Language Selection

English French German Italian Portuguese Spanish

today's leftovers

Filed under
Misc
  • [OpenMandriva] Additional desktop environments updated once again!

    I am pleased to announce that all currently the most popular desktops are available in the OpenMandriva repository and have been updated to the latest releases.

    So, if you don’t like the default Plasma 5, then you have option to use a different environment like Gnome, Cinnamon, Mate, Xfce, IceWM or i3. In addition @fedya has prepared Sway, and in the repository we can also find under the tutelage of @bero the LXQT and Lumina - both QT based environments. All desktop you can find in Cooker, Rolling* and in upcoming stable release Rock 4.1.

    [...]

    GNOME environment was updated to latest stable 3.34.3 along with most components that fall into this gtk stack.

  • Ubuntu Weekly Newsletter Issue 613

    Welcome to the Ubuntu Weekly Newsletter, Issue 613 for the week of January 5 – 11, 2020. The full version of this issue is available here.

  • UVM gets $1 million from Google for open source research

    The school says the aim of the project is to broaden understanding of how people, teams and organizations thrive in technology-rich settings, particularly in open-source projects and communities.

  • Creative Commons and USAID Collaborate on Guide to Open Licensing

    Over the past two years, we’ve been working with USAID, the Global Book Alliance, the Global Digital Library, and the Global Reading Network on early childhood reading programs, with a focus on helping these programs to recognize the potential of open licensing to increase the reach and efficacy of resources that promote youth literacy. In the course of doing that work, we all realized that additional materials needed to be created for grantees of the programs to not only understand the open license grant requirements, but to undertake the practical steps of implementing open licenses. To respond to that need, we collaborated with USAID and the Global Reading Network to write and co-publish Open Licensing of Primary Grade Reading Materials: Considerations and Recommendations, a guide to open licenses that includes an introduction to the basics of copyright, an overview of the benefits of open licensing, and suggestions for choosing and implementing open licenses.

  • German Lawyer Niklas Plutte shares OSS tips

    Under the title « Open Source Software Recht: Große FAQ mit vielen Praxistipps” (in German language) the German lawyer Niklas Plutte (Rechtsanwalt) summarises the main questions related to open source licensing.

    In particular, the paper analyse how far open licences will produce a reciprocal (or copyleft) effect, meaning that in case or re-distribution of the program (as is, modified or in combination with other software) the copy, the modified or derivative work must be provided under the same licence and made available to the public in source code form, which could be shared and reused by anyone.

  • Cryptic Rumblings Ahead of First 2020 Patch Tuesday [iophk: why is Canonical not utilizing this already? Do they have too many microsofters inside the perimeter now?]

    According to sources, the vulnerability in question resides in a Windows component known as crypt32.dll, a Windows module that Microsoft says handles “certificate and cryptographic messaging functions in the CryptoAPI.” The Microsoft CryptoAPI provides services that enable developers to secure Windows-based applications using cryptography, and includes functionality for encrypting and decrypting data using digital certificates.

    A critical vulnerability in this Windows component could have wide-ranging security implications for a number of important Windows functions, including authentication on Windows desktops and servers, the protection of sensitive data handled by Microsoft’s Internet Explorer/Edge browsers, as well as a number of third-party applications and tools.

    Equally concerning, a flaw in crypt32.dll might also be abused to spoof the digital signature tied to a specific piece of software. Such a weakness could be exploited by attackers to make malware appear to be a benign program that was produced and signed by a legitimate software company.

  • Facebook Shares Its 2019 Year in Review for Open Source

    Facebook said it released 170 new open-source projects in 2019, bringing its total portfolio to 579 active repositories.

    Open-source developer advocate Dmitry Vinnik said in a blog post that the social network’s internal engineers contributed more than 82,000 commits in 2019, while some 2,500 external contributors committed over 32,000 changes.

    He added that almost 93,000 new people starred Facebook’s open-source projects last year.

  • Amazon accused of 'strip mining' open source software

    ust before the start of the festive season shut-down in mid-December, the New York Times published a long article accusing one of the world’s largest technology companies – Amazon – of nefarious business practices.

    Amazon reacted strongly, with Andi Gutmans, VP of Analytics and ElastiCache at Amazon Web Services (AWS) calling the NY Times article “skewed and misleading” as well as “silly and off-base”.

    Referring to open source companies that it said had complained about Amazon’s business practices, which included benefiting by integrating open source software pioneered by others into its own products, the NYTimes wrote: “Some of the companies have a phrase for what Amazon is doing: strip-mining software. By lifting other people’s innovations, trying to poach their engineers and profiting off what they made, Amazon is choking off the growth of would-be competitors and forcing them to reorient how they do business.”

