Language Selection

English French German Italian Portuguese Spanish

October 2019

Next Pinebook Pro Pre-Order Window Opens Early November

Filed under
Linux

Linux laptop and general ARM computing enthusiasts alike will be able to pre-order the Pinebook Pro for $199 (excluding shipping costs) from November 6 direct from the Pine64 website.

But if you plan on being among them you’ll want to act fast as the first batch of Pinebook Pros sold out crazily fast — so fast that by the time I hit publish on an article about it, they were all gone!

Read more

GIMP 2.10.14 Released

Filed under
GNU
Software

This is basically the first shot at the previously missing feature set, so expect more to land to GIMP at some point in the future. Making selection tools work outside the canvas sounds like a sensible next stop. Then maybe we can seriously talk about boundless canvas.

This new feature is closely related to out-of-canvas viewing and editing and was also contributed by Ell.

Now when you e.g. rotate a single-layer image, you can use this transform type to automatically expand the canvas to include all of rotated pixels when using the default Adjust clipping mode. The switch is right next to layer/path/selection toggle at the top of any transform tool’s settings.

Read more

Also: GIMP 2.10.14 Released With Better HEIF Support, More Filters Ported To Using GEGL

i.MX8M and i.MX8M Mini SMARC modules debut with 3.5-inch carrier

Filed under
Linux

Ibase’s rugged “RM-N8M” SMARC module runs Linux on an i.MX8M with 3GB soldered LPDDR4 and up to 64GB eMMC. There’s also an upcoming “RM-N8MMI” SMARC that taps the i.MX8M Mini and a new 3.5-inch “RP-103-SMC” carrier.

Ibase announced an RM-N8M Series SMARC 2.0 form-factor module equipped with an NXP i.MX8M SoC. While poking around the Ibase website to see if the company had launched any previous SMARC modules, we found that indeed there is an i.MX6-based RM-F6 SMARC 1.0 module. We also saw a “preliminary” RM-N8MMI Series SMARC 2.0 module with an i.MX8M Mini that we cover farther below.

Read more

Native GTK Dialogs in LibreOffice

Filed under
LibO

The LibreOffice UI was traditionally implemented with its own VCL toolkit which via theming emulated the host desktop toolkit.

Then we migrated the file format the dialogs were described in to the GtkBuilder file format. But still implemented with VCL widgetry, though with additional GTK-alike layout widgets.

Then migrated the translation format to gettext .mo files, which added plural form translation support we had lacked.

Then incrementally migrated the code driving the dialogs to a new API with two implementations, one for VCL widgetry and one for GTK.

Over the last few major releases the GTK version of LibreOffice has increasingly had true GTK dialogs and less VCL dialogs and in master, as of this week, there are now no direct uses of the VCL dialog APIs.

Read more

today's leftovers

Filed under
Misc
  • Rugged embedded trio run Linux on Whiskey Lake

    Vecow launched two compact, rugged embedded PCs with Intel's 8th Gen Whiskey Lake-UE. The Linux-ready SPC-5000 and -5100 offer 4x 10Gbps USB 3.1 Gen2 ports and SUMIT expansion with optional 10GbE modules, and the RES-3000 features IP67-protected M12 ports.

    Vecow announced a fanless, rugged SPC-5000 computer and almost identical, but wider-temp SPC-5100, equipped with Intel's 8th Gen Whiskey Lake-UE CPU. Both embedded computers target machine vision, in-vehicle computing, factory automation, ITS, intelligent control, and AIoT/Industry 4.0 applications.

    The SPC-5000/5100 systems appear to be based on Vecow's recently launched, 3.5-inch EMBC-3000 SBC. The EMBC-3000 also powers a larger, more feature-rich SPC-5200 computer that was announced at the same time in early September.

  • GStreamer & automated testing in Lyon

    Following three days at Embedded Linux Conference Europe, Collaborans are continuing their stay in the capital of France’s Auvergne-Rhône-Alpes region to take part the annual GStreamer Conference, as well as the Automated Testing Summit.

