News briefs for March 22, 2019.

CodeWeavers announces CrossOver 18.5.0 for Linux and macOS, updating Wine to version 4.0. In addition, CrossOver 18.5 includes "the FAudio library to provide superior audio support for games", "resolves several Office 2010 bugs related to activation and licensing", "supports the very latest release of Office 365" and "includes preliminary support for OneNote 2016 on Linux". Linux users can download it from here.

RaspEX Kodi Build 190321 was released yesterday. extonlinux writes, "In RaspEX Kodi I've added the LXDE Desktop with many useful applications such as VLC Media Player and NetworkManager. Makes it easy to configure your wireless network. I've also upgraded Kodi to version 18.1 Leia, which makes it possible to include useful addons such as Netflix, Plex and Amazon Video. Which I've done." You can download RaspEX Kodi for free from SourceForge.

The FSF awarded seven devices from ThinkPenguin with its Respects Your Freedom (RYF) certification. The devices include "The Penguin Wireless G USB Adapter (TPE-G54USB2), the Penguin USB Desktop Microphone for GNU/Linux (TPE-USBMIC), the Penguin Wireless N Dual-Band PCIe Card (TPE-N300PCIED2), the PCIe Gigabit Ethernet Card Dual Port (TPE-1000MPCIE), the PCI Gigabit Ethernet Card (TPE-1000MPCI), the Penguin 10/100 USB Ethernet Network Adapter v1 (TPE-100NET1), and the Penguin 10/100 USB Ethernet Network Adapter v2 (TPE-100NET2)". This certification means that "products meet the FSF's standards in regard to users' freedom, control over the product, and privacy."

GNU Parallel 20190322 ("FridayforFuture") has been released. You can download it from here. New in this release: "SIGTERM is changed to SIGHUP", "SIGTERM SIGTERM is changed to SIGTERM", it now includes a cheat sheet (parallel_cheat.pdf) and more, plus bug fixes and man page updates.

And if you haven't already heard, Facebook stored hundreds of millions of user passwords in plain text for years. KrebsonSecurity reports that "Hundreds of millions of Facebook users had their account passwords stored in plain text and searchable by thousands of Facebook employees—in some cases going back to 2012. Facebook says an ongoing investigation has so far found no indication that employees have abused access to this data." Facebook has posted a statement about this here.

News Codeweavers CrossOver Linux Raspberry Pi Kodi RaspEX FSF ThinkPenguin GNU Parallel Facebook Privacy

by Augustine Fou

Ever since the Electronic Frontier Foundation’s Panopticlick initiative in 2010, I’ve been sensitized to the risks and potential harms that come from adtech’s tracking of consumers. Indeed, in the years since, it has gotten far far worse. People are only now discovering the bad stuff that has been going on. For example, iPhone apps have been secretly recording users' keystrokes (see ZDNet, Feb 8, 2019), and Android apps with more than 2 billion downloads were committing ad fraud on real humans’ devices behind their backs (see BuzzFeed News, Nov 2018). For many more examples of spying on consumers, documented over the years, see Know Who’s Spying on You at All Times.

 

The popular apps that many humans use continue to track then even if they are logged out, and they also track users who never created an account in the first place (see Facebook tracks both non-users and logged out users). And Google tracks users’ locations even if they turned off location and denied permissions to apps (see Google Tracks Location Even When Users Turn Service Off). Even good apps that never intended to track users may actually be doing so because the SDKs (software development kits) with which they were built may be tracking users and sending data off to others’ servers without their knowledge. Remember the story about the low cost bathroom scale that didn’t work if location was turned off on the smartphone and there was no internet connection? It turns out that the scale was sending data to bare IP addresses that could be traced back to China.

 

Go to Full Article

News briefs for March 21, 2019.

The Document Foundation announces the release of LibreOffice 6.2.2. This version "provides over 50 bug and regression fixes over the previous version". You can view the changelog for details, and go here to download. Note that "LibreOffice 6.2.2 represents the bleeding edge in term of features for open source office suites, and as such is not optimized for enterprise class deployments, where features are less important than robustness. Users wanting a more mature version can download LibreOffice 6.1.5, which includes some months of back-ported fixes."

The new PocketBeagle Linux computer is now available for $29.95 from Adafruit. According to Geeky Gadgets, the PocketBeagle "offers a powerful 1GHz AM3358 powered Linux single board computer with a tiny form factor and open source architecture". The article quotes Adafruit on the new SBC: "what differentiates the BeagleBone is that it has multiple I2C, SPI and UART peripherals (many boards only have one of each), built in hardware PWMs, analog inputs, and two separate 200MHz microcontroller system called the PRU that can handle real-time tasks like displaying to RGB matrix displays or NeoPixels. It's not too much larger than our Feathers, but comes with 72 expansion pin headers, high-speed USB, 8 analog pins, 44 digital I/Os, and plenty of digital interface peripherals. You can also add a USB host connection by wiring a USB A socket to the broken out USB host connections labeled VI, D+, D-, ID and GND. Then plug in any USB Ethernet, Bluetooth, and Wi-Fi device with available Linux drivers."

