Language Selection

English French German Italian Portuguese Spanish

April 2020

scrcpy 1.13 Released and COVID-19 Response by Rocket.Chat

Filed under
Software
OSS
  • scrcpy 1.13 Released With Improved Display Quality, Option To Lock Video Orientation, More

    scrcpy 1.13 has been released with some important new features, including option to lock the video orientation, shortcuts to rotate the display, and trilinear filtering which should improve the display quality when the scrcpy window is much smaller than the Android device display.

    New to scrcpy? This is an application that can be used to display, record and control Android devices connected via USB or wirelessly, from a macOS, Windows or Linux desktop. The application focuses on performance and quality, offering 30~60 FPS with a resolution of 1920x1080 or more, and low latency.

    The communication between the server (Android device in this case) and client (desktop computer) is done via a socket over an adb tunnel. The server streams H.264 video of the device screen, passing it to the client to decode and display it, without buffering in order to minimize latency. The mouse and keyboard events are captured and transmitted to the server, which injects them to the Android device.

  • How Open-Source And AI Are Helping Brazil To Spot COVID-19

    The arrival of COVID-19 brought complex challenges worldwide. In Latin America, precisely in Brazil, the worst pandemic seen in a century challenges states, cities, and public health care management. Recently, the country surpassed China in the total number of confirmed deaths

    With cases expected to accelerate in Latin America’s biggest country, a question arises: How to provide healthcare services in Brazil without overloading the health system and reducing the pace of contagion?

    To answer that question and propose a solution, Rocket.Chat, a Brazilian startup responsible for one of the main open-source communication hub partnered with Amazon and tech players, such as Ilhasoft, Elogroup, and Konecty to build a digital assistance platform for COVID-19.

LWN on Kernel Development, Debian Discussing Discourse

Filed under
Linux
Debian
  • The integrity policy enforcement security module

    There are many ways to try to keep a system secure. One of those, often employed in embedded or other dedicated-purpose systems, is to try to ensure that only code that has been approved (by whoever holds that power over the system in question) can be executed. The secure boot mechanism, which is intended to keep a computer from booting anything but a trusted kernel, is one piece of this puzzle, but its protection only extends through the process of booting the kernel itself. Various mechanisms exist for protecting a system after it boots; a new option for this stage is the Integrity Policy Enforcement (IPE) security module, posted by Deven Bowers.
    IPE is one of a new generation of security modules that has been enabled by the ongoing work to implement module stacking. It does not attempt to provide a full security enforcement mechanism like SELinux, AppArmor, or Smack do; instead, it focuses specifically on the task of vetting attempts to execute code. And, in particular, its enforcement mechanism comes down to a simple question: does the code that the system is proposing to execute come from an appropriately signed disk volume?

    IPE is designed to work with dm-verity, which provides integrity checking for block devices. Each dm-verity volume has a root hash, which is derived from the hashes of the individual blocks in that volume. Whenever blocks are read from this volume, the hashes are checked up to the root to ensure that nothing has been tampered with. Assuming everything is working as intended, the data read from a dm-verity volume is guaranteed to be the data that the creator put there and hashed, with no subsequent tampering.

    While dm-verity can be used to ensure that nobody has corrupted a disk image, there are still a couple of pieces missing when it comes to ensuring the integrity of the system as a whole. One is ensuring that the root hash for the volume is the one that the creator of the volume intended; that can be done by either storing the hash value separately or applying a cryptographic signature. Even a verified, integrity-protected volume is only of limited use, though, if the system is able to execute code that doesn't come from that volume.

  • How to unbreak LTTng

    Back in February, the kernel community discussed the removal of a couple of functions that could be used by loadable modules to gain access to symbols (functions and data structures) that were not meant to be available to them. That change was merged during the 5.7 merge window. This change will break a number of external modules that depended on the removed functions; since many of those modules are proprietary, this fact does not cause a great deal of anguish in the kernel community. But there are a few out-of-tree modules with GPL-compatible licenses that are also affected by this change; one of those is LTTng. Fixing LTTng may not be entirely straightforward.
    LTTng is a tracing subsystem; to carry out that sort of task, it must be able to hook into the kernel in a number of fairly deep places. It is unsurprising that LTTng was accessing parts of the kernel that are not deemed suitable for export to modules in general. Losing access to kallsyms_on_each_symbol() deprived LTTng of the ability to find those addresses, thus breaking much of its functionality. That is not welcome news to those who work on — or use — LTTng.

