Language Selection

English French German Italian Portuguese Spanish

today's leftovers

Filed under
Misc
  • 3 Ways to disable USB storage devices on Linux
  • Fedora Community Blog: Fedocal and Nuancier are looking for new maintainers

    Recently the Community Platform Engineering (CPE) team announced that we need to focus on key areas and thus let some of our applications go. So we started Friday with Infra to find maintainers for some of those applications. Unfortunately the first few occurrences did not seem to raise as much interest as we had hoped. As a result we are still looking for new maintainers for Fedocal and Nuancier.

  • Artificial Intelligence Confronts a 'Reproducibility' Crisis

    Lo and behold, the system began performing as advertised. The lucky break was a symptom of a troubling trend, according to Pineau. Neural networks, the technique that’s given us Go-mastering bots and text generators that craft classical Chinese poetry, are often called black boxes because of the mysteries of how they work. Getting them to perform well can be like an art, involving subtle tweaks that go unreported in publications. The networks also are growing larger and more complex, with huge data sets and massive computing arrays that make replicating and studying those models expensive, if not impossible for all but the best-funded labs.

    “Is that even research anymore?” asks Anna Rogers, a machine-learning researcher at the University of Massachusetts. “It’s not clear if you’re demonstrating the superiority of your model or your budget.”

  • When Biology Becomes Software

    If this sounds to you a lot like software coding, you're right. As synthetic biology looks more like computer technology, the risks of the latter become the risks of the former. Code is code, but because we're dealing with molecules -- and sometimes actual forms of life -- the risks can be much greater.

    [...]

    Unlike computer software, there's no way so far to "patch" biological systems once released to the wild, although researchers are trying to develop one. Nor are there ways to "patch" the humans (or animals or crops) susceptible to such agents. Stringent biocontainment helps, but no containment system provides zero risk.

  • Why you may have to wait longer to check out an e-book from your local library

    Gutierrez says the Seattle Public Library, which is one of the largest circulators of digital materials, loaned out around three million e-books and audiobooks last year and spent about $2.5 million to acquire those rights. “But that added 60,000 titles, about,” she said, “because the e-books cost so much more than their physical counterpart. The money doesn’t stretch nearly as far.”

  • Libraries are fighting to preserve your right to borrow e-books

    Libraries don't just pay full price for e-books -- we pay more than full price. We don't just buy one book -- in most cases, we buy a lot of books, trying to keep hold lists down to reasonable numbers. We accept renewable purchasing agreements and limits on e-book lending, specifically because we understand that publishing is a business, and that there is value in authors and publishers getting paid for their work. At the same time, most of us are constrained by budgeting rules and high levels of reporting transparency about where your money goes. So, we want the terms to be fair, and we'd prefer a system that wasn't convoluted.

    With print materials, book economics are simple. Once a library buys a book, it can do whatever it wants with it: lend it, sell it, give it away, loan it to another library so they can lend it. We're much more restricted when it comes to e-books. To a patron, an e-book and a print book feel like similar things, just in different formats; to a library they're very different products. There's no inter-library loan for e-books. When an e-book is no longer circulating, we can't sell it at a book sale. When you're spending the public's money, these differences matter.

  • Nintendo's ROM Site War Continues With Huge Lawsuit Against Site Despite Not Sending DMCA Notices

    Roughly a year ago, Nintendo launched a war between itself and ROM sites. Despite the insanely profitable NES Classic retro-console, the company decided that ROM sites, which until recently almost single-handedly preserved a great deal of console gaming history, need to be slayed. Nintendo extracted huge settlements out of some of the sites, which led to most others shutting down voluntarily. While this was probably always Nintendo's strategy, some sites decided to stare down the company's legal threats and continue on.

  • The Grey Havens | Coder Radio 375

    We say goodbye to the show by taking a look back at a few of our favorite moments and reflect on how much has changed in the past seven years.

  • 09/16/2019 | Linux Headlines

    A new Linux Kernel is out; we break down the new features, PulseAudio goes pro and the credential-stealing LastPass flaw.

    Plus the $100 million plan to rid the web of ads, and more.

  • Powering Docker App: Next Steps for Cloud Native Application Bundles (CNAB)

    Last year at DockerCon and Microsoft Connect, we announced the Cloud Native Application Bundle (CNAB) specification in partnership with Microsoft, HashiCorp, and Bitnami. Since then the CNAB community has grown to include Pivotal, Intel, DataDog, and others, and we are all happy to announce that the CNAB core specification has reached 1.0.