Google has started enforcing new permissions rules on applications' ability to access a phone's call and text logs. The Register reports that "Developers have been forced to remove features or in some cases change the fundamental nature of the application. One example is BlackBerry's Hub, an email client which also aggregated notifications from a variety of apps and presented them chronologically in a timeline. This application has lost its ability to includes calls and texts in that timeline." In addition, "Exceptions created by Google don't seem to be honoured, developers complained. One said that an enterprise archiving app—a category specifically exempt from the clampdown—has been broken."

OpenShot 2.4.4 was released yesterday. From the OpenShot Blog: "This release brings huge performance and stability improvements, along with some major bug fixes, lots of polish, and many new features." Improvements to the video editor include keyframe scaling, timeline and preview performance, SVG rendering, docking and tracks and much more. You can download OpenShot 2.4.4 from here.

Datapractices.org has joined The Linux Foundation and is publishing a "free open courseware platform for data teamwork. From the press release: "The goal of the Data Practices movement was to start movement similar to 'Agile for Data' that could help offer direction and improved data literacy across the ecosystem. The Data Practices Manifesto has had more signatories in its first year than the Agile manifesto."

News LibreOffice PocketBeagle Adafruit SBCs Google Android Mobile Audio/Video multimedia OpenShot The Linux Foundation Big Data

by Andy Carlson

How to provide robust monitoring to low-end systems.

When running a critical system, it's necessary to know what resources the system is consuming, to be alerted when resource utilization reaches a specific level and to trend long-term performance. Zabbix and Nagios are two large-scale solutions that monitor, alert and trend system performance, and they each provide a rich user interface. Due to the requirements of those solutions, however, dedicated hardware/VM resources typically are required to host the monitoring solution. For smaller server implementations, options exist for providing basic monitoring, alerting and trending functionality. This article shows how to accomplish basic and custom monitoring and alerting using Monit. It also covers how to monitor long-term trending of system performance with RRDtool.

Initial Monit Configuration

On many popular Linux distros, you can install Monit from the associated software repository. Once installed, you can handle all the configuration with the monitrc configuration file. That file generally is located within the /etc directory structure, but the exact location varies based on your distribution.

The config file has two sections: Global and Services. The Global section allows for custom configuration of the Monit application. The Monit service contains a web-based front end that is fully configurable through the config file. Although the section is commented out by default, you can uncomment items selectively for granular customization. The web configuration block looks like this:

set httpd port 2812 and use address localhost allow localhost allow admin:monit

The first line sets the port number where you can access Monit via web browser. The second line sets the hostname (the HTTP Host header) that's used to access Monit. The third line sets the host from which the Monit application can be accessed. Note that you also can do this using a local firewall access restriction if a firewall is currently in place. The fourth line allows the configuration of a user name/password pair for use when accessing Monit. There's also a section that allows SSL options for encrypted connections to Monit. Although enabling SSL is recommended when passing authentication data, you also could reverse-proxy Monit through an existing web server, such as nginx or Apache, provided SSL is already configured on the web server. For more information on reverse-proxying Monit through Apache, see the Resources section at the end of this article.

The next items you need to enable deal with configuring email alerts. To set up the email server through which email will be relayed to the recipient, add or enable the following line:

Go to Full Article

News briefs for March 20, 2019.

A new version of the PuTTY SSH client received several security patches over the weekend, including one that "fixed a 'game over' level vulnerability", according to The Register. Version 0.71 includes "new features plugging a plethora of vulns in the Telnet and SSH client, most of which were uncovered as part of an EU-sponsored HackerOne bug bounty".

Google announces Stadia, its new cloud gaming service. The Verge reports that "Stadia will stream games from the cloud to the Chrome browser, Chromecast, and Pixel devices, and it will launch at some point in 2019 in the US, Canada, UK, and Europe." Google also is launching the Stadia Controller, which "looks like a cross between an Xbox and PS4 controller, and it will work with the Stadia service by connecting directly through Wi-Fi to link it to a game session in the cloud."

Save the Internet Day is planned for March 23 in response to the planned EU copyright reform: "The planned EU copyright reform constitutes a massive threat to the free exchange of opinions and culture online. Together, on 23 March 2019 we call for a Europe-wide day of protests against the dangers of the reform." Visit here for an overview of the planned protests.

