Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 24 min 59 sec ago

[$] TLS gets a boost from Arduino for IoT devices

Tuesday 28th of July 2020 03:18:03 PM
Arduino devices are a favorite among do-it-yourself (DIY) enthusiasts to create, among other things, Internet of Things (IoT) devices. We have previously covered the Espressif ESP8266 family of devices that can be programmed using the Arduino SDK, but the Arduino project itself also provides WiFi-enabled devices such as the Arduino MKR WiFi 1010 board. Recently, the Arduino Security Team raised the problem of security shortcomings of IoT devices in a post, and how the Arduino project is working to make improvements. We will take the opportunity to share some interesting things from that, and also look at the overall state of TLS support in the Arduino and Espressif SDK projects.

Historical programming-language groups disappearing from Google

Tuesday 28th of July 2020 03:04:34 PM
As Alex McDonald notes in this support request, Google has recently banned the old Usenet groups comp.lang.forth and comp.lang.lisp from the Google Groups system. "Of specific concern is the archive. These are some of the oldest groups on Usenet, and the depth & breadth of the historical material that has just disappeared from the internet, on two seminal programming languages, is huge and highly damaging. These are the history and collective memories of two communities that are being expunged, and it's not great, since there is no other comprehensive archive after Google's purchase of Dejanews around 20 years ago." Perhaps Google can be convinced to restore the content, but it also seems that some of this material could benefit from a more stable archive.

Security updates for Tuesday

Tuesday 28th of July 2020 02:58:34 PM
Security updates have been issued by openSUSE (cacti, cacti-spine, go1.13, SUSE Manager Client Tools, and tomcat), Red Hat (postgresql-jdbc and python-pillow), Slackware (mozilla), SUSE (python-Django and python-Pillow), and Ubuntu (clamav, librsvg, libslirp, linux-gke-5.0, linux-oem-osp1, linux-hwe, linux-azure-5.3, linux-gcp-5.3, linux-gke-5.3, linux-hwe, linux-oracle-5.3, and sqlite3).

Git v2.28.0

Monday 27th of July 2020 05:29:37 PM
Version 2.28.0 of the git version control system has been released. "It is smaller than the releases in our recent past, mostly due to the development cycle was near the shorter end of the spectrum (our cycles last 8-12 weeks and this was a rare 8-week cycle)."

See this GitHub Blog post for details on the new features in this release.

Security updates for Monday

Monday 27th of July 2020 02:51:53 PM
Security updates have been issued by Debian (e2fsprogs, ffmpeg, milkytracker, mupdf, openjdk-11, and qemu), Fedora (bashtop), Gentoo (ant, arpwatch, awstats, cacti, chromium, curl, dbus, djvu, filezilla, firefox, freexl, fuseiso, fwupd, glib-networking, haml, hylafaxplus, icinga, jhead, lha, libexif, libreswan, netqmail, nss, ntfs3g, ntp, ocaml, okular, ossec-hids, qtgui, qtnetwork, re2c, reportlab, samba, sarg, sqlite, thunderbird, transmission, tre, twisted, webkit-gtk, wireshark, and xen), openSUSE (cacti, cacti-spine, chromium, freerdp, go1.13, kernel, knot, libraw, LibVNCServer, perl-YAML-LibYAML, salt, tomcat, vino, and webkit2gtk3), and SUSE (mailman, rubygem-excon, rust, rust-cbindgen, samba, and tomcat).

Kernel prepatch 5.8-rc7

Monday 27th of July 2020 01:24:06 PM
The 5.8-rc7 kernel prepatch is out for testing; Linus is unsure about whether things are slowing down enough or not. "But it *might* mean that an rc8 is called for. It's not like rc7 is *big* big. We've had bigger rc7's. Both 5.3 and 5.5 had bigger rc7's, but only 5.3 ended up with an rc8. Put another way: it could still go either way. We'll see how this upcoming week goes."

[$] Mycroft: an open-source voice assistant

Friday 24th of July 2020 09:40:25 PM
Mycroft is a free and open-source software project aimed at providing voice-assistant technology, licensed under the Apache 2.0 license. It is an interesting alternative to closed-source commercial offerings such as Amazon Alexa, Google Home, or Apple Siri. Use of voice assistants has become common among consumers, but the privacy concerns surrounding them are far-reaching. There have been multiple instances of law enforcement's interest in the data these devices produce for use against their owners. Mycroft claims to offer a privacy-respecting, open-source alternative, giving users a choice on how much of their personal data is shared and with whom.

Bison 3.7 released

Friday 24th of July 2020 03:12:22 PM
Version 3.7 of the Bison parser generator is out. The biggest new feature would appear to be the generation of "counterexamples" for conflicts — examples of strings that could be parsed in multiple ways. There is also better support for reproducible builds, documentation links in warnings, and more.

digiKam 7.0.0 released

Friday 24th of July 2020 02:05:32 PM
Version 7.0.0 of the digiKam photo editing and management application is out. This release adds support for a number of new raw formats, support for Apple's HEIF format, and a new mosaic plugin. The headline feature, though, appears to be completely reworked face detection: "The new code, based on recent Deep Neural Network features from the OpenCV library, uses neuronal networks with pre-learned data models dedicated for the Face Management. No learning stage is required to perform face detection and recognition. We have saved coding time, run-time speed, and a improved the success rate which reaches 97% of true positives. Another advantage is that it is able to detect non-human faces, such as those of dogs."

