Language Selection

English French German Italian Portuguese Spanish

December 2019

today's leftovers

Filed under
Misc
  • Linux 5.4.7 / 4.19.92 / 4.14.161 Bringing The AMD MCE Fix For New Threadripper CPUs

    With the recently launched Threadripper 3960X / 3970X processors there was a workaround needed to boot them on Linux until an AMD MCE driver issue was resolved. That patch was upstreamed last week into the Linux 5.5 development kernel while now is getting ready to make its debut into supported Linux stable release branches.

    Getting back onto his stable kernel maintenance duties now that Christmas week has passed, Greg Kroah-Hartman sent out his hundreds of patches back-ported for the Linux 5.4 / 4.19 LTS / 4.14 LTS stable series he oversees. Besides the kernel mailing list, the hundreds of patches queued for the next point releases in those branches can be seen via linux-stable-rc.git. Catching my eye from those patches is that the AMD MCE fix for the newer processors is indeed part of the queues for all three stable series.

  • X.Org Saw A Lot Of Work In The 2010s Even With Wayland Taking Off

    Here's a look back at the most popular news over the past decade on X.Org out of our one thousand plus articles on the topic during the 2010s. Even with Wayland taking off in recent years and effectively reaching parity to the X.Org Server for common use-cases, the X.Org Server has continued seeing new development especially in the areas of GLAMOR and XWayland. Sadly though we're ending the 2010s without a major stable release of the xorg-server since May 2018.

  • Calibre 4.7.0

    Calibre is an open source e-book library management application that enables you to manage your e-book collection, convert e-books between different formats, synchronize with popular e-book reader devices, and read your e-books with the included viewer.

    It acts as an e-library and also allows for format conversion, news feeds to e-book conversion, as well as e-book reader sync features and an integrated e-book viewer.

    Calibre's features include: library management; format conversion (all major ebook formats); syncing to e-book reader devices; fetching news from the Web and converting it into ebook form; viewing many different e-book formats, giving you access to your book collection over the internet using just a browser.

  • You can now play the machine generated AI Dungeon 2 in your browser easily

    Recently we wrote about AI Dungeon 2, a text adventure game that has endless possibilities thanks to the fancy machine learning AI brain behind it and it's now seriously easy to play.

    No more messing around with the unwieldy and confusing Google research page, you can just hop on over to the brand new and very streamlined website to play.

  • A peek at how many of the most popular games on Steam support Linux, December 2019 edition

    As the 2010s come to a close, let's look over a few different ways of looking at how many popular games are available on Linux as of December 2019.

    Inspired by an article I did in January this year, back then when looking at the Steam 250 website we had 132 out of 250 of the best reviewed games available on Linux. Right now though? How much has changed in the space of almost one year?

    Not a whole lot actually! 125 in the top 250 are available on Linux. That's still a really great amount of games, especially since these are all games that have a seriously great user rating. This includes some awesome titles like: Portal 2, Terraria, Factorio, Stardew Valley, Euro Truck Simulator 2, Left 4 Dead 2 and The Binding of Isaac: Rebirth.

  • Suse Marks Nine Years Of Continuous Growth With Successful FY2019

    Suse heralded its ninth consecutive year of revenue growth, announcing financial results and highlights from its fiscal year 2019 ended Oct. 31.
    Having become the world’s largest independent open source company earlier this year, Suse saw its application delivery subscription revenue jump 299 percent year over year. In addition, cloud revenue increased 64 percent, driven by cloud providers like Amazon Web Services, Google Cloud and Microsoft Azure, as Suse’s Cloud Service Provider ecosystem grew exponentially.

    Customer deals valued at $1 million or more increased 13 percent, contributing to a double-digit jump in revenue. As growth accelerated, Suse’s employee base grew 11 percent.

  • Ubuntu 13.04 vs. Ubuntu 20.04 Development Performance Comparison Without Mitigations

    Last week I posted benchmarks looking at seven years of Ubuntu Linux performance in re-testing the releases of Ubuntu 13.04 through Ubuntu 19.10 stable and even the latest Ubuntu 20.04 LTS daily development image. A question that came up was how much better that performance would have been without any CPU vulnerability mitigations in place for Ubuntu 20.04... Well, here's that answer.

