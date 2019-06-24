Software: Opera 62, GNU Projects and Nextcloud Text
Opera web browser 62 was released today with improved dark mode, design updates. Here’s how to install it in Ubuntu.
With the newest release of Opera 62, we have some interesting design updates on top of the changes we introduced in Reborn 3. We’d also like to show you a feature that will help you plan your holidays more easily.
Opera Software announced today the release Opera 62 web browser for all supported platforms, including GNU/Linux, macOS, and Microsoft Windows, a release that adds various design updates and some new features.
Opera 62 is now available as the latest and most advanced version of the Chromium-based, cross-platform web browser that runs on desktops and mobile devices. This release introduces a new tool called Task Completer, which helps you easily plan your next vacation by allowing you to revisit the hotels you searched for on booking.com locally on the Opera Speed Dial. The Task Completer features is experimental and will be improved in future releases.
"We wanted to experiment with Task Completer in a context where retrieving previous search results is most important, such as travel. When we look for flights and book hotels we don’t always make instant decisions. Oftentimes, we want to go back to a specific hotel and show it to friends or loved ones traveling with us before we book," said Opera's Joanna Czajka.
I've been hacking away at Spritely (see previously). Recently I've been making progress on both the actor model (goblins and its rewrite goblinoid) as well as the storage layers (currently called Magenc and Crystal, but we are talking about probably renaming the both of them into a suite called "datashards"... yeah, everything is moving and changing fast right now.)
In the #spritely channel on freenode a friend asked, what is the big picture idea here? Both the actor model layer and the storage layer describe themselves as using "capabilities" (or more precisely "object capabilities" or "ocaps") but they seem to be implemented differently. How does it all tie together?
A great question! I think the first point of confusion is that while both follow the ocap paradigm (which is to say, reference/possession-based authority... possessing the capability gives you access, and it does not matter what your identity is for the most part for access control), they are implemented very differently because they are solving different problems. The storage system is based on encrypted, persistent data, with its ideas drawn from Tahoe-LAFS and Freenet, and the way that capabilities work is based on possession of cryptographic keys (which are themselves embedded/referenced in the URIs). The actor model, on the other hand, is based on holding onto a reference to a unique, unguessable URL (well, that's a bit of an intentional oversimplification for the sake of this explaination but we'll run with it) where the actor at that URL is "live" and communicated with via message passing. (Most of the ideas from this come from E and Waterken.) Actors are connected to each other over secure channels to prevent eavesdropping or leakage of the capabilities.
apl-1.8
artanis-0.3.2
dr-geo-19.06a
gawk-5.0.1
gengetopt-2.23
gnunet-0.11.5
guile-2.2.5
icecat-60.7.0-gnu1
libmicrohttpd-0.9.64
libredwg-0.8
mailutils-3.7
mit-scheme-10.1.9
nano-4.3
nettle-3.5
parallel-20190622
unifont-12.1.02
units-2.19
Distros and embedded users should start using bzip2-1.0.7 immediately. The patches they already have for the bzip2's traditional build system should still apply. The release includes bug fixes and security fixes that have accumulated over the years, including the new CVE-2019-12900.
Once 1.1.0 is released, distributions should be able to remove their patches to the build system and just start using Meson or CMake. You may want to monitor the 1.1.0 milestone — help is appreciated fixing the issues there so we can make the first release with the new build systems!
We are happy to announce the release of bzip2 1.0.7.
This is an emergency release because the old bzip2 website is gone and there were outstanding security issues. The original bzip2 home, downloads and documentation can now be found at: https://sourceware.org/bzip2/
Nextcloud announces a new collaborative rich text editor called Nextcloud Text. Nextcloud Text is described as not "a replacement to a full office suite, but rather a distraction-free, focused way of writing rich-text documents alone or together with others." See the Nextcloud blog post for more details.
Security: Updates, Purism’s Librem Key, Silex 'Malware' (Brute-Forcing Bad/Unchanged Passwords), Arch Linux Reproducible Builds
We would never use the words “Made in USA” lightly. We had to meet very strict requirements before being allowed to use that label. It’s well-known that other firms have been fined for mislabeling their Made in China products as Made in USA, for instance because “screwdriver assembly” only (getting electronics made elsewhere and doing final case-assembly in the USA) is not enough to qualify for “Made in USA”. A company can source specific, individual electronics components from around the world (we source chips like the OpenPGP smart card from a European supplier, for example) but must actually make–as in fabricate–the product here, in the US, to be able to label it as “Made in USA.”
Purism, the social purpose corporation which designs and produces popular hardware and software that protects users’ digital lives, today announced its Librem Key product will be the first device of its category to be made in the USA.
Librem Key, the first and only OpenPGP smart card closely integrated with the Heads-firmware offering a tamper-evident boot process, launched in September 2018. Initially manufactured in-part by partner Nitrokey, Purism is now manufacturing Librem Keys entirely from Purism’s Carlsbad, California headquarters – the same U.S. facility used to manufacture its Librem 5 smartphone devkits in 2018. Version 2 also stores up to 4096-bit RSA keys and up to 512-bit ECC keys and securely generates keys directly on the device.
Supply chain security is a rising concern due to the lack of control hardware companies have over manufacturing links. Threats include security hacks, malware concerns, cyber-espionage, and even copyright theft. Purism sees protection of its supply chain as an existentially important issue, and has invested in supply chain improvements including the launch of Librem Key V2.