Security updates for Friday

Friday 24th of July 2020 01:32:22 PM
Security updates have been issued by Debian (qemu), Fedora (java-11-openjdk, mod_authnz_pam, podofo, and python27), openSUSE (cni-plugins, tomcat, and xmlgraphics-batik), Oracle (dbus and thunderbird), SUSE (freerdp, kernel, libraw, perl-YAML-LibYAML, and samba), and Ubuntu (libvncserver and openjdk-lts).

Brauner: The Seccomp Notifier – New Frontiers in Unprivileged Container Development

Thursday 23rd of July 2020 07:54:41 PM
Christian Brauner has posted a novella-length description of the seccomp notifier mechanism and the problems it is meant to solve. "So from the section above it should be clear that seccomp provides a few desirable properties that make it a natural candidate to look at to help solve our mknod(2) and mount(2) problem. Since seccomp intercepts syscalls early in the syscall path it already gives us a hook into the syscall path of a given task. What is missing though is a way to bring another task such as the LXD container manager into the picture. Somehow we need to modify seccomp in a way that makes it possible for a container manager to not just be informed when a task inside the container performs a syscall it wants to be informed about but also how can to make it possible to block the task until the container manager instructs the kernel to allow it to proceed."

PHP 8 alpha 3 released

Thursday 23rd of July 2020 05:40:17 PM
The PHP project has released PHP 8 Alpha 3, the final alpha release according to the 8.0 release schedule. Feature freeze for the 8.0 release is scheduled for August 4, making this release the last one before features for the latest version of PHP are finalized. PHP 8.0 is scheduled to be released for general availability on November 26.

[$] The archaeology of GNOME accessibility

Thursday 23rd of July 2020 02:06:44 PM
There are many people in the world who cannot make full use of their computers without some sort of accessibility support. Developers, though, have a tendency not to think about accessibility issues themselves; they don't (usually) need those features and cannot normally even see them. In a talk at the 2020 GUADEC virtual conference, Emmanuele Bassi discussed the need for accessibility features, their history in GNOME, and his effort to rethink about how GNOME supports assistive technology.

Security updates for Thursday

Thursday 23rd of July 2020 01:20:36 PM
Security updates have been issued by Debian (poppler and tomcat8), Fedora (cacti, cacti-spine, java-1.8.0-openjdk, mbedtls, mingw-python3, singularity, and xen), openSUSE (firefox, redis, and singularity), Red Hat (samba), SUSE (java-11-openjdk, qemu, and vino), and Ubuntu (ffmpeg and pillow).

[$] LWN.net Weekly Edition for July 23, 2020

Thursday 23rd of July 2020 01:27:19 AM
The LWN.net Weekly Edition for July 23, 2020 is available.

Image "Cloaking" for Personal Privacy

Wednesday 22nd of July 2020 10:43:48 PM
SAND Lab at the University of Chicago has announced Fawkes, which is a BSD-licensed privacy-protection tool available on GitHub. "At a high level, Fawkes takes your personal images, and makes tiny, pixel-level changes to them that are invisible to the human eye, in a process we call image cloaking. You can then use these "cloaked" photos as you normally would, sharing them on social media, sending them to friends, printing them or displaying them on digital devices, the same way you would any other photo. The difference, however, is that if and when someone tries to use these photos to build a facial recognition model, "cloaked" images will teach the model an highly distorted version of what makes you look like you. The cloak effect is not easily detectable, and will not cause errors in model training. However, when someone tries to identify you using an unaltered image of you (e.g. a photo taken in public), and tries to identify you, they will fail."

[$] Maintaining stable stability

Wednesday 22nd of July 2020 10:04:27 PM
The stable kernel trees are quite active, often seeing several releases in a week's time. But they are also meant to be ... well ... stable, so a lot of effort goes into trying to ensure that they do not introduce new bugs or regress the kernel's functionality. One of the stable maintainers, Sasha Levin, gave a talk at the virtual Open Source Summit North America that described the process of ensuring that these trees are carefully managed so that they can provide a stable base for their users.

[$] New features in gnuplot 5.4

Wednesday 22nd of July 2020 09:15:54 PM
Gnuplot 5.4 has been released, three years after the last major release of the free-software graphing program. In this article we will take a look at five major new capabilities in gnuplot. First, we briefly visit voxel plotting, for visualizing 3D data. Since this is a big subject and the most significant addition to the program, we'll save the details for a subsequent article. Next, we learn about plotting polygons in 3D, another completely new gnuplot feature. After that, we'll get caught up briefly in spider plots, using them to display some recent COVID-19 infection data. Then we'll see an example of how to use pixmaps, a new feature allowing for the embedding of pictures alongside curves or surfaces. Finally, we'll look at some more COVID-19 data using the new 3D bar chart.

