most optimal training datasets through AutoML algorithm selection and tuning, model evaluation and model explanation.

      • Oracle Launches Cloud Data Science Platform

        Unlike other data science products that focus on individual data scientists, Oracle Cloud Infrastructure Data Science is said to help improve the effectiveness of data science teams with capabilities like shared projects, model catalogs, team security policies, reproducibility and auditability. Oracle Cloud Infrastructure Data Science automatically selects the most optimal training datasets through AutoML algorithm selection and tuning, model evaluation and model explanation.

      • [Older] High Performance Object Storage, Kubernetes + Why You Can't Containerize a Storage Appliance

        There are two forces that are fundamentally remaking the technology landscape today. One is Kubernetes and the other is high performance Object Storage. They are powering (or are shaped by, depending on your perspective) modern, data-rich applications that include AI/ML and application logs. Either way, modern applications need Kubernetes and Object Storage and Kubernetes and Object Storage owe their rise in part to these same modern applications.

      • Mirantis gros fromage quits to start new 'private LTE' biz on open-access spectrum

        The co-founder of Kubernetes cloud outfit Mirantis, Boris Renski, has left the business to start a new venture focused on 5G-based "private LTE" campus networks.

        Speaking to The Register about his move, Renski explained a little about the technology and his decision to take a punt on it.

        At the heart of his move is the Citizens Broadband Radio Service (CBRS), which, despite the name, has nothing to do with truckers bellowing "ten-four, good buddy" at each other. Instead it is an open-access chunk of spectrum freshly reallocated from military uses to civilians, around the 3.5GHz band.

      • Spotify Open-Sources Terraform Module for Kubeflow ML Pipelines

        Spotify has open-sourced their Terraform module for running machine-learning pipeline software Kubeflow on Google Kubernetes Engine (GKE). By switching their in-house ML platform to Kubeflow, Spotify engineers have achieved faster time to production and are producing 7x more experiments than on the previous platform. In a recent blog post, Spotify's product manager Josh Baer and ML engineer Samuel Ngahane described Spotify's "Paved Road" for machine learning: "an opinionated set of products and configurations to deploy an end-to-end machine learning solution using our recommended infrastructure." By adopting these standards, Spotify's machine learning engineers no longer need to build or maintain infrastructure and instead can focus on their ML experiments. Since launching the platform in mid-2019, about 100 internal users have adopted it and run up to 18,000 experiments.

      • Benefits of Kubernetes on bare metal cloud infrastructure

        Bare metal cloud infrastructure is being introduced to run 5G applications in containers. This is a natural development of the shift the industry is going through from virtualized network functions to cloud native applications. But what are the benefits of running Kubernetes on a bare metal cloud infrastructure compared to a virtualized infrastructure?


        Let’s start with a brief recap on cloud native and CNCF – Cloud Native Computing Foundation. With the introduction of 5G, new use cases drive the need for designing applications based on containers and service-based architecture to address some technology gaps associated with virtualization. The most important technology gaps involve smoother software upgrades, automation and the realization of a CI/CD software pipeline to end customers.

        In the center of cloud native technology development is CNCF, an open source community driving the adoption of the cloud native paradigm across industries by fostering collaboration between the industry’s top developers, end users and vendors. Since CNCF is such a huge community, the focus on the telecom industry has been limited. But now with the formation of the Telecom User Group (A Special Interest Group) within CNCF, Ericsson has taken a leading role in telecom related discussions in the community.

    • Audiocasts/Shows

      • Pentesting Problems: Bryson Bort | Jupiter Extras 60

        Ell sits down with Bryson Bort to discuss pentesting with Scythe, Red Team vs Blue Team operations, and the benefits that a Purple Team might have on the industry.

      • What Linux is Best At | LINUX Unplugged 343

        We try the Mac desktop for 30 days, find out what we think it does best, and where Linux will always have it beat.

        This episode kicks off the start of a bigger conversation series.

        Plus community news, very handy picks, and more.

      • 2020-03-03 | Linux Headlines

        Kubeflow reaches 1.0, the Fedora Project seeks help naming its IoT Edition, Google’s rollout of Chrome OS 80 is off to a rough start, and Ampere launches its Altra processor

    • Kernel Space

      • Systemd 245 RC2 Released With Systemd-Homed, Partitioner + More

        Released one month ago was systemd 245 RC1 while now a second release candidate is available. Systemd 245 stable should be shipping in the near future as well in order to make some of the spring Linux distribution releases like Fedora 32.

        Systemd 245 is a big release with introducing the new (and optional) systemd-homed for reinventing Linux home directories with modern features, systemd-repart as a declarative repartitioner for GPT partition tables, various systemd-networkd additions, systemd-growfs can now grow XFS partitions, YubiKeys support within systemd-cryptsetup, and a variety of other improvements.

    • Applications

      • Glimpse 0.1.2 Release Notes

        This release iterates on our very first “minimal viable product” release. The primary objective was to improve the experience for Windows users and fix non-English translation files.

        This is also the first release where we have provided a source tarball for Linux distribution packagers. Please note that you will need to mark libgimp as a conflicting package as there is a lot of code and file name refactoring we still need to do.

      • GImageReader: An open-source PDF app with OCR capability

        GImagereader is a front-end application for the Tesseract OCR engine. For those new to Tesseract, it is an Optical Character Recognition Engine (OCR) that makes use of artificial intelligence to search and recognize printed text on images. It’s an opensource library and one of the most popular OCR engines in the market.

        Every day, be it in offices, home, etc., we find ourselves in situations where we need to extract text from an image. It could be a scanned document in image format, a piece of paper, or old research work. The outright option is to type the whole text with a text editor. But this process is time-consuming. Why not use an OCR to extract the text automatically?

      • OpenShot 2.5.1 Released | Optimized Effects & Improved Performance!

        With faster performance, huge optimizations with effects, and improved UTF-8 character support, OpenShot 2.5.1 is the best version yet, bringing powerful and simple video editing to the open-source world!

        The OpenShot team has been very busy over the past few weeks, and we are proud to release OpenShot 2.5.1! While we don't normally release so quickly, we had a show-stopping bug with version 2.5.0 (mostly related to UTF-8 support of non-ASCII characters), and decided to put out a fix as quickly as possible. However, we were also able to "sneak in" some really awesome improvements at the same time!

      • OpenShot 2.5.1 Released With Performance Improvements

        Released last month was the big OpenShot 2.5 release that brought hardware acceleration for video encode/decode via VA-API and NVENC/NVDEC, SVG vector graphics support, Blender 2.8+ integration support, import/export to Adobe Premiere and Final Cut Pro, and much more. Out now is OpenShot 2.5.1 with a few more improvements sprinkled on top.

      • TeXstudio: Open-source LaTeX text editor for Linux

        LaTeX is a handy document preparation system. For those of you who don’t know, it is a system in which you can specify the components of a document, without having to format it yourself.

        You can take the analogy of an HTML document, where you specify the headings and paragraphs with tags instead of having to modify the page or text.

        LaTeX is widely used to display text with mathematical notations. Since it is so important, there have to be programs dedicated to editing text files with LaTeX. We’re going to talk about one such program today, TeXstudio, which can be perceived as an IDE of sorts for LaTeX.

    • Instructionals/Technical

    • Games

      • Halo: Combat Evolved Anniversary works fine on Linux with Steam Play Proton

        Halo: Combat Evolved Anniversary on Linux? Yes. It just today released on Steam, and thanks to Proton with Steam Play you can play this first-person shooter on Linux easily.

        Coming as part of the Halo: The Master Chief Collection, available as a bundle or individually like Halo Reach, the experience is quite a lot easier on Linux since Reach released. Proton, the software bundled with Steam Play had some fixes to make it an out of the box experience in a previous update.

        How to do it? Ensure you have Steam Play turned on and set up (our Steam Play guide can be found here), force the latest version of Proton (5.0-3) onto it and then it's click and play. Keep in mind you won't be able to play online multiplayer on Linux, as you will need to use the option the developer provided to turn off EAC (Easy Anti-Cheat) before launching. That's still a downside to it, but one day EAC may work in Proton.

      • Tabletop style tactical RPG 'Wildermyth' has a whole new campaign out in the last update

        Wildermyth stole my heart a little, a tactical RPG with a beautifully designed Papercraft world and plenty of character development. It's going to steal more of my time now too with a whole new campaign out now.

        It plays out a bit like a classic tabletop D&D RPG, with various story campaigns you play through and with the recent update, Monarchs Under the Mountain is a brand new five-chapter story. Not only that the patch also comes with new events, existing events were improved, there's new particle effects plus a bunch of other improvements across the game.

      • Steam For Linux Beta Finally Fixes Post-Login Annoyance

        Valve has finally fixed an annoying bit about logging into the Steam client from the Linux desktop in recent months.

        When logging into the Steam Linux client in about the past six months and also having your system set to auto-login to your user account, the Chromium Embedded Framework (CEF) used by the Steam client would trigger the GNOME Keyring or KDE's KWallet to prompt for a keyring password or to set one otherwise. Having hit this issue myself, it's rather annoying, and it has apparently confused some Linux desktop users about what password they should enter if any.