    In this article are the Ubuntu 13.04, Ubuntu 19.10, and Ubuntu 20.04 daily benchmark results from that earlier article plus an additional run now after re-testing Ubuntu 20.04 when the kernel was booted with "mitigations=off" for getting an idea of the performance lost due to the various in-kernel mitigations over the past nearly three years.

  • Full Circle Magazine: Full Circle Weekly News #160

    Zorin OS 15.1 is Released
    https://zoringroup.com/blog/2019/12/12/zorin-os-15-1-is-released-a-better-way-to-work-learn-and-play/
    Firefox 71 is Now Available for All Supported Ubuntu Releases
    https://news.softpedia.com/news/mozilla-firefox-71-is-now-available-for-all-supported-ubuntu-linux-releases-528537.shtml
    KDE’s December 2019 Apps Update
    https://kde.org/announcements/releases/2019-12-apps-update/
    Oracle Virtualbox 6.1 Now Available
    https://blogs.oracle.com/virtualization/oracle-vm-virtualbox-61-now-available
    Microsoft Teams is Now Available for Linux
    https://www.ostechnix.com/microsoft-teams-is-now-officially-available-for-linux/
    DXVK to Enter Maintenance Mode
    https://www.linuxuprising.com/2019/12/dxvk-to-enter-maintenance-mode-because.html
    Credits:
    Ubuntu “Complete” sound: Canonical
    Theme Music: From The Dust – Stardust
    https://soundcloud.com/ftdmusic
    https://creativecommons.org/licenses/by/4.0/

OSS Leftovers

Filed under
OSS
  • Modernization of OSS/BSS with Open Source, Part 3: Integration

    To realize the agility and velocity that have become imperatives in the market environment today, communications service providers (CSPs) must transform their service delivery and management infrastructure. This means that the systems that underpin their network and service operations must evolve. These are the operations support systems (OSS) that enable the operator to manage the network and the business support systems (BSS) that facilitate the management of the customer and overall business operations.

    [...]

    CSPs’ need for agility and velocity to compete creates requirements for constant integration as the overall OSS/BSS environment evolves piece by piece, leading vendors, systems integrators, and CSPs themselves to adopt new open-source solutions for agile integration. Adopting API led design with new software development methodologies benefits developers with shorter development times and less testing, users with faster implementation of new features and functionality, and business owners with increased business agility. Adopting standard open-source platforms across the business provides a homogeneous technology base, allowing for faster, more reliable feature development at scale. Red Hat Integration and Red Hat OpenShift solutions are ideally suited to the iterative modernization journey for OSS and BSS.

  • Narrative to open source its codebase, seeks to sell business

    Narrative has announced that it will open-source its codebase and explore the sale of its platform following the early December announcement of its closure. Narrative cited market events, regulatory uncertainty, and limited resources as the leading factors in the project shutdown.

    Effective immediately upon the closure announcement, no new content, posts, comments, or quality ratings were accepted on the Narrative platform.

    [...]

    Narrative is opting open source its codebase using the GPL v3.0 license, which is a free, copyleft license for software and other kinds of works that aims to ensure the software is free for all its users.

  • Twizzle is an Open-Source Desktop App for Twitter DMs

    Twizzle aims to be a standalone messenger for Twitter that packs in all the possible features the social media platform offers. To be more specific, you get GIFs, images, and emojis support in the app.

    The user interface of the app is simple and minimalistic. You get all your messages on the home screen right after you log in to the app with your Twitter account.

  • These 7 programming skills can increase your salary by thousands, according to the mega-popular developer hub Stack Overflow

    ElaElasticsearch is a search and analytics engine for large amounts of data. It's an open source project, meaning it's free for anyone to use, download, or modify. Today, the company Elastic maintains the project and builds commercial features to support it.

    sticsearch is a search and analytics engine for large amounts of data. It's an open source project, meaning it's free for anyone to use, download, or modify. Today, the company Elastic maintains the project and builds commercial features to support it.

