Language Selection

English French German Italian Portuguese Spanish

Programming Leftovers

Filed under
Development
  • Frankenstein JVM with flavour - jlink your own JVM with OpenJDK 11

    While you can find a lot of information regarding the Java "Project Jigsaw", I could not really find a good example on "assembling" your own JVM. So I took a few minutes to figure that out. My usecase here is that someone would like to use Instana (non free tracing solution) which requires the java.instrument and jdk.attach module to be available. From an operations perspektive we do not want to ship the whole JDK in our production Docker Images, so we've to ship a modified JVM. Currently we base our images on the builds provided by AdoptOpenJDK.net, so my examples are based on those builds. You can just download and untar them to any directory to follow along.

  • KDE Craft Packager on macOS

    In Craft, to create a package, we can use craft --package after the compiling and the installing of a library or an application with given blueprint name.

    On macOS, MacDMGPackager is the packager used by Craft. The MacDylibBundleris used in MacDMGPackager to handle the dependencies.

    In this article, I’ll give a brief introduction of the two classes and the improvement which I’ve done for my GSoC project.

  • It is coming alive

    After digging for around a month and a half, I can finally do some selections with the Magnetic Lasso tool, which I wrote with utter laziness as I would say. Though it still demands a lot of work to be done, so it will be just polishing the existing code into perfection for the next one and half month.

  • Humble Book Bundle: Programmable Boards by Make Community

    If you are interested in learning more about programmable boards, such as Arduino, and are looking for a crash course, you can pick up much on the topic by not just reading about the topic but also doing some hands-on learning. You can do just that, along with paying very little to do so when you buy the Humble Book Bundle: Programmable Boards by Make Community. You’ll pay as little as $1 for books that explain getting started with IoT, Arduino projects, mBot, and more. You’ll get instruction and hands-on training in several areas. Buy the bundle and receive only the books you really need to learn more about programmable boards.

  • Building a computer - part 1

    Off-hand I think the most complex projects I've built have been complex in terms of software. For example I recently hooked up a 933Mhz radio-receiver to an ESP8266 device, then had to reverse engineer the protocol of the device I wanted to listen for. I recorded a radio-burst using an SDR dongle on my laptop, broke the transmission into 1 and 0 manually, worked out the payload and then ported that code to the ESP8266 device.

    Anyway I've decided I should do something more complex, I should build "a computer". Going old-school I'm going to stick to what I know best the Z80 microprocessor. I started programming as a child with a ZX Spectrum which is built around a Z80.

    Initially I started with BASIC, later I moved on to assembly language mostly because I wanted to hack games for infinite lives. I suspect the reason I don't play video-games so often these days is because I'm just not very good without cheating Wink

    Anyway the Z80 is a reasonably simple processor, available in a 40PIN DIP format. There are the obvious connectors for power, ground, and a clock-source to make the thing tick. After that there are pins for the address-bus, and pins for the data-bus. Wiring up a standalone Z80 seems to be pretty trivial.

  • Python Machine Learning Tutorial: Predicting Airbnb Prices
  • DevOps for introverted people
  • PSF GSoC students blogs: Week 5
  • PSF GSoC students blogs: Week 6
  • PSF GSoC students blogs: Coding week #6
  • Week 6 Check-In
  • Week 5 Check-In

    At the start of this week, I revisited the box-into-capsule test and re-implemented a different algorithm. Instead of representing the capsule as two hemispheres and a cylinder, my mentor suggested to see it as a line segment defined the by its two endpoints. So, the algorithm finds the closest point on the box to the line segment, and then tests for intersections accordingly.

  • `make -j5 kritaflake`

    At the end of June I finished copy-on-write vector layers. From the very beginning, I have been researching into possibilities to make kritaflake implicitly sharable. In that post I mentioned the way Sean Parent uses for Photoshop, and adapted it for the derived d-pointers in Flake.

  • Working With Dictionaries In Python

    Dictionaries in pythons are a collection of key value pairs. They are very similar to JSON data type in JavaScript. Dictionaries are indexed, they can be modified and they are no ordered. This makes it very flexible and useful. Since dictionary items can be accessed with keys instead of indexes, dictionaries are widely used in external data-driven programs and apps.

  • What is a golden image?