    Our entire multimedia team will be attending the GStreamer Conference, which takes place at L'Embarcadère on October 31 & November 1. They'll be presenting no less than a dozen times during the conference, on topics including RTP jitter buffer timers, network streaming protocols and PipeWire in the automotive industry. Read below for details & links to each of their talks.

    Back at the Palais des congrès de Lyon where ELCE took place, Gustavo Padovan, Linux Core Technologies Lead, will be taking part in the Automated Testing Summit on October 31. KernelCI will undoubtedly be a hot topic and heavily discussed as it became a Linux Foundation project just a few days ago.

  • Top opensource Android apps

    Since my transition to Linux I have acquired a culture of open source software, a culture that is expanding with every day I spend in Linux. 

    Especially after having seen the importance of open source applications in fighting the monopoly of Big softwares companies such as Microsoft, Apple, Adobe ...

    It has expanded to include even the way I use my smartphone, where I have become inclined to use open source applications, because of my love for open source on the one hand, and on the other hand because of the thirst of commercial software to spy on my personal information as well as the aggressive bad ads that hinder the good use of softwares. 

  • GraphQL a cut above the REST, say query lang's fans: Airbnb, Knotel, others embrace the tech

    At the GraphQL Summit in San Francisco on Wednesday, Matt DeBergalis, co-founder and CTO at data plumbing biz Apollo GraphQL, urged companies to appoint a data graph champion to help ease the implementation of GraphQL, a query language for fetching data.

    It's not yet a given that organizations want to implement GraphQL. But at a gathering arranged by Apollo, which makes the de facto standard open-source client and the commercial Apollo GraphQL Platform, there's a certain incentive to imagine GraphQL everywhere.

    It's already halfway there, at least among the 472 companies attending the show – about 52 per cent of organizations represented are already using the technology in production. Some of the more recognizable names include Airbnb, Audi, Expedia, The New York Times, Medium, PayPal, and Priceline.

  • After Server Breach, NordVPN Has Strengthened Security Measures

    What do you do when you find out the company you were entrusting with your privacy was hacked? Panic? There may have been a lot of that going on when NordVPN admitted to a security breach of their server.

    The good news is that NordVPN is on top of it, and it has already strengthened security measures. But will they be able to trust NordVPN again?

  • Shadow tree encapsulation theory

    Types 3 through 5 do not have any kind of support and type 4 and 5 encapsulation would be hard to pull off due to Spectre. User agents typically use a weaker variant of type 4 for their internal controls, such as the video and input elements, that does not protect confidentiality.

    [...]

    Type 2 encapsulation gives component developers control over what remains encapsulated and what is exposed. You need to take all your users into account and expose the best possible public API for them. At the same time, it protects you from folks taking a dependency on the guts of the component. Aspects you might want to refactor or add functionality to over time. This is much harder with type 1 encapsulation as there will be APIs that can reach into the details of your component and if users do so you cannot refactor it without updating all the callers.

Programming: Python, Bash and More

Filed under
Development
  • Python 3.8 Adds Walrus Operator, Improves Developer Experience

    The new release of the popular programming language includes capabilities to help developers produce better code, but it might take a while for enterprise adoption.

  • 4 Python tools for getting started with astronomy

    NumFOCUS is a nonprofit charity that supports amazing open source toolkits for scientific computing and data science. As part of the effort to connect Opensource.com readers with the NumFOCUS community, we are republishing some of the most popular articles from our blog. To learn more about our mission and programs, please visit numfocus.org. If you're interested in participating in the NumFOCUS community in person, check out a local PyData event happening near you.

  • Bash completion in Zato commands

    This is a quick tip on how to quickly and easily enable Bash completion for Zato commands - each time you press Tab when typing a Zato command, its arguments and parameters will be auto-completed.