    LTTng developer Mathieu Desnoyers has responded to this change with a patch series exporting a number of new symbols; with those available, LTTng can do what it needs to do without using the rather more general kallsyms_on_each_symbol() function. For example, LTTng needs access to stack_trace_save_user() to be able to save user-space stack traces. It also needs access to functions like task_prio(), disk_name(), and get_pfn_blocks_mask(). LTTng obtains kernel information from tracepoints as well, of course, and that usage will increase as tracepoints replace some of the direct internal accesses that were used before. The patch set raises the number of arguments that can be passed to a BPF program from a tracepoint to an eye-opening 13 (to allow more information to be passed out via a specific tracepoint), but that change may prove to be unnecessary in the end.

  • Proactive compaction for the kernel

    Many applications benefit significantly from the use of huge pages. However, huge-page allocations often incur a high latency or even fail under fragmented memory conditions. Proactive compaction may provide an effective solution to these problems by doing memory compaction in the background. With my proposed proactive compaction implementation, typical huge-page allocation latencies are reduced by a factor of 70-80 while incurring minimal CPU overhead.

    Memory compaction is a feature of the Linux kernel that makes larger, physically contiguous blocks of free memory available. Currently, the kernel uses an on-demand compaction scheme. Whenever a per-node kcompactd thread is woken up, it compacts just enough memory to make available a single page of the needed size. Once a page of that size is made available, the thread goes back to sleep. This pattern of compaction often causes a high latency for higher-order allocations and hurts performance for workloads that need to burst-allocate a large number of huge pages.

    Experiments where compaction is manually triggered on a system with a fragmented memory state show that it could be brought to a fairly compacted memory state within one second for a 32GB system. Such data suggests that a proactive compaction scheme in the kernel could allow allocating a significant fraction of memory as huge pages while keeping allocation latencies low.

  • Debian discusses Discourse

    Given the recent history of attacks on the Debian project, arguments against moderation of the communication channels seem less likely than usual to find wide support.

    That said, the way in which Discourse handles moderation did raise a few eyebrows. Rather than having specific people designated as moderators, Discourse spreads that task among the "trusted" members of the community. There are, by default, five trust levels; new users start at level 0 and work their way up from there. At level 3, users can flag posts and cause them to be hidden.

    Movement through the trust levels is managed automatically by the system (with the exception of the highest level, which requires manual promotion). Moving up requires that the user spend a specific amount of time on the site, read a certain number of articles, hand out and receive "likes", and more. To implement this mechanism, Discourse tracks the amount of time spent reading each article. Reaching level 3 requires visiting the site 50 out of the last 100 days, replying to at least ten different topics, viewing at least 25% of new topics, and more. Users can be demoted back to level 2 if they fail to maintain that level of performance.

    This aspect of Discourse repels a number of Debian developers for a couple of reasons. Debian folks are naturally resistant to the idea of a communication system that is monitoring their activity, tracking the time spent on each topic, and making decisions based on that data. Many of them use free software precisely to get away from that kind of thing. They also dislike the whole "gamification" aspect of this system — a feeling that is only made stronger by the extensive system of "badges" handed out by the system to encourage various types of activity.

Security Leftovers

Filed under
Security
  • Security updates for Thursday

    Security updates have been issued by Arch Linux (chromium, git, and webkit2gtk), Debian (nodejs and tiff), Fedora (libxml2, php-horde-horde, pxz, and sqliteodbc), Oracle (python-twisted-web), Red Hat (chromium-browser, git, and rh-git218-git), Scientific Linux (python-twisted-web), SUSE (ceph, kernel, munge, openldap2, salt, squid, and xen), and Ubuntu (mailman, python3.8, samba, and webkit2gtk).

  • WordPress 5.4.1 fixes 7 security vulnerabilities

    WordPress 5.4.1 is now available!

    This security and maintenance release features 17 bug fixes in addition to 7 security fixes. Because this is a security release, it is recommended that you update your sites immediately. All versions since WordPress 3.7 have also been updated.

  • Almost Every Antivirus Software Program Can Be Exploited, Researchers Say

    RACK911 Labs has found a unique method of using directory junctions (in Windows) and symlinks (in macOS and Linux) to turn antivirus software products into self-destructive tools. However, it was reported that most of the antivirus companies have now fixed the vulnerability in their products.

