Language Selection

English French German Italian Portuguese Spanish

Linux Journal

Syndicate content
Updated: 2 hours 9 min ago

Password Manager Roundup

Friday 3rd of May 2019 11:00:00 AM
by Shawn Powers

If you can remember all of your passwords, they're not good passwords.

I used to teach people how to create "good" passwords. Those passwords needed to be lengthy, hard to guess and easy to remember. There were lots of tricks to make your passwords better, and for years, that was enough.

That's not enough anymore.

It seems that another data breach happens almost daily, exposing sensitive information for millions of users, which means you need to have separate, secure passwords for each site and service you use. If you use the same password for any two sites, you're making yourself vulnerable if any single database gets compromised.

There's a much bigger conversation to be had regarding the best way to protect data. Is the "password" outdated? Should we have something better by now? Granted, there is two-factor authentication, which is a great way to help increase the security on accounts. But although passwords remain the main method for protecting accounts and data, there needs to be a better way to handle them—that's where password managers come into play.

The Best Password Manager

No, I'm not burying the lede by skipping all the reviews. As Doc Searls, Katherine Druckman and myself discussed in Episode 8 of the Linux Journal Podcast, the best password manager is the one you use. It may seem like a cheesy thing to say, but it's a powerful truth. If it's more complicated to use a password manager than it is to re-use the same set of passwords on multiple sites, many people will just choose the easy way.

Sure, some people are geeky enough to use a password manager at any cost. They understand the value of privacy, understand security, and they take their data very seriously. But for the vast majority of people, the path of least resistance is the way to go. Heck, I'm guilty of that myself in many cases. I have a Keurig coffee machine, not because the coffee is better, but because it's more convenient. If you've ever eaten a Hot Pocket instead of cooking a healthy meal, you can understand the mindset that causes people to make poor password choices. If the goal is having smart passwords, it needs to be easier to use smart passwords than to type "password123" everywhere.

Go to Full Article

Game Review: Guard Duty

Thursday 2nd of May 2019 04:15:00 PM
by Marcel Gagné

Guard Duty from Sick Chicken Studios launches today! You can get it from Steam for $9.99.

It's a thousand years ago in the kingdom of Wrinklewood and you are Tondbert, a dwarf/huma-halfling palace guard. After a night of heavy drinking, most of which you're happy not to remember, not only do you wake up to discover you may have been responsible for getting the princess kidnapped by an evil wizard, but also your clothes and armor are missing, and after you fall from the tower where your tiny bedroom sits, you get stung by a swarm of angry wasps, your face is all swelled up, and nobody can understand the mumbles coming out of your mouth, so you get no respect from anyone—not that you ever did.

Welcome to Guard Duty and oddly enough, that's not where the game starts—a thousand years ago, I mean. It actually starts out in our future, in 2074 to be precise, a mostly unremarkable day except for that whole part about the destruction of the Earth and all.

I've spent several hours now, enjoying the sometimes frustrating new game, Guard Duty, from Sick Chicken Studios. Did I say "frustrating"? Because I meant it, but in a good way. The Sick Chicken people have spent way too many hours watching Monty Python and reading Terry Pratchett novels, and it shows. They also have a thing for golden-age point-and-click games, classic 320x240 resolution pixel art, all combined with comedic and sometimes touching storytelling.

Figure 1. Castle Wrinklewood and the Surrounding Countryside

As I said at the beginning of this review, the story starts, strangely enough, in our future where a demonic monstrosity sets out to bring the end of the world and the destruction of our planet. Like our hero of ancient times, named Tondbert, there's another knight of sorts, embarked on a quest to save what is left of mankind before there's nothing more to save. You get to meet him later, I'm told, though I'm still trying to get my halfling's ghost to stop feeling sorry for himself.

Figure 2. The Future, Right before the World Ends

What makes this particularly interesting is that your actions (or Tondbert's actions) in the past, will have an effect on what happens in the future, when you finally get there. How the threads of centuries wind their way into hero number two's battle is something I have yet to discover, but I'm seriously looking forward to working with him—once I rescue the princess, that is.

Go to Full Article

GNU Guix 1.0.0 Released, Season of Docs Announces 50 Participating Open-Source Organizations, Docker Enterprise 3.0 Beta Now Available, Nvidia and Red Hat Join the Academy Software Foundation and Red Hat Announces New Version of Red Hat Process Automation

Thursday 2nd of May 2019 01:56:41 PM

News briefs for May 2, 2019.