  • Configurama - Building SaaS #36

    In this episode, we turned our attention to handling settings and configuration. We discussed different techniques for handling settings, looked at available tools, and started integrating one of the tools into the project.

    The initial discussion in the stream focused on different ways of doing settings. I talked about what I view as a difference between configuration (mostly static stuff) and settings (dynamic parts of the app).

    I also discussed where to get settings from. We talked about the 12 Factor App style with environment variables, and secret management tools like HashiCorp Vault and AWS KMS. Ironically, I blanked out on AWS Secrets Manager as an option. Additionally, we considered the alternative of reading settings from a file instead of environment variables and the security implications of environment variables.

  • Site.js: now with auto server reload on source code changes

    Sorry, your browser doesn't support embedded videos. But that doesn’t mean you can’t watch it! You can download this video directly, and watch it with your favourite video player.

Red Hat: Kubernetes, RHEL Impact and Halloween Release

Filed under
Red Hat
  • Why you don't have to be afraid of Kubernetes

    It was fun to work at a large web property in the late 1990s and early 2000s. My experience takes me back to American Greetings Interactive, where on Valentine's Day, we had one of the top 10 sites on the internet (measured by web traffic). We delivered e-cards for AmericanGreetings.com, BlueMountain.com, and others, as well as providing e-cards for partners like MSN and AOL. Veterans of the organization fondly remember epic stories of doing great battle with other e-card sites like Hallmark. As an aside, I also ran large web properties for Holly Hobbie, Care Bears, and Strawberry Shortcake.

    I remember like it was yesterday the first time we had a real problem. Normally, we had about 200Mbps of traffic coming in our front doors (routers, firewalls, and load balancers). But, suddenly, out of nowhere, the Multi Router Traffic Grapher (MRTG) graphs spiked to 2Gbps in a few minutes. I was running around, scrambling like crazy. I understood our entire technology stack, from the routers, switches, firewalls, and load balancers, to the Linux/Apache web servers, to our Python stack (a meta version of FastCGI), and the Network File System (NFS) servers. I knew where all of the config files were, I had access to all of the admin interfaces, and I was a seasoned, battle-hardened sysadmin with years of experience troubleshooting complex problems.

    But, I couldn't figure out what was happening...

    Five minutes feels like an eternity when you are frantically typing commands across a thousand Linux servers. I knew the site was going to go down any second because it's fairly easy to overwhelm a thousand-node cluster when it's divided up and compartmentalized into smaller clusters.

  • The economic impact of Red Hat Enterprise Linux: How IT professionals benefit

    It’s not overstated to say that the IT landscape completely changed with the introduction of Red Hat Enterprise Linux, more than a decade and a half ago. For 2019, IDC estimated a global business revenue of $188 trillion. Of this, they estimate that at least 40% is touched by software, leaving the IT footprint to be an estimated $81 trillion. Yes, you read that right, $81 trillion. As all of this software forming the global business IT footprint has to run on an operating system, IDC estimates that over 50% is running on Linux, with Red Hat Enterprise Linux accounting for 25% of that.

    That’s a lot of big numbers but what does it all mean? It means that Red Hat Enterprise Linux has changed the experience of many IT professionals around the globe. In a software-centric world, ongoing we have seen higher demand in support and IT services which in turn further helps fuel the global IT ecosystem.

    When IDC asked IT organizations how Red Hat Enterprise Linux benefitted them, they discovered a 12% savings in IT staff productivity. This means that IT professionals spend less time managing servers, doing routine IT tasks, resolving support calls, deploying new business apps and upgrading mission-critical apps. But that’s not all.

  • The spooktacular tale of Red Hat's Halloween release

    In many stories and myths, naming is important. Knowing the proper name of something gives you power over it. Likewise, naming has been important for Red Hat Linux over the years.

    The Halloween release was actually a paid beta and not a 1.0. The Halloween release was dubbed Red Hat Software Linux 0.9, and started a tradition of having a codename for the release that lasted through the final Red Hat Linux release (9.0.93, "Severn"), and carried over to Fedora for many years.