Google is fined $1.49 billion by the European commission for search ad brokering antitrust violations. TechCrunch quotes EU competition commissioner Margrethe Vestager: "Today's decision is about how Google abused its dominance to stop websites using brokers other than the AdSense platform".

NVIDIA launched the Jetson Nano module and Jetson Nano Dev Kit. Linux Gizmos reports that the Jetson Nano Developer kit is available for pre-order for $99 and that it will ship sometime in April. The post quotes NVIDIA, who says the Jetson Nano "delivers 472 GFLOPS of compute performance for running modern AI workloads and is highly power-efficient, consuming as little as 5 watts".

News PuTTY Google gaming Stadia EU Copyright NVIDIA Embedded

by Zack Brown

Jérôme Glisse felt that the time had come for the Linux kernel to address seriously the issue of having many different types of memory installed on a single running system. There was main system memory and device-specific memory, and associated hierarchies regarding which memory to use at which time and under which circumstances. This complicated new situation, Jérôme said, was actually now the norm, and it should be treated as such.

The physical connections between the various CPUs and devices and RAM chips—that is, the bus topology—also was relevant, because it could influence the various speeds of each of those components.

Jérôme wanted to be clear that his proposal went beyond existing efforts to handle heterogeneous RAM. He wanted to take account of the wide range of hardware and its topological relationships to eek out the absolute highest performance from a given system. He said:

One of the reasons for radical change is the advance of accelerator like GPU or FPGA means that CPU is no longer the only piece where computation happens. It is becoming more and more common for an application to use a mix and match of different accelerator to perform its computation. So we can no longer satisfy our self with a CPU centric and flat view of a system like NUMA and NUMA distance.

He posted some patches to accomplish several different things. First, he wanted to expose the bus topology and memory variety to userspace as a clear API, so that both the kernel and user applications could make the best possible use of the particular hardware configuration on a given system. A part of this, he said, would have to take account of the fact that not all memory on the system always would be equally available to all devices, CPUs or users.

To accomplish all this, his patches first identified four basic elements that could be used to construct an arbitrarily complex graph of CPU, memory and bus topology on a given system.

These included "targets", which were any sort of memory; "initiators", which were CPUs or any other device that might access memory; "links", which were any sort of bus-type connection between a target and an initiator; and "bridges", which could connect groups of initiators to remote targets.

Aspects like bandwidth and latency would be associated with their relevant links and bridges. And, the whole graph of the system would be exposed to userspace via files in the SysFS hierarchy.

Go to Full Article

News briefs for March 19, 2019.

Mozilla announces the release of Firefox 66 this morning. With this new version, Firefox now prevents websites from playing sound automatically, has an improved search experience, smoother scrolling and much more. You can download Firefox from here.

The Kodi Foundation has joined the Linux Foundation. From the press release: "We strongly believe that open-source is the best way to achieve awesome things. That was and still is what moves Kodi forward. Ever since XBMP, where this project started, a small group of like-minded individuals from different backgrounds have worked together to achieve a goal, taking advantage of each other's merits and talents."

Nextcloud Founder and CEO Frank Karlitschek addressed an open letter sent to EU Parliament members against the Copyright Directive Articles 11 and 13. The letter was signed by more than 130 companies and business alliances from 16 European countries. Karlitschek says, "As founder and CEO of Nextcloud I fear that Articles 11 and 13 of this directive create a serious disadvantage for European startups. The fact that more than 100 companies from different European countries signed our text within a few days shows that I am far from being the only one. I urge every politician to protect European businesses and vote against Article 11 and Article 13." You can view the open letter here.

Tetrate will be hosting the first-ever Service Mesh Industry Conference in San Francisco on March 28th and 29th. From the press release: "Service Mesh day 2019 is hosted by Tetrate and supported by Google, Juniper Networks, Capital One, and open source foundations including Cloud Native Computing Foundation, Cloud Foundry, OpenStack and ONF. The conference will bring together open source experts, cloud providers, customers and industry influencers to explore the use of service mesh technology in enterprise environments. The conference will explore issues such as managing microservices for any app, at any scale, decentralized security controls and the future evolution of service mesh technologies. Attendees will have a chance to network with users and creators in this space who are pioneering service mesh deployments first-hand and participate in conversations that will shape the direction of the industry." The full schedule is here, and you can purchase tickets here.

SiFive announces an upgraded Freedom Everywhere SoC and the HiFive1 Revision B developer board. According to Phoronix, "The HiFive1 is a mini development board without video output and can be connected to Arduino-compatible accessories and designed for real-time embedded use-cases. But this small embedded development board is available for $49 USD." See SiFive.com for more information.

News Mozilla Firefox Kodi The Linux Foundation Nextcloud EU Copyright Tetrate Embedded

by Kyle Rankin

The open nature of the consumer 3D printing industry has made for a much more consumer-friendly world.