  • Financial Services Firms Must Contribute More Software Repos, to Retain Staff and Stay Relevant [Ed: This article promotes the fiction that only code Microsoft controls counts as FOSS. It is a hostile and malicious takeover.]

    Does this tell us anything ? Overall, I was quite encouraged, but felt financial services firms in particular have more to do.

    My first observation regards firms not featuring on the list. Many Financial Services companies - banks, asset managers and other open source-consuming tier 1 hedge funds - are notable by their absence on Github, though in fairness some host repos elsewhere. While Goldman Sachs, for a long time active with Java, and JP Morgan are readily findable, many of their rivals sadly barely register. Kudos to those that have contributed, particularly the likes of Two Sigma and Man AHL, who have truly put money, time and effort where their mouths are.

    Vendors like Bloomberg and Thomson Reuters have found repos to be useful for promoting APIs to their databases, not unlike some internet services firm submissions represented in the list. They're doing well.

    Particularly pleasing for me were two "proprietary" software firms active in Financial Services, MathWorks and SAS, both releasing significant numbers of high calibre code repos, not least because I worked many years for one of them. Predictably, most repos from my former company are in their own proprietary though openly-viewable and editable language, MATLAB. For SAS, somewhat less predictably to my mind at least, more code submissions were in Python and JavaScript than SAS code itself. Kudos therefore to my former competitors at SAS ! It seems they understand the programming languages preferred by their staff's children and grandchildren, a bit like my using DuckDuckGo, chatting with gamers on Discord and shouting "boomer" at anyone over the age of 33.

  • Spotify Accidentally Leaks Details on Its Home Thing Smart Speaker

    A leak may have revealed Spotify’s upcoming foray into smart home speakers. New setup images for something called ‘Spotify Home Thing’ have appeared online.

  • Bay Staters Continue to Lead in Right to Repair, and EFF Is There to Help

    Massachusetts has long been a leader in the Right to Repair movement, thanks to a combination of principled lawmakers and a motivated citizenry that refuses to back down when well-heeled lobbyists subvert the legislative process.

    In 2012, Massachusetts became the first US state to enact Right to Repair legislation, with an automotive law that protected the right of drivers to get their cars repaired by independent mechanics if they preferred them to the manufacturers' service depots. Though wildly popular, it took the threat of a ballot initiative to get the legislature to act, an initiative that ultimately garnered 86% of the vote. The initiative led to strong protections for independent repair in Massachusetts and set the stage for a compromise agreement leading to better access to repair information for most of the country.

  • Enjoy this peaceful 4 hour long trailer for THE LONGING, a game that takes 400 days to beat

    A curious one this, a game that has a clock that counts down from 400 days as soon as you start it and you don't even need to play it to get to the ending, as time continues when you're not playing. I've played some slow games before but this is an all new kind of sloth.

    It's called THE LONGING and you play as Shade, the last lonely servant of a King who once ruled an underground kingdom. The King's powers have faded and he sleeps for 400 days to regain strength and you're supposed to stick around until he awakens. Announced today, Studio Seufz have now given it a release date of March 5 and you can see the wonderful four hour long trailer below. The trailer is obviously a joke, at how you can just sit around and do nothing.

  • Feral Interactive are asking what you want ported to Linux again

    Feral Interactive, the porting studio behind a lot of great games available on Linux are asking for some feedback again on where they should go next.

    In the past, they've teased how they feed port requests into "THE REQUESTINATOR". Looks like my number three from when they asked in November 2018 turned out okay with Shadow of the Tomb Raider. As always though, we want additional ports to buy and more varied titles to play through.

  • OpenStack’s Complicated Kubernetes Relationship

    2020 may be the year the OpenStack community comes to terms with Kubernetes

    As the open source community heads into 2020, loyalties between OpenStack and Kubernetes are likely to become increasingly divided. Contributors to open source projects are trying to determine where to prioritize their efforts, while IT organizations are wondering to what degree they will need a framework such as OpenStack to deploy Kubernetes.

    Most Kubernetes deployments thus far have been on top of open source virtual machines or commercial platforms from VMware. Most of those decisions have been driven by the need to isolate Kubernetes environments sharing the same infrastructure. In addition, many IT organizations lacked the tools or expertise required to manage Kubernetes natively, so it became easier to simply extend existing tools to manage Kubernetes as an extension of a virtual machine-based platform.