    The tradition was to have a name for a release that was somewhat related to the previous release name. For example, the 1.0 release was "Mother's Day," and "Rembrandt" followed "Picasso," and "Colgate" followed it. (For the record, the best release name was a Fedora release, dubbed "Zod." Allowing many fun headlines playing off the Superman II villain.)

Linspire 8.5 Linux Operating System Released, Based on Ubuntu 18.04.3 LTS

Filed under
Linux
Ubuntu

Linspire 8.5 "Swordfish 2" is a major release compared to the previous versions, bringing numerous updated components and various new features for a full-fledged Linux desktop experience. Just like its little brother Freespire 5.0, Linspire 8.5 is based on Ubuntu 18.04.3 LTS (Bionic Beaver) and uses the Linux 5.0 kernel.

Similar to Freespire 5.0, the goal for Linspire 8.5 was to address the bloatware complaints from the community and make the distribution slimmer by including only the "best of breed" applications. Of course, this means that, if users want to replace the default apps or install more, they can use the software center utility.

Read more

Direct: Linspire 8.5 Released

More in Tux Machines

Security: Windows, Microsoft Malware, GPS Bug, and Some Exaggeration/FUD

  • Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs - blackMORE Ops

    The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are engaged in addressing a spearphishing campaign targeting government organizations, intergovernmental organizations (IGOs), and non-governmental organizations (NGOs). A sophisticated cyber threat actor leveraged a compromised end-user account from Constant Contact, a legitimate email marketing software company, to spoof a U.S.-based government organization and distribute links to malicious URLs.[1] CISA and FBI have not determined that any individual accounts have been specifically targeted by this campaign.

  • Malicious NPM Packages Caught Running Cryptominer On Windows, Linux, macOS Devices [Ed: Lousy anti-journalist sites try to blame the victims for having received malware from Microsoft itself]

    Three JavaScript libraries uploaded to the official NPM package repository have been unmasked as crypto-mining malware, once again demonstrating how open-source software package repositories are becoming a lucrative target for executing an array of attacks on Windows, macOS, and Linux systems.

  • GPS Daemon (GPSD) Rollover Bug

    Critical Infrastructure (CI) owners and operators, and other users who obtain Coordinated Universal Time (UTC) from Global Positioning System (GPS) devices, should be aware of a GPS Daemon (GPSD) bug in GPSD versions 3.20 (released December 31, 2019) through 3.22 (released January 8, 2021).

  • New Linux kernel memory corruption bug causes full system compromise [Ed: This is "local privilege escalation", i.e. vastly less severe than all those back doors in Windows, but so-called 'security' firms aren't meant to talk about state-mandated holes]

    Researchers dubbed it a “straightforward Linux kernel locking bug” that they exploited against Debian Buster’s 4.19.0.13-amd64 kernel.

today's howtos

  • Inspect the capabilities of ELF binaries with this open source tool

    Capa is an open source project from Mandiant (a cybersecurity company). In the project's own words, capa detects capabilities in executable files. Although the primary target of Capa is unknown and possibly malicious executables, the examples in this article run Capa on day-to-day Linux utilities to see how the tool works. Given that most malware is Windows-based, earlier Capa versions only supported the PE file format, a dominant Windows executable format. However, starting with v3.0.0, support for ELF files has been added (thanks to Intezer).

  • What you need to know about Kubernetes NetworkPolicy | Opensource.com

    With a growing number of cloud-native applications going to production through Kubernetes adoption, security is an important checkpoint that you must consider early in the process. When designing a cloud-native application, it is very important to embed a security strategy up front. Failure to do so leads to lingering security issues that can cause project delays and ultimately cost you unnecessary stress and money. For years, people left security at the end—until their deployment was about to go into production. That practice causes delays on deliverables because each organization has security standards to adhere to, which are either bypassed or not followed with a lot of accepted risks to make the deliverables. Understanding Kubernetes NetworkPolicy can be daunting for people just starting to learn the ins and outs of Kubernetes implementation. But this is one of the fundamental requirements that you must learn before deploying an application to your Kubernetes cluster. When learning Kubernetes and cloud-native application patterns, make your slogan "Don't leave security behind!"