GNU Guix 1.0.0 was released today. This big 1.0 release is the result of seven years of development and contributions by more than 260 people. If you're not familiar with GNU Guix, "GNU Guix is a transactional package manager and an advanced distribution of the GNU system that respects user freedom. Guix can be used on top of any system running the kernel Linux, or it can be used as a standalone operating system distribution for i686, x86_64, ARMv7, and AArch64 machines." This version brings many new features, including a new VM image, a new "first-class, uniform mechanism to configure keyboard layout" and more than 1,100 packages added. From the announcement: "The release comes with ISO-9660 installation images, a virtual machine image, and with tarballs to install the package manager on top of your GNU/Linux distro, either from source or from binaries. Guix users can update by running guix pull."

Season of Docs announces 50 participating open-source organizations. The full list is here. From the Google Open Source blog: "Season of Docs brings together technical writers and open source projects to foster collaboration and improve documentation in the open source space. You can find out more about the program on the introduction page of the website. During the program, technical writers spend a few months working closely with an open source community. They bring their technical writing expertise to the project's documentation and, at the same time, learn about the open source project and new technologies." Technical writer applications open May 29, 2019.

The beta version of Docker Enterprise 3.0 made its debut yesterday at DockerCon. ItPro Today reports that "Being a major point release, the software previewed today arrives with plenty of new features under the hood, such as integration with Docker Desktop, expanded Kubernetes capabilities, and a system for rolling multi-container applications into a single package deployable to any infrastructure." The article notes that "Most of the improvements made to this release of Docker Enterprise are aimed at streamlining the process of building and managing containers to make things easier for DevOps teams. In addition, the company is making it possible for developers with limited command line skills to take full advantage of the platform's capabilities with the integration of Docker Enterprise Desktop."

Nvidia and Red Hat have joined the Academy Software Foundation, "a consortium that aims to help Hollywood with the adoption and development of open source tools". Variety reports that the foundation also has accepted OpenEXR and OpenCue, two open-source projects. OpenEXR was developed by Industrial Light and Magic originally as a "high-dynamic range file format", first used in Harry Potter and the Sorcerer's Stone and Men in Black II. OpenCue is an "open source render manager developed by Google Cloud in partnership with Sony Pictures Imageworks". The Linux Foundation and the Academy of Motion Arts and Sciences founded the Academy Software Foundation last summer.

Red Hat announced the latest release Red Hat Process Automation today at Red Hat Summit. This new release introduces "new capabilities designed to address functional and knowledge gaps between IT developers and business analysts, enabling them to apply domain-specific expertise to the development of applications that automate processes and decisions to more rapidly adapt to a changing business environment". In addition, it "introduces a collaborative environment where individuals can make changes to project assets independently and simultaneously. Using these shared workspaces can lead to a more efficient, iterative and agile development process." The latest updates are available for customers at the Red Hat customer portal.

News GNU Guix Google Season of Docs Docker NVIDIA Red Hat

The Kernel Issue

Wednesday 1st of May 2019 03:00:00 PM
by Bryan Lunduke

How much do you know about your kernel? Like really know?

Considering how critically important the Linux kernel is to the world—and, perhaps just as important, to our own personal computers and gadgets—it's rather amazing how little most people actually know about it.

There might as well be magical hamsters in there, pushing 1s and 0s around with their enchanted hamster gloves of computing power. How do kernels (in a general sense) actually work, anyway? How does one sit down and debug a specific Linux kernel issue? How does a kernel allocate and work with the memory in your computer? Those are questions most of us never need to ask—because Linux works.

Me, personally? Never submitted a single patch to the kernel. Not one.

I mean, sure. I've looked at little snippets of Linux kernel source code—mostly out of idle curiosity or to investigate a topic for a story. And I've compiled the kernel plenty of times to get one hardware driver or feature working. But, even so, my knowledge of the inner-workings of the kernel is mostly limited to "Linux power user" level.

So, it's time for a little kernel boot camp in this issue of Linux Journal to get a bit more up to speed.

Let's start with the basics. What is a kernel, and how, exactly, does a person go about making a brand-new one? Like...from scratch.

Linux Journal Editor at Large Petros Koutoupis previously has walked us through building a complete Linux distribution (starting from the very basics—see Part I and Part II). Now he does the same thing, but this time for building a brand-new kernel.

What tools are needed? What code must be written? Petros provides a step-by-step rundown of kernel building. In the end, you'll have a fully functional kernel (well, functional enough to boot a computer, at any rate) that you can build on further. Plus, you'll have a better understanding of how kernels actually work, which is pretty darn cool.

Moving back to Linux land, Frank Edwards gives a rundown on how the kernel handles memory: how virtual memory works and is structured, how the kernel reports memory usage and information to userland applications and the like. If you've ever wondered how the memory in your system is structured and interacted with by the applications and the kernel, give that a read.