  • SD Times Open-Source Project of the Week: Falcon

    This week’s highlighted project is Falcon, which is an open-source Python framework for building large-scale app backends and microservices.

    According to the Falcon maintainers, the framework encourages the REST architectural style. It also attempts to do as little as possible, while also remaining highly efficient.

    “When it comes to building HTTP APIs, other frameworks weigh you down with tons of dependencies and unnecessary abstractions. Falcon cuts to the chase with a clean design that embraces HTTP and the REST architectural style,” the Falcon documentation states.

  • 'Thousands Of Tools Have Come & Gone, But Ansible & Bash Have Stood The Test Of Time'
  • 5 Pivotal Events in IoT and Embedded

    Key themes in the embedded systems and Internet of things (IoT) world this year range from edge intelligence to security and the progress of open source. Below, we share what we see as the top five pivotal events from 2019 that are likely to have significant ramifications on 2020.

    [...]

    While governments around the world are increasingly considering security guidelines for connected devices, January 2020 will see California’s Senate Bill, SB 327, come into enforcement. This requires manufacturers of connected devices for sale in California to equip the devices with ‘reasonable’ security features.

    Hence the announcement of OpenTitan, an open source silicon root of trust, is viewed as critical. The move will make it easier for developers to design trusted security into their systems at the metal level. We see this likely to be a pivotal moment for embedded security and IoT.

  • Scylla Summit 2019

    I’ve had the pleasure to attend again and present at the Scylla Summit in San Francisco and the honor to be awarded the Most innovative use case of Scylla.

    It was a great event, full of friendly people and passionate conversations. Peter did a great full write-up of it already so I wanted to share some of my notes instead…

    This a curated set of topics that I happened to question or discuss in depth so this post is not meant to be taken as a full coverage of the conference.

  • QNAP’s Four-Bay NAS has returned to the all-time low at $280 (Save $110)

    As part of its Mega Deal Zone, B&H is currently offering the QNAP TS-451+ Four-Bay NAS for $279.99 shipped. Usually selling for $390, today’s offer saves you 29%, beats the previous discount by $20, and matches the all-time low. Featuring four hard drive slots, this NAS can support up to 72TB of total storage and rocks dual Gigabit Ethernet ports, an HDMI out, and three USB inputs. It’s also a more than capable option for running Plex, thanks to hardware transcoding capabilities. You’ll also find support for AirPlay, Chromecast, and more. Rated 4.3/5 stars from 375 customers. More details below.

  • Cloudera Issues Call to Define Open Standards for Machine Learning

    Enterprise cloud data firm Cloudera has issued a call for industry participation to help define universal open standards for machine learning operations (MLOps) and machine learning model governance.

    [...]

    Wang said: “Open source and open APIs have powered the growth of data science in business. But deploying and managing models in production is often difficult because of technology sprawl and [the creation of silos].”

    “Machine learning models are already part of almost every aspect of our lives from automating internal processes to optimizing the design, creation, and marketing behind virtually every product consumed,” said Nick Patience, the founder and research vice president for software at 451 Research.

Openwashing Leftovers

Filed under
OSS
  • Move over Edge: Safari looks to be jumping on the Chromium bandwagon, too [Ed: Any monoculture around proprietary software is a bad thing]

    UPDATE: According to some traffic over on Twitter, it looks like this whole thing is vaporware. It has been uncovered that the bug in question in the article below has nothing to do with Safari at all. The bug is still private and cannot be viewed by non-Google employees, but it appears that this bug is assigned to “Move sync tests to staging” from 2015. We’re sorry for the incorrect reporting and have left the original story below. Additionally, here is a tweet from someone more informed than me on the subject:

  • Rumor: Apple could transition Safari to Google’s open-source Chromium platform

    Update: The following rumor has since been debunked by the original reporter, Chrome Unboxed. That has also been backed up by an email exchange from Apple.

    It appears that Apple’s flagship web browser may join its competitors on the Chromium-based browser trend. At least, if recent screenshots are to be believed.