    Researchers stated that an attacker must be highly time-sensitive and should know when to exploit the directory junction or symlink vulnerabilities. “What most antivirus software fail to take into consideration is the small window of time between the initial file scan that detects the malicious file and the cleanup operation that takes place immediately after. A malicious local user or malware author is often able to perform a race condition via a directory junction (Windows) or a symlink (Linux & macOS) that leverages the privileged file operations to disable the antivirus software or interfere with the operating system to render it useless,” the researchers explained.

  • Hacks.Mozilla.Org: Fuzzing with WebIDL

    Fuzzing, or fuzz testing, is an automated approach for testing the safety and stability of software. It’s typically performed by supplying specially crafted inputs to identify unexpected or even dangerous behavior. If you’re unfamiliar with the basics of fuzzing, you can find lots more information in the Firefox Fuzzing Docs and the Fuzzing Book.

    For the past 3 years, the Firefox fuzzing team has been developing a new fuzzer to help identify security vulnerabilities in the implementation of WebAPIs in Firefox. This fuzzer, which we’re calling Domino, leverages the WebAPIs’ own WebIDL definitions as a fuzzing grammar. Our approach has led to the identification of over 850 bugs. 116 of those bugs have received a security rating. In this post, I’d like to discuss some of Domino’s key features and how they differ from our previous WebAPI fuzzing efforts.

  • Belkin Shut Down Wemo NetCam Feeds

    One of the major downsides of an IoT system provided by another company is that it will eventually die out. Companies can’t afford to maintain a service forever and will eventually let it go. Belkin made a shock announcement when they stated they will no longer support their Wemo NetCam product.

Graphics: Mesa 20.1, X.Org Board Elections, AMD, OpenXR

Filed under
Graphics/Benchmarks
  • mesa 20.1.0-rc1
    I'd like to announce the first release candidate of the 20.1 branch,
    Mesa 20.1.0-rc1.
    
    Please test it, and report any issues you might find to:
    https://gitlab.freedesktop.org/mesa/mesa/issues/new
    
    We also have a GitLab milestone to track issues that need to be fixed
    and MRs that need to be merged before 20.1.0 final. Please add it to
    the relevant issues & MRs:
    https://gitlab.freedesktop.org/mesa/mesa/milestones/14
    
    The next release candidate is scheduled for 7 days from now, on
    2020-05-06.
    
    Eric
    
    
  • Mesa 20.1 Feature Development Ends With RC1 Released

    Mesa 20.1 feature development is now over with it being branched from Git master and subsequently Mesa 20.1-RC1 being released this evening.

    Mesa 20.1 is the Q2'2020 update to this collection of open-source graphics drivers, predominantly Vulkan and OpenCL driver implementations for the likes of not only Intel, Radeon, and Nouveau (NVIDIA) graphics but also Arm/SoC graphics drivers as well.

  • X.Org Board Elections Wrap Up For 2020

    They join existing X.Org board members Samuel Iglesias Gonsálvez [Igalia], Manasi D Navare [Intel], Lyude Paul [Red Hat], and Daniel Vetter [Intel]. Of the new members, three of them previously served with Collabora's Mark Filion being new to the foundation's board.

    The X.Org Board of Directors is principally responsible for organizing the annual XDC developer conference, overseeing the X.Org Endless Vacation of Code and their usual participation within the Google Summer of Code, arranging sponsorships and travel reimbursements and other finances under the SPI, and related matters like their skyrocketing cloud costs associated with the X.Org/FD.o CI.

  • AMD AOMP 11.5 Released For OpenMP Offloading To Radeon GPUs

    Released on Wednesday was AOMP 11.5 as the latest version of the AMD/ROCm compiler based off LLVM Clang and focused on OpenMP offloading to Radeon GPUs.

    AOMP is part of the ROCm umbrella for Radeon OpenMP device offloading. This is a branched version of upstream LLVM Clang that recently was re-based to LLVM 11 development code and thus the version number for AOMP.

  • AMDVLK 2020.Q2.2 Flips On The Pipeline Binary Cache, Tunes SoTR Performance

    AMDVLK 2020.Q2.2 has been issued today as the company's latest open-source AMD Radeon Vulkan driver based off their official driver source tree.