    If you’re in quality assurance, system administration, or (believe it or not) media production, you might have heard some variation of the term gold master, golden image, or master image, and so on. It’s a term that has made its way into the collective consciousness of anyone involved in creating one perfect model and then producing many duplicates from that mold. That’s what a gold master, or golden image, is: The virtual mold from which you cast your distributable models.

    In media production, the theory is that a crew works toward the gold master. This final product is one of a kind. It looks and sounds the best a movie or an album (or whatever it is) can possibly look and sound. Copies of this master image are made, compressed, and sent out to the eager public.

    In software, a similar idea is associated with the term. Once software has been compiled and tested and re-tested, the perfect build is declared gold. No further changes are allowed, and all distributable copies are generated from this master image (this used to actually mean something, back when software was distributed on CDs or DVDs).

More in Tux Machines

Ubuntu/Debian: Comparison of Memory Usages, Ubuntu 18.10 (Cosmic Cuttlefish) End of Life and More

  • Comparison of Memory Usages of Ubuntu 19.04 and Flavors in 2019

    Continuing my previous Mem. Comparison 2018, here's my 2019 comparison with all editions of Ubuntu 19.04 "Disco Dingo". The operating system editions I use here are the eight: Ubuntu Desktop, Kubuntu, Lubuntu, Xubuntu, Ubuntu MATE, Ubuntu Studio, Ubuntu Kylin, and Ubuntu Budgie. I installed every one of them on my laptop and (immediately at first login) took screenshot of the System Monitor (or Task Manager) without doing anything else. I present here the screenshots along with each variant's list of processes at the time I took them. And, you can download the ODS file I used to create the chart below. Finally, I hope this comparison helps all of you and next time somebody can make better comparisons.

  • Ubuntu 18.10 (Cosmic Cuttlefish) End of Life reached on July 18 2019
    This is a follow-up to the End of Life warning sent earlier this month
    to confirm that as of today (July 18, 2019), Ubuntu 18.10 is no longer
    supported.  No more package updates will be accepted to 18.10, and
    it will be archived to old-releases.ubuntu.com in the coming weeks.
    
    
    
    
    The original End of Life warning follows, with upgrade instructions:
    
    
    
    
    Ubuntu announced its 18.10 (Cosmic Cuttlefish) release almost 9 months
    ago, on October 18, 2018.  As a non-LTS release, 18.10 has a 9-month
    support cycle and, as such, the support period is now nearing its
    end and Ubuntu 18.10 will reach end of life on Thursday, July 18th.
    
    
    
    
    At that time, Ubuntu Security Notices will no longer include
    information or updated packages for Ubuntu 18.10.
    
    
    
    
    The supported upgrade path from Ubuntu 18.10 is via Ubuntu 19.04.
    Instructions and caveats for the upgrade may be found at:
    
    
    
    
    https://help.ubuntu.com/community/DiscoUpgrades
    
    
    
    
    Ubuntu 19.04 continues to be actively supported with security updates
    and select high-impact bug fixes.  Announcements of security updates
    for Ubuntu releases are sent to the ubuntu-security-announce mailing
    list, information about which may be found at:
    
    
    
    
    https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
    
    
    
    
    Since its launch in October 2004 Ubuntu has become one of the most
    highly regarded Linux distributions with millions of users in homes,
    schools, businesses and governments around the world. Ubuntu is Open
    Source software, costs nothing to download, and users are free to
    customise or alter their software in order to meet their needs.
    
    
    
    
    On behalf of the Ubuntu Release Team,
    
    
    
    
    Adam Conrad
    
  • CMake leverages the Snapcraft Summit with Travis CI to build snaps

    CMake is an open-source, cross-platform family of tools designed to build, test and package software. It is used to control the software compilation process and generate native makefiles and workspaces that can be used in any compiler environment.  While some users of CMake want to stay up to date with the latest release, others want to be able to stay with a known version and choose when to move forward to newer releases, picking up just the minor bug fixes for the feature release they are tracking. Users may also occasionally need to roll back to an earlier feature release, such as when a bug or a change introduced in a newer CMake version exposes problems within their project. Craig Scott, one of the co-maintainers of CMake, sees snaps as an excellent solution to these needs. Snaps’ ability to support separate tracks for each feature release in addition to giving users the choice of following official releases, release candidates or bleeding edge builds are an ideal fit. When he received an invitation to the 2019 Snapcraft Summit, he was keen to work directly with those at the pointy end of developing and supporting the snap system. 