A new piece of malware that is using default credentials to log into IoT devices and then erase their file systems and shut them down is on the move, but it may not end up having the reach that it’s alleged creator intended.
As Arch Linux we are working on reproducible builds for a while and have a continuous test framework rebuilding package updated in our repositories. This test does an asp checkout of a package and builds it twice in a schroot, we do not try to reproduce actual repository packages yet. In the end this is however what we want to achieve, giving users the ability to verify a repository package by rebuilding it on their own hardware.
The update to mariadb 10.4.6-1 and later changes configuration layout as recommended by upstream.
Microsoft Entryism and Openwashing
2001: Linux is cancer, says Microsoft. 2019: Hey friends, ah, can we join the official linux-distros mailing list, plz? [Ed: Just more infiltration, entryism. They try to sell Windows and Azure. See comments on this article, e.g.: "You're assuming #Microsoft has good intentions. Instead, they've decided it's easier to suck the marrow from the bones if they can sneak inside the host under a flag of truce, like many other common parasites."]
Sasha Levin, who describes himself as a "Linux kernel hacker" at the beast of Redmond, made the application for his employer to join the list, which if approved would allow Microsoft to tap into private behind-the-scenes chatter about vulnerabilities, patches, and ongoing security issues with the open-source kernel and related code. These discussions are crucial for getting an early heads up, and coordinating the handling and deployment of fixes before they are made public.
The change is certainly overdue. The most recent attempt to update from the original version was in 2006 with the launch of Powershell. Since then, Microsoft has attempted to patch up both, with CMD getting copy/paste support a couple of years ago (about 20 years late, in our humble opinion) and an aborted attempt to make Powershell the default for Windows 10, which nobody asked for and few wanted.
“MongoDB was built by MongoDB. There was no prior art. We didn’t open source it for help; we open sourced it as a freemium strategy”
Programming Leftovers (Mostly Python)
Unfortunately, because of poor website design decisions, a lot of content on the web (such as PDFs) is not accessible to people with hearing, sight, mobility, neurological, and other disabilities, and as the population rapidly ages, accessibility-related problems will increase.
Fortunately, many businesses, governments, and other organizations are taking strides to remedy inaccessible websites. There are two paths to achieving accessibility: fixing existing websites and doing the right things when sites are created. Fixing a website that has been in use for many years—with hundreds of pages, posts, images, and PDFs—can be a daunting task. Every element must be scrutinized for problems, and sometimes the fix is not obvious nor easy to accomplish.
There are many tools available to check and fix website accessibility issues, including OpenAssessIt Toolkit, a new open source tool developed by Joel Crawford-Smith, a self-described "relentless web accessibility fanatic" and "cat aficionado."
OpenAssessIt converts Chrome Lighthouse files into visual, human-readable web accessibility assessments. Lighthouse audits websites for accessibility issues and reports its findings as text that can be viewed in the browser or exported as a JSON file with valuable hidden data.
OpenAssessIt consumes Lighthouse's data-rich JSON files and outputs them in Markdown, which is easy for people to read and edit. It also takes screenshots of each failing element and provides suggestions on how to fix each issue. Automated tools help detect accessibility issues, but a human must evaluate the validity and seriousness of each problem. "Seeing the issues visually [is] a good tool for training and development," Joel says.
Despite the very sunny weather in Europe tempting us to go outside, we’ve succeeded in getting a build out for you this week. We’d appreciate it if you were to download it from our website.
Today I have just installed a new Python IDE on my computer, it really looks simple but there are a lot of goodies. First of all, if you have not yet installed Thonny, you can download it from this link.
As you can see from above, this IDE is super easy to use, you write the code on the editor, then after you have run the program, you can view the value and the address of the variable as well as a function under the heap panel. You can also step through each line of code of the program while debugging your program. If this is your first time learning Python then this IDE will get you started.
In the first blog in this series, I showed how we solved the original problem of how to use mmap() to load a large set of data into RAM all at once, in response to a request for help from a bioinformatics group dealing with massive data sets on a regular basis. The catch in our solution, however, was that the process still took too long. In this blog, I describe how we solve this, starting with Step 3 of the Process I introduced in Blog 1:
Python application distribution is generally considered an unsolved problem. At their PyCon 2019 keynote talk, Russel Keith-Magee identified code distribution as a potential black swan - an existential threat for longevity - for Python. In their words, Python hasn't ever had a consistent story for how I give my code to someone else, especially if that someone else isn't a developer and just wants to use my application. I completely agree. And I want to add my opinion that unless your target user is a Python developer, they shouldn't need to know anything about Python packaging, Python itself, or even the existence of Python in order to use your application. (And you can replace Python in the previous sentence with any programming language or software technology: most end-users don't care about the technical implementation, they just want to get stuff done.)
Today, I'm excited to announce the first release of PyOxidizer (project, documentation), an open source utility that aims to solve the Python application distribution problem! (The installation instructions are in the docs.)
Szorc says that an average computer user will be able to run the application without having to download the correct software libraries. This is because PyOxidizer produces binaries that embed Python. Hence users don’t need to install or know the language.
Are you interested in using a neural network to generate text? TensorFlow and Keras can be used for some amazing applications of natural language processing techniques, including the generation of text.
In this tutorial, we'll cover the theory behind text generation using a Recurrent Neural Networks, specifically a Long Short-Term Memory Network, implement this network in Python, and use it to generate some text.