    The debate now is to what degree that approach will continue as organizations become first more familiar with native Kubernetes toolsets and alternative approaches to isolating workloads using lighter-weight virtual machines emerge.

    Lighter-weight alternatives to OpenStack and VMware for deploying Kubernetes clusters already exist, notes Rob Hirschfeld, CEO of RackN, a provider of an infrastructure automation platform based on open source Digital Rebar software.

    At the same time, managed service providers such as Mirantis have begun rolling out highly distributed services based on Kubernetes that make no use of OpenStack at all.

More in Tux Machines

Linus Torvalds Decides To Land NVIDIA RTX 30 "Ampere" Support In Linux 5.11

While new feature code is normally not allowed in past the end of the merge window for a given Linux kernel release cycle, Linus Torvalds has decided to merge the newly-published open-source driver code for the NVIDIA GeForce RTX 30 "Ampere" graphics cards for the Linux 5.11 kernel that will debut as stable in February. Ahead of this weekend's Linux 5.11-rc4 release, Linus Torvalds has merged the new initial open-source code for the NVIDIA RTX 30 / Ampere GPUs via the Nouveau driver. He was fine with allowing this late addition to Linux 5.11 as the new hardware support is all self-contained and doesn't risk regressing the existing NVIDIA GPU support within the Nouveau driver. Thus it's one of the rare times he permits new code to be added after a merge window since there is minimal risk of it regressing the status quo of hardware support. Read more

today's leftovers

  • Minimalist vs Modern - Linux Mint 20.1

    It's time to check out the two desktop environments built for the latest release of Linux Mint 20.1 - MATE and Cinnamon!

  • Google Docs Replacement | Self-Hosted 36

    Our favorite Google Docs killer with markdown support has a big update. We explain how we host it and why we love it.

  • Announcing Istio 1.8.2

    This release contains bug fixes to improve robustness. This release note describes what’s different between Istio 1.8.1 and Istio 1.8.2

  • openSUSE Tumbleweed – Review of the week 2021/02 – Dominique a.k.a. DimStar (Dim*)

    Dear Tumbleweed users and hackers, Somewhere, I read, 2021 will be the year of the Linux desktop. Do you agree? Let’s make it the year of Tumbleweed on the desktop. In any case, Tumbleweed has been steadily rolling with 5 snapshots published during this week (0107, 0108, 0110, 0111, and 0113).

  • Ubuntu 21.04 To Expand The Use Of Phased Package Updates - Phoronix

    With this spring's release of Ubuntu 21.04 there is more widespread use of "phased updates" for gradually rolling out new stable release updates to help avoid any regressions en masse from coming to light. For years the Ubuntu desktop has employed this phased updates strategy while now with it being plumbed into APT, Ubuntu Server and other versions will by default make use of phased updates. Going back a number of years in Ubuntu has been Phased Updates that wired into Update Manager has led to the gradual rollout of new stable release updates over a period of about two days. This has been done gradually to ensure that no regressions or potential big problems hit all Ubuntu users at once by over the course of many hours exposing more Ubuntu users to these updates.

Security Leftovers

  • Security updates for Friday

    Security updates have been issued by Debian (flatpak, ruby-redcarpet, and wavpack), Fedora (dia, mingw-openjpeg2, and openjpeg2), Mageia (awstats, bison, cairo, kernel, kernel-linus, krb5, nvidia-current, nvidia390, php, and thunderbird), openSUSE (cobbler, firefox, kernel, libzypp, zypper, nodejs10, nodejs12, and nodejs14), Scientific Linux (thunderbird), Slackware (wavpack), SUSE (kernel, nodejs8, open-iscsi, openldap2, php7, php72, php74, slurm_20_02, and thunderbird), and Ubuntu (ampache and linux, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-lts-xenial).

  • Project Zero: Introducing the In-the-Wild Series

    At Project Zero we often refer to our goal simply as “make 0-day hard”. Members of the team approach this challenge mainly through the lens of offensive security research. And while we experiment a lot with new targets and methodologies in order to remain at the forefront of the field, it is important that the team doesn’t stray too far from the current state of the art. One of our efforts in this regard is the tracking of publicly known cases of zero-day vulnerabilities. We use this information to guide the research. Unfortunately, public 0-day reports rarely include captured exploits, which could provide invaluable insight into exploitation techniques and design decisions made by real-world attackers. In addition, we believe there to be a gap in the security community’s ability to detect 0-day exploits.