  • Ubuntu's Zsys Client/Daemon For ZFS On Linux Continues Maturing For Eoan

    Looking ahead to Ubuntu 19.10 as the cycle before Ubuntu 20.04 LTS, one of the areas exciting us with the work being done by Canonical is (besides the great upstream GNOME performance work) easily comes down to the work they are pursuing on better ZFS On Linux integration with even aiming to offer ZFS as a file-system option from their desktop installer. A big role in their ZoL play is also the new "Zsys" component they have been developing. 

  • Raphaël Hertzog: Freexian’s report about Debian Long Term Support, June 2019

    Like each month, here comes a report about the work of paid contributors to Debian LTS.

European Events: Apache and GStreamer

  • ApacheCon Europe 2019 Schedule Revealed by The Apache Software Foundation

    If you’ve been following Apache Software Foundation (ASF) announcements for ApacheCon 2019, you must be aware of the conference in Las Vegas (ApacheCon North America) from September 9 to September 12. And, recently, they announced their plans for ApacheCon Europe 2019 to be held on 22-24 October 2019 at the iconic Kulturbrauerei in Berlin, Germany. It is going to be one of the major events by ASF this year. In this article, we shall take a look at the details revealed as of yet.

  • GStreamer in Oslo

    Aaron discussed various ways to record RTSP streams when used with playbin and brought up some of his pending merge requests around the closed captioning renderer and Active Format Description (AFD) support, with a discussion about redoing the renderer properly, and in Rust. George discussed a major re-work of the gst-omx bufferpool code that he has been doing and then moved his focus on Qt/Android support. He mostly focused on the missing bits, discussing builds and infrastructure issues with Nirbheek and myself, and going through his old patches.

Latest Openwashing: Amazon, RedMonk/Microsoft/GitHub, Linux Foundation Energy, B2B on Red Hat/IBM Site

Security, DRM and Privacy

  • Security updates for Thursday

    Security updates have been issued by Arch Linux (chromium, firefox, and squid), CentOS (thunderbird and vim), Debian (libonig), SUSE (firefox, glibc, kernel, libxslt, and tomcat), and Ubuntu (libreoffice and thunderbird).

  • EvilGnomes Linux malware record activities & spy on users [Ed: This is something the user actually installs, harming his/her machine. Original post here.]]

    Dubbed EvilGnomes by researchers; the malware was found masquerading as a Gnome shell extension targeting Linux’s desktop users.

  • Mike Driscoll: New Malicious Python Libraries Found Targeting Linux

    They were written by a user named ruri12. These packages were removed by the PyPI team on July 9, 2019. However they were available since November 2017 and had been downloaded fairly regularly. See the original article for more details. As always, when using a package that you aren’t familiar with, be sure to do your own thorough vetting to be sure you are not installing malware accidentally.

  • Latest Huawei 'Smoking Gun' Still Doesn't Prove Global Blackball Effort's Primary Justification

    We've noted a few times now how the protectionist assault against Huawei hasn't been supported by much in the way of public evidence. As in, despite widespread allegations that Huawei helps China spy on Americans wholesale, nobody has actually been able to provide any hard public evidence proving that claim. That's a bit of a problem when you're talking about a global blackballing effort. Especially when previous investigations as long as 18 months couldn't find evidence of said spying, and many US companies have a history of ginning up security fears simply because they don't want to compete with cheaper Chinese kit. That said, a new report (you can find the full thing here) dug through the CVs of many Huawei executives and employees, and found that a small number of "key mid-level technical personnel employed by Huawei have strong backgrounds in work closely associated with intelligence gathering and military activities."

  • No love lost between security specialists and developers

    Unless you've been under a rock, you've noticed hardly a day goes by without another serious security foul-up. While there's plenty of blame to go around for these endless security problems, some of it goes to developers who write bad code. That makes sense. But when GitLab, a DevOps company, surveyed over 4,000 developers and operators, they found 68% of the security professionals surveyed believe it's a programmer's job to write secure code, but they also think less than half of developers can spot security holes.