This article continues a series that aims to illustrate some of the various problems associated with vendor lock-in. In past articles, I've given examples showing how proprietary systems from disposable razors to messaging apps have replaced more open systems leading to vendor lock-in. This article highlights an ecosystem that, so far, has largely avoided vendor lock-in and describes the benefits that openness has provided members of the community, myself included: 3D printing.

I've been involved in 3D printing for several years. I've owned a number of printers, and I've seen incredible growth in the area from an incredibly geeky fringe to the much more accessible hobby that it is today. I've also written quite a few articles in Linux Journal about 3D printing, including a multi-part series on the current state of 3D printing hardware and software (see the Resources section for links to Kyle's previous Linux Journal articles on 3D printing). I even gave a keynote at SCALE 11x on the free software and open hardware history of 3D printing and how it mirrors the history of the growth of Linux distributions.

The Birth of 3D Printing in the Hobbyist Market

One interesting thing about the hobbyist 3D printing market is that it was founded on free software and open hardware ideals starting with the RepRap project. The idea behind that project was to design a 3D printer from off-the-shelf parts that could print as many of its own parts as possible (especially more complex, custom parts like gears). Because of this, the first generation of 3D printers were all homemade using Arduinos, stepper motors, 3D-printed gears and hardware you could find in the local hardware store.

As the movement grew, a few individuals started small businesses selling 3D printer kits that collected all the hardware plus the 3D printed parts and electronics for you to assemble at home. Later, these kits turned into fully assembled and supported printers, and after the successful Printrbot kickstarter campaign, the race was on to create cheaper and more user-friendly printers with each iteration. Sites like Thingiverse and YouMagine allowed people to create and share their designs, so even if you didn't have any design skills yourself, you could download and print everyone else's. These sites even provided the hardware diagrams for some of the more popular 3D printers. The Free Software ethos was everywhere you looked.

Go to Full Article

Please support Linux Journal by subscribing or becoming a patron.

News briefs for March 18, 2019.

Khronos today released the OpenXR 0.90 provision specification. From the press release: "OpenXR is a unifying, royalty-free, open standard that provides high-performance access to augmented reality (AR) and virtual reality (VR)—collectively known as XR—platforms and devices. The new specification can be found on the Khronos website and is released in provisional form to enable developers and implementers to provide feedback at the OpenXR forum." And following the release of the OpenXR 0.09 provision specification, Collabora announced Monado: "at the center of Monado is a fully open source OpenXR runtime for Linux. It is the component in the XR software stack that implements the hardware support, it knows how to process non standard input from HMD devices and controllers, it knows how to render to those devices and it provides this functionality via the standard OpenXR API."

Solus 4 Fortitude is now available. This new major release "delivers a brand new Budgie experience, updated sets of default applications and theming, and hardware enablement". Visit the download page to install.

Geary 3.32 was released yesterday. This is a feature release of the GNOME email application and aims to "align Geary's interface better with GNOME 3.32". It has "a new icon, the application menu has been moved to a burger menu in the main window, sender images in conversations are now taken from the the desktop address-book, and those without a custom photo are given a personalised image with initials and background colour based on their name", along with the usual bug fixes and other improvements. To install, visit here.

Linux kernel 5.1-rc1 is out. Linus Torvalds writes, "The merge window felt fairly normal to me. And looking at the stats, nothing really odd stands out either. It's a regular sized release (which obviously means "big" - , but it's not bigger than usual) and the bulk of it (just over 60%) is drivers. All kinds of drivers, the one that stands out for being different is the habanalabs AI accelerator chip driver, but I suspect we'll be starting to see more of that kind of stuff. But there are all the usual suspects too - gpu, networking, block devices etc etc."

Opera recently announced that Opera 60 has entered the beta stream. "Opera 60 beta brings a refreshed interface with light and dark themes inspired by high- and low-key lighting photography, respectively. It will also include a Crypto Wallet in the sidebar." This version is actually merging with Opera 59, and the two versions are being called Reborn 3, which will be in the stable channel soon. See the Opera 60 changelog for more details on the changes.

News VR Solus Distributions Geary GNOME kernel Opera

by Mihalis Tsoukalos

Create handy command-line utilities in Rust.

This article is about text processing in Rust, but it also contains a quick introduction to pattern matching, which can be very handy when working with text.

Strings are a huge subject in Rust, which can be easily realized by the fact that Rust has two data types for representing strings as well as support for macros for formatting strings. However, all of this also proves how powerful Rust is in string and text processing.

Apart from covering some theoretical topics, this article shows how to develop some handy yet easy-to-implement command-line utilities that let you work with plain-text files. If you have the time, it'd be great to experiment with the Rust code presented here, and maybe develop your own utilities.