    With this second AMDVLK driver snapshot of Q2-2020, there are a few notable changes in tow. The AMDVLK pipeline binary cache has been enabled by default for helping with load times. AMDVLK also now supports the Vulkan memory protected bit (VK_MEMORY_PROPERTY_PROTECTED_BIT). This driver update has also seen more performance optimization work around the few month old Linux port of Shadow of the Tomb Raider.

  • Service process and out of process compositing in Monado

    Moving all drivers and the compositor to the service process brings many advantages to the previous in-process model. For this input and rendering needed to be sent over our new IPC infrastructure. With a separate render loop, now independent of the OpenXR client, the compositor can provide a constant frame rate, even when the application doesn't deliver frames on time. This is required and the foundation of future reprojection work, where old frames can be transformed with new tracking data for a smoother experience if the client lags behind. In addition, the obvious advantage of an out of process compositor is that the compositor can be started asynchronously to the application and run on its own without any application. This is also required for running multiple clients in the future and for implementing OpenXR extensions like XR_EXTX_overlay.

    Amongst other small improvements to the compositor we improved support for direct mode on NVIDIA by recognizing more display identifiers like the Valve Index and the Oculus Rift series of HMDs.

  • Open-source OpenXR runtime for Linux 'Monado' gets an improved compositor - runs Blender VR

    Those crazy-smart folks over at Collabora have continued hacking away on Monado, a fully open source OpenXR (VR / AR standard) runtime for Linux. Now it's progressed quite far and it can run Blender VR.

    A refresher on Monado: Monado is the first OpenXR runtime for GNU/Linux. Monado hopes to jump-start development of an open source XR ecosystem and provide the fundamental building blocks for device vendors to target the GNU/Linux platform.
    Writing on the Collabora development blog, engineer Lubosz Sarnecki mentioned that Monado now has a "new monado-service binary and out of process compositor" which brings several advantages over the original in-process model. It now has a separate render loop, with the compositor now being able to provide a constant frame rate "even when the application doesn't deliver frames on time". Something that's absolutely vital to produce a smoother experience and help prevent nausea.

Red Hat/Fedora: Summit, OpenShift 4.4, Fedora and Taskotron EOL

Filed under
Red Hat
  • Recapping day two of Red Hat Summit Virtual Experience

    Anybody who thinks open source enterprise software is boring has clearly never watched a demo with Red Hat's Burr Sutter at the helm. Sutter and team pulled together a fantastic demo that showed how Red Hat's portfolio can come together to provide an application platform for global organizations.

    In real time, the team updated an application, added a Red Hat OpenShift cluster, added features, tested failover, and handled thousands of users interacting with the application. A real showcase for what edge computing and the open hybrid cloud can do. If you missed it, be sure to read our blog about the day's demos and catch the replay on demand.

    We know that the concept of the datacenter is changing, and that there's been increasing demand pushing compute to the network edge. During Red Hat CTO Chris Wright's session, we had a look at how Red Hat is using AI and data, through our implementation of Open Data Hub, to help our customers based on data from connected systems.

  • The Specter of Coronavirus Dominates Red Hat Summit 2020

    Despite everyone sheltering in place, it was impossible to avoid COVID-19 during the Linux vendor’s virtual Red Hat Summit 2020 event.

  • What’s new in the OpenShift 4.4 web console developer experience

    The developer experience in the Red Hat OpenShift Container Platform web console keeps getting better. You’ve probably already heard about our streamlined user flows to build and deploy applications, plus the ability to understand the structure of your application via the Topology view. Each new release of Red Hat OpenShift includes usability improvements and new features to help developers reach their goals.

  • Creating Pipelines with OpenShift 4.4’s new Pipeline Builder and Tekton Pipelines
  • Serverless applications made faster and simpler with OpenShift Serverless GA
  • Application deployment improvements in OpenShift 4.4
  • Join a Fedora Ask Me Anything (AMA)

    The admins of Fedora Telegram group, would like to invite you to participate in a big “ask me anything” (AMA) session. Join us on May 6th at 18:00 UTC (14:00 US/Eastern) in the Fedoraama telegram group (bridged to #fedora-ama on Freenode IRC). The session is expected to span an hour and a half.

  • PHP version 7.3.18RC1 and 7.4.6RC1

    Release Candidate versions are available in testing repository for Fedora and Enterprise Linux (RHEL / CentOS) to allow more people to test them. They are available as Software Collections, for a parallel installation, perfect solution for such tests, and also as base packages.