    According to a recently published (and Google translated) bug report from iPhones.ru, there may be reason to believe that Apple is moving towards developing a version of Safari that is based on the open-source Chromium platform. The report, which includes screenshots from reader Artyom Pozharov, details a discovery made by Pozharov while browsing Chromium Monorail, Google’s bug tracking site.

  • Future of Siri, Alexa and Google Home with open-source smart home standards [Ed: The grotesque openwashing of mass surveillance inside people's homes]

    Building a smart home isn't as difficult anymore. However, making devices from different brands talk to each other can get difficult at times. With the new Project CHIP - Amazon, Apple, Google, and Zigbee Alliance aim to build an open-source smart home standard that can finally help consumers set up their preferred control system without being ruled over by brands.

  • Apple and Google collaborate to develop open-source smart home standard [Ed: The openwashing of surveillance has become a big thing]

    Apple, Google, and Amazon are set to form a partnership to develop an open-source smart home standard that will make sure devices work together, simplify the development of new devices, and keep everything safe in the process.

  • Why Is This Hyderabad-Based Startup Providing Open Source BI Framework To Its Customers?
  • Open Source Medicine And Cannabinoids: A Promising Future

    Entire industries are now being built around tetrahydrocannabinol (THC) and cannabidiol (CBD), the most well-known examples of cannabinoids—a group of compounds produced by the cannabis plant. But it is also interesting to note the amount of other cannabinoids that have not been detected in any other plant. By some estimates, there are more than 100 cannabinoids found exclusively in the cannabis plant.

Security Leftovers

Filed under
Security
  • Riccardo Padovani: My year on HackerOne

    Last year, totally by chance, I found a security issue over Facebook - I reported it, and it was fixed quite fast. In 2018, I also found a security issue over Gitlab, so I signed up to HackerOne, and reported it as well. That first experience with Gitlab was far from ideal, but after that first report I’ve started reporting more, and Gitlab has improved its program a lot.

  • Top 5 Cybersecurity Predictions for 2020
  • Managing Open Source Components [Ed: This is self-promotional marketing spam disguised as an article that just badmouths FOSS to make sales]

This week in KDE: holiday presents for you!

Filed under
KDE

Though KDE contributors are mostly enjoying a well-deserved rest during the holiday season (hence the late post today, sorry about that), the community’s tireless souls have been laboring anyway to bring you new features and bugfixes anyway!

Read more

Also: KDE Picked Up A Few Improvements During Christmas Week

Another Chinese computer operating system: Will the UOS succeed?

Filed under
GNU
Linux

The Chinese just won't stop trying to build their own Windows equivalents and UOS is their new product.

Short for "Unified Operating System," the UOS is a joint effort by state-owned companies like China Electronics Corporation (CEC), and a former Windows customization group Deepin.

The OS looks largely like the Deepin OS, a system created in 2004 after the group created a Linux distribution.

[...]

And the software is rich. In addition to the innumerable Linux open-source software, the Deepin team also made their own text editor, video/audio player, terminal, voice recorder and more. Though many features are almost identical to similar apps, Deepin believes their version is more user-friendly and they are willing to customize the software based on users' feedback.

Read more

DragonBox Pyra prototypes begin shipping (open source handheld gaming computer)

Filed under
Debian
Gadgets

The DragonBox Pyra is a handheld computer with a 5 inch display, a QWERTY keyboard and a built-in gamepad. It’s designed to run free and open source software, and it’s been under development for more than six years… and after all that time, project leader Michael Mzorek (EvilDragon) has finally begun shipping prototypes to customers who placed pre-orders for pre-production hardware.

Pyra-handheld forum member Grench ordered one of the first prototypes almost three years ago. He received it last week, and has shared some photos and initial impressions.

[...]

It also supports 802.11n WiFi and Bluetooth 4.0 and has stereo speakers, a headset jack, a micro USB port, and an HDMI port. There’s also a “Mobile Edition” version of the Pyra with a 3G/4G modem.

The handheld PC features a backlit keyboard, a D-pad, analog sticks, a D-pad, and buttons that make the Pyra usable as a handheld gaming device. But it’s also a full-fledged computer that ships with a custom version of Debian Linux, although it also supports alternate operating systems.

