Language Selection

English French German Italian Portuguese Spanish

Programming: Rust 1.30.1, Solid, Schools and GSoC

Filed under
Development
  • Announcing Rust 1.30.1

    The Rust team is happy to announce a new version of Rust, 1.30.1. Rust is a systems programming language focused on safety, speed, and concurrency.

  • What is developer efficiency and velocity?

    As I previously mentioned I am currently in the information gathering phase for improvements to desktop Firefox developer efficiency and velocity. While many view developer efficiency and velocity as the same thing–and indeed they are often correlated–it is useful to discuss how they are different.

    I like to think of developer velocity as the rate at which a unit of work is completed. Developer efficiency is the amount of effort required to complete a unit of work.

    If one were to think of the total development output as revenue, improvements to velocity would improve the top-line and improvements to efficiency would improve the bottom-line.

  • Solid: a new way to handle data on the web

    The development of the web was a huge "sea change" in the history of the internet. The web is what brought the masses to this huge worldwide network—for good or ill. It is unlikely that Tim Berners-Lee foresaw all of that when he came up with HTTP and HTML as part of his work at CERN, but he has been in a prime spot to watch the web unfold since 1989. His latest project, Solid, is meant to allow users to claim authority over the personal data that they provide to various internet giants.

    Berners-Lee announced Solid in a post on Medium in late September. In it, he noted that despite "all the good we've achieved, the web has evolved into an engine of inequity and division; swayed by powerful forces who use it for their own agendas". Part of what he is decrying is enabled by the position of power held by companies that essentially use the data they gather in ways that run directly counter to the interests of those they gather it from. "Solid is how we evolve the web in order to restore balance — by giving every one of us complete control over data, personal or not, in a revolutionary way."

    Users' data will be stored in a Solid "pod" (sometimes "personal online data store" or POD) that can reside anywhere on the internet. Since Solid deliberately sets out to build on the existing web, it should not be a surprise that URLs, along with Uniform Resource Identifiers (URIs), are used to identify pods and specific objects within them. Pods also provide one place for businesses, including Inrupt, which was co-founded by Berners-Lee, to provide services for Solid. As he noted in his post, people are willing to pay companies like Dropbox for storage; hosting Solid pods would be a similar opportunity for Inrupt and others.

  • Should a programming course be mandatory for high school students?

    But further, understanding at least the basics of programming is important to being able to fully reap the benefits of open source. Having the code available to review, edit, and share under an open license is important, but can you really make use of the full power of an open license if you're locked in by your own inability to make the changes you wish to make?

  • A Summer Of Code Question

    This is a lightly edited response to a question we got on IRC about how to best apply to participate in Google’s “Summer Of Code” program. this isn’t company policy, but I’ve been the one turning the crank on our GSOC application process for the last while, so maybe it counts as helpful guidance.

    We’re going to apply as an organization to participate in GSOC 2019, but that process hasn’t started yet. This year it kicked off in the first week of January, and I expect about the same in 2019.

    You’re welcome to apply to multiple positions, but I strongly recommend that each application be a focused effort; if you send the same generic application to all of them it’s likely they’ll all be disregarded. I recognize that this seems unfair, but we get a tidal wave of redundant applications for any position we open, so we have to filter them aggressively.

    Successful GSOC applicants generally come in two varieties – people who put forward a strong application to work on projects that we’ve proposed, and people that have put together their own GSOC proposal in collaboration with one or more of our engineers.

More in Tux Machines

Librem One Design Principles: Services You Can Trust

Our hardware and software puts users back in control of computing–but, you may be wondering, can we do the same with our services? With Librem One, the answer is yes. We have big, no, huge dreams about what we can achieve with your support and the wealth of free software that already exists. But we need to keep our feet firmly on the ground. In this post we will outline the touchstones we have used to do just that–engineer trustworthy services that everyone can use–with a design process called user-centered software engineering. We hope it will facilitate communication with friends and colleagues as we hack towards a common goal… and also show all non-technical readers that human beings are at the center of our bits and bytes. So, how did we do it? Read more Also: joining social media at DebConf19

Programming Leftovers: Python, Go, LLVM and More

  • Python List Sorting with sorted() and sort()

    In this article, we'll examine multiple ways to sort lists in Python. Python ships with two built-in methods for sorting lists and other iterable objects. The method chosen for a particular use-case often depends on whether we want to sort a list in-place or return a new version of the sorted list.

  • ExpressPython: Lightweight, portable Python editor for small scripts

    There are many IDEs for Python, and it’s time for one more. ExpressPython is a lightweight, small code editor for Python 3. Originally built to help teach students how to code, it can be used in programming competitions, or just when you need a fast, small, clean code editor. There are a wide variety of Python IDEs and code editors available for programmers. Between PyCharm, VS Code, IDLE, Spyder, just to name a few, programmers have many to choose from depending on their needs and preferences. Add one more editor to the fray. ExpressPython is a small, lightweight Python 3 editor that can help with learning and competitive programming, such as coding challenges. Its creator started work on it in 2014 in order to fulfill a few needs, such as the ability to work offline. It is not made with the intent of becoming a fully-featured IDE, and does not include debugging features. However, it does have a few noteworthy features, so let’s take a look.