      • Mainframe Defenders is a retro-themed tactical squad-based strategy game out now

        Mainframe Defenders combines a supremely cool retro 80s terminal inspired graphical style, with squad building and tactical turn-based battles.

      • Theyest Thou will have you throwing guns around with telekinesis

        Theyest Thou is a fun idea for a top-down shooter, while quite simplistic it offers a fun game mechanic to mix things up a little with your telekinesis.

        Like a lot of top-down shooters, it's fast and violent. You can pick up a gun, you can run and shoot but here you also have powers of the mind. You reach out and make a gun fly around a level, and shoot enemies while you remain in cover. For such a simple looking game, it's surprisingly amusing.

        An example of how a genre with thousands of games, can be made to feel so different with one little tweak to the action. Not only that, the developer Narayana Walters did it as part of a challenge to make and release a commercial game on Steam in one month.

      • As Puppygames reflect on the release of Basingstoke, they say it financially ruined them

        Basingstoke released back in 2018 and in my opinion, it was a damn fun game that really got my blood flowing. Sadly, it went quite under the radar and it seems it pretty much ruined Puppygames.

        Recently, they've posted up a two-part post-mortem on their Patreon to go over what actually happened. This is coming from a developer who has released several other games including Revenge of the Titans, Titan Attacks! and Droid Assault and they were even included in a Humble Bundle years ago.

      • Europa Universalis IV: Emperor expansion announced for release this year

        Europa Universalis IV: Emperor expansion announced today by Paradox Development Studio and Paradox Interactive with a focus on the Holy Roman Empire, Catholicism and the internal management of your kingdom.

        They sure are a busy team since PDX only recently released La Résistance for Hearts of Iron IV, which it sounds like BTRE quite enjoyed in his review and we also have Stellaris: Federations coming soon. They have multiple teams inside though of course.

      • RimWorld's Royalty expansion a 'great success' - more is coming to the game

        Ludeon Studios recently did a surprise Royalty expansion release for RimWorld with the recent patch and it seems it's doing so well that they're going to do more.

        This expansion really was unexpected, which perhaps is part of why it's doing so well. Sometimes a shock release can push people to go a grab something—not always though of course and RimWorld was already very popular. Anyway, Ludeon said it's been a "great success" and they've detailed what's coming next in a blog post.

      • China bans Plague Inc: Evolved as Coronavirus fear spreads

        China hasn't exactly been the easiest market to release games in, for various reasons, and now they've banned Plague Inc: Evolved on Steam.

        For those who haven't played it Plague Inc: Evolved is a game where you create, spread and evolve a pathogen around the world. With the fear and curiosity around the deadly Coronavirus spread, recently a lot of people flocked to the game.

        Why? You can customize your run, and with Steam Workshop support people were simulating the Coronavirus which exploded the popularity of the multiple-year old game. This is to the point where it hit close to twenty thousand people online at one point.

      • OBS Studio 25.0 RC1 Adds Vulkan Game Capture Support, Browser Capturing

        The first release candidate of OBS Studio 25.0 is now available for this cross-platform open-source software popular with game streamers.

        A big addition to OBS Studio 25.0 RC1 is support for capturing Vulkan-based games, which comes after Ubisoft helped the Open Broadcaster Software developers wire in the support.

      • OBS Studio 25.0 RC1 is out to further enhance video livestreaming and recording

        OBS Studio 25.0 RC1 has been released as the first step towards a new stable version, and it comes with some fancy new features for all platforms.

        The go-to application for cross-platform video livestreaming and recording, OBS Studio really is an awesome bit of software. Many have taken notice, as they've been getting more sponsors recently like Facebook and also Twitch a few months before that.

        With the release of OBS Studio 25.0 RC1, one of the missing pieces for Linux is finally in with the inclusion of the Browser source plugin. One less nuisance to get people up and running quickly, no more tracking down an extra to nicely capture browser windows. This is likely also another step towards getting all the service integration into the Linux client of OBS Studio.

      • Explore a mysterious structure in 'Meteorite', a colourful and densely pixelated free short metroidvania FPS

        Now that I think about it, it's been a while since I last wrote about an obscure but interesting game with Linux support. As I expressed on other recent articles, I barely have time to play, let alone to spend an hour researching and looking for "hidden" titles; so definitely I'm grateful during those moments when I'm lucky enough to discover by pure chance games like the one I'm going to cover now…

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Latte Dock v0.10~ | OnDemand SideBars

          Latte Dock v0.10~ is the development version of Latte which is going to land next summer as v0.10... Until then of course you can still enjoy it by building it yourself from Phabricator KDE or by searching in your distro repos if it is already built daily.

        • Latte Dock Is Getting On-Demand SideBars and Vertical Stick Buttons

          The popular dock-like application Latte Dock is getting some new features in an upcoming release expected later this year, on-demand sidebars and vertical stick buttons.

          More and more Linux users are using a dock on their favorite distributions, and that’s probably because it’s much more versatile and flexible than a traditional menubar or panel. Some even combine all of them for more versatility.

          Latte Dock is one of the most popular dock-like application launchers out there, for GNU/Linux distributions. While it’s developed for KDE’s Plasma desktop, it can also be easily integrated with other desktop environments like LXQt, GNOME or Xfce.

          Latte Dock already provides a great arsenal of features, but developer Michail Vourlakos just unveiled today in a short blog post another new feature to drool over, called On-Demand SideBars.

        • Okular and restoration of tabs (plus Debian packages)

          I have the need to restore my okular tab setup on restart, since I often have quite a lot of pdfs open to view at the same time. Unfortunately, the current okular doesn’t provide this feature. There is a merge request by one of the main authors of okular, but it doesn’t work for me in a stand-alone setup, that is not running KDE but only Okular. I developed a much simpler fix for the restoration problem (because most of the code is already there!), see this merge request, which – although not perfect for sure – does the trick for me.

      • GNOME Desktop/GTK

        • Gnome Vala Language Server GVIs 0.14.0 Released With Many New Features!

          Vala Language Server 0.14.0 Released: The Gnome Vala Language is basically developed by Jürg Billeter, Raffaele Sandrini. Vala is an Object-oriented programming language. It has a self-hosting compiler system and it generated C codes and it uses the GObject system.

        • First Look at the GNOME 3.36 Desktop in Ubuntu 20.04 LTS

          Most of the GNOME 3.36 beta packages have landed in the Ubuntu 20.04 LTS repositories, so I would like to give you all a first look of what’s changed since Ubuntu 19.10 (Eoan Ermine), which uses the GNOME 3.34 desktop environment.

          The Ubuntu desktop is virtually unchanged since Canonical decided to drop Unity in favor of the GNOME desktop with the Ubuntu 17.10 (Artful Aardvark) release. Various tweaks were made to the system theme and icons throughout the years, but the layout has remained the same to this day.

          With the upcoming GNOME 3.36 release, which would be officially unveiled next week on March 12th, a whole bunch of changes are coming your way, and you will be able to enjoy them all on your Ubuntu PC with the Ubuntu 20.04 LTS (Focal Fossa) release on April 23rd, 2020.

        • Vala and Custom Widgets

          There is a case when you wish to use a custom widget, when you use the same set of widgets to handle data. When you create a Gtk.ListBoxRow you have to attach to it a Gtk.Widget, in that case, should be easiest if you just do

          var w = new MyWidget (); = data;

          Second line, sets your data to the widget’s data property, so the class initialize the UI with the provided data.

          In other case, you have a Widget you can re-use in different parts of the UI, maybe showed up in a popup window. This is the process you can use to create such a widget.

    • Distributions

      • Kali Linux 2020.1a Release
        Before, we used to release multiple separate installers for different Desktop Environments (DE). With 2020.1 we changed how we distributed our base images, without having multiple different ISOs for each DE, by introducing a “installer” image as well as a “live” image.

        Both accomplish the same thing, but how they do it is different. The “installer” image is the new one, as this uses “debian-cd” on the back-end. We noticed a bug in a dependency chain, which caused an issue with x11. As a result, you may not have got a graphical interface after installing Kali. As a result, we pushed out a fix (2020.1a) to address this.

      • Linspire 8.7 Is Trying to Persuade More Windows Users to Use Linux

        The Linspire 8.7 release comes four months after Linspire 8.5 and brings updated components from Ubuntu 18.04.4 LTS, such as the Linux 5.3 HWE (Hardware Enablement) kernel to support newer hardware components.

        It features the MATE 1.20.1 desktop environment, which provides a lightweight, yet powerful interface designed to resemble the look and feel of the Windows 7 operating system, in an attempt to persuade more Windows users to switch to Linux.

      • BSD

        • GhostBSD 20.02: Unix-based operating system that is running in Windows

          The free operating system GhostBSD 20.02 Based on Unix, it uses the Kernel of FreeBSD, and with Windows 10, Mac OS and any operating system, Linux is the Kernel for the installation. As a basis for GhostBSD, the UNIX-like operating system, TrueOS, for its part, is about. A classic Desktop and the modern Apps at all.