    We are also announcing the formation of the CNAB project under the Joint Development Foundation, a part of the Linux Foundation that’s chartered with driving adoption of open source and standards. The CNAB specification is available at cnab.io. Docker is working hard with our partners and friends in the open source community to improve software development and operations for everyone.

  • CNAB ready for prime time, says Docker

    Docker announced yesterday that CNAB, a specification for creating multi-container applications, has come of age. The spec has made it to version 1.0, and the Linux Foundation has officially accepted it into the Joint Development Foundation, which drives open-source development.

    The Cloud Native Application Bundle specification is a multi-company effort that defines how the different components of a distributed cloud-based application are bundled together. Docker announced it last December along with Microsoft, HashiCorp, and Bitnami. Since then, Intel has joined the party along with Pivotal and DataDog.

    It solves a problem that DevOps folks have long grappled with: how do you bolt all these containers and other services together in a standard way? It’s easy to create a Docker container with a Docker file, and you can pull lots of them together to form an application using Docker Compose. But if you want to package other kinds of container or cloud results into the application, such as Kubernetes YAML, Helm charts, or Azure Resource Manager templates, things become more difficult. That’s where CNAB comes in.

More in Tux Machines

Debian and Ubuntu Leftovers

  • Ritesh Raj Sarraf: Bpfcc New Release

    bpfcc version 0.11.0 has been uploaded to Debian Unstable and should be accessible in the repositories by now. After the 0.8.0 release, this has been the next one uploaded to Debian.

  • Utkarsh Gupta: Joining Debian LTS!

    Back during the good days of DebConf19, I finally got a chance to meet Holger! As amazing and inspiring a person he is, it was an absolute pleasure meeting him and also, I got a chance to talk about Debian LTS in more detail. [...] I had almost no idea what to do next, so the next month I stayed silent, observing the workflow as people kept committing and announcing updates. And finally in September, I started triaging and fixing the CVEs for Jessie and Stretch (mostly the former). Thanks to Abhijith who explained the basics of what DLA is and how do we go about fixing bugs and then announcing them. With that, I could fix a couple of CVEs and thanks to Holger (again) for reviewing and sponsoring the uploads! :D

  • Ubucon Europe 2019 in local media

    News from the new Ubuntu distribution, the exploration of the several platforms and many “how to”, rule the 4-days agenda where the open source and open technologies are in the air. The Olga Cadaval Cultural centre in Sintra, is the main stage of a busy agenda filled with several talks and more technical sessions, but at Ubucon Europe there’s also room for networking and cultural visits, a curious fusion between spaces full of history, like the Pena Palace or the Quinta da Regaleira, and one of the youngest “players” in the world of software. For 4 days, the international Ubuntu Community gathers in Sintra for an event open to everyone, where the open source principles and open technology are dominating. The Ubucon Europe Conference begun Thursday, October 10th, and extends until Sunday, October 13th, keeping an open doors policy to everyone who wants to Afterall, what is the importance of Ubucon? The number of participants, which should be around 150, doesn’t tell the whole story of what you can learn during these days, as the SAPO TEK had the opportunity to check this morning. Organised by the Ubuntu Portugal Community, with the National Association for Open Software, the Ubuntu Europe Federation and the Sintra Municipality, the conference brings to Portugal some of the biggest open source specialists and shows that Ubuntu is indeed alive, even if not yet known by most people, and still far from the “world domain” aspired by some.

Devices/Embedded: Win Enterprises and Raspberry Pi 4

  • Win Enterprises unveils Atom-based LAN gateway and compact SBC

    Win Enterprises unveiled a fanless “PL-82000” networking gateway with 6x GbE and 2x SFP ports based on an Atom C3000. It also launched a Raspberry Pi sized “MB-5000” SBC that runs Ubuntu or Win 10 on Intel Apollo Lake. We tend to forget Win Enterprises because as its name suggests, the company typically sticks to Windows-supported products. Yet, they have increasingly produced barebones products without listed OS support, such as the new PL-82000 networking appliance, as well as Linux supported systems such as the MB-5000 SBC announced back in June. (In 2017, we covered an Intel Bay Trail based MB-80580 SBC and Win IoT-380 Gateway with Linux support.)

  • Raspberry Pi 4 PCI Express: It actually works! USB3, SATA… GPUs?