  • Google's Go team decides not to give it a try

    The Go language will not be adding a "try" keyword in the next major version, despite this being a major part of what was proposed for version 1.14. Go, an open source language developed by Google, features static typing and native code compilation. It is around the 15th most popular language according to the Redmonk rankings. Error handling in Go is currently based on using if statements to compare a returned error value to nil. If it is nil, no error occurred. This requires developers to write a lot of if statements. "In general Go programs have too much code-checking errors and not enough code handling them," wrote Google principal engineer Russ Cox in an overview of the error-handling problem in Go.

  • LLVM 9.0 Feature Work Is Over While LLVM 10.0 Enters Development

    Feature work is over on LLVM 9.0 as the next release for this widely-used compiler stack ranging from the AMDGPU shader compiler back-end to the many CPU targets and other innovative use-cases for this open-source compiler infrastructure. Ongoing LLVM release manager Hans Wennborg branched the LLVM 9.0 code-base this morning while in turn opening LLVM 10.0 development on trunk/master. This also marks the 9.0 branching for all LLVM sub-projects.

  • Mu at EuroPython

    Mu made a number of appearances at last week’s wonderful EuroPython 2019 conference in Basel, Switzerland.

  • PyCharm 2019.2 Release Candidate

    PyCharm 2019.2 is almost ready to be released, and we’re happy to announce that a release candidate is available for download now.

Security: EvilGnome Scaremongering, Intel Defects, New Patches and the "Desktop Security Nightmare"

  • EvilGnome Is A Linux Spyware That Records Audio And Steals Your Files [Ed: FOSSBytes has moved on from pushing non-FOSS misinformation to actually doing anti-FOSS FUD. Painting malware one needs to actually install as a real threat.]
  • CPU vulnerability mitigations keeping Linux devs busy: SUSE's Pavlík [Ed: Intel defects now waste software developers' time. They should just replace/recall those billions of defective chips]

    A veteran Linux kernel developer at Germany-based SUSE says the one thing that keeps him and his team busy these days is CPU vulnerability mitigations...

  • Security updates for Friday

    Security updates have been issued by Debian (bzip2), Fedora (freetds, kernel, kernel-headers, and knot-resolver), openSUSE (bubblewrap, fence-agents, kernel, libqb, libu2f-host, pam_u2f, and tomcat), Oracle (vim), SUSE (kernel, LibreOffice, libxml2, and tomcat), and Ubuntu (libmspack and squid, squid3).

  • The Desktop Security Nightmare

    Many of us have extremely sensitive data on our systems. Emails to family, medical or bank records, Bitcoin wallets, browsing history, the list goes on. Although we have isolation between our user account and root, we have no isolation between applications that run as our user account. We still, in effect, have to be careful about what attachments we open in email. Only now it’s worse. You might “npm install hello-world”, and audit hello-world itself, but get some totally malicious code as well. How many times do we see instructions to gem install this, pip install that, go get the other, and even curl | sh? Nowadays our risky click isn’t an email attachment. It’s hosted on Github with a README.md. Not only that, but my /usr/bin has over 4000 binaries. Have every one been carefully audited? Certainly not, and this is from a distro with some of the highest quality control around. What about the PPAs that people add? The debs or rpms that are installed from the Internet? Are you sure that the postinst scripts — which run as root — aren’t doing anything malicious when you install Oracle Virtualbox? [...] One thing a person could do would be to keep the sensitive data on a separate, ideally encrypted, filesystem. (Maybe even a fuse one such as gocryptfs.) Then, at least, it could be unavailable for most of the time the system is on. Of course, the downside here is that it’s still going to be available to everything when it is mounted, and there’s the hassle of mounting, remembering to unmount, password typing, etc. Not exactly transparent. I wondered if mount namespaces might be an answer here. A filesystem could be mounted but left pretty much unavailable to processes unless a proper mount namespace is joined. Indeed that might be a solution. It is somewhat complicated, though, since nsenter requires root to work. Enter sudo, and dropping privileges back to a particular user — a not particularly ideal situation, and complex as well. Still, it might well have some promise for some of these things.

Audiocasts/Shows: Ubuntu Podcast, Python Podcasts, User Error

  • Ubuntu Podcast: S12E15 – Diablo

    This week we’ve been buying a new phone and playing with QEMU. We discuss the release fo Debian 10, Ubuntu users saying “Thank you”, Nvidia drivers, WSL and Ubuntu MATE for the GPD MicroPC. We also round up some events and tech news. It’s Season 12 Episode 15 of the Ubuntu Podcast! Mark Johnson, Martin Wimpress and Stuart Langridge are connected and speaking to your brain.

  • Episode #139: f"Yes!" for the f-strings
  • Episode #221: Empowering developers by embedding Python

    How do we get kids excited about programming? Make programming tangible with embedded devices. Did you know that after kids learned to code with the BBC micro:bit, 90% of kids "thought coding was for everyone" and 86% said it made CS topics more interesting?

  • Old and Insecure | User Error 70

    Whether Linux is inherently secure, the next phase of online interaction, and wasting our free time. Plus where to focus your contributions, and a tricky hypothetical question.