Now that you know the basics of how to build a kernel, and a primer on how memory is used, let's turn to something directly practical for Linux developers and pro users: debugging Linux kernel panics.

Go to Full Article

Creative Commons Search Is Now Out of Beta, Dell Announces Two New Budget-Friendly Mobile Workstations, NS1 Releases Flamethrower, Scalyr Launches PowerQueries and High-Severity Hole Discovered in Oracle WebLogic

Wednesday 1st of May 2019 01:40:04 PM

News briefs for May 1, 2019.

CC Search is now out of beta, with more than 300 million images, "a major redesign, and faster, more relevant search". The Creative Commons blog post notes that "CC Search searches images across 19 collections pulled from open APIs and the Common Crawl dataset, including cultural works from museums (the Metropolitan Museum of Art, Cleveland Museum of Art), graphic designs and art works (Behance, DeviantArt), photos from Flickr, and an initial set of CC0 3D designs from Thingiverse."

Dell yesterday announced two new mobile workstations, the Dell Precision 3540 and 3541. These new laptops "are budget-friendly machines with a smaller footprint and workstation-level performance". The 3540 is available now, with your choice of Ubuntu 18.04 or Windows 10, and it "comes with the essentials including the latest 4-core Intel Core 8th generation processors, up to 32GB of DDR4 memory, AMD Radeon Pro graphics with 2GB of dedicated memory, and 2TB of storage." The Precision 3541 will be available in late May and will "offer additional power, with 9th generation 8-core Intel Core and 6-core Intel Xeon processor options. It'll be available with next generation NVIDIA Quadro professional graphics with 4GB of dedicated memory. Boasting extreme battery life—quite possibly the longest battery life in its class—the system supports on-the-go productivity. As with the Precision 3540, the Precision 3541 comes with Thunderbolt 3 connectivity and optional features to enhance security such as fingerprint and smartcard readers, an IR camera and our first-ever camera shutter."

NS1 recently released Flamethrower, "a lightweight, configurable open source tool for functional testing, benchmarking, and stress testing DNS servers and networks." According to HelpNetSecurity.com, "Flamethrower supports IPv4, IPv6, UDP, TCP, DNS over TLS, as well as experimental support for DNS over QUIC. It has a modular system for generating the queries used in the tests, allowing for rich and realistic test scenarios that can plug into automation pipelines. It simulates multiple concurrent clients and generates actionable metrics, including send and receive counts, timeouts, errors and data on minimum, maximum and average latency." You can get Flamethrower on GitHub.

Scalyr this week announced its first major GA product launch of the year: PowerQueries. From the announcement: "PowerQueries are a new set of data operations within Scalyr that give users the ability to transform and manipulate data on the fly. They let users seamlessly pivot from facet-based search to complex log search operations for complicated data sets, such as grouping, transformations, filtering and sorting, table lookups and joins, enabling them to create sophisticated data processing pipelines." See also Scalyr Founder Steve Newman's blog post for more information.

A "high-severity hole" in Oracle WebLogic was exploited for nine days before being discovered. Ars Technica reports that "Attackers have been actively exploiting a critical zero-day vulnerability in the widely used Oracle WebLogic server to install ransomware, with no clicking or other interaction necessary on the part of end users, researchers from Cisco Talos said on Tuesday." Oracle released an emergency patch. Patch now.

News creative commons Dell Laptops Flamethrower DNS Scalyr Security Oracle

Purism Launches Librem One, a Suite of Privacy-Protecting, No-Track, No-Ad Apps and Services

Tuesday 30th of April 2019 03:00:07 PM
by Bryan Lunduke

Some time back, the folks from Purism sent me a question: "Would you like to record some voice-over for a little commercial we're making?"

"Sure," I say. "Why not?"

They give me a script, show me a rough cut of the footage, and I record a few lines. Easy peasy.

The only problem? The commercial was for something that I think is a really great idea. And, the finished commercial gave me a serious case of the giggles. Yet I couldn't tell anyone about it. I was sworn to secrecy.

For a person who runs his mouth for a living, secrecy isn't always so easy. Keeping my big, dumb mouth shut was downright painful. Painful, I say!

Luckily, I can now, as of today, spill the beans without getting into trouble.

Purism has just launched an online service it has dubbed "Librem One", which is, as Purism calls it, a "suite of apps and services designed to provide users with convenient alternatives to Big Tech products".

There are two components of Librem One that are offered free of cost (or, at least, choose your own price): Chat and Social Media.

The chat component—the aptly named "Librem Chat"—is built on Matrix (which I am also a big fan of) and includes end-to-end encrypted text chat plus audio and video chatting. And, since it's built on Matrix, it has access to all the other users on Matrix out there. Which may not be as big of a user pool as, say, Hangouts or something, but the user base is growing. Quickly.