Rust and Text

Rust supports two data types for working with strings: String and str. The String type is for working with mutable strings that belong to you, and it has length and a capacity property. On the other hand, the str type is for working with immutable strings that you want to pass around. You most likely will see an str variable be used as &str. Put simply, an str variable is accessed as a reference to some UTF-8 data. An str variable is usually called a "string slice" or, even simpler, a "slice". Due to its nature, you can't add and remove any data from an existing str variable. Moreover, if you try to call the capacity() function on an &str variable, you'll get an error message similar to the following:

error[E0599]: no method named `capacity` found for type ↪`&str` in the current scope

Generally speaking, you'll want to use an str when you want to pass a string as a function parameter or when you want to have a read-only version of a string, and then use a String variable when you want to have a mutable string that you want to own.

The good thing is that a function that accepts &str parameters can also accept String parameters. (You'll see such an example in the basicOps.rs program presented later in this article.) Additionally, Rust supports the char type, which is for representing single Unicode characters, as well as string literals, which are strings that begin and end with double quotes.

Finally, Rust supports what is called a byte string. You can define a new byte string as follows:

Go to Full Article

by Carlie Fairchild

Tails is a live media Linux distro designed to boot into a highly secure desktop environment. Tor is a browser that prevents somebody watching your internet connection from learning what sites you visit, and it prevents the sites you visit from learning your physical location.

Learn why anonymity matters and how you can protect yourself with this Linux Journal Weekend Reading.

Tor Hidden Services 

Why should clients get all the privacy? Give your servers some privacy too!

Tails above the Rest: the Installation

How to get and validate the Tails distribution and install it. We will follow up with what Tails can and can't do to protect your privacy, and how to use Tails in a way that minimizes your risk. Then we will finish with some more advanced features of Tails, including the use of a persistent volume (with this feature, depending on your needs, you could conceivably use Tails as your main Linux distribution).

Tails above the Rest, Part II

Now that you have Tails installed, let's start using it. Read on to find out how to get started.

Tails above the Rest, Part III

In the first two parts on this series, we gave an overview of Tails, including how to get the distribution securely, and once you have it, how to use some of the basic tools. Here, we cover some of the more advanced features of Tails, such as some of its log-in options, its suite of encryption tools and the persistent disk.

Tor Security for Android and Desktop Linux 

The Tor Project presents an effective countermeasure against hostile and disingenuous carriers and ISPs that, on a properly rooted and capable Android device or Linux system, can force all network traffic through Tor encrypted entry points (guard nodes) with custom rules for iptables. This action renders all device network activity opaque to the upstream carrier—barring exceptional intervention, all efforts to track a user are afterwards futile.

A Bundle of Tor

The best way to set up Tor on your personal machine.

Dolphins in the NSA Dragnet

Go to Full Article

News briefs for March 15, 2019.

The JS Foundation and the Node.js Foundation are merging to form the OpenJS Foundation. ZDNet reports that the Linux Foundation made the announcement this week at the Open Source Leadership Summit in Half Moon Bay, CA. The OpenJS Foundation's mission " is to support the growth of JavaScript and related web technologies by providing a neutral organization to host and sustain projects, and fund development activities. It's made up of 31 open-source JavaScript projects including Appium, Dojo, jQuery, Node.js, and webpack."

GNOME 3.32 Taipei was released this week. This version represents 6 months of work by the GNOME Community and includes many improvements and new features. The visual style has been refreshed with an brand-new set of app icons. It also "introduces an experimental feature for Wayland desktop sessions that enables fractional scaling". And, data structure improvements in the GNOME desktop have caused a " faster, snappier feel to the animations, icons and top 'shell' panel". See the release notes for more details on all the changes and enhancements.

Qt 5.12.2 was released today. This is the second patch release of Qt 5.12 LTS and contains more than 250 bug fixes. See the Change Files for the full list of changes.

Canonical yesterday released a new Linux kernel update for Ubuntu 14.04 LTS (Trusty Tahr) to fix a recently discovered vulnerability. According to Softpedia News, the security issue affects Linux kernel 3.13 and is "race condition (CVE-2019-6133) discovered by Jann Horn of Google Project Zero in Linux kernel's fork() system call, which could allow a local attacker to gain access to services storing cache authorizations and run programs with administrative privileges." Users should update immediately.

The Debian GNU/Linux project has extended the date for nomations for the leader post. One nomination has come in so far, Joerg Jaspert, part of the Debian Account Managers team. ITWire reports that nominations were initially slated to close March 16.

