Learning to program software can be an exceedingly difficult task, but one that has great rewards if you are successful. If you’ve never heard of Python before, it’s a versatile programming language that is known for being relatively easy to learn. Numerous websites and tools are available online that aim to make learning Python programming easier, but Udemy’s Python for Beginners: Complete Python Programming course ($11.99) doesn’t live up to its promise.

While there is another nineteen years to go until the Year 2038 problem manifests, the GNU C Library "glibc" is one of the key software components still needing some fixes for this issue where this problem where storing the Unix time as a 32-bit signed integer will wrap around and become a negative number. Wolfgang Denk of German software engineering firm DENX put out a "desperate call for help" that even with their resources/money for trying to fix up Y2038 Glibc issues, the review/upstreaming process is taking too long for some of their customers. In particular, even few lines of code patches aren't being accepted upstream at least in any timely manner.

We are very happy to announce that after years of reverse engineering devices, hacking, testing and pushing, we are releasing OpenHMD version 0.3.0 (codename ‘Djungelvral’).We are very happy to announce that after years of reverse engineering devices, hacking, testing and pushing, we are releasing OpenHMD version 0.3.0 (codename ‘Djungelvral’). We want to thank each and every one of the 125-150 people who have contributed over the last 3.5 years. Helping out with reverse engineering, writing drivers, testing, donating/lending hardware, building applications and games, showing up at (or hosting) Hack-athons.. we are incredibly lucky to have your support. Thank you! The list of features bringing us from v0.2.0 to v0.3.0 is insane and that is despite not all the features and experimental drivers making the cut for this release. Since we have a really long list of changes, lets look at a couple of highlights in this release!

The Apache® Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today the event program for the European edition of ApacheCon™, the ASF's official global conference series. ApacheCon Europe will take place 22-24 October 2019 at the Kulturbrauerei in Berlin, Germany.

Honeypot, a tech-focused job platform based in Europe, has produced a documentary that offers a fascinating look at the origins of GraphQL. The 28-minute video explores how quickly the project began to have an impact on the wider tech industry after Facebook publicly released it as an open source project. GraphQL co-founder Nick Schrock, who was interviewed along with fellow co-creators Lee Byron and Dan Schafer, said the documentary “captured both the urgency and joy of the early months of the GraphQL.” It was filmed over two months in San Francisco and Berlin, where Honeypot runs the GraphQL Conf in cooperation with Prisma.

Back in April I wrote about Coreboot seeing AMD Picasso APU enablement work as the first Zen/Ryzen processor target being handled by this open-source BIOS alternative. It now looks like that Picasso support is all squared away and ready for use by future AMD-powered Google Chromebooks.

This week’s SD Times Open Source Project of the Week — OpenStack’s Qinling — allows users to run code without provisioning or managing servers and only pay for the compute time they consume. The release is still under development and the current supported release is Stein. According to the makers of Qinling, the project was created to provide “Functions-as-a-Service” for serverless functions such as AWS Lambda. Through plugins, Qinling supports container orchestration platforms such as Kubernetes and Swarm as well as function package storage backends.

ThoughtWorks, a global software consultancy, today announced the availability of Taiko 1.0, an open source browser automation tool which is available to download for free. Taiko is sponsored by the same ThoughtWorks team that created the free and open source test automation framework Gauge.

One unusual text editor which I came across a while ago, was Zim. This isn't your average text editor. If you have used hierarchical text editors like AllMyNotes Organizer or Tree Notes (commercial), it is sort of similar. Zim can be used to create pages, and link to those pages, kind of like a wiki functions, hence the tagline, A Desktop Wiki. The application which is written in Python, is available for Windows and Linux. Both versions are identical in usage and features, though the PC version is a few builds behind. [...] Tip: You can use Zim as a text-editor and use it to edit TXT files using the import option. The export options can be used to save the documents to other formats like HTML, MHTML, Latex, Markdown and RST. The toolbar has a few navigation options, some formatting styles, and the attach files option. Opening the Calendar option creates a Journal notebook which has automatically categorized sub-pages for the selected year, month and date. The format menu has a lot more options including headings, list styles (numbered, bulleted, checkbox list), scripts, etc. This means can use the program for anything, like keeping a journal, maintaining a record of your expenses, a collection of notes, use it for note-taking in class or meetings, to-do lists, etc. It's up to you. Tip: Though the toolbar says Strong, Emphasis, etc., the program supports universal keyboard shortcuts for Bold, Italics, Underline etc.

Many open-source applications are also freely distributed. This is referred to as free and open-source software, or FOSS. Often, vendors only ask for donations to help keep them afloat, along with costs for additional plugins, support and services. These brands provide a solution they believe in without attaching a price tag or subscription plan to the product. The most successful releases usually generate a profit from a passionate community of users. But the prevalence of zero-cost software goes hand in hand with the transparency of open-source code. Not only do these features increase a vendor’s chances of reaching a wider audience, but they also offer opportunities to inspire innovation. It is all about paying it forward. There are twists and turns in the timeline of open-source technology, and there is still a substantial place in B2B for proprietary code. But the spread of free, open-source software is a defining story of the 2000s, leading to the rise of many products and careers. Popular products like Blender and MySQL remain free and open source even with millions of downloads. These success stories helped to fortify the movement and rewrite the rules of software development and usership.