The Social Media component is built using Activity Pub and Mastodon (a federated, free software social network system).

I want to pause right there a moment, because this is really interesting to me.

That means we now have a social media server that is supported via a subscription model.  Not advertisements. Not data collection. Subscription. Which, in my opinion, is just a much better way to build a social network that respects user data and privacy.

Plus, this solves one of the biggest problems with picking and utilizing a Mastodon server up until this point—that they've mostly been run by hobbyists in their spare time. Thus, servers could go up or down or lose data at any time (which happened to me more than once). A professionally administered Mastodon social-media server supported as part of a subscription online service? Heck yes.

Then there are the services that aren't part of the free (in cost) tier, the ones you'll need to pay to gain access to: Librem Mail (encrypted email), Librem Tunnel (a VPN service), and, according to the Purism folks, they have plans to add a few additional services to Librem One in the future:

Go to Full Article

Fedora 30 Is Here, Raspberry Pi Foundation Announces the Gender Balance in Computing Project, Open ZFS/ZFS On Linux Working on a Code of Conduct, Docker Hub Breach and Help Promote the Coming openSUSE Leap 15.1 Release

Tuesday 30th of April 2019 01:38:50 PM

News briefs for April 30, 2019.

Fedora 30 was released today. TechRepublic reports that this version brings some "quality-of-life improvements", such as the flicker-free boot process. It includes GNOME 3.32 with all new app icons, but it also includes Fedora spins for KDE, XFCE, LXQT, MATE-Compiz, Cinnamon, and LXDE. In addition, "New to Fedora 30 include packages for DeepinDE and Pantheon, the desktop environments used in Deepin Linux, called "the single most beautiful desktop on the market" by TechRepublic's Jack Wallen, as well as elementaryOS, which Wallen lauded as "spectacularly subtle." While these are only packages—requiring simple, though manual, installation—packaging these desktops is the first step to building a full independent spin." Go here to download, and see the full changelog here.

Raspberry Pi Foundation announces a consortium has been awarded £2.4 million for a new research project to investigate how to engage more girls in computing, as part of its work with the National Centre of Computing Education. The project is called Gender Balance in Computing and "is a collaboration between the consortium of the Raspberry Pi Foundation, STEM Learning, BCS, The Chartered Institute for IT, and the Behavioural Insights Team". Here's how it will work: "Gender Balance in Computing will develop and roll out several projects that aim to increase the number of girls choosing to study a computing subject at GCSE and A level. The consortium has already identified some of the possible reasons why a large percentage of girls don't consider computing as the right choice for further study and potential careers. These include: feeling that they don't belong in the subject; not being sufficiently encouraged; and feeling that computing is not relevant to them. We will go on to research and pilot a series of new interventions, with each focusing on addressing a different barrier to girls' participation."

OpenZFS/ZFS On Linux is working on a code of conduct to help encourage new contributors. According to Phoronix, "The OpenZFS Code of Conduct would apply to OpenZFS, ZFS On Linux, ZFS On OSX, and ZFS On Windows projects. They are working on this CoC to ensure 'The OpenZFS community values respectful, welcoming behavior towards everyone. This enables our members to thrive and contribute, and encourages new participants to join our community.'" You can read the draft here.

There was a Docker Hub breach recently that impacted 190,000 accounts. eWeek reports that the breach was first reported on April 26, and was discovered the day before. From Director of Docker Support Kent Lamb's email to Docker Hub users: "During a brief period of unauthorized access to a Docker Hub database, sensitive data from approximately 190,000 accounts may have been exposed (less than 5% of Hub users). Data includes usernames and hashed passwords for a small percentage of these users, as well as GitHub and Bitbucket tokens for Docker autobuilds." Docker recommends that impacted users "change their Docker Hub account passwords, review GitHub activity, and unlink and then relink GitHub access."

You can help promote the openSUSE Leap 15.1 release, which is about 3 weeks away. Go here for a counter, or you can get artwork here.

News Fedora Distributions Raspberry Pi Open ZFS ZFS On Linux Code of Conduct Docker Security openSUSE

A Conversation with Kernel Developers from Intel, Red Hat and SUSE

Tuesday 30th of April 2019 11:30:00 AM
by Bryan Lunduke

Three kernel developers describe what it's really like to work on the kernel, how they interact with developers from other companies, some pet peeves and how to get started.

Like most Linux users, I rarely touch the actual code for the Linux kernel. Sure, I've looked at it. I've even compiled the kernel myself on a handful of occasions—sometimes to try out something new or simply to say I could do it ("Linux From Scratch" is a bit of a right of passage).