          The Berkeley Software Distribution (BSD) is a variant of the Unix operating system, and it serves as the basis for the current revision of the BSD-derived GhostBSD 20.02.

      • Screenshots/Screencasts

        • Arch Linux Full Installation Walkthrough

          Arch Linux is an awesome distribution that gives you full control of your installation, and the configuration possibilities are endless. The initial installation can be a challenge for some. With this video as your guide you'll have a finished, bootable install that's ready to be configured just as you like it.

        • Arch Linux Full Installation Walkthrough (on LVM)

          Arch Linux is an awesome distribution that gives you full control of your installation, and the configuration possibilities are endless. The initial installation can be a challenge for some. With this video as your guide you'll have a finished, bootable install that's ready to be configured just as you like it. This video features an alternate install method that will have you implement LVM with your installation.

        • Ubuntu 20.04 Daily Builds with Gnome 3.36 Beta Run Through

          In this video, we are looking at Ubuntu 20.04 Daily Builds with Gnome 3.36 Beta.

        • Arch Linux Full Installation Walkthrough (On LVM with Encryption)

          Arch Linux is an awesome distribution that gives you full control of your installation, and the configuration possibilities are endless. The initial installation can be a challenge for some. With this video as your guide you'll have a finished, bootable install that's ready to be configured just as you like it. This video features an alternate install method that will have you implement LVM with your installation.

      • SUSE/OpenSUSE

        • Machine Learning with openSUSE

          In the past few weeks, many engineers have been working hard to create a foundation in Tumbleweed, the openSUSE rolling-release version, for a variety of Machine Learning frameworks and tools. They span from Tensorflow 1.13.2 to ONNX 1.6, Caffe, Theano and RStudio (both desktop and server editions). Many of these tools, libraries and frameworks existed in the development project for quite some time but it was time to promote them to the level they deserved to ensure they were made first-class citizen in the openSUSE Factory. Some of these frameworks have also been made available in other forms than just RPMs, for an even greater and easier consumption.

        • Who Said OBS Was Not Responsive?

          If you believe so, we’re hopefully going to change your opinion next time you surf OBS within our beta program. In the last two weeks, we kept working in improving responsiveness following a mobile-first approach. Lots of issues were fixed and a bunch of changes were made.

        • How SUSE builds its Enterprise Linux distribution – PART 4

          This is the fourth blog of a series in which we will provide some insight into SUSE Linux Enterprise product development. You will get a first-hand overview of SUSE, the SLE products, what the engineering team do to tackle the challenges coming from the increasing pace of open source projects, and the new requirements from our customers....

        • Open source is getting bigger and richer, says SUSE

          Melissa Di Donato, CEO of open source software company SUSE, was at a tech summit recently where every other attendee was an executive from a proprietary, closed-source software company.

          "They were all talking about the importance of crowd-sourcing, of community building, so I raised my hand and said: 'Wait a minute – are you aware there is a whole world out there and it's called open source? Do you even know what open source is?'"

      • IBM/Red Hat/Fedora

        • AAA: FAS Replacement Project Update

          The month of February was a very busy month for the CPE AAA team and community contributors working on this initiative. Great progress was made in the development phase of the AAA: FAS replacement build. Sprint 2 and 3 resulted in the completion of multiple user stories which added user functionality to join groups, change email address and password, disable account, database access along with putting a mapping solution in place for users moving from the current FAS to the new FAS (potential name incoming!). We also came to the end of developing our wireframes and mapping our user experience flow. Unit tests were carried out regarding password controller and the current codebase.

          We received great support from the wider CPE team as well as Patrick Uiterwijk to allow us progress with user stories by gaining permissions and merging PR’s for the integration of CentOS CI. Christian Heimes assisted us greatly with sharing his knowledge regarding FREE IPA and answered numerous questions to allow us to move forward.

          Sprint 4 began on Thursday the 20th of February. This sprint will focus on development tasks which will include working on FAS Json, Free IPA, API, Fedora Messaging integration, continuous deployment to stage environment, developing a secure coding tool to ensure code adheres to best practice, as well as continuing working on user functionality user stories. Please see our GitHub board to view current activity.

        • Contribute at the Fedora 32 IoT Edition Test Day

          Fedora test days are events where anyone can help make sure changes in Fedora work well in an upcoming release. Fedora community members often participate, and the public is welcome at these events. If you’ve never contributed to Fedora before, this is a perfect way to get started. On Wednesday, March 4, we’ll test Fedora IoT.

        • Most-used libraries, open source adoption, and more industry trends

          As part of my role as a senior product marketing manager at an enterprise software company with an open source development model, I publish a regular update about open source community, market, and industry trends for product marketers, managers, and other influencers.

        • Important OpenShift Commons Gathering Amsterdam 2020 Update: Shifts to Digital Conference

          We’re going to deliver our first ever OpenShift Commons Gathering live online with Q&A, and take the Gatherings to a even wider global audience.

          We will still share all of our main stage sessions, including OpenShift 4 and Kubernetes Release Update and Road Map with Clayton Coleman, and all of our engineering project leads will still be delivering their “State of” Deep Dive talks. We’re working to enable our case study speakers and other guest speakers to share their talks as well.

          We will provide updates here soon and you can register here for the free virtual event and get notified with further details via email about when you can tune in and how to do so.

        • IBM To Transition Their z/OS, POWER + AIX Compilers To Being LLVM/Clang-Based

          IBM last week made the bold announce that they will be transitioning to LLVM/Clang-based compilers across their hardware portfolio for C, C++, and Fortran compilation.

        • No more illusions of infinite capacity

          In the last post, we looked at how Edge Computing (EC) differs from centralized computing and why businesses are adopting EC. Projected growth of EC in next several years means an ever growing number of businesses may be adding EC to their IT infrastructure. This EC growth translates into business and technical requirements that are significantly different from the ones needed for non-localized infrastructure. In this post we’re going to look at some of the factors that businesses should consider when adopting EC.


          Resiliency: When dealing with critical business functions, edge deployments need to be highly resilient to failure. These edge systems need to continue to operate, even if it's at reduced capabilities e.g. operating in offline mode in case of network disruption.

          Hardware: With advancement in processor capabilities, it's becoming possible to run complex, compute intensive workloads at edge e.g. AI/ML on edge systems. New hardware form factors will be needed to address a broad range of edge computing requirements. These systems could include a combination of general purposes processors, GPUs, FPGAs and application specific processors.

          Security: Edge sites often have lesser physical access security which raises the risk of malicious or accidental disruption. In addition, bringing less capable devices (e.g. industrial microcontrollers, actuators) online without adequate protection is a recipe for disaster. Edge systems act as firewall and protect the entire downstream infrastructure from physical or virtual attacks. The edge systems need to be hardened from ground up—from firmware to OS to memory subsystem to storage to communication channels.

          Non-technical: Remote sites may lack technical expertise, hence, any on-site maintenance will be performed by workers lacking IT skills. The operation and maintenance of edge infrastructure needs to be simple enough to be performed by non-technical on-site workers.

          Environment: Remote locations have challenges with reliable power, space, cooling and connectivity e.g. oil rigs, mines. Edge systems need to be designed with these environmental challenges in mind.

      • Outreachy

        • Outreachy Internship: Examining cult psychology in free, open source software organizations

          Many free, open source software organizations have seen increased tension in the last few years due to cult-like phenomena. The Debian Community News team is offering to mentor an intern under Outreachy or another funding program to explore this problem.

        • Wrapping up Outreachy'19!

          But there is this fact that Now, I am a part of GNOME Foundation, makes me the most happiest. This is the sole reason why I applied to Outreachy. I wanted to be a part of an open-source organisation, learn from the community there and then eventually contribute back. And here, I got my first some steps laid down (cherry on the cake, it’s GNOME Foundation). :)

      • Canonical/Ubuntu Family

        • Creating real-time ready systems with ACRN and Ubuntu

          At Embedded World 2020, we showed Ubuntu running in parallel with the real-time OS Zephyr, on top of ACRN. Zephyr is an RTOS developed under the Linux Foundation umbrella and backed by industry leaders like Intel, NXP and Linaro. It supports a wide range of hardware, from MCUs to x86 boards. For the demo, we use an Intel NUC where we reserve a core and a small amount of memory for Zephyr. Ubuntu 18.04 then uses the rest of the systems resources. ACRN takes control of the system on boot and then starts Zephyr and Ubuntu. We show how Zephyr is able to perform calculations at a constant rate, unaffected by the additional Ubuntu payload. Isolation of the two operating systems is guaranteed as fatal events on one OS do not affect the other, which shows the readiness for safety-critical systems.

        • Anbox Cloud – An introduction

          Anbox Cloud, Canonical’s recently launched platform, delivers Android at scale in the cloud. Leveraging Android as a guest operating system to virtualise mobile workloads on servers while streaming graphical output to clients, Anbox Cloud empowers innovators to create rich digital experiences on various mobile form factors. Delivered as self-hosted PaaS in the cloud or at the edge, Anbox Cloud addresses market needs pertaining to game streaming, enterprise mobile application management, Android app testing at scale, and value-added services for mobile 5G customers.