[$] The sad, slow-motion death of Do Not Track

Wednesday 22nd of July 2020 04:01:46 PM
"Do Not Track" (DNT) is a simple HTTP header that a browser can send to signal to a web site that the user does not want to be tracked. The DNT header had a promising start and the support of major browsers almost a decade ago. Most web browsers still support sending it, but in 2020 it is almost useless because the vast majority of web sites ignore it. Advertising companies, in particular, argued that its legal status was unclear, and that it was difficult to determine how to interpret the header. There have been some relatively recent attempts at legislation to enforce honoring the DNT header, but those efforts do not appear to be going anywhere. In comparison, the European Union's General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA) attempt to solve some of the same problems as DNT but are legally enforceable.

Six stable kernels

Wednesday 22nd of July 2020 03:49:44 PM
Stable kernels 5.7.10, 5.4.53, 4.19.134, 4.14.189, 4.9.231, and 4.4.231 have been released. They all contain important fixes and users should upgrade.

More in Tux Machines

libinput 1.16.0

libinput 1.16.0 is now available.

No significant changes since the second RC, so here's slightly polished RC1
announcement text.

This has been a long cycle, mostly because there weren't any huge changes on
the main development branch and a lot of the minor annoyances have found
their way into the 1.15.x releases anyway.

libinput now monitors timestamps of the events vs the current time when
libinput_dispatch() is called by the compositor. Where the difference
*may* result in issues, a (rate-limited) warning is printed to the log.
So you may see messages popping up in the form of
  "event processing lagging behind by XYZms, your system is too slow"
This is a warning only and has no immediate effect. Previously we would only
notice (and warn about) this when it affected an internal timer. Note that
these warnings do not show an issue with libinput, it shows that the the
compositor is not calling libinput_dispatch() quick enough.

The wheel tilt axis source was deprecated. No device ever had the required
udev properties set so we should stop pretending we support this.

Touchpads now support the "flat" acceleration profile. The default remains
unchanged and this needs to be selected in the configuration interface. The
"flat" profile applies a constant factor to movement deltas (1.0 for the
default speed setting).

Events from lid or tablet-mode switches that are known to libinput as being
unreliable are now filtered and no longer passed to the caller.
This prevents callers from receiving those known-bogus events and having to
replicate the same heuristics to identify unreliable devices that libinput
employs internally.

A new "libinput analyze" debugging tool is the entry tool for analysing
various aspects of devices. Right now the only tool is
"libinput analyze per-slot-delta" which can be used to detect pointer jumps
in a libiput record output. This tool used to live elsewhere, it was moved
to libinput so that reporters can easier run this tool, reducing the load on
the maintainers.

The tools have seen a few minor improvements, e.g.
- "libinput record touchpad.yml" does the right thing, no explicit --output
  argument required
- libinput measure touchpad-pressure has been revamped to be a bit more
  obvious
- libinput measure touchpad-size has been added (as replacement for the
  touchpad-edge-detector tool)
- libinput measure fuzz has been fixed to work (again and) slightly more
  reliable

The libinput test suite has been fixed to avoid interference with the
currently running session. Previously it was virtually impossible to work
while the test suite is running - multiple windows would pop up, the screen
would blank regularly, etc.

And of course a collection of fixes, quirks and new bugs.

As usual, see the git shortlog for details.

Diego Abad A (1):
      FIX: typo on building documentation

Peter Hutterer (2):
      test: semi-fix the switch_suspend_with_touchpad test
      libinput 1.16.0

git tag: 1.16.0
Read more Also: >Libinput 1.16 Released - Ready To Warn You If Your System Is Too Slow

18 Frameworks, Libraries, and Projects for Building Medical Applications

Open-source is not just a license or a code-based that left free on an online repository, It's a complete concept which comes with several advantages. Moreover, the most advantage you can get from Open-source is beyond the open-code it's FREEDOM; freedom to use or re-shape it as you see fit within your project commercial or otherwise, and that depends on the license of course. You are free from the headache of license conflict legal problems but also from the dilemma of dealing with restrections and limitations which come with property licenses. You are free from the system lock-in schemes, furthermore, you own your data, and freedom to customize the software as your structure requires and workflow demands. The Community: The Open-source project gains a powerful community as they gain users, the community users vary between advanced users, end-users, developers and end-users on decision-making level. Many of the community users are providing quality inputs from their usage and customized use-case and workflow or test-runs, Furthermore, they always have something to add as new features, UI modification, different usability setup, and overall introducing new workflows and tools, and That's what makes the progress of the open-source different than non-free solutions. While, Good community means good support, The community is a good resource to hire advanced users, developers, and system experts. It also provides alternative options when hiring developers. Unlike non-free software which are not blessed with such communities and where the options there are limited, The rich open-source community provides rich questions and answers sets that contributed by users from all around the world. Higher education value for the in-house team The open-source concept itself provides educational value, I owe most of what I know to open-source communities.The access to the source code and open-channels communication with the core developers is the best educational value any developer can get. Read more

Android Leftovers

Python Programming