But, unless you're one of the Linux kernel developers, odds are you just don't get many opportunities to truly look "under the hood".

Likewise, I think for many Linux users (even the pro users, sysadmins and developers), the wild world of kernel development is a bit of a mystery. Sure, we have the publicly available Linux Kernel Mailing List (LKML.org) that anyone is free to peruse for the latest features, discussions and (sometimes) shenanigans, but that gives only a glimpse at one aspect of being a kernel developer.

And, let's be honest, most of us simply don't have time to sift through the countless pull requests (and resulting discussions of said pull requests) that flood the LKML on a daily basis.

With that in mind, I reached out to three kernel developers—each working at some of the most prominent Linux contributing companies today—to ask them some basic questions that might provide a better idea of what being a Linux kernel developer is truly like: what their days look like and how they work with kernel developers at other companies.

Those three developers (in no particular order):

  • Dave Hansen, Principal Engineer, System Software Products at Intel.
  • Josh Poimboeuf, Principal Software Engineer on Red Hat Enterprise Linux.
  • Jeff Mahoney, Team Lead of Kernel Engineering at SUSE Labs.

Intel, Red Hat and SUSE—three of the top contributors of code to the Linux kernel. If anyone knows what it's like being a kernel developer, it's them.

I asked all three the exact same questions. Their answers are here, completely unmodified.

Bryan Lunduke: How long have you been working with the Linux kernel? What got you into it?

Dave Hansen (Intel): My first experience for the Linux kernel was a tiny little device driver to drive the eight-character display on an IBM PS/2, probably around 20 years ago. I mentioned the project on my college resume, which eventually led to a job with IBM's Linux Technology Center in 2001. IBM is where I started doing the Linux kernel professionally.

Go to Full Article

Episode 18: KidOYO

Monday 29th of April 2019 07:43:05 PM
Your browser does not support the audio element. Reality 2.0 - Episode 18: KidOYO

Doc Searls talks to Zhen, Devon and Melora Lofretto of KidOYO and Doctor Michael Nagler, superintendent of the Mineola Public School system in Mineola  Long Island.

Links Mentioned:

 

Apache Software Foundation Migrates to GitHub, Linux Kernel 5.1-rc7 Is Out, deepin 15.10 Released, Debian 9.9 Update and KaOS 2019.04 Now Available

Monday 29th of April 2019 01:17:57 PM

News briefs for April 29, 2019.

The Apache Software Foundation today announced it has migrated its Git service to GitHub. From the announcement: "As the world's largest Open Source foundation, the ASF's 200M+ lines of code are overseen by an all-volunteer community of 730 individual ASF Members and 7,000 Apache code committers. Over its 20 year history, 1,058,321,099 lines of code have been committed across 3,022,836 code commits." Of the migration, the ASF writes, "GitHub makes it easier for developers to work together, to solve challenging problems, and to create the world's most important technologies. The platform enables teams to host and review code, manage projects, and build software alongside 31M+ developers, 2M+ businesses and organizations, and across 100M+ repositories."

Linux kernel 5.1-rc7 is out. Linus Torvalds writes, "If rc6 was bigger than I wished, it really does seem to have been just due to timing of pull requests. Because rc7 is tiny. Just under half of the patch is various kinds of networking changes: a mix of core networking, network drivers and some netfilter selftests....But it's all pretty tiny. Plus about 30% of the patches are marked for stable, so on the whole it really does feel like 5.1 is on target for a regular release next weekend."

deepin 15.10 was released yesterday. This new version of the distro "devoted to providing beautiful, easy to use, safe and reliable system for global users" includes new features such as "files on desktop auto merge, wallpaper slideshow, separate switches for system sound effects, and supports dragging the tray icon out in fashion mode. In addition, many bugs are fixed and the existing functions are optimized." The announcement also notes that "deepin 15.10 is newly built and released using Debian stable repository, in this way, system stability and security is greatly improved, bringing users more stable and efficient experiences." Go here to download.

Debian 9.9 was released over the weekend. This update mainly adds security fixes; it's not a new version of Debian 9, so it just updates some included packages. To update: "Upgrading an existing installation to this revision can be achieved by pointing the package management system at one of Debian's many HTTP mirrors. A comprehensive list of mirrors is available at https://www.debian.org/mirror/list. As a special case for this point release, those using the apt-get tool to perform the upgrade will need to ensure that the dist-upgrade command is used, in order to update to the latest kernel packages. Users of other tools such as apt and aptitude should use the upgrade command."

KaOS 2019.04 was released yesterday. This version marks the distro's sixth anniversary and includes a "fully updated Midna theme, a new toolchain and Qt 5.12.3". As a rolling distro, it also has the "latest packages for the Plasma Desktop, this includes Frameworks 5.57.0, Plasma 5.14.4 and KDE Applications 19.04.0. All built on Qt 5.12.3." There are many other new features, so see the announcement for details, and go here to download.