        • Linux Mint to get local network sharing tool and new theme colours

          Over the weekend, the Linux Mint project announced that it has updated the theme colours in its default Mint-Y theme and that it's working on a local network file sharing tool. Linux Mint 20 is the next release due that's expected to become available around May or June.

          In its February update, Clem Lefebvre, head of the Linux Mint project, said that Sebastien Bouchard has reviewed the colours used in the Mint-Y theme and has come up with a new method and proposal for a new palette. Bouchard worked on hue, lightness, and saturation to make the colours more vibrant without affecting readability and comfort. Right now, the new method and palette are still being tested but it's hoped the colours can be applied to folder icons too.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Web Browsers

        • Mozilla

          • WebGL and fgx acceleration on Wayland

            Firefox on Linux have suffered by poor WebGL performance for long, long time. It was given by missing general acceleration on Linux as there are always broken gfx drivers on X11, various hacks and different standards, closed source drivers and so on. Long story short – to do gfx acceleration seriously on Linux have been PITA. For instance Chrome (which supports gfx acceleration on Linux/X11) shows long list of active exceptions and workarounds listen at chrome://gpu/ page.

            It’s also reason why Firefox never enabled it by default although it also implements gfx acceleration – Mozilla does not have resources to spend too much time on every broken gfx card / driver.

            Fortunately situation was changed with Wayland. Working gfx acceleration is a sort of prerequisite to even start a decent Wayland compositor like Mutter or Plasma so when Firefox is launched on Wayland we can pretty much expect working GL environment. Also dmabuf is widely supported by Wayland compositor so we finally have all pieces together to build fully accelerated browser on Linux which is equal to its Windows siblings.

          • Firefox 75 On Wayland Now To Have Full WebGL, Working VA-API Acceleration

            Firefox 75 due to be released next month should finally have its native Wayland support in good order.

            Merged yesterday were the Firefox Wayland patches for VA-API video acceleration support in conjunction with FFmpeg.

          • Your 2020 election podcast playlist

            Every day online, we’re bombarded with messages from 2020 U.S. presidential candidates, their supporters, and their adversaries. Just how much does the internet impact our political views? Are online election influence campaigns effective? How does online privacy — or lack thereof — impact our democracy? And, what’s on the political agenda this year when it comes to technology?

          • Extension Spotlight: Worldwide Radio

            Before Oleksandr Popov had the idea to build a browser extension that could broadcast thousands of global radio stations, his initial motivation was as abstract as it was aspirational. “I wanted to create something that was simple for people to use,” explains Popov, while adding his creation sought to also “bring together users from different countries.”


            Worldwide Radio includes some nifty features, like the ability to create your own favorites list, random shuffle between stations, add your own stations that don’t appear on the default list, and set a “sleep” timer so the broadcast will automatically stop at your discretion.

          • Firefox Nightly: These Weeks in Firefox: Issue 70
      • SaaS/Back End/Databases

        • 5 MySQL features you need to know

          Recently, at a presentation I was giving on the newer features of MySQL 8.0, I noticed one person in the audience getting very upset. The more I talked about one feature, the more agitation I could see this one person getting. We're talking upset at a level where I was wondering if I was going to worry about my physical safety. The person in question finally snapped, "If I had known about that, it would have saved me four months of my life!"

          With the release of MySQL 8.0, in April 2018, the release cycle for new features was changed to four times a year. So, rather than waiting for two to three years for new features, the MySQL Engineering Teams can provide a steady stream of updates to our users. Part of this is customer demand for new facets to the most popular database on the web and part of an evolved software engineering process.

      • CMS

        • WordPress 5.4 Release Candidate

          This is an important milestone as we progress toward the WordPress 5.4 release date. “Release Candidate” means that the new version is ready for release, but with millions of users and thousands of plugins and themes, it’s possible something was missed. WordPress 5.4 is currently scheduled to be released on March 31, 2020, but we need your help to get there—if you haven’t tried 5.4 yet, now is the time!

      • FSF

        • Licensing / Legal

          • The future of open source licences is changing [Ed: Asking Microsoft and companies connected to it, such as OpenLogic and WhiteSource, about FOSS licences in order to promote the anti-copyleft agenda. Microsoft created an extensive framework and network of proxies to smear and mislead about the GPL for well over a decade. The article includes another one of them, WhiteSource. There's also Black Duck, which was created by a Microsoft marketing person to attack the GPL. As for OpenLogic, Stormy Peters worked there before working directly for Microsoft. Guess who founded/ran OpenLogic...]
      • Programming/Development

        • The 30 Best Cloud IDE Tools and Services for Developer in 2020

          Cloud has become an integral part of any industry nowadays. As a result, cloud applications and services have become extremely popular. As the demand is excessively high, it is important to reduce the development time of a project to establish a place in the blue whale market. And developers must focus on improving the performance and quality of service at a constant pace. Cloud IDE allows people to contribute together in real-time, while team members can share thoughts and skills.

        • Excellent Free Tutorials to Learn Clojure

          Clojure is a dialect of the Lisp programming language. It’s a well-rounded language. It offers broad library support and runs on multiple operating systems.

          Clojure is a dynamic functional general purpose programming language that runs on the Java platform, combining the approachability and interactive development of a scripting language with an efficient and robust infrastructure for multi-threaded programming. Clojure features a rich set of immutable, persistent data structures, first-class functions and dynamic typing. Clojure programs are composed of expressions and written in terms of abstractions.

          By compiling into JVM bytecode, Clojure applications can be easily packaged and deployed to JVMs and application servers without added complexity. The language also provides macros which make it simple to use existing Java APIs. Clojure’s data structures all implement standard Java Interfaces, making it easy to run code implemented in Clojure from Java.

        • Perl / Raku

          • PAWS Almost

            I think in my last post I said this is going to be a very short series well I think I am wrong on that count.

            When I last posted on the Kinesis 'SubscribeToShard' action I discovered that it is returning a 'application/' and that lead me down a very deep rabbit hole that got me well sidetracked.

            Well to start out I had to figure out what AWS was returning when it was sending 'vnd.amason.eventstream' I eventually found that here Event Stream Encoding

            Ok time to take the way-back machine to my first play-dates with computers, assembling GIS data from an Amdahl mainframe that was spooling a 9inch tape directly to my Unitron 2000

        • Python

          • How to Implement a Python Stack

            Have you heard of stacks and wondered what they are? Do you have a general idea but are wondering how to implement a Python stack? You’ve come to the right place!

          • API? It’s not that scary!

            There are way too many services out there that provide a free API which waits to be adjusted into your favorite language.

            Also, API services could be generated from any visible data such as Facebook (which I’ve covered here), Twitter or any public databases. In this article, we’ll be focusing on Paypal API service.

            I assume you guys have minimal experience with some basic Python and basic web concepts.

          • Views On Views

            A view is a chunk of code that receives an HTTP request and returns an HTTP response. Views describe Django’s entire purpose: to respond to requests made to an application on the internet.

            You might notice that I’m a bit vague about “chunk of code.” That was deliberate. The reason is because views come in multiple forms. To call views functions would only be part of the story. To call them classes would be a different chapter in the story.

            Even if I attempted to call views callables, I still would not portray them accurately because of the ways that certain types of views get plugged into a Django app.

            Let’s start with functions since I think they are the gentlest introduction to views.

          • How to Convert a Pandas DataFrame to a NumPy Array

            In this short Python Pandas tutorial, we will learn how to convert a Pandas dataframe to a NumPy array. Specifically, we will learn how easy it is to transform a dataframe to an array using the two methods values and to_numpy, respectively. Furthermore, we will also learn how to import data from an Excel file and change this data to an array.

            Now, if we want to carry out some high-level mathematical functions using the NumPy package, we may need to change the dataframe to a 2-d NumPy array.

          • PyCoder’s Weekly: Issue #410 (March 3, 2020)
        • Shell/Bash/Zsh/Ksh

          • Moving averages with AWK

            Moving averages can be used to smooth out some of the variation in a data series. The chart below shows the monthly average prices of West Texas intermediate crude oil over a 5-year period. The black line connects raw data points, and the (smoother) red line connects averages of every 5-month period, plotted at the middle month of the 5.

        • Rust

          • Getting started with the Rust package manager, Cargo

            Rust is a modern programming language that provides performance, reliability, and productivity. It has consistently been voted as the most-loved language on StackOverflow surveys for a few years now.

            In addition to being a great programming language, Rust also features a build system and package manager called Cargo. Cargo handles a lot of tasks, like building code, downloading libraries or dependencies, and so on. The two are bundled together, so you get Cargo when you install Rust.

    • Standards/Consortia

      • Khronos Moves Ahead With Developing "ANARI" API For Analytic Rendering

        A formal working group has now commenced to create this analytic rendering API which they are calling ANARI. The ANARI API will be focused on having an industry standard around data visualizations and is one step above Khronos' graphics APIs like Vulkan and OpenGL. ANARI will be focused on data presentation and similar in nature to the vendor-specific NVIDIA VisRTX and Intel OSPRay.