TriggerMesh, a multi-cloud serverless management platform company, and Vshn, a DevOps consultancy, have announced the availability of the TriggerMesh Operator for Red Hat OpenShift 4. OpenShift 4 was recently announced by Red Hat to bring additional automation to Kubernetes applications. The TriggerMesh Operator allows OpenShift users to install the TriggerMesh management platform and integrate serverless workloads with other clouds and legacy infrastructure. In addition, TriggerMesh enables serverless function CI/CD as well as access to multi-cloud event sources from AWS and Google Cloud.

At Red Hat, our vision of an open hybrid cloud is simple. We believe they should be truly open platforms across any application, environment, and cloud, with portability and operational consistency. This reaches from public and private clouds, to bare metal and virtual environments in traditional datacenters, the extended datacenter (edge), and end-user devices. Delivering application portability for development and operations across a diverse set of environments, without vendor lock-in, requires ubiquitous open source technologies as well as commercial offerings based on these technologies. Open source technologies can provide layers of abstraction and offer an ecosystem worth investing in for customers and vendors alike. These technologies deliver a pathway to commercial offerings as stand-alone products or as solutions that help solve customer needs. Standardising with open source. Standardising on products that use open source technologies can help protect customers by offering an exit strategy. Linux, Linux containers, Kubernetes and Kubernetes Operators are key technologies for these abstractions in modern computing environments. A closer look reveals why:

Security Leftovers Microsoft Discreetly Drops ‘Telemetry’ As Part Of Larger ‘Security Cumulative Update’ Without First Informing Windows 7 Users? [Ed: Microsoft being Microsoft and backporting surveillance; With Windows Update any piece of software can become more malicious overnight.] Microsoft appears to have once again attempted to sneak telemetry components. The company released security updates for all supported operating systems on the July 2019 Patch Day. However, this month’s cumulative updates, which were supposed to contain only security-related components, contain an unexpected compatibility/telemetry component. The suspicious components were hidden in plain sight. Incidentally, this is the second time Microsoft has attempted to insert telemetry components. However, during the first attempt the Windows OS maker had openly mentioned the inclusion of the telemetry components, whereas this time, the company didn’t offer any indication. This methodology appears to an attempt to garner more accurate data about usage and installation patterns of the Windows operating system as Microsoft will soon phase out Windows 7. Windows Update delivered several packages of security and reliability fixes for Windows 7 earlier this week. The packages are different for each of the Windows operating system’s versions that Microsoft officially supports. However, the ‘cumulative update’ package contained a rather suspicious component. The security update in question was intended for Microsoft Windows 7 Operating System (OS) which was released as part of the July 2019 Patch Day.

Swimlane research team open sources pyattack As security teams adopt the Mitre ATT&CK Framework to help them identify gaps in their defenses, having a way to identify what malware and tools are being used by specific actors or groups becomes more critical. Additionally, having a way to identify these relationships programatically is even more critical. Today, we are excited to announce the Swimlane research team has released pyattck—a Python package to interact with the Mitre ATT&CK Framework. There are many different open-source projects being released on a daily basis, but we wanted to provide a straightforward Python package that allows the user to identify known relationships between all verticals of the Mitre ATT&CK Framework.

Strongbox Password Safe is a free, open-source KeePass client for iOS [Ed: iOS from Apple has back doors (see Vault 7 from Wikileaks for instance), so you should not put any passwords in it]

Research Finds Loads of Container Vulnerabilities Docker containers are great in that it’s easy to get started building an application using frameworks and components that others have made available via open source projects. The challenge, however, is not all those projects are current in terms of their cybersecurity patches. In fact, a developer of a framework may not even be actively supporting it anymore. A new report from vulnerability management platform vendor Kenna Security highlights the extent of the problem in the Docker community. Via the VulnerabilitiesContainer.org site, Kenna Security is sharing the results of analyses of containers being reused widely that find some of these open source projects have hundreds of unresolved Common Vulnerabilities and Exposure (CVE) issues.

A World of Infinite Choice in Open Source Software We recently released the fifth annual State of the Software Supply Chain Report in London. This year, we worked with Gene Kim and Dr. Stephen Magill to examine our largest data sample ever. Our goal? To qualify and quantify how exemplary development teams operate. As part of the research we identified the top 3% of DevOps teams using exemplary practices. (Take the quiz to see how your team stacks up.) Before we could truly understand these practice, we had to have the right context. The report’s first goal was to compare the use of open source in 2019 - to that of years past - and understand the broader environment developers are working in. As anticipated, open source component use continues to rocket upward.

In memoriam – Corby Corbató, MIT computer science pioneer, dies at 93 Almost everyone’s heard of Linux – it’s the operating system kernel that’s behind a significant proportion of servers on the internet, including most of Google, Facebook, Amazon and many other contemporary online juggernauts. In its Android flavour, Linux powers the majority of smartphones out there, and in one form or another it’s also the kernel of choice for many so-called IoT devices such as bike computers, home Wi-Fi routers, webcams, baby monitors and even doorlocks. Most people who use Linux know that the name is a sort-of pun on Unix, the operating system that Linux most resembles. And Unix, of course, is the operating system behind a significant proportion of the devices out there that don’t run Linux, being at the heart of Apple’s macOS and iOS systems, as well as the various and widely-used open source BSD distributions.