News Distributions Apache Software Foundation GitHub kernel Deepin Debian KaOS KDE

Data in a Flash, Part I: the Evolution of Disk Storage and an Introduction to NVMe

Monday 29th of April 2019 11:30:00 AM
by Petros Koutoupis

NVMe drives have paved the way for computing at stellar speeds, but the technology didn't suddenly appear overnight. It was through an evolutionary process that we now rely on the very performant SSD for our primary storage tier.

Solid State Drives (SSDs) have taken the computer industry by storm in recent years. The technology is impressive with its high-speed capabilities. It promises low-latency access to sometimes critical data while increasing overall performance, at least when compared to what is now becoming the legacy Hard Disk Drive (HDD). With each passing year, SSD market shares continue to climb, replacing the HDD in many sectors. The effects of this are seen in personal, mobile and server computing.

IBM first unleashed the HDD into the computing world in 1956. By the 1960s, the HDD became the dominant secondary storage device for general-purpose computers (emphasis on secondary storage device, memory being the first). Capacity and performance were the primary characteristics defining the HDD. In many ways, those characteristics continue to define the technology—although, not in the most positive ways (more details on that shortly).

The first IBM-manufactured hard drive, the 350 RAMAC, was as large as two medium-sized refrigerators with a total capacity of 3.75MB on a stack of 50 disks. Modern HDD technology has produced disk drives with volumes as high as 16TB, specifically with the more recent Shingled Magnetic Recording (SMR) technology coupled with helium—yes, that's the same chemical element abbreviated as He in the periodic table. The sealed helium gas increases the potential speed of the drive while creating less drag and turbulence. Being less dense than air, it also allows more platters to be stacked in the same space used by 2.5" and 3.5" conventional disk drives.

Figure 1. A lineup of Standard HDDs throughout Their History and across All Form Factors (by Paul R. Potts—Provided by Author, CC BY-SA 3.0 us, https://commons.wikimedia.org/w/index.php?curid=4676174)

A disk drive's performance typically is calculated by the time required to move the drive's heads to a specific track or cylinder and the time it takes for the requested sector to move under the head—that is, the latency. Performance is also measured at the rate by which the data is transmitted.

Being a mechanical device, an HDD does not perform nearly as fast as memory. A lot of moving components add to latency times and decrease the overall speed by which you can access data (for both read and write operations).

Go to Full Article

More in Tux Machines

Events: LibreOffice Conference 2020, MariaDB's Thomas Boyd and Upcoming Linux Foundation’s Open Source Summit

  • LibreOffice Conference 2020 Proposals

    The Document Foundation has received two different proposals for the organization of LibOCon 2020 from the Turkish and German communities. When this has happened in the past, in 2012 (Berlin vs Zaragoza) and 2013 (Milan vs Montreal), TDF Members have been asked to decide by casting their vote. This document provides an outline of the two proposals, which are attached in their original format.

  • Thomas Boyd Discusses Which Open Source Database is the Best Fit for the Business

    The world's largest and most innovative businesses are turning to enterprise open source databases for mission-critical applications, with the most popular open source relational databases being MariaDB, MySQL, and Postgres. However, while all three of these databases are open source, mature, and available in enterprise editions, there are significant differences between them — both in terms of application development as well as database administration and operations. DBTA recently held a webinar featuring Thomas Boyd, director of technical marketing, MariaDB Corporation, who discussed the differences between MariaDB, MySQL, and Postgres. [...] EnterpriseDB is heap only while MySQL and MariaDB offer InnoDB, Columnar, Aria, MyRocks, and more.

  • Open Source Summit welcomes Platform9 experts

    Cloud-native experts share tips and practical learnings for Kubernetes in the enterprise, Kubernetes on bare metal or with stateful MySQL databases, and optimizing the cost and performance of Serverless applications.

  • Transform Your Career: Attend Open Source Summit North America this August in San Diego

    For the last decade, The Linux Foundation’s Open Source Summit has proven to be invaluable for attendees.  A 2018 participant recently wrote an article on OpenSource.com stating “Last August, I arrived at the Vancouver Convention Centre to give a lightning talk and speak on a panel at Open Source Summit North America 2018. It’s no exaggeration to say that this conference—and applying to speak at it—transformed my career.” We encourage you to read the article and discover why attending Open Source Summit can be a game changer for you as well.