  • 3 tips for printing with Linux

    I have a confession to make. This may be an unpopular opinion. I actually enjoy reading documents on a piece of paper as opposed to digitally. When I want to try a new recipe, I print it out to follow it so I don't have to continually swipe my mobile device to keep up with the steps. I store all my favorite recipes in sheet protectors in a binder. I also like to print out coloring pages or activity sheets for my kids. There are a ton of options online or we create our own! Though I have a fond appreciation for printed documents, I have also had my fair share of printing nightmares. Paper jams, low ink, printer not found, the list of frustrating errors goes on and on. Thankfully, it is possible to print frustration-free on Linux. Below are three tutorials you need to get started printing on Linux. The first article walks through how to connect your printer to your Linux computer. Then, learn how to print from anywhere in your house using your home network. The last article teaches you how to print from your Linux terminal so you can live out all your productivity dreams. If you are in the market for a new printer, check out this article about choosing a printer for Linux.

  • 3 basic Linux user management commands every sysadmin should know [Ed: But those have nothing to do with Linux… they’re part of shadow-utils.]

    I like logical commands; commands that are simple, straightforward, and just make sense. When I delivered Linux sysadmin training, I found Linux user management commands to be easy to explain.

  • Strange Apache Reload Issue « etbe - Russell Coker

    I recently had to renew the SSL certificate for my web server, nothing exciting about that but Certbot created a new directory for the key because I had removed some domains (moved to a different web server). This normally isn’t a big deal, change the Apache configuration to the new file names and run the “reload” command. My monitoring system initially said that the SSL certificate wasn’t going to expire in the near future so it looked fine. Then an hour later my monitoring system told me that the certificate was about to expire, apparently the old certificate came back! I viewed my site with my web browser and the new certificate was being used, it seemed strange. Then I did more tests with gnutls-cli which revealed that exactly half the connections got the new certificate and half got the old one. Because my web server isn’t doing anything particularly demanding the mpm_event configuration only starts 2 servers, and even that may be excessive for what it does. So it seems that the Apache reload command had reloaded the configuration on one mpm_event server but not the other!

  • Featured Unixcop Oracle Data Integrator (ODI) on CentOS 8 Oracle Data Integrator (ODI) on CentOS 8

    Data Integration ensures that information is timely, accurate, and consistent across complex systems. Although it is still frequently referred as Extract-Transform-Load (ETL), data integration was initially considered as the architecture used for loading Enterprise Data Warehouse systems. Data integration now includes data movement, data synchronization, data quality, data management, and data services. Oracle Data Integrator s built on several components all working together around a centralized metadata repository. Also these components – graphical modules, runtime agents and web based interfaces – in conjunction with other advanced features make ODI a lightweight, state of the art data integration platform. With its superior performance and flexible architecture, Oracle Data Integrator can_be used in various types of projects such as Data Warehousing, SOA, Business Intelligence or Application Integration.

  • Oracle Weblogic 14c on CentOS 8 - Unixcop

    Modern business environment demands Web and e-commerce applications that accelerate your entry into new markets like a boom ! help you find new ways to reach and retain customers, and allow you to introduce new products and services quickly. To build and deploy these new solutions, you need a proven, reliable e-commerce platform that can connect and empower all types of users while integrating your corporate data. Oracle WebLogic Server is a unified and extensible platform for developing, deploying and running enterprise applications, such as Java, for on-premises and in the cloud. Hi Guys ! Today, we will discuss about Oracle WebLogic server. We have got through some intro & now will have a glimpse of some architectural overview of this Oracle Middle ware product, Then we will go the how to’s. Don’t get bored till then ! WebLogic Server operates in the middle tier of a multi tier (or n-tier) architecture. A multi tier architecture determines where the software components that make up a computing system are executed in relation to each other and to the hardware, network, and users. Choosing the best location for each software component lets you develop applications faster; eases deployment and administration; and provides greater control over performance, utilization, security, scalability, and reliability.