    Recently, Tomasz Mloduchowski posted a popular article on his blog detailing the steps he undertook to get access to the hidden PCIe interface of Raspberry Pi 4: the first Raspberry Pi to include PCIe in its design. After seeing his post, and realizing I was meaning to go buy a Raspberry Pi 4, it just seemed natural to try and replicate his results in the hope of taking it a bit further. I am known for Raspberry Pi Butchery, after all.

  • Raspberry Pi 4 B+ - PCI Express

    Why did I do it? Because I wanted to see if it can be done. Because Raspberry Pi 4 might be the cheapest device that is PCIe capable after a relatively minor modification (if I didn't lift the capacitors when desoldering the VL805, this is literally 12 soldering points). That, in turn, can be quite handy for developing own PCIe cores for various FPGA based experiments.

    I'm sharing it to allow people to learn from this - and to dispel the myth that PCIe is somehow out of reach of hobbyists due to some concerns over signal integrity or complexities. Stay tuned for more Pi4/PCIe experimentation!

OSS: Odoo, WordPress, MongoDB vs. MySQL

  • What's New in Odoo 13?

    Fast, Simple and Effective Business Management- this is the motto of Odoo, the leading open source ERP of the globe. And this is what makes Odoo the prominent and most favorite choice among business enterprises. With the release of Odoo 13, the open-source ERP has become all more fit and robust to meet the diversified needs of businesses. With Odoo 13 users can go along with better designs and customizations. With each version release, Odoo makes it a point to bring in major and minor improvements in the application, alongside a set of new features for improving the user interface and functionality of the user. The users worth 3.4 million is the evidence of Odoo being the finest application for business management.

  • Becoming Better Digital Citizens Through Open Source

    The WordPress Project is on a mission to democratize publishing. As WordPress empowers more people to participate in the digital space, we have the opportunity to make sure that everyone can participate safely and responsibly. Today marks the start of Digital Citizenship Week. We are going to share how open source can be used as a tool for learners (regardless of age) to practice and model the essential parts of being a good digital citizen. [...] Digital Citizenship is for all age groups. Anyone who uses the internet on a computer, mobile device or a TV is a digital citizen. You don’t have to be tech-savvy already, maybe you are taking your first steps with technology. Digital Citizenship Week is a chance to reflect together on our impact on the digital world. It can help us to make our consumption more considered and our interaction friendlier. It enables us to make a positive difference to those around us. All of us can strive (or learn) to become better digital citizens. It can be affected by the access those teaching have had to digital skills and good practice. Adult education classes and community tech hubs play a part in basic tech skill development. Unfortunately, these are not always accessible to those in less populated geographic locations.  Open source communities like WordPress already make a difference in encouraging the principles of digital citizenship, from sharing tech skills to improving security knowledge. They give people an opportunity to learn alongside their peers and many of the resources are available regardless of location, resources, or skills.

  • MongoDB vs. MySQL: How to choose

    During the dot-com bubble in the 1990s, one common software stack for web applications was LAMP, which originally stood for Linux (OS), Apache (web server), MySQL (relational database), and PHP (server programming language). MySQL was the preferred database mostly because it was free open source and had good read performance, which fit well with “Web 2.0” apps that dynamically generated sites from the database. Later the MEAN stack, which stood for MongoDB (document database), Express (web server), AngularJS (front-end framework), and Node.js (back-end JavaScript runtime), came to prominence. The MEAN stack was attractive, among other reasons, because the only language you needed to know was JavaScript. It also needed less RAM than an equivalent LAMP stack.

Security: XML External Entity (XXE) Example and the Latest Patches

  • XML External Entity (XXE) Example

    According to OWASP, an XML External Entity attack is a type of attack against an application that parses XML input. This attack occurs when XML input containing a reference to an external entity is processed by a weakly configured XML parser. This attack may lead to the disclosure of confidential data, denial of service, server side request forgery, port scanning from the perspective of the machine where the parser is located, and other system impacts. If a parser accepts unsanitized XML, we can take advantage of that and send our own crafted external XML payload to exploit our target. This post won’t be long so let’s get into it.

  • Security updates for Monday

    Security updates have been issued by Arch Linux (chromium, sdl, and unbound), Debian (clamav, libdatetime-timezone-perl, openssl, tcpdump, and tzdata), Fedora (cutter-re, jackson-annotations, jackson-bom, jackson-core, jackson-databind, jackson-parent, libapreq2, ming, opendmarc, radare2, and thunderbird), openSUSE (chromium), Oracle (kernel), and SUSE (axis, jakarta-commons-fileupload, kernel, sles12sp3-docker-image, sles12sp4-image, system-user-root, and webkit2gtk3).