News The Linux Foundation JavaScript OpenJS Foundation GNOME qt Canonical Ubuntu Debian

by Zack Brown

Kernel development is truly impossible to keep track of. The main mailing list alone is vast beyond belief. Then there are all the side lists and IRC channels, not to mention all the corporate mailing lists dedicated to kernel development that never see the light of day. In some ways, kernel development has become fundamentally mysterious.

Once in a while, some lunatic decides to try to reach back into the past and study as much of the corpus of kernel discussion as he or she can find. One such person is Joey Pabalinas, who recently wanted to gather everything together in Maildir format, so he could do searches, calculate statistics, generate pseudo-hacker AI bots and whatnot.

He couldn't find any existing giant corpus, so he tried to create his own by piecing together mail archived on various sites. It turned out to be more than a million separate files, which was too much to host on either GitHub or GitLab. He asked the linux kernel mailing list for suggestions on better hosting opportunities. Although he acknowledged, "It's possible I'm the only weirdo who finds this kind of thing useful, but I figured I should share it just in case I'm not."

Joe Perches suggested plumbing the archives at kernel.org/lore.html, which go back decades. But Joey said he'd tried that, and he found it all but impossible to convert those archives to the Mailbox format he wanted. Instead, he'd spent the previous several weeks scraping the lkml.org archive and scripting his own conversion routines.

Konstantin Ryabitsev remarked:

The maildir format is kind of terrible for LKML, because having millions of messages in a single directory is very hard on the underlying FS. If you break it up into multiple folders, then it becomes difficult to search. This is the main reason why we have chosen to go with the public-inbox format, which solves both of these problems and allows for a very efficient archive updating and replication using git.

Meanwhile, Jasper Spaans raised his eyebrows at Joey's statement that he'd gotten more than a million separate files by scraping lkml.org. Jasper said:

First of all, there are more than 3M messages stored in the lkml.org database, so I guess you've missed some messages or something is really broken. Besides, unless you figured out how to get to the raw data, you've just scraped a rendering which discards stuff like pgp signatures etc and has very incomplete headers. Unless you don't care for those of course.

Go to Full Article

News briefs for March 14, 2019.

Tetrate, a new enterprise-grade service mesh from the creators of gRPC and Istio, launched yesterday. Varun Talwar, CEO of Tetrate and formerly co-creator of Istio at Google, says "Tetrate's mission is to create a secure and flexible application networking layer to help enterprises transition from their decades-old rigid networking stack. Our tools and technologies will help customers with availability and manageability of their applications as they undergo this transformation." In addition, "Tetrate is launching with $12.5 million in funding from Dell Technologies Capital, as well as from participating investors 8VC, Intel Capital, Rain Capital, and Samsung NEXT." It also plans to use the funding to "extend its open-source leadership and further contribute to the open-source community". See this ITOps Times article for more information.

Google Chrome 73 was released this week for Linux, Mac and Windows. Chrome 73.0.3683.75 includes 60 security fixes and many other improvements. You can see the full list of changes in the log.

Godot 3.1 was released yesterday. This new version of the open-source game engine includes the OpenGL ES 2.0 renderer, optional typing in GDScript, a revamped inspector, revamped 2D editor and much more. You can download it from here and view the release trailer here.

Android Q Beta was released yesterday. From the Android Developers Blog: "Building on top of efforts like Google Play Protect and runtime permissions, Android Q brings a number of additional privacy and security features for users, as well as enhancements for foldables, new APIs for connectivity, new media codecs and camera capabilities, NNAPI extensions, Vulkan 1.1 support, faster app startup, and more." Enroll here to get Android Q Beta updates over the air on any Pixel device.

In honor of Pi Day, the folks at RaspberryPi.org are holding a Raspberry Pi 3B+ live stream event on YouTube featuring "hours upon hours of our favourite Pi in all its glorious wonderment". And there's more: at some point today, they’re "going to add a unique hashtag to this live stream, and anyone who uses said hashtag on Instagram and/or Twitter* before midnight tonight (GMT) will be entered into a draw to win a Raspberry Pi Model 3B+ and an official case signed by Eben Upton himself."

News Tetrate Networking Chrome Godot Android Mobile Raspberry Pi

by Joey Bernard

For this article, I want to introduce a piece of software I've actually used recently in my own work. My new day job involves studying the ionosphere using an instrument called an ionosonde. This device is basically a giant radio transmitter that bounces radio waves off the ionosphere to see its structure and composition. Obviously, an important part of this is knowing the radiation pattern of the various transmitters and receivers.

Several methods exist for modeling the electromagnetic fields around conductors, but here I'm covering one called NEC2 (Numerical Electromagnetics Code). It originally was developed in FORTRAN at the Lawrence Livermore National Laboratory in the 1970s. Since then, it's been re-implemented several times in various languages. Specifically, let's look at xnec2c. This package implements NEC2 in C, and it also provides a GTK front end for interacting with the core engine.

xnec2c should be available in most Linux distributions. In Debian-based distributions, you can install it with the command:

sudo apt-get install xnec2c

Once it's installed, you can start it with xnec2c. The default display doesn't show anything until you actually start using it.