  • Store Passwords Securely with Hashicorp Vault on Ubuntu 20.04 – VITUX

    It is always not possible to remember all the secret keys, passphrases, and tokens. Sometimes managing and maintaining secrets might be challenging tasks. We may need to store such secrets somewhere which we can use when needed. Hashicorp Vault is a solution that can be used to store secrets. It protects all the secrets stored on it and keeps secured. In this article, we will learn how to install Hashicorp vault on ubuntu 20.04.

Open Hardware/Modding: New Hardware Based on RISC-V and Arduino Projects

  • M5Stamp C3 RISC-V board supports WiFI 4, Bluetooth 5.0 Long Range and 2 Mbps bitrate - CNX Software

    It was only last month that M5Stack launched the M5Stamp Pico module based on an ESP32-PICO-D4 SiP and heat-resistant plastic shell, but M5Stamp C3 board is already out with most of the same specifications and features but an ESP32-C3 RISC-V SoC replaces the ESP32 dual-core Xtensa processor. M5Stamp C3 offers WiFi 4 and Bluetooth 5.0 with high bitrate and long-range connectivity and comes with the same heat-resistant plastic shell, but the company also highlights the RSA-3072-based secure boot and the AES-128-XTS-based flash encryption as a more secure way to address Bluetooth security concerns.

  • Alibaba open sources four RISC-V cores: XuanTie E902, E906, C906 and C910 - CNX Software

    Alibaba introduces a range of RISC-V processors in the last few years with the Xuantie family ranging from the E902 micro-controller class core to the C910 core for servers in data centers. This also includes the XuanTie C906 core found in the Allwinner D1 single-core RISC-V processor. While RISC-V is an open standard and there’s a fair share of open-source RISC-V cores available, many commercial RISC-V cores are closed source, but Zhang Jianfeng, President of Alibaba Cloud Intelligence speaking at the 2021 Apsara Conference, announced that T-Head had open-sourced four RISC-V-based Xuantie series processor cores, namely Xuantie E902, E906, C906, and C910, as well as related software and tools.

  • SiFive Has A New RISC-V Core To Improve Performance By 50%, Outperform Cortex-A78 - Phoronix

    SiFive just shared word that at today's Linley Conference they teased their Performance P550 successor that will "set a new standard for the highest efficiency RISC-V processor available."

  • This tinyML device counts your squats while you focus on your form | Arduino Blog

    Getting in your daily exercise is vital to living a healthy life and having proper form when squatting can go a long way towards achieving that goal without causing joint pain from doing them incorrectly. The Squats Counter is a device worn around the thigh that utilizes machine learning and TensorFlow Lite to automatically track the user’s form and count how many squats have been performed. Creator Manas Pange started his project by flashing the tf4micro-moition-kit code to a Nano 33 BLE Sense, which features an onboard three-axis accelerometer. From there, he opened the Tiny Motion Trainer Experiment by Google that connects to the Arduino over Bluetooth and captures many successive samples of motion. After gathering enough proper and improper form samples, Manas trained, tested, and deployed the resulting model to the board.

Neos.io: the next generation open-source WordPress CMS alternative

Neos.io is a free open-source modern CMS solution for developers and designers. It is the ideal solution for enterprise and developers. Neos.io is packed with dozens of features aiming to be easy to use for content creators and editors, effortlessly customized by designers, and extensible for developers. Developers can easily build custom themes, custom content models, plugins to add new features and functions and integrate 3rd party services and solutions. Neos.io offers long-term support for its releases, which means every production release goes through extensive testing and quality check before production. Read more