  • Leftovers

    • Feast your eyes on the craziest Maslenitsa celebrations to rock Russia this year. Yes, that is an elephant made of bliny.

      Maslenitsa, the traditional Slavic end-of-winter festival, isn’t just about eating bliny (crepe-like pancakes) with caviar or jam anymore. It’s also about finding new ways to celebrate the coming of spring that can hopefully garner a few likes on Twitter or VKontakte.

    • Science

      • Huge flaw found in how facial features are measured from images

        How is it that our brains – the original face recognition program – can recognize somebody we know, even when they’re far away? As in, how do we recognize those we know in spite of their faces appearing to flatten out the further they are from us?

        Cognitive experts say we do it by learning a face’s configuration – the specific pattern of feature-to-feature measurements. Then, even as our friends’ faces get optically distorted by being closer or further away, our brains employ a mechanism called perceptual constancy that optically “corrects” face shape… At least, it does when we’re already familiar with how far apart our friends’ features are.

        But according to Dr. Eilidh Noyes, who lectures in Cognitive Psychology at the University of Huddersfield in the UK, the ease of accurately identifying people’s faces – enabled by our image-being-tweaked-in-the-wetware perceptual constancy – falls off when we don’t know somebody.

        This also means that there’s a serious flaw with facial recognition systems that use what’s calle

      • An Interview with Paul Graham, Founder of Y Combinator

        Paul Graham is the recently retired co-founder of Y Combinator. In 1995, he and Robert Morris started the first software as a service company, Viaweb, which was later acquired by Yahoo in 1998 as the Yahoo Store. In 2001, Mr. Graham started publishing essays on his personal website which now get around 15 million page views per year. In 2002, he discovered a simple spam filtering algorithm that inspired the current generation of filters. In 2005, he and Jessica Livingston, Robert Morris, and Trevor Blackwell started Y Combinator, the first of a new type of startup incubator. Since 2005, Y Combinator has funded over 2,000 startups, including Airbnb, Dropbox, Stripe, and Reddit, which boast a combined valuation of over $155 billion. Mr. Graham is the author of On Lisp (1993), ANSI Common Lisp (1995), Hackers & Painters (2004), and a new Lisp dialect written in itself called Bel (2019).

    • Hardware

      • Best Network Attached Storage (NAS)

        Synology has earned the reputation of being one of the stronger names in data storage and network hardware industry. The Synology 4 bay NAS DiskStation DS418 has a very large overall storage capacity with features designed to give you total command of your data in a private cloud network.

        It has the software and tools to maximize productivity and collaboration across all network users. It also has robust backup solutions to secure critical data and assign access to sensitive files. This NAS box supports a multitude of network file sharing protocols. This includes AFP, CIFS, NFS, FTP. Its DiskStation centralizes the data from an entire office network which lets you sync them across multiple devices, as well as secure file sharing with mobile devices for superior interactive collaboration.

        The Synology 4 bay NAS DiskStation DS418 also features state-of-the-art 4K Ultra HD video transcoding powered by cutting edge 64-bit quad-core processor. It can transfer data at speed up to 10-bit 4K H.265, which allows users to do things like video transcoding on the fly.

    • Health/Nutrition

      • Toxic Agriculture and the Gates Foundation

        One of the foundation’s stated goals is to globally enhance healthcareand reduce extreme poverty.

      • Florida’s HIV Criminalization Reform Still Targets Sex Workers

        Florida is one of 26 states that have criminal laws that apply only to people living with HIV. In Florida, having consensual sex, donating blood or organs, or engaging in sex work without disclosing one’s status is a third-degree felony, subject to up to five years in prison and up to a $5,000 fine. The current laws — first enacted during the panic surrounding the HIV epidemic in the late 1980s and expanded in the late 1990s — do not take into account whether protection was used or whether a person’s viral load is undetectable, meaning they aren’t able to transmit the disease.

      • Atupele gives China medical supplies for coronavirus fight

        According to Muluzi, he paid a courtesy call on the Ambassador of the People’s Republic of China (PRC) Liu Hongyang in a symbolic gesture of solidarity and made a donation of the medical supplies to show the spirit of Ubuntu.

        “The spread of the Corona Virus is a global problem, with China the most affected so far and in the African spirit of Ubuntu we come together as one to face our challenges together. The spirit of giving during times of difficulty is a universal value,” Muluzi wrote on Facebook.

        The coronavirus originated from Hubei province in China last year and has killed more than 3,000 people with most of the deaths being recorded in China.

    • Integrity/Availability

      • Proprietary

        • DH2i DxEnterprise for SDP-Enhanced Microsoft SQL Server AGs on Linux Now Available in AWS Marketplace
        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • Linux Foundation Training Announces a Free Online Course-Developing Blockchain-Based Identity Applications

                The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced enrollment is now open for a new professional certificate program – Developing Blockchain-Based Identity Applications. This program, offered through the edX training platform, is geared towards developers interested in building and deploying applications using the new “self-sovereign” paradigm for digital identity. It explores the possibilities for issuing and managing secure digital identities and credentials offered by Hyperledger Indy, Aries, and Ursa, for building applications on a solid digital foundation of trust. The program will also do a deep-dive into Hyperledger Aries, teaching learners how to create production-ready applications by developing code for issuing and verifying credentials with their own Aries agent.

              • Linux Foundation Training Announces a New Certification- Developer Certification for Hyperledger Fabric

                The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced enrollment is now open for the new Certified Hyperledger Fabric Developer certification exam. This is the latest in a series of training content and certification exams aimed at onboarding the next generation of technical talent for professional blockchain technologies.

              • Smart contract language DAML now works with Ethereum compatible Hyperledger Besu

                “Hyperledger Besu is the most recent framework to be contributed to Hyperledger and the first that is compatible with the public Ethereum network,” said Executive Director of Hyperledger, Brian Behlendorf. “As we anticipate both specialization and consolidation across the blockchain tech stack, having a unified option in DAML to write applications across Sawtooth, Fabric and now Besu is great to see.”

                The only missing enterprise blockchain is Quorum. O’Prey said an integration with Quorum would be entirely possible. “I think Besu has some advantages in that it is purely Java, it is Apache 2 licensed rather than GPL V3 (which is copyleft) and it also has the governance structure of the Linux Foundation around it.”

              • How Contributing to Diversity in Technology Made Me a Better Engineer

                Because my family couldn’t afford tuition, I couldn’t pursue my true interest Computer Science and, instead, studied Metallurgical Engineering — a field that I had absolutely no interest in.

                As I waited in line for the interview with an Iron extraction company, millions of thoughts running through my mind:

                “Will be able to work in a field with no interest for my entire life?”,

                “Will I be happy and satisfied here?”

                “Is this opportunity big enough for the ambitions I have?”, “Has fortune done justice to all the sleepless nights of mine?”.

                There was a part of me that kept asking whether this is what I wanted to do.

                The very next moment, I left the line and went back to my room, skipping my interview.

                After doing a lot of research for the next two days, I came to know about Google Summer of Code (GSoC), a program run by Google where students make contributions to open source software in return for recognition in the technology industry. I had 6 months in hand, for the only chance of getting selected in GSoC and steering my career path into software engineering.

        • Security

          • Let’s Encrypt Hits One Billion Certificate Milestone

            Free HTTPS tool Let’s Encrypt yesterday announced it has issued its billionth certificate, in what it claims to be a milestone for user privacy and security.

            Backed by the non-profit Internet Security Research Group (ISRG), the initiative has good reason to make such claims, having made what was once a complex and expensive process — registering and managing TLS certificates — free and easy.

            In a blog post from executive director, Josh Aas, and VP of comms, Sarah Gran, the two revealed how HTTPS page loads have risen from 58% of the global total in 2017 to 81%, and even higher (91%) in the US.

            “When you combine ease of use with incentives, that’s when adoption really takes off. Since 2017 browsers have started requiring HTTPS for more features, and they’ve greatly improved the ways in which they communicate to their users about the risks of not using HTTPS,” they explained.

          • Let’s Encrypt issues one billionth free certificate

            Last week was a big one for non-profit digital certificate project Let’s Encrypt – it issued its billionth certificate. It’s a symbolic milestone that shows how important this free certificate service has become to web users.

            Publicly announced in November 2014, Let’s Encrypt offers TLS certificates for free. These certificates are integral to the encryption used by HTTPS websites.

            HTTPS is HTTP that uses the Transport Layer Security (TLS) protocol for privacy and authentication. Your browser uses it to be confident that you’re not visiting an evil website that’s impersonating your real destination using a DNS spoofing attack. It also encrypts the information passing between your browser and the web server so that someone who can snoop on your traffic still can’t tell what you’re doing.

          • Ian Jackson: Let's Encrypt certificate revocation - panic now!

            Let's Encrypt have rather quietly announced (sadly, requires discourse JS!) that they are going to revoke a very large number of certificates. These revocations will start "no earlier than" 00:00 UTC tonight (24:00 on the 3rd of March), a little over 9h from now. Affected websites etc. may stop working.

            I discovered this at about lunchtime UK time today; two of my certs were affected. and are listed as affected and I am trying to get in touch with the hosting provider to get it fixed.