Read more

BlackArch Linux Ethical Hacking OS Gets First 2020 Release with 120 New Tools

Filed under
Linux

Packed with more than 120 new penetration testing and ethical hacking tools, the BlackArch Linux 2020.01.01 release is powered by Linux kernel 5.4.6 and features an updated installer that incorporates numerous improvements and bug fixes for better hardware detection and support.

BlackArch Linux 2020.01.01 also adds Terminus font support to the LXDM display manager, updates the configuration file of the urxvt terminal emulator to add the ability to change the size on the fly, and replaces pathogen with Vundle.vim, and also adds a new Vim plugin called clang_complete.

Read more

LibreOffice Writer: Working with Text

Filed under
LibO
HowTos

This tutorial explains the basic text works in LibreOffice Writer. You will learn basically how to type, select, delete, copy & paste, undo & redo, bold-italic-underline, color & highlight, bullets & numberings, use of headings, align left-center-right, and finally making columns. Happy learning!

Read more

More in Tux Machines

Android Leftovers

Security, Fear, Uncertainty, and Doubt

  • Security updates for Thursday

    Security updates have been issued by Debian (netty and netty-3.9), Fedora (ceph, dovecot, poppler, and webkit2gtk3), openSUSE (inn and rmt-server), Oracle (openjpeg2), Red Hat (rabbitmq-server), Scientific Linux (openjpeg2), SUSE (dnsmasq, rsyslog, and slurm), and Ubuntu (php7.0).

  • 30 The Most Common Hacking Techniques and How to Deal with Them [Ed: Cracking, not hacking. Not the same thing.]
  • A guide to developing a holistic IT security strategy

    In assessing how prevalent cyberattacks are for companies, 18 percent of respondents rated the security risk as very high. Half (50 percent) even stated that their company had suffered financial losses due to security incidents. Opinions differed as to whether the incidents were handled optimally: Almost half (49 percent) say that everything worked well, while the other half (49 percent) believe there is a lot of potential for improvement.

  • Linux and malware: Should you worry? [Ed: All those headlines with question marks mean that the answer is "No."]

    Gone are the days when the idea of viruses or other malware hitting Linux was almost universally greeted with quizzical glances, if not outright rejection. Long thought of as the perfect marriage of open-source goodness and strong, Unix-like security, Linux-based operating systems are now increasingly seen as another valuable – and viable – target. This shift in thinking is partly the result of a growing realization among both Linux hobbyists and system administrators that a compromised Linux system such as a web server provides attackers an excellent ‘return on investment’. Just as importantly, malware research in recent years has brought better visibility into threats facing Linux systems.

Devices: Raspberry Pi, Industrial/Panel PCs and RISC-V

         
  • How to play sound and make noise with your Raspberry Pi
           
             

    If your amazing project is a little too quiet, add high-fidelity sound with Raspberry Pi and the help of this handy guide from HackSpace magazine, written by PJ Evans.

  •       
  • Raspberry Pi 4 UEFI+ACPI Firmware Aims to Make the Board SBBR-Compliant

    As Arm wanted to enter the server market, they realized they had to provide systems that could boot standard operating system images without modifications or hacks – just as they do on x86 server -, so in 2014 the company introduced the Server Base System Architecture Specification (SBSA) so that all a single OS image can run on all ARMv8-A servers.

  • Linux-ready Apollo Lake panel PC has IP65 protection

    WinSystems’ IP65-protected, 12-inch “PPC12-427” capacitive panel PC runs on an Apollo Lake SoC with up to 8GB DDR3L ECC RAM, 2x GbE, 2x 4K DP, 4x USB, and -30 to 85°C support. Grand Prairie, Texas based WinSystems has announced a fanless, 12.1-inch, panel PC designed for signage, kiosk, food service, and industrial IoT HMI applications.