    RPM of PHP version 7.4.6RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 32 or remi-php74-test repository for Fedora 30-31 and Enterprise Linux 7-8.

    RPM of PHP version 7.3.18RC1 are available as SCL in remi-test repository and as base packages in the remi-test repository for Fedora 30-31 or remi-php73-test repository for Enterprise Linux.

  • Taskotron is EOL (end of life) today

    As previously announced, Taskotron (project page) will be shut down today. See the announcement and its discussion for more details and some background info.

    As a result, certain tests (beginning with “dist.“) will no longer appear for new updates in Bodhi (in Automated Tests tab). Some of those tests (and even new ones) will hopefully come back in the future with the help of Fedora CI.

Debian LTS, Sparky and DOSEMU in Debian 10

Filed under
Debian
  • Mike Gabriel: My Work on Debian LTS (April 2020)

    Due to sickness I was not able to complete my 8 hours of work on Debian LTS as planned. I only worked 1.5 hours this month, moving the remaining 6.5 hours over to May.

  • Sparky news 2020/04

    The 4rd monthly report of 2020 of the Sparky project:

    • Linux kernel updated up to version 5.6.8 & 5.7-rc3
    • added to our repos: Picom, Sparky-Picom, Delta Chat Desktop, jgmenu, Waterfox current
    • changed ‘obmenu’ to ‘jgmenu’ at Sparky Openbox edition of the rolling line
    • Sparky stable 5.11 released
    • Sparky 2020.04~dev0 with experimental support of installation on machines with Secure Boot released
    • lami07 hard works on a modern version of Openbox edition called “Noir”, which will be available to install via APTus and Minimal iso, stay tuned
    • ‘sparky-su’ has gotten an option to check given password

  • DOSEMU in Debian 10

    Incredible as it may seem, I still have MS-DOS applications that I need to run. And fortunately, there's a DOS Emulator for Linux, DOSEMU. (There's also DOSBox but I've never used that.) One thing DOSEMU handles well is access to legacy serial and parallel ports; I need that too.

    In Debian 8 it was an easy install; DOSEMU and the required FreeDOS were in the Debian repository. So I was dismayed to find that DOSEMU is not available from the Debian 10 "Buster" repository.

    My first thought was to get DOSEMU straight from the source. They offer a precompiled "binary distribution," but that failed to run. Plan B would be to compile DOSEMU from the provided source packages, but I worried, what if DOSEMU simply isn't compatible with 64-bit Linux?

    So I got curious. 32-bit Debian 8 had DOSEMU. Was it available then for 64-bit? When did it get dropped from the repository?

Python Programming

Filed under
Development
  • Reminder: My free, weekly “Python for non-programmers” course continues on Friday, May 1st
  • How and why I built Data Scraping script in Python3

    I am a Professional Python Developer at W3sols who has built complex data scrapers, Python backends for mobile and web apps. I am working on AI and ML based tech stack these days and plan to progress my career as a Professional AI and ML engineer.

  • PyCharm: R 4.0.0 and better UX in the R Plugin

    Although it has not been a while since our last update release, we’re ready to announce some important enhancements and new features...

  • Full Stack Development in Django

    Talks about how versatile Django could be used by breaking the default Django to mix and match it to fit your own use case. Instead of using what is provided by Django.

  • How I learned Python Programming

    I am a lead Python developer at W3sols and I have been working on Web and its related technology stack for 3 years now.
    I have a high versatility in solving real world problems with different programming languages.
    My expertise is Python 3 and the best part I like to do with it is Data scraping from websites.

  • User Testing Feedback - Building SaaS #54

    In this episode, we worked on issues found from a round of user testing. I talked about how I did user testing with my customer, then started to tackle the usability issues that she identified. We’re taking a break from building the onboarding flow so that we can take some time to address feedback from user testing with my customer. I started the stream by explaining how I set up user testing and what I got out of the experience.

  • Add Python support to Tekton Pipelines

    My colleague Priti Desai has been working on Tekton for more than a year and has made some great contributions. After seeing how much fun she was having, I decided to take a leap in the same direction. Priti already built a Tekton pipeline for Java and JavaScript applications, so I figured adding Python support to her pipeline was a great way to become familiar with Tekton.