OSS Leftovers

  • Intervalometerator: Open Source Code for a Remote Timelapse DSLR

    Want to set up a remote DSLR for shooting a time-lapse? The Intervalometerator (AKA ‘intvlm8r’) is an open-source intervalometer that can help you do so at minimal hardware cost (as long as you’re comfortable tinkering with hardware and software). Created by Sydney-based coder Greig Sheridan and his photographer partner Rocky over the course of a year, the Intervalometerator is designed to be both cheap and easy to build with familiar tools and using Raspberry Pi and Arduino microcontrollers. “My partner and I have been working for over twelve months now on an intervalometer in order to shoot a DSLR-based time-lapse of the construction of our friends’ home in NZ,” Sheridan tells PetaPixel. “It was at the time a seemingly clever idea for a house-warming present, but it grew like tribbles to consume an incredible amount of effort).

  • Open Source Tools & Framework: Microservices Perspective
  • Open Source flexiWAN SD-WAN Software Beta Ships
  • Agile and open source can complement each other

    Despite the growing popularity of both Agile development and open-source practices, it’s not often that they come up in the same conversation. When these two concepts do intersect, it’s often to highlight the contradicting viewpoints that these two models supposedly represent. While there are core differences, Agile doesn’t have to be the enemy of open source—in fact, I would argue the opposite.

  • SD Times Open-Source Project of the Week: Twilio CLI

    In an effort to help its developers be more productive, Twilio has announced the beta version of Twilio CLI. It is an open-source command line interface that enables developers to access Twilio through their command prompt. “It’s hard to beat the flexibility and power that a CLI provides at development time. Until now, there was no CLI designed for typical communications requirements,” Ashley Roach, the product manager for developer interfaces at Twilio, wrote in a post.

  • Using open source in your enterprise? What to look out for

    According to Statista, the open source market was valued at $11.4 billion in 2017 and is estimated to grow to $32.95 billion by 2022, showing it has no intention of slowing down anytime soon. Founded on the belief that collaboration and cooperation build better software, open source sounds closer to a utopian dream than to the cold digital world of programming. Research showed that open source code takes over proprietary one in applications at 57%. This has numerous benefits, such as speeding up the software development process or creating more effective and innovative software. For example, open source frontend development frameworks, such as Angular, are often found in custom web apps, which allows companies to get their products to market at ever-increasing rates. In addition, companies tend to engage open source when at the cusp of technological innovation, especially when it comes to AR, blockchain, IoT, and AI.

  • Open Source Technology: What's It All About?

    To understand how open source works, it is important to appreciate where it all began. The very idea behind its inception isn’t exactly a new one. It’s been adopted by scientists for decades. Let’s imagine a scientist working on a project to develop a cure for an illness. If this scientist only published the results and kept the methods a secret, this would undoubtedly inhibit scientific discovery and further research in this area. On the other hand, teaming up with other researchers and making results and methodologies visible allows for greater and faster innovation. This is the premise from which open source was originally born. Open source refers to software that has an open source code so it can be viewed, modified for a particular need, and importantly, shared (under license). One of the first well known open source initiatives was developed in 1998 by Netscape, which released its Navigator browser as free software and demonstrated the benefits of taking an open source approach. Since then, there have been a number of pivotal moments in open source history that have shaped the technology industry as we know it today. Nowadays, some of the latest technology you use on a daily basis, like your smartphone or laptop, will have been built using open source software. [...] Recent research found that 60 percent of organizations are already using open source software. Many businesses are realizing the benefits that the technology can bring in relation to driving innovation and reducing costs. This in turn is seeing a growing number of organizations integrate open source into their IT operations or even building entire businesses around it. With emerging technologies such as cloud, AI and machine learning only driving this adoption further, open source will continue to play a central and growing role throughout the technology landscape.

  • How to Take Your Open Source Project from Good to Great

    Whether or not you expect anyone to contribute to your project, you should be prepared for the possibility of others wanting to help your cause. And when that happens, your contributing guide will show those helpers exactly how they can get involved. This guide, usually in the form of a CONTRIBUTING.md file, should include information on how one should submit a pull request or open an issue for your project and what kinds of help you’re looking for (bug fixes, design direction, feature requests, etc.).

  • ForgeRock Delivers Open Source IoT Edge Controller for Device Identity

    According to a recent announcement, ForgeRock, a platform provider of digital identity management solutions, has launched its IoT Edge Controller, which is designed to provide consumer and industrial manufacturers the ability to deliver trusted identity at the device level.

  • Browser Settings Too Complex? Let Firefox Handle That for You

    Firefox SVP David Camp doesn't want internet users wasting time 'understanding how the internet is watching you.'