          • Let's Encrypt to revoke certain certificates on March 4
          • Let's Encrypt to Revoke 3 Million TLS Certificates Due to Bug
          • Let’s Encrypt to Revoke Millions of TLS Certs

            Popular free certificate authority Let’s Encrypt said it will revoke 3 million Transport Layer Security (TLS) certificates Wednesday, because of a Certificate Authority Authorization (CAA) bug. The move could mean that millions of websites and machine identities that rely on those certificates to protect sensitive data flow could be identified as insecure, or rendered unavailable.

            Certificate users contacted by Threatpost said they were notified of the revocation Tuesday and given 24 hours to resolve the issue. Certificates will be revoked March 4, 9:00 p.m. EST.

            “I manage 200 domains across 20 servers and have until the end of the day to fix the problem,” said Mark Engelhardt, IT consultant with Intuitive Engineering, in Montpelier, Vt. “Let’s Encrypt did not handle this in an ideal fashion at all.”

          • Let's Encrypt? Let's revoke 3 million HTTPS certificates on Wednesday, more like: Check code loop blunder strikes

            On Wednesday, March 4, Let's Encrypt – the free, automated digital certificate authority – will briefly become Let's Revoke, to undo the issuance of more than three million flawed HTTPS certs.

            In a post to the service's online forum on Saturday, Jacob Hoffman-Andrews, senior staff technologist at the EFF, said a bug had been found in the code for Boulder, Let's Encrypt's automated certificate management environment.

            Boulder checks Certificate Authority Authorization (CAA) records to ensure that a Let's Encrypt subscriber controls the domain names for which they are requesting HTTPS certificates. The bug, introduced on July 25, 2019, was an error in the way the tool's Go code iterated over the domain names.

          • Let's Encrypt to revoke 3 million certificates on March 4 due to software bug
          • Millions of websites face 'insecure' warnings

            Some well-known websites could stop functioning properly on Wednesday, 4 March, after a bug was found in the digital certificates used to secure them. The organisation that issues the certificates revealed that three million need to be immediately revoked. Visitors to affected sites will be greeted with an alert warning them the site is insecure. One expert said the issue could result in a "loss of trust". The internet security research group (ISRG) is the non-profit organisation behind the project, Let's Encrypt, and last month celebrated issuing its billionth certificate. The project has some high-profile backers, including Cisco, Facebook and Google, and is widely credited as one of the driving forces behind businesses securing their websites. In a notification email to its clients, the organisation said: "We recently discovered a bug in the Let's Encrypt certificate authority code. "Unfortunately, this means we need to revoke the certificates that were affected by this bug, which includes one or more of your certificates. To avoid disruption, you'll need to renew and replace your affected certificate(s) by Wednesday, March 4, 2020. We sincerely apologise for the issue."


            He said that while it had "responsibly" revealed the bug, its clients faced uncertainty. "Nobody knows how they will deal with it. Businesses will have to apply for a new certificate so there could be an interruption to services which will result in a loss of trust. Users will experience websites that say they have a security problem." While the organisation has issued a list of the certificate numbers, it has not made public the names behind them but Prof Woodward said it would probably affect "well-known" websites.

          • Letsencrypt is revoking certificates on March 4

            Let’s Encrypt is a non-profit certificate authority that provides X.509 certificates for Transport Layer Security (TLS) encryption free of cost. The TLS certificate is valid for 90 days only. However, Due to the bug, they need to revoke many (read as “certain”) Let’s Encrypt TLS/SSL certificates. Let us see how to find out if you are affected by this bug and how you can fix it to avoid any problems with your TLS/SSL certificates.

            The revocations start on 04 March 2020, and you need to renew your certificate before that; otherwise, your visitors will get an error about Invalid and expired/revoked certificate error.

          • Security updates for Tuesday

            Security updates have been issued by Debian (linux-4.9, proftpd-dfsg, rrdtool, and zsh), Fedora (kernel), openSUSE (cacti, cacti-spine, mariadb, and ppp), Red Hat (kernel, qemu-kvm, qemu-kvm-ma, and ruby), Slackware (seamonkey), SUSE (kernel, libpng16, ovmf, python-aws-sam-translator, python-boto3, python-botocore, python-cfn-lint, python-jsonschema, python-nose2, python-parameterized, python-pathlib2, python-pytest-cov, python-requests, python-s3transfer, and python36), and Ubuntu (libpam-radius-auth, OpenSMTPD, and ppp).

          • Now the gap in the Critical Ghostcat patch:” Apache-Tomcat-release from 6.0 to
          • Debian LTS work, February 2020

            I was assigned 20 hours of work by Freexian's Debian LTS initiative and worked 19.25 hours this month, so I will carry over 0.75 hours to March.

            I prepared and, after review, released Linux 3.16.82. I then rebased the Debian package onto that, but haven't yet sent a request for testing. I have started preparing and testing the next update to Linux 3.16.

          • ‘We’re our own focus group’ – Ning Wang on security certification, training, and keeping Kali Linux on top

            If offense is the best defense, then penetration tests are the ultimate indicator of an organization’s security posture.

            And as companies around the world look to bolster their cyber resilience by proactively asking security pros to test their systems for vulnerabilities, this has underscored the need for companies like Offensive Security.

            Founded in 2006, Offensive Security offers a range of ethical hacking certification courses, while also funding and maintaining Kali Linux, the popular Debian-based Linux distribution designed for digital forensics and pen testers.

            The Daily Swig caught up with Ning Wang, Offensive Security’s CEO since January 2019, to find out about her eventful first year at the helm.

            Wang, who has a physics PhD and joined the company from bug bounty platform HackerOne, also discusses the recent update to Kali Linux, countering improvements in defensive tools, and dispelling myths around what it means to be a ‘hacker’.

          • Privacy/Surveillance

            • Schools Are Spying on Students – But Students Can Fight Back

              San Francisco – Schools across the country are increasingly using technology to spy on students at home, at school, and on social media. Today, the Electronic Frontier Foundation (EFF) launched a new Surveillance Self-Defense guide for students and their parents, so they can learn more about how schools are watching them, and how they can fight back.

              The surveillance technology currently in use includes software to scan students’ social media posts, cameras with facial recognition and other scanning capabilities, and microphones to “detect aggression.” Schools can even track you on devices that they don’t control: if you have to download a certain kind of security certificate to use the school Internet, they may be monitoring your browser history and messages you send.

    • Defence/Aggression

      • Letting the Pentagon Loose With Your Tax Dollars

        Creating a national insecurity state.

      • Actual National Security Budget Is Nearly Twice as Much as Announced Budget

        Hold on to your helmets! It’s true the White House is reporting that its proposed new Pentagon budget is only $740.5 billion, a relatively small increase from the previous year’s staggering number. In reality, however, when you also include war and security costs buried in the budgets of other agencies, the actual national security figure comes in at more than $1.2 trillion, as the Trump administration continues to give the Pentagon free reign over taxpayer dollars.

      • Russian military police enter Saraqib, Syrian city actively contested by Assad and Turkish proxy troops

        A Russian military police unit has entered the Syrian city of Saraqib, Idlib Province, Interfax reported.

      • US-Taliban Deal Hailed as Breakthrough, But Violence Likely to Continue

        The U.S. has signed a deal with the Taliban aimed at drawing down its military presence and ending its 18-year war in Afghanistan. The long-anticipated deal comes after a year and a half of negotiations and following a week-long partial truce. Officials hope the accord will set the stage for a more detailed peace plan that creates a power-sharing arrangement and lasting ceasefire, but the deal did not include a key player: the U.S.-backed Afghanistan government. The Taliban has long refused to speak to the government, calling it a “puppet regime.” Under the deal, nearly 5,000 of the 12,000 U.S. troops still in Afghanistan will leave the country in 135 days. The rest of the troops will withdraw 14 months later, if the Taliban comply with the terms of the agreement. We discuss details of the deal with Azmat Khan, award-winning investigative reporter, a New York Times Magazine contributing writer and a Future of War fellow at New America.

      • Happy Afghanistan Surrender Day
    • Environment

    • Finance

    • AstroTurf/Lobbying/Politics

      • South Carolina Primary: What Does It Mean?

        What are the political ‘takeaways’ from Saturday’s South Carolina primary? In just few words: not many.

      • A Bourgeois Hero Would Be Something To See!

        Readers of CounterPunch are likely to be among the political cognoscenti who know that the “dollar-drenched inauthentic opposition party” representing the liberal class will not demand the real change that is now so desperately needed, to seriously address climate crisis, pollution, endless war, rising fascism, mass incarceration, etc.€  (If nothing else, the Democratic Party’s “anyone-but-Bernie” approach to finding a candidate to beat Trump should convince any doubters!)€  But even those of us on the radical end should not too quickly exempt ourselves from being part of the problem.€  In a materialist, capitalist society that values profits over people, and machines over human beings, unprotected from its dehumanizing influence,€  no person escapes the sickness of a society that’s lost its human bearings.