  • GitLab Survey Surfaces Major DevSecOps Challenges Ahead

    A report based on a survey of 4,071 software professionals published this week by GitLab, a provider of a continuous integration and continuous deployment (CI/CD) platform, found that while appreciation of the potential value of DevSecOps best practices is high, the ability to implement those practices is uneven at best.

  • GitLab Survey Reveals Disconnect Between Developer And Security Teams

    In a survey conducted by GitLab, software professionals recognize the need for security to be baked into the development lifecycle, but the survey showed long-standing friction between security and development teams remain. While 69% of developers say they’re expected to write secure code, nearly half of security pros surveyed (49%) said they struggle to get developers to make remediation of vulnerabilities a priority. And 68% of security professionals feel fewer than half of developers are able to spot security vulnerabilities later in the lifecycle.

  • Cook: security things in Linux v5.2

    Over on his blog, Kees Cook runs through the security changes that came in Linux 5.2.

  • Doctorow's novella "Unauthorized Bread" explains why we have to fight DRM today to avoid a grim future

    Salima has a problem: her Boulangism toaster is locked down with software that ensures that it will only toast bread sold to her by the Boulangism company… and as Boulangism has gone out of business, there's no way to buy authorized bread. Thus, Salima can no longer have toast. This sneakily familiar scenario sends our resourceful heroine down a rabbit hole into the world of hacking appliances, but it also puts her in danger of losing her home -- and prosecution under the draconian terms of the Digital Millennium Copyright Act (DMCA). Her story, told in the novella “Unauthorized Bread,” which opens Cory Doctorow’s recent book Radicalized, guides readers through a process of discovering what Digital Restrictions Management (DRM) is, and how the future can look mightily grim if we don’t join forces to stop DRM now. “Unauthorized Bread” takes place in the near future, maybe five or ten years at most, and the steady creep of technology that takes away more than it gives has simply advanced a few degrees. Salima and her friends and neighbors are refugees, and they live precariously in low-income housing equipped with high-tech, networked appliances. These gizmos and gadgets may seem nifty on the surface, but immediately begin to exact an unacceptable price, since they require residents to purchase the expensive approved bread for the toaster, the expensive approved dishes for the dishwasher, and so on. And just as Microsoft can whisk away ebooks that people “own” by closing down its ebook service, the vagaries of the business world cause Boulangism to whisk away Salima’s ability to use her own toaster.

  • New Linux Malware Called EvilGnome Discovered; First Preview of Fedora CoreOS Now Available; Germany Bans Schools from Using Microsoft, Google and Apple; VirtualBox 6.0.10 Released; and Sparky 5.8 Has New Live/Install Media for Download

    Germany has banned its schools from using cloud-based productivity suites from Microsoft, Google, and Apple, because the companies weren't meeting the country's privacy requirements. Naked Security reports, that the statement from the Hessische Beauftragte für Datenschutz und Informationsfreiheit (Hesse Commissioner for Data Protection and Freedom of Information, or HBDI) said, "The digital sovereignty of state data processing must be guaranteed. With the use of the Windows 10 operating system, a wealth of telemetry data is transmitted to Microsoft, whose content has not been finally clarified despite repeated inquiries to Microsoft. Such data is also transmitted when using Office 365." The HBDI also stressed that "What is true for Microsoft is also true for the Google and Apple cloud solutions. The cloud solutions of these providers have so far not been transparent and comprehensible set out. Therefore, it is also true that for schools, privacy-compliant use is currently not possible."

  • Microsoft, Google and Apple clouds banned in Germany’s schools

    Germany just banned its schools from using cloud-based productivity suites from Microsoft, Google, and Apple. The tech giants aren’t satisfying its privacy requirements with their cloud offerings, it warned. The Hessische Beauftragte für Datenschutz und Informationsfreiheit (Hesse Commissioner for Data Protection and Freedom of Information, or HBDI) made the statement following a review of Microsoft Office 365’s suitability for schools.

  • Microsoft, Google and Apple clouds banned in Germanys schools

    Did you know that Germany just banned its schools from using cloud-based productivity suites from Microsoft, Google, and Apple? The tech giants aren’t satisfying its privacy requirements with their cloud offerings, it warned. What are your thoughts? The Hessische Beauftragte für Datenschutz und Informationsfreiheit (Hesse Commissioner for Data Protection and Freedom of Information, or HBDI) made the statement following a review of Microsoft Office 365’s suitability for schools.