  • Debugging C with Python and unittest

    The title makes this sound oddly specific, but the information can be applied to other projects. I am using one of my projects as an example. Let me set things up.

    I work on a project called rpminspect which consists of a frontend program called rpminspect, a shared library called librpminspect, and a test suite primarily written in Python and using the unittest module. I say primarily written in Python because there are some helper programs written in C that the test suite invokes. The Python part is the test suite driver which is invoking the rpminspect program with the right settings and checking the output.

Modernizing AutoYaST

Filed under
SUSE

YaST2 is a venerable project that has been around for more than 20 years now. It keeps evolving and, with every SUSE and openSUSE release, it takes several new features (and a couple of new bugs). Needlessly to say that, to some extent, YaST2 is showing its age. We are aware of it, and we have been working to tackle this problem. The successful rewrite of the storage layer, which brought many features, is an example we can feel proud of.

Now that the development of SLE 15 SP2 and openSUSE Leap 15.2 features is mostly done, we have started to look to AutoYaST. The purpose of this article is to present our initiative to modernize AutoYaST.

Read more

Linux Foundation Miscellany

Filed under
OSS
  • LF Networking Accelerates 5G, Cloud Native, and Edge Readiness with Expanded Projects and Growing Community Ecosystem

    LF Networking (LFN), which facilitates collaboration and operational excellence across open source networking projects, today announced continued successes with cross-industry, global collaboration. Progress includes the Linux Foundation induction of new project, XGVela, an open source telco Platform as a Service (PaaS) for 5G network functions and related applications; new LFN silver member everis; expanded mentorship and training opportunities; and a new verified product by the OPNFV Verification Program (OVP). Together, these efforts bring additional support for future automation and deployment of 5G, edge, and cloud native networking technologies.

  • Telcos Increase Focus on Cloud Native as LF Networking and Ecosystem Groups Solve Interoperability Challenges

    LF Networking (LFN), which facilitates collaboration and operational excellence across open source networking projects, today announced a turning point for the industry, with integrated initiatives focused on cloud native interoperability and deployment for telcos. Consolidated efforts among the Common NFVI Telco Taskforce (CNTT), LF Networking’s Compliance and Verification Committee (or OPNFV Verification Program, “OVP”), and the OPNFV project through CNTT’s cloud native “R2” workstreams, OVP’s cloud native “OVP 2.0,” and OPNFV’s renewed commitment to testing and integration alignment with end users indicate a deep commitment to address challenges faced in cloud native adoption.

    “NFV continues to evolve as telcos increasingly adopt cloud native technologies,” said Heather Kirksey, vice president, Community & Ecosystem Development, the Linux Foundation. “Change, however, brings challenges, especially to areas like compliance, testing, automation, and integration. With input from telcos directly, collaborative efforts across CNTT, OVP, and OPNFV enable our ecosystem to benefit from cloud native adoption.”

  • Fact gathering: The first and most important task in software negotiations

    When negotiating a software development agreement, and if the developers for both parties assume that the software will include many pre-existing components, the process will be inefficient and becomes a significant waste of time.

  • LF Edge Expands Ecosystem with Open Horizon, adds Seven New Members and Reaches Critical Deployment Milestones

    LF Edge, an umbrella organization under The Linux Foundation that aims to establish an open, interoperable framework for edge computing independent of hardware, silicon, cloud, or operating system, today announced continued project momentum with the addition a new project and several technical milestones for EdgeX Foundry, Akraino Edge Stack and Fledge. Additionally, the project welcomes seven new members including CloudBrink, Federated Wireless, Industrial Technology Research Institute (ITRI), Kaloom, Ori Industries, Tensor Networks and VoerEir to its ecosystem.

  • LF Edge Expands Ecosystem with Open Horizon, adds Seven New Members and Reaches Critical Deployment Milestones
  • Open Horizon joins Linux Foundation to grow open edge computing platform

    The Open Horizon software project, the core technology that powers IBM’s edge computing offerings, has joined LF Edge. LF Edge is part of the Linux Foundation and hosts all of their open source projects related to edge computing.

    Edge computing brings computation and data storage closer to where data is created by people, places, and things. Open Horizon simplifies the job of getting the right applications and machine learning onto the right compute devices, and keeps those applications running and updated. With 50% of enterprise data expected to be processed at the edge by 2022, compared to only 10% today, Open Horizon will play a critical role in how data is processed in the era of edge computing

    By contributing this important project to the Linux Foundation, just as the sector is set to experience tremendous growth, IBM has underscored its commitment to trust, transparency, and collaboration on standards in the edge computing space.