Figure 1. Launching xnec2c gives you a pretty boring starting point.

xnec2c's history still affects how it behaves to the present day. This is most clear when you look at the input file's format. The basic structure is based on the idea of a punch card, where each "command" to xnec2c is given by a command card—a definite holdover from its FORTRAN roots. Luckily, the GTK front end to xnec2c provides a reasonably functional way of building up these input files.

Several example files should be available with your installation of xnec2c. In my Ubuntu distribution, they're located in /usr/share/doc/xnec2c/examples. These input files have a filename ending of ".nec". Select one as a starting off point to play with xnec2c, and then go ahead and make the required alterations necessary for your own project.

Figure 2. Loading an input file, you begin with a geometric view of the relevant antenna wires, other conductors and any ground planes.

The central window pane provides a geometric view of the actual antenna structure in three dimensions. You can click and drag the diagram to rotate the view and see it from all angles. There are two larger buttons at the top of the window, named Currents and Charges. Selecting them alternately will show either the distribution of currents or the distribution of charges caused by the driving current.

Go to Full Article

News briefs for March 13, 2019.

Streamlio announces Streamlio Cloud, "its new cloud-native service for fast data". Streamlio Cloud is powered by Apache Pulsar and runs within Amazon Web Services. The press release quotes Streamlio Co-Founder Karthik Ramasamy: "Streamlio's new service makes the unique cloud-native architecture, performance, and flexibility of Apache Pulsar accessible to any organization in just a few clicks and without operational burdens, helping organizations move away from the plodding batch-oriented world to the world of data-driven applications that operate at the speed of data." See the Streamlio Cloud page for more information.

Firefox yesterday announced its new Firefox Send feature. According to the Mozilla Blog post, "Send is a free encrypted file transfer service that allows users to safely and simply share files from any browser. Additionally, Send will also be available as an Android app in beta later this week." You also can decide when the link expires, select the number of downloads and optionally add a password for more security.

The GraphQL Foundation announces collaboration with the Joint Development Foundation (which recently joined the Linux Foundation) to drive open source and open standards. From the press release: "GraphQL Foundation encourages contributions, stewardship, and a shared investment from a broad group in vendor-neutral events, documentation, tools, and support for the data query language. The following companies Apollo, AWS, Butterfly Network, Dgraph Labs, Facebook, Gatsby, GraphZen, Hasura, IBM, Intuit, Neo4j, Novvum, PayPal, Pipefy, Salsify, Solo.io and Thicit are joining as members to advance GraphQL as an industry specification for designing more effective APIs....GraphQL is the first Linux Foundation project to benefit from the JDF and Linux Foundation collaboration, which provides open source projects with a swift path to standardization for open specifications. Developers will have an open GraphQL specification and open source software implementations available for designing conformant APIs."

The Fedora Project is now sponsoring Libravatar, the "free and open source service that anyone can use to host and share an avatar (profile picture) to other websites". The Libravatar blog describes the project as "part of a movement working to give control back to people, away from centralized services and the organizations running them. It addresses a simple problem: putting a face on an email address." The Libravatar project had announced it was shutting down about a year ago, but the Fedora Project worked with the community to keep it alive.

The Linux Foundation yesterday announced CommunityBridge, "a new platform created to empower open source developers—and the individuals and organizations who support them—to advance sustainability, security, and diversity in open source technology". The initial launch is offering CommunityBridge Funding ("enabling developers to transparently raise and spend funding"), CommunityBridge Security ("providing transparency into potential vulnerabilities and fixes") and CommunityBridge People ("enabling easy connections of mentors and prospective mentees interested in getting involved in projects and advancing diversity"). Project maintainers and core developers can apply at communitybridge.org.

News Streamlio Cloud Firefox Security The Linux Foundation GraphQL Fedora Libravatar CommunityBridge

by Hamdy Abou El Anein

Daylight Linux is the only official distribution for the Raspberry Pi to work with the Fluxbox interface. With Fluxbox, Daylight Linux is one of the lightest and fastest distributions for all Raspberry Pi models.

Many programs, games and system tools were developed during a long year of work in Python 3 to create version 3.

Figure 1. The System at Boot

The system works with autologin, but you also can use these login/passwords: "root"/"toor" and "Daylight"/"toor".

Figure 2. The Daylight Linux Menu

Figure 3. The Daylight Linux Desktop with System Information

Figure 4. The Daylight Linux File Manager

A live version also is available for computers. This version aims to provide Debian-based Linux with the lightness of Daylight Linux.