  • Exclusive: Automattic CEO Matt Mullenweg on what’s next for Tumblr

    It’s been a long and winding road for Tumblr, the blogging site that launched a thousand writing careers. It sold to Yahoo for $1.1 billion in 2013, then withered as Yahoo sold itself to AOL, AOL sold itself to Verizon, and Verizon realized it was a phone company after all. Through all that, the site’s fierce community hung on: it’s still Taylor Swift’s go-to social media platform, and fandoms of all kinds have homes there. Verizon sold Tumblr for a reported $3 million this week, a far cry from the billion-dollar valuation it once had. But to Verizon’s credit, it chose to sell Tumblr to Automattic, the company behind WordPress, the publishing platform that runs some 34 percent of the world’s websites. Automattic CEO Matt Mullenweg thinks the future of Tumblr is bright. He wants the platform to bring back the best of old-school blogging, reinvented for mobile and connected to Tumblr’s still-vibrant community, and he’s retaining all 200 Tumblr employees to build that future. It’s the most exciting vision for Tumblr in years. Matt joined Verge reporter Julia Alexander and me on a special Vergecast interview episode to chat about the deal, how it came together, what Automattic’s plans for Tumblr look like, and whether Tumblr might become an open-source project, like WordPress itself. (“That would be pretty cool,” said Matt.) Oh, and that porn ban.

Apache: Self Assessment and Security

  • The Apache® Software Foundation Announces Annual Report for 2019 Fiscal Year

    The Apache® Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today the availability of the annual report for its 2019 fiscal year, which ended 30 April 2019.

  • Open Source at the ASF: A Year in Numbers

    332 active projects, 71 million lines of code changed, 7,000+ committers… The Apache Software Foundation has published its annual report for fiscal 2019. The hub of a sprawling, influential open source community, the ASF remains in rude good health, despite challenges this year including the need for “an outsized amount of effort” dealing with trademark infringements, and “some in the tech industry trying to exploit the goodwill earned by the larger Open Source community.” [...] The ASF names 10 “platinum” sponsors: AWS, Cloudera, Comcast, Facebook, Google, LeaseWeb, Microsoft, the Pineapple Fund, Tencent Cloud, and Verizon Media

  • Apache Software Foundation Is Worth $20 Billion

    Yes, Apache is worth $20 billion by its own valuation of the software it offers for free. But what price can you realistically put on open source code? If you only know the name Apache in connection with the web server then you are missing out on some interesting software. The Apache Software Foundation ASF, grew out of the Apache HTTP Server project in 1999 with the aim of furthering open source software. It provides a licence, the Apache licence, a decentralized governance and requires projects to be licensed to the ASF so that it can protect the intellectual property rights.

  • Apache Security Advisories Red Flag Wrong Versions in Patching Gaffe

    Researchers have pinpointed errors in two dozen Apache Struts security advisories, which warn users of vulnerabilities in the popular open-source web app development framework. They say that the security advisories listed incorrect versions impacted by the vulnerabilities. The concern from this research is that security administrators in companies using the actual impacted versions would incorrectly think that their versions weren’t affected – and would thus refrain from applying patches, said researchers with Synopsys who made the discovery, Thursday. “The real question here from this research is whether there remain unpatched versions of the newly disclosed versions in production scenarios,” Tim Mackey, principal security strategist for the Cybersecurity Research Center at Synopsys, told Threatpost. “In all cases, the Struts community had already issued patches for the vulnerabilities so the patches exist, it’s just a question of applying them.”

Google and Android Code

  • Google releases source code for I/O 2019 app with Android Q gesture nav, dark theme

    The Google I/O companion app for Android often takes advantage of the latest design stylings and OS features. It demoed Android Q’s gesture navigation and dark theme this year, with the company today releasing the I/O 2019 source code.

  • Introducing Coil, an open-source Android image loading library backed by Kotlin Coroutines

    Yesterday, Colin White, a Senior Android Engineer at Instacart, introduced Coroutine Image Loader (Coil). It is a fast, lightweight, and modern image loading library for Android backed by Kotlin.

  • Google open-sources Live Transcribe’s speech engine

    Google today open-sourced the speech engine that powers its Android speech recognition transcription tool Live Transcribe. The company hopes doing so will let any developer deliver captions for long-form conversations. The source code is available now on GitHub. Google released Live Transcribe in February. The tool uses machine learning algorithms to turn audio into real-time captions. Unlike Android’s upcoming Live Caption feature, Live Transcribe is a full-screen experience, uses your smartphone’s microphone (or an external microphone), and relies on the Google Cloud Speech API. Live Transcribe can caption real-time spoken words in over 70 languages and dialects. You can also type back into it — Live Transcribe is really a communication tool. The other main difference: Live Transcribe is available on 1.8 billion Android devices. (When Live Caption arrives later this year, it will only work on select Android Q devices.)