    While IBM has been the only developer on the project thus far, open sourcing the core components of Open Horizon enables a broader, more diverse ecosystem to build out the technology into a robust, secure foundation that all solution providers can adopt as their foundation. As a founding member of the LF Edge community, IBM felt this was the most effective organization to form and grow an active community within.

  • Linux Foundation and Intel to train people who are displaced during COVID-19

    The Linux Foundation has announced that it's expanding its Mentorship Program with seed funding from Intel in response to COVID-19. The programme will grow to support interns who have been displaced as a result of the global pandemic and to give individuals an opportunity to reskill for future jobs.

More in Tux Machines

Security and FUD

  • Security updates for Thursday

    Security updates have been issued by Fedora (dovecot, dpdk, knot-resolver, and unbound), Mageia (ant, libexif, and php), SUSE (libmspack), and Ubuntu (php5, php7.0, php7.2, php7.3, php7.4 and unbound).

  • 5 Kernel Live Patching Tools That Will Help To Run Linux Servers Without Reboots

    Within IT organizations, there are processes and practices so routine that they are invisible. It doesn’t matter if such processes and practices are flawed, or if there exists a better way: if something has worked for a few years, people stop looking for alternatives. This perfectly describes current approaches to kernel patching. Right now, most organizations patch the servers by planning reboot cycles. Because rebooting the server fleet is a headache that causes downtime, people put it off for as long as they can. Which means patches aren’t applied as early as possible. This gap between patch issue and its application means risk, malpractice and may cause non-compliance. This standard approach to kernel patching exposes servers to malicious intent by threat actors on multiple attack vectors, putting IT organizations at risk of major security issues. Anyone tasked with keeping their organization safe from cyber attacks should be seeking a better way to run Linux servers without reboots (ideally, for years). In this article you will learn what is live patching, how it ensures the uptime, what 5 tools are available to help you run servers for years – without reboots and what are the advantages and drawbacks of each tool.

  • USB systems may have some serious security flaws - especially on Linux [Ed: ZDNet's FUD is going places; the tests were mostly done on Linux, so it's hardly shocking that the bugs found were in Linux. But it's presented as Linux being particularly bad.]

    Academics have developed a new tool that allowed them to discover 26 previously unidentified vulnerabilities in the USB driver stack used by many popular operating systems including Linux, macOS, Windows and FreeBSD.

  • New fuzzing tool picks up insecure USB driver code

    Matthias Payer at the federal polytechnic school in Lausanne, Switzerland, and Hui Peng at Purdue University, United States, said [pdf] that they leveraged open-source components such as QEMU processor emulator to design a tool that's low-cost and hardware independent, called USBFuzz.

  • New fuzzing tool for USB drivers uncovers bugs in Linux, macOS, Windows

    With a new fuzzing tool created specifically for testing the security of USB drivers, researchers have discovered more than two dozen vulnerabilities in a variety of operating systems. “USBFuzz discovered a total of 26 new bugs, including 16 memory bugs of high security impact in various Linux subsystems (USB core, USB sound, and network), one bug in FreeBSD, three in macOS (two resulting in an unplanned reboot and one freezing the system), and four in Windows 8 and Windows 10 (resulting in Blue Screens of Death), and one bug in the Linux USB host controller driver and another one in a USB camera driver,” Hui Peng and Mathias Payer explained.

  • NSA: Russian agents have been hacking major email program

    The U.S. National Security Agency says the same Russian military hacking group that interfered in the 2016 presidential election and unleashed a devastating malware attack the following year has been exploiting a major email server program since last August or earlier. The timing of the agency's advisory Thursday was unusual considering that the critical vulnerability in the Exim Mail Transfer Agent — which mostly runs on Unix-type operating systems — was identified 11 months ago, when a patch was issued. Exim is so widely used — though far less known than such commercial alternatives as Microsoft's proprietary Exchange — that some companies and government agencies that run it may still not have patched the vulnerability, said Jake Williams, president of Rendition Infosec and a former U.S. government hacker.