Daylight Linux version 3 runs on all Raspberry Pi models, and it's based on Debian Buster. Visit the official website for more information and to download.

Go to Full Article

News briefs for March 12, 2019.

The Linux Foundation yesterday announced it is forming the CHIPS Alliance project to "host and curate high-quality open source code relevant to the design of silicon devices. CHIPS Alliance will foster a collaborative environment that will enable accelerated creation and deployment of more efficient and flexible chip designs for use in mobile, computing, consumer electronics, and Internet of Things (IoT) applications." According to the press release, Esperanto Technologies, Google, SiFive and Western Digital, are all early backers of the CHIPS Alliance, and all are "committed to both open source hardware and continued momentum behind the free and open RISC-V architecture."

The Dream Machine is a Raspberry Pi-driven vending machine recently launched by FOODBEAST and Nissin. RaspberryPi.org reports that the Dream Machine "retrofit vending machine" is part of a digital viral marketing campaign", and it "dispenses ramen noodles, video games, and swag in exchange for the use of an Instagram hashtag". So far, the Dream Machines have appeared in Torrance, California, and Las Vegas, Nevada.

Purism announces that along with three kill switches, Librem 5 smartphone also will have a new feature called "Lockdown Mode". As far as the kill switches, one is for cameras and microphone, one for WiFi and Bluetooth, and one for cellular baseband. Lockdown Mode goes further and "extends our normal kill switches to provide even more security and privacy". Purism's Chief Security Officer Kyle Rankin writes, "When in Lockdown Mode, in addition to powering off the cameras, microphone, WiFi, Bluetooth and cellular baseband we also cut power to GNSS, IMU, and ambient light and proximity sensors. Lockdown Mode leaves you with a perfectly usable portable computer, just with all tracking sensors and other hardware disabled. If you switch any of the hardware kill switches back on, the hardware that corresponds to that switch powers on along with GNSS, IMU, and ambient light and proximity sensors."

Avidemux 2.7.2 was released yesterday. This version of the video editor includes new demuxers and encoders, as well as the usual bugfixes. See also the UbuntuHandbook post for links to downloads and more install information.

sway 1.0 was released yesterday. This marks the first stable release of sway, and "represents a consistent, flexible, and powerful desktop environment for Linux and FreeBSD". Creator Drew DeVault writes, "Sway 1.0 adds a huge variety of features which were sorely missed on 0.x, improves performance in every respect, offers a more faithful implementation of Wayland, and exists as a positive political force in the Wayland ecosystem pushing for standardization and cooperation among Wayland projects." The GitHub page for sway 1.0 is here.

News The Linux Foundation CHIPS Alliance open hardware IOT Raspberry Pi Purism Librem 5 Phone Security Avidemux multimedia sway desktop environments

by Zack Brown

Matthew Wilcox recently realized there might be a value in depending on C extensions provided by the Plan 9 variant of the C programming language. All it would require is using the -fplan9-extensions command-line argument when compiling the kernel. As Matthew pointed out, Plan 9 extensions have been supported in GCC as of version 4.6, which is the minimum version supported by the kernel. So theoretically, there would be no conflict.

Nick Desaulniers felt that any addition of -f compiler flags to any project always would need careful consideration. Depending on what the extensions are needed for, they could be either helpful or downright dangerous.

In the current case, Matthew wanted to use the Plan 9 extensions to shave precious bytes off of a cyclic memory allocation that needed to store a reference to the "next" value. Using the extensions, Matthew said, he could embed the "next" value without breaking various existing function calls.

Nick also suggested making any such extension dependencies optional, so that other compilers would continue to be able to compile the kernel.

It looked as though there would be some back and forth on the right way to proceed, but Linus Torvalds immediately jumped in to veto the entire concept, saying:

Please don't.

The subset of the plan9 extensions that are called just "ms" extensions is fine. That's a reasonable thing, and is a very natural expansion of the unnamed structures we already have—namely being able to pre-declare that unnamed structure/union.

But the full plan9 extensions are nasty, and makes it much too easy to write "convenient" code that is really hard to read as an outsider because of how the types are silently converted.

And I think what you want is explicitly that silent conversion.

So no. Don't do it. Use a macro or an inline function that makes the conversion explicit so that it's shown when grepping.

The "one extra argument" is not a strong argument for something that simply isn't that common. The upsides of a nonstandard feature like that needs to be pretty compelling.

We've used various gcc extensions since day #1 ("inline" being perhaps the biggest one that took _forever_ to become standard C), but these things need to have very strong arguments.

"One extra argument" that could be hidden by a macro or a helper inline is simply not a strong argument.

Nick was sympathetic to this point, and said:

Go to Full Article