  • Google series on in-the-wild exploits

    The Google Project Zero blog is carrying a six-part series exploring, in great detail, a set of sophisticated exploits discovered in the wild.

OSS Leftovers and Mostly Openwashing

  • Debarshi Ray: Toolbox — After a gap of 15 months

    About a year ago, Ondřej Míchal single-handedly rewrote Toolbox in Go, making it massively easier to work on the code compared to the previous POSIX shell implementation. Go comes with much nicer facilities for command line parsing, error handling, logging, parsing JSON, and in general is a lot more pleasant to program in. Plus all the container tools in the OCI ecosystem are written in Go anyway, so it was a natural fit. Other than the obvious benefits of Go, the rewrite immediately fixed a few bugs that were inherently very cumbersome to fix in the POSIX shell implementation. Something as simple as offering a –version option, or avoiding duplicate entries when listing containers or images was surprisingly difficult to achieve in the past. What’s more, we managed to pull this off by retaining full compatibility with the previous code. So users and distributors should have no hesitation to update.

  • Rav1e 0.4 Released For Faster Rust AV1 Encoding - But Still Is Quite Slow

    Rav1e 0.4 was released on Wednesday as the latest version of this Rust-written AV1 video encoder. The rav1e 0.4 release represents a speed-up for the encoder but depending upon the preset level can still be at fractions of a frame per second. Rav1e 0.4 development was focused on providing faster performance for x86_64 and AArch64 (64-bit ARM) architectures. A wide variety of optimizations made faster performance possible depending upon the speed level.

  • LCA: Catch Talks by OSI Staff and Community

    Linux.conf.au (aka LCA) is a lovely community conference based in Australasia that will be entering its 22nd year in 2021. The volunteer-run event is known for getting deeply technical on topics varying from the inner workings of the Linux kernel to the inner workings of dealing with communities. This year's event takes place on January 23rd - 25th and is accessible is digital and accessible to everyone, whether you live "down under" or not. Our General Manager, Deb Nicholson will be presenting on how to build and maintain kinder, gentler and more sustainable open source communities in her talk, "Move Slow and Try Not to Break Each Other." on Sunday at 11:40am.

  • Data@Mozilla: This Week in Glean: Proposals for Asynchronous Design

    At last count there are 14 proposals for Firefox on Glean, the effort that, last year, brought the Glean SDK to Firefox Desktop. What in the world is a small, scrappy team in a small, scrappy company like Mozilla doing wasting so much time with old-school Waterfall Model overhead?! Because it’s cheaper than the alternative. Design is crucial before tackling difficult technological problems that affect multiple teams. At the very least you’re writing an API and you need to know what people want to do with it. So how do you get agreement? How do you reach the least bad design in the shortest time?

  • Mozilla Performance Blog: Performance Sheriff Newsletter (December 2020)

    In December there were 241 alerts generated, resulting in 39 regression bugs being filed on average 6.4 days after the regressing change landed. Welcome to the December 2020 edition of the performance sheriffing newsletter. Here you’ll find the usual summary of our sheriffing efficiency metrics, followed by a review of the year. If you’re interested (and if you have access) you can view the full dashboard.

  • CIB spins off new allotropia software GmbH

    “With everyone from SMBs to governments now going fully digital, we see significant demand for integrated, secure, and GDPR-conforming digital document lifecycle solutions,” says Uli Brandner, CEO and owner of CIB labs. “We have continuously invested into LibreOffice to play an important role in our solution stack, and are now taking the next step by setting up a dedicated company with a laser-sharp focus on delivering fully cloud-based versions – in-line with our ongoing push for browser-based products. Being able to build on the multi-decade value of existing OpenSource solutions, as well as the equally many years of experience of our LibreOffice engineering team there, gets us both a significant head start, and the confidence to deliver quality solutions.” LibreOffice engineering consultancy and “LibreOffice powered by CIB” will remain an important part in CIB’s portfolio, now being served and further improved by allotropia software GmbH. “For our customers, this generates the win-win-win situation of having an established, rock-solid partner like CIB, delivering state-of-the-art opensource software, plus the agility of an innovative startup developing new solutions”, adds Uli Brandner.

  • Open Source Management & Strategy Training Program Launched by The Linux Foundation
  • Start 2021 Off With a New Career in the Cloud! Cloud Engineering Bootcamps are on Sale
  • Instructor-Led Kubernetes Security Fundamentals Course Now Available
  • Kubernetes Security Essentials Course Now Available
  • New, Free Training Course Covering Basics of the WebAssembly Now Available
  • Tips for Starting Your New IT Career in 2021!