  • Modular Coffee Lake system has SUMIT and optional PCIe expansion

    Ibase’s “MAF800” industrial AI PC runs Ubuntu or Win 10 on an 8th Gen Coffee Lake CPU with 3x GbE, 2x SATA, 6x USB 3.0, and 2x SUMIT slots for an optional 4x PoE module. Other models offer PCIe x16, x8, and x4 slots. Last week, Taiwan-based Ibase announced it was pulling out of next week’s Embedded World show in Nuremberg due to concerns about the coronavirus. Other announced no-shows include Arm, Bridgetek, Digi-Key, FTDI, Kontron, and Rohm. Yet, Ibase and others appear to be pushing forward with their usual late February embedded product announcements.

  • Antmicro GEM ASIC Leverages zGlue Technology to Quickly Bring Custom Arm/RISC-V SoC’s to Market

    Introduced in 2018, ZiP (zGlue Integration Platform) chip-stacking technology aims to produce chips similar to Systems-in-Package (SiP) but at much lower costs and lead times.

  • Aldec and Codasip at Embedded World: Showcasing an Integrated UVM Simulation Environment for Verifying Custom Instructions with RISC-V Cores

    “Variability of the RISC-V ISA-based processor family brings new challenges to design flow. In particular, IP and SoC verification needs productivity boost tools and seamless integration into our design environment,” said Karel Masařík, CEO of Codasip. “Our generic UVM methodology combined with Aldec's simulation and code coverage efficiency analysis helps us add the desired RISC-V core extensions and provide core customization faster than our competition.”

Malicious Proprietary Software

  • Discord Is Not An Acceptable Choice For Free Software Projects

    Discord’s communication is not end to end (e2e) encrypted. It is encrypted only between the individual user and the servers operated by Discord Inc. Their spying extends to every single message sent and received by anyone, including direct messages betweeen users. The service can and does log every message sent, both in-channel and DMs. It is impossible to have a private conversation on Discord, as there will always be an unencrypted log of it stored by Discord. Discord can, at their option, provide those stored messages to any third party they wish, including cops or government snoops, for any reason, even without a legal order, without any obligation to tell you that they have done so.

  • [Attackers] Were Inside Citrix for Five Months

    Networking software giant Citrix Systems says malicious [attackers] were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. The disclosure comes almost a year after Citrix acknowledged that digital intruders had broken in by probing its employee accounts for weak passwords.

  • [Vulnerable] firmware lurks inside Dell, HP and Lenovo computers amid supply chain security efforts

    “Firmware is meant to be invisible to the user, and so it’s not surprising that most people don’t pay attention to it,” said Eclypsium CEO Yuriy Bulgin. “However, these components make up the foundation upon which every device, operating system, and application depends.”

    Researchers used unsigned firmware to show how an attacker could compromise an operating system remotely in order to steal network data. The highlighted flaws could also enable “direct-memory access” attacks which exploit a computer’s core operating system.

  • Aera Launches Cognitive ‘Business Brain’ Operating System [Ed: This is NOT an 'operating system". Terms misused these days.]

    Infor labels one of its core brands Infor OS and quite unashamedly uses the term operating system to explain the function of its industry-specific Enterprise Resource Planning (ERP) and Supply Chain Management (SCM) cloud software. Mountain View headquartered Aera Technology has used a similar naming convention within its branding and called its automation-centric cloud platform the Aera Cognitive Operating System.

  • Microsoft Defender ATP for Linux Now In Public Preview

    Microsoft Defender ATP for Linux is now available in a public preview that allows administrators and security professionals to test the product in six different Linux distributions.

  • Keen to check for 'abnormal' user behaviours? Microsoft talks insider risk, AWS imports and compliance at infosec shindig RSA [Ed: “Microsoft talks insider risk”; but Microsoft is the risk]

    As well as widening the preview of Microsoft Threat Protection, a system aimed at a more automated response to threats, the gang has also extended the cross-platform support for Microsoft Defender Advanced Threat Protection (ATP) to include a whole bunch of Linux distributions.

  • Microsoft plans to add Linux support for Chromium-based Edge

    Microsoft fought long and hard to maintain and push its own proprietary browser, even launching Edge, hoping to get away from the stigma against Internet Explorer. However, the dominating market share of Chromium-based browsers finally got to Microsoft, and the company announced it would rebuild Edge with the Chromium source code. Last month, we reported that Microsoft’s Chromium-based Edge was out of development and ready for public deployment.