      • MSNBC's Chris Matthews to Retire, Citing His Offensive Comments About Women

        Veteran MSNBC host Chris Matthews said he’s retiring from his show “Hardball,” citing his inappropriate comments about women.

      • 'We Have the Energy and Excitement': Nearly 25,000 Rally for Bernie in California Ahead of Super Tuesday

        "The political establishment is getting nervous... Some in the Democratic establishment are saying, 'My God, look at the turnout here!'"

      • Dark Money Played a Pivotal Role in Trump’s Wisconsin Win

        A confidential report claims that secretive groups targeting independent voters helped tip the balance for Trump in 2016.

      • Swinging the Vote?

        Pete Buttigieg is leading at 63 percent. Andrew Yang came in second at 46 percent. And Elizabeth Warren looks like she’s in trouble with 0 percent.

        These aren’t poll numbers for the U.S. 2020 Democratic presidential contest. Instead, they reflect which candidates were able to consistently land in Gmail’s primary inbox in a simple test.

        The Markup set up a new Gmail account to find out how the company filters political email from candidates, think tanks, advocacy groups, and nonprofits.

        We found that few of the emails we’d signed up to receive —11 percent—made it to the primary inbox, the first one a user sees when opening Gmail and the one the company says is “for the mail you really, really want.”

    • Censorship/Free Speech

    • Civil Rights/Policing

      • 'Inhumane' and 'Reckless': Amnesty International Condemns Greece's Measures to Block Migrants at Turkish Border

        "People seeking asylum are once again being used as bargaining chips in a callous political game."

      • Remembering the Heroism of Activist Berta Cáceres Four Years After Her Assassination: an Interview With Her Daughter

        On July 15, 2013, the Civic Council of Popular and Indigenous Organizations of Honduras (COPINH), led by Berta Cáceres Flores, went to protest the construction of a hydroelectric dam on the Gualcarque River. This river, in western Honduras, is considered to be sacred by the indigenous Lenca community. No one from the company that wanted to build the dam had talked to the Lenca. The company—Desarrollos Energéticos Sociedad Anónima (DESA)—was owned and controlled by one of the most powerful families in Honduras, the Atala Zablahs. The Honduran Army, at the behest of DESA, guarded the site. The soldiers opened fire at the protesters and killed Tomás García.

      • In Blow to Administration's "Xenophobic Agenda," Federal Judge Says Cuccinelli Unlawfully Installed as Immigration Agency Head

        The ruling was heralded as "a major win for immigrants and asylum-seekers."

      • Auschwitz Survivors Don’t Want Their Past to Be Their Grandchildren’s Future

        In January, more than 200 survivors of Auschwitz, the notorious Nazi death camp in Poland, gathered to commemorate the 75th anniversary of liberation from the camp. They testified to the brutalities of the Nazi state-sanctioned killing machine to which, at that time, the rest of the world appeared indifferent. More than 1.1 million Jews — along with thousands of Roma, dissidents and others considered “enemies of the state” — were murdered at the camp while the international community looked away. Calls to never let such crimes happen again were mixed with impassioned indignation and a “warning against the complicity, apathy and demagoguery that paved the way to the mass slaughter of about 11 million people.” Several survivors spoke not only to the terrifying criminal nightmare and systemic ethnic cleansing undertaken at Auschwitz, but also to the conditions that made it possible, warning that the lessons there have not been learned by existing generations.

      • Embarrassing Moments from Trump’s Visit to India

        Donald Trump abroad never ceases to entertain with his ignorance and misstatements. As India’s leaders learned from Trump’s previous visits to Saudi Arabia and China, all it takes is pomp and circumstance to get this president’s favorable remarks. Here are a few gems from his just-concluded visit:

      • Fighting Modi with a Poem

        Some poems capture the tyranny of the time. € Sab Yaad Rakha Jaiga (All you do will be remembered), an Urdu/Hindi poem protesting the viciousness that the Modi Hindutva has unleashed in various parts of India is circulating in the social media. The author, Aamir Aziz, a young Muslim poet, lives in Delhi or Kashmir, or whereever Hindutva mobs have killed Muslims in screaming daylight. A few days ago, Roger Waters of the Pink Floyd rock band read parts of the poem in England to a gathering, sparking even more interest in the poem. The poem speaks to the hearts of persecuted communities in India, and everywhere in the world. Here I offer an interpretation of the poem, not a literal translation, as I believe this poem is inseparable from its language. The poem that Aziz wrote is much sharper than the interpretation I render in the following words. I have removed all punctuation in the poem to depict the ceaseless terror the persecuted communities bear.

      • Modi's Muslims

        We can only fear what this country will become should he reign another four years.

      • Time for a Referendum on America's Criminal Injustice System

        Prosecutors like to say they are engaged in a search for justice. Many are. But while reporting on criminal courts in California over the years, I’ve seen too many doing the opposite.

      • Putin introduces constitutional amendments mentioning God and banning same-sex marriage

        Russian State Duma speaker Vyacheslav Volodin announced on March 2 that President Vladimir Putin introduced new changes to his planned constitutional reforms in advance of the Duma’s second vote on the bill.

      • Los Angeles D.A.’s Husband Pulls Gun on Black Lives Matter Protesters

        “You were supposed to meet with us six months ago,” an activist shouted at Los Angeles District Attorney Jackie Lacey€ during a Jan. 29 debate. He wasn’t the only one yelling. Multiple protesters came to confront Lacey about the more than 500 police shootings that have taken place during her seven-year tenure. They were angry about Lacey’s constantly delayed promises to meet with Black Lives Matter Los Angeles members and other activists about the shootings and other police concerns. They waited over two years for a meeting that never came, according to HuffPost.

      • Six Rules for Organizing a Grassroots Regeneration Revolution

        We must think, act and organize locally, while simultaneously cultivating a global vision and global solidarity.

      • Opera Union Member Alleges Cover-Up in Placido Domingo Scandal

        SAN FRANCISCO — A senior member of the main U.S. union that represents opera performers resigned Monday, accusing the leadership of a cover-up in its investigation into accusations of sexual harassment against superstar Plácido Domingo.

    • Internet Policy/Net Neutrality

      • Clarence Thomas Regrets Brand X Decision That Paved Way For The Net Neutrality Wars

        In its 2005 Brand X decision, the courts changed US telecom oversight forever. You might recall that in the early aughts, former FCC boss Michael Powell (now the top lobbyist for the cable industry) engaged in wholesale deregulation of the broadband sector, insisting it would usher forth all manner of intense competition. Powell had claimed at the time that a new technology known as broadband over powerline (BPL) would come in as a layer of added competition, justifying his decision to free the sector from regulatory oversight. Due to interference issues, BPL never worked out, and you may have noticed that Powell's promised deregulation-triggered wave of competition never happened.

    • Monopolies

      • Patents

        • ITC: Importing Articles that Infringe

          Rovi complained to the US International Trade Commission (ITC) that Comcast’s customers directly infringe Rovi’s U.S. Patents 8,006,263 and 8,578,413 when they use the X1 system. The ITC agreed and found Comcast in violation.

          Three issues to talk about here: (1) Importing “articles that infringe”; (2) Importation by third parties; (3) Patents are now expired.

          Articles that Infringe: The ITC statute provides for action based upon “importation … of articles that (i) infringe a valid and enforceable US patent.” 19 U.S.C. €§ 1337(a). Comcast argues that the set-top boxes do not infringe the patent at the point of importation, but rather only become infringing once in use by the customer. On appeal, the Federal Circuit held that this issue was already decided in Suprema, Inc. v. U.S. Int’l Trade Comm’n, 796 F.3d 1338 (Fed. Cir. 2015) (en banc) (ITC still can take action to block imports even though direct infringement is post-importation). Note here that Comcast hired former US Solicitor General Donald Verrilli as its appellate counsel — in part to potentially push this issue up to the Supreme Court.

          Third Party Importation: The Comcast X1 boxes are actually imported by ARRIS and Technicolor. On appeal, the Federal Circuit confirmed that Comcast counts as the importer for Section 337 purposes because Comcast caused the articles to be imported and because the articles are particularly tailored to Comcast’s system so as to have no other use.

          Expired Patents: The patents at issue here have expired. As such, the ITC exclusion order has no further prospective effect. Since the ITC is not authorized to award damages, Comcasted that the patent expiration rendered the entire case and appeal moot. On appeal, however, the Federal Circuit chose to decide the issues — finding that “appellate finality” is warranted based upon “collateral consequences” that may stem from its outcome. In particular, the court noted two additional ITC actions involving Rovi patents asserted against the same Comcast X1 box in which ALJ noted that the present appeal will impact the outcome of the ongoing investigation. “We conclude that there are sufficient collateral consequences to negate mootness.”

        • The Many Mistakes in the Panel Decision in GS CleanTech Corp v. Adkins

          That finding can ruin careers. Dennis examined the merits: I want to examine the procedure used on appeal. (I’ve taught civil procedure for decades now, and served as a clerk on the court a few years ago… this case is in need of correction by the full court or the panel on rehearing — whether it changes the outcome, or not, a point on which I have no view.) Whatever the merits, the panel mistates key issues of appellate review of inequitable conduct and contradicts prior panel decisions and even Therasense itself — and does so in a way that radically increases the scope of this equitable defense while, at the same time, failing to analyze the equities, oddly enough.