KDE: Akademy 2020 and GSoC 2020

  • Send your talks for Akademy 2020 *now*

    The Call for Participation is still open for two weeks more, but please make us a favour and send yours *now*. This way we don't have to panic thinking if we are going to need to go chasing people or not, or if we're going to have too few or too many proposals. Also if you ask the talks committee for review, we can review your talk early, give you feedback and improve it, so it's a win-win.

  • Status report: Community Bonding

    I’m checking in today to let you know what I did in my GSoC project these past weeks. This Community Bonding period was really wonderful; although I’ve been more or less involved with the project since 2016, I’ve acquainted myself with the efforts of each of the members, and so far it’s been a wonderful experience. During these past weeks, I’ve been preparing for the coding period by talking with Boudewijn and Wolthera about the particulars of Krita’s file format and build system. The objectives for the past two meetings were:

  • GSoC'20 with KDE

    About the Project The project involves improving KDE Web Infrastructure. KDE has a lot of websites and some of them like the main website could use an update. The first part of the project involves porting kde.org to use Hugo- A go based static site generator. kde.org is very old and thus contains a lot of pages. This project would involve porting most of the pages to markdown so as to make the website faster and easier to develop. The second part of the project involves updating Season of KDE website. The goal is to use more modern tooling and add some new features. This project is a part of the transition of KDE websites from LDAP to OAuth based authentication. OAuth is a much more modern approach to authentication and would solve some headaches with the current authentication system.

Screencasts/Audiocasts/Shows: Ubuntu MATE 20.04 LTS, BSD Now and More

  • Ubuntu MATE 20.04 LTS overview | For a retrospective future.

    In this video, I am going to show an overview of Ubuntu MATE 20.04 LTS and some of the applications pre-installed.

  • BSD Now 352: Introducing Randomness

    A brief introduction to randomness, logs grinding netatalk to a hault, NetBSD core team changes, Using qemu guest agent on OpenBSD kvm/qemu guests, WireGuard patchset for OpenBSD, FreeBSD 12.1 on a laptop, and more.

  • Bad Voltage 3×05: This Podcast Will Self Destruct

    Stuart Langridge, Jono Bacon, and Jeremy Garcia present Bad Voltage, in which we are rendered with one meelion triangles.

  • Bread and Butter Django - Building SaaS #58

    In this episode, I worked on a views and templates. There are a number of core pages that are required to flesh out the minimal interface for the app. We’re building them. I began by showing the page that we were going to work on. I outlined the changes I planned to make, then we started. The first thing we added was data about the school year, the main model on display in the page. I showed how to mock in the elements before adding real data.

Quarkus, a Kubernetes-native Java runtime, now fully supported by Red Hat

  • Quarkus, a Kubernetes-native Java runtime, now fully supported by Red Hat

    Java was introduced 25 years ago, and to this day, remains one of the most popular programming languages among developers. However, Java has developed a reputation for not being a good fit for cloud-native applications. Developers look for (and often choose) alternative frameworks such as Go and Node.js to support their cloud-native development requirements. Why learn another language when you can use your existing skills? Quarkus allows Java developers to leverage their expertise to develop cloud-native, event-driven, reactive, and serverless applications. Quarkus provides a cohesive Java platform that feels familiar but new at the same time. Not only does it leverage existing Java standards, but it also provides a number of features that optimize developer joy, including live coding, unified configuration, IDE plugins, and more.

  • Red Hat Tosses Its Weight Behind Quarkus

    Following recent announcements, Red Hat is now ready in fully supporting Quarkus to enhance its Kubernetes support. Quarkus is a Kubernetes-native Java stack to make the language more appealing in cloud-native use-cases. Quarkus optimizes the Java experience for containers and serverless environments.

  • Red Hat Delivers Quarkus As A Fully Supported Framework In Red Hat Runtimes

    By adding Quarkus as a supported runtime, Red Hat is helping to bring Java into the modern, cloud-native application development landscape and to approaches like microservices, containers and serverless, and enabling Java developers to continue working in the language they know and love.

  • Red Hat Runtimes adds Kubernetes-native Quarkus Java stack

    Red Hat’s Quarkus, a Kubernetes-native Java stack, is now supported on the Red Hat Runtimes platform for developing cloud-native applications. A build of Quarkus is now part of Red Hat Runtimes middleware and integrates with the Red Hat OpenShift Kubernetes container platform for managing cloud deployments, Red Hat said this week.