          Specifically, first, the panel states the the standard of review of a fact finding of materiality underlying inequitable conduct is for abuse of discretion. That is just flat wrong. “[W]e review the district court’s findings of materiality… for clear error.” Am. Calcar, Inc. v. Am. Honda Motor Co., 768 F.3d 1185, 1189 (Fed. Cir. 2014). Accord, Regeneron Pharm., Inc. v. Merus N.V., 864 F.3d 1343, 1351 (Fed. Cir. 2017).

          Worse, invalidity “under the on-sale bar is a question of law with underlying questions of fact.” Robotic Vision Sys., Inc. v. View Eng’g, Inc., 249 F.3d 1307, 1310 (Fed. Cir. 2001). Accord, The Medicines Co. v. Hospira, Inc., 881 F.3d 1347, 1350 (Fed. Cir. 2018). The panel examines for abuse of discretion of, not just the underlying factual questions, but the legal question. That is wrong. Indeed, it applied abuse of discretion to whether the invention was ready for patenting, which is also wrong.

        • China’s SPC IP Tribunal: Router manufacturer and seller liable for infringement even though patented method performed by a third party

          The IP Tribunal of the Supreme People’s Court (SPC) recently issued a decision in Dunjun v. Tengda ((2019) SPC IP Civil No. 147), holding that the manufacturer’s making and selling of routers directly infringed a telecommunication method-of-use patent even though the manufacturer itself did not perform one single step of the patented method.

          This article discusses this case and its potential influences on China’s landscape for infringement of process patents in the telecommunications industry.


          In this case, the SPC IP Tribunal established a groundbreaking rule for an equipment manufacturer’s liability in a method-of-use patent in the telecommunications industry, which significantly broadened the scope of direct infringement. Specifically, the SPC IP Tribunal has ruled that a method-of-use patent is infringed by an equipment manufacturer for making or selling an alleged infringing product, where the product substantially embodies the patented method, such that the patented method would be performed by a third party e.g. an end user when using the product in an ordinary manner.

          Chinese courts have long held that a method-of-use claim cannot be directly infringed merely by the manufacture or sale of a product used for patented method under the current legal regime in China. In another words, infringement of a method claim could only occur when all steps of the patented method have been performed, rather than when someone makes or sells a product that can be used in the performance of the patented method. Thus, a patentee has to sue for indirect infringement against a product manufacturer/seller on the ground that the manufacturer/seller contributed to or induced end users to infringe. However, contributory infringement is difficult to establish as the law requires firstly, a plaintiff to prove direct infringement occurred, and secondly, the plaintiff has to prove that the alleged infringing product was designed intentionally to exploit a patented method with no substantial non-infringing use.

        • Software Patents

          • Terrestrial Comms patent added to PATROLL

            On March 3, 2020, Unified Patents added a new PATROLL contest with a $2,000 cash prize for prior art submissions for US 7,411,552. The '552 patent generally relates to a "variety of techniques to achieve the desired impedance matching so that there are more opportunities available to a designer, such as choice of geometry, size, or the like, to achieve the desired operating frequency without compromising the performance of the wireless communication device" (see the background of the invention in the patent specification). The patent is owned by Terrestrial Comms LLC, an NPE. Terrestrial Comms has asserted this patent in US district court against Best Buy, Perixx Computer, Acco Brands, and NEC. To protect innovation and deter future frivolous assertions, Unified is offering a $2,000 cash prize for the best prior art on this patent.

      • Copyrights

Recent Techrights' Posts

Djibouti Enters the Windows "10% Club" (Windows Was 99% in 2010)
In Africa in general Microsoft lost control
[Video] Boston Area Assange Defense (Yesterday)
It was published only hours ago
In Malta, Android/Linux Has Overtaken Microsoft Windows (According to statCounter)
statCounter milestone?
Possibly Worse Than Bribes: US Politicians and Lawmakers Who Are Microsoft Shareholders
They will keep bailing out Microsoft to bail themselves out
The Software Freedom Conservancy Folks Don't Even Believe in Free Speech and They Act As Imposters (Also in the Trademark Arena/Sense)
Software Freedom Conservancy was already establishing a reputation for itself as a G(I)AFAM censor/gatekeeper
GNU/Linux Share Doubled in the United States of America (USA) in the Past 12 Months
Or so says statCounter
Even in North Korea (Democratic People's Republic Of Korea) Google Said to Dominate, Microsoft Around 1%
Google at 93.26%
[Meme] The Red Bait (Embrace... Extinguish)
They set centos on fire, then offer a (de facto) proprietary substitute for a fee
Shooting the Messenger to Spite the Message
segment of a Noam Chomsky talk
Guinea: Windows Down From 99.3% to 2.7% 'Market Share'
Guinea is not a small country
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, July 15, 2024
IRC logs for Monday, July 15, 2024
What's Meant by "Antenna Abuse" (Gemini)
syndication is not a monopoly in Gemini and if one doesn't condone political censorship, then one can create one's own syndication service/capsule
Microsoft Layoffs and Entire Unit Termination: Diversity, Equity, and Inclusion
What an announcement to make just before Independence Day
Links 16/07/2024: Old Computer Challenge and One Page Dungeon Contest
Links for the day
Microsoft Falls Further and Closer Towards 10% (Windows "Market Share") in Kuwait
more countries entering the "single-digit Windows" (under 10%) club
Gemini Links 15/07/2024: Antenna's Pro-Hamas Bias Revisited and Old Computer Challenge
Links for the day
[Video] Julian Assange, Over One Decade Ago, Cautioning About What the Internet Had Truly Become
video is not new
Antenna Abuse and Gemini Abuse (Self-hosting Perils)
Perhaps all this junk is a sign of Gemini growing up
Homage to Malta
Malta is probably easy for Microsoft to bribe
IRC at 16
Logging has been used for us and against us
Links 15/07/2024: China’s Economic Problems, Boeing Under Fire
Links for the day
500 Days' Uptime Very Soon
Good luck doing that with Windows...
Windows Falls Below 20% in Tunisia
A month ago we wrote about GNU/Linux in Tunisia
Links 15/07/2024: Google Wants Wiz and Why "Sports Ruin Everything"
Links for the day
Gemini Links 15/07/2024: Old Computer Challenge and Sending Files via NNCP
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, July 14, 2024
IRC logs for Sunday, July 14, 2024
Debian History Harassment & Abuse culture evolution
Reprinted with permission from Daniel Pocock
Microsoft Windows Down to 23% in Spain
the rate of change is noteworthy
[Meme] It Is Not About Empowerment, It's About Optics for Bigots and Businessmen
Truth hurts
Truth is Always Truth
Desperate efforts to suppress the truth resulted in even worse chaos and some people are going to pay for it
Android Surges to New Highs in Georgia, Windows Plunges to 30% (It Was 99% in 2012)
Until 2012 almost all Web requests there came from Windows
Another Casualty of the 'GAI' Ponzi Scheme: Most of the News Cycle and News Sites
accelerated death of journalism
Empowering Predators Who Fancy Exercising Control Over Women (Using Corporate Money)
Remember this when Google talks about diversity, women etc.
GNU/Linux Continues Its Rapid Growth in July, Today We Look at Belgium
Again, a word of caution: statCounter isn't a perfect yardstick
Links 14/07/2024: Goldman Sachs Says 'Advanced' or 'Generative' Hey Hi (AI) is Just Hype, Thoughts on Negatives
Links for the day
GNOME Foundation Welcomes Dolly
It didn't work out with Molly and Holly
Links 14/07/2024: Perils for AI PC Hype Train, Further Attacks on Freedom of the Press
Links for the day
A Response to Bill Maher's Senseless Attacks on Julian Assange and Wikileaks
published a few hours ago
The List of Sites or Sources for Linux News is Getting Shorter Over Time (Despite GNU and Linux Steadily Growing in Usage)
A lack of publishing begets lack of educated, informed population (a return to Dark Ages where rulers leverage mass ignorance)
The Number of Web Servers Has Gone Down
Cloud fatigue deux?
[Meme] GNOME Foundation's Relationship With Women
Lots more coming soon, so stay tuned
The Smugness of "I'm a Journalist"
Attacking women for expressing their opinions (for example, about the abuse they received) isn't unprecedented
It Takes No Courage to Become Another Corporate Stooge
transition to spam
Why Techrights Has Just Programmatically Blacklisted ZDNet
Even their "Linux" writers are AWOL
Gemini Links 14/07/2024: The Stress of 24/7 Notifications and FOSS tools for Sipeed Tang Nano 1K
Links for the day
Windows Already Down to 10% in Lao (It was 96% a Decade and a Half Ago), Vista 11 Adoption Has Stalled
And GNU/Linux is topping a 1-year high in Loa
IRC Proceedings: Saturday, July 13, 2024
IRC logs for Saturday, July 13, 2024
Over at Tux Machines...
GNU/Linux news for the past day