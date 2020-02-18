Language Selection

today's leftovers

Thursday 20th of February 2020 03:50:12 PM
Misc
  • Matthew Garrett: What usage restrictions can we place in a free software license?

    Growing awareness of the wider social and political impact of software development has led to efforts to write licenses that prevent software being used to engage in acts that are seen as socially harmful, with the Hippocratic License being perhaps the most discussed example (although the JSON license's requirement that the software be used for good, not evil, is arguably an earlier version of the theme). The problem with these licenses is that they're pretty much universally considered to fall outside the definition of free software or open source licenses due to their restrictions on use, and there's a whole bunch of people who have very strong feelings that this is a very important thing. There's also the more fundamental underlying point that it's hard to write a license like this where everyone agrees on whether a specific thing is bad or not (eg, while many people working on a project may feel that it's reasonable to prohibit the software being used to support drone strikes, others may feel that the project shouldn't have a position on the use of the software to support drone strikes and some may even feel that some people should be the victims of drone strikes). This is, it turns out, all quite complicated.

    But there is something that many (but not all) people in the free software community agree on - certain restrictions are legitimate if they ultimately provide more freedom. Traditionally this was limited to restrictions on distribution (eg, the GPL requires that your recipient be able to obtain corresponding source code, and for GPLv3 must also be able to obtain the necessary signing keys to be able to replace it in covered devices), but more recently there's been some restrictions that don't require distribution. The best known is probably the clause in the Affero GPL (or AGPL) that requires that users interacting with covered code over a network be able to download the source code, but the Cryptographic Autonomy License (recently approved as an Open Source license) goes further and requires that users be able to obtain their data in order to self-host an equivalent instance.

  • Install Metabase on Ubuntu 18.04 with Nginx and SSL – Google Cloud
  • OpenBSD Foundation 2019 campaign wrapup

    Our target for 2019 was CDN$300K. Our community's continued generosity combined with our corporate donors exceeded that nicely. In addition we received the largest single donation in our history, CDN$380K from Smartisan. The return of Google was another welcome event. Altogether 2019 was our most successful campaign to date, yielding CDN$692K in total.

  • have fun with free software – truly Open Source Karaoke „SingStar“ style Performous on GNU Linux

    An open-source karaoke, band and dancing game where one or more players perform a song and the game scores their performances.

    Supports songs in UltraStar, Frets on Fire and StepMania formats.

    Microphones and instruments from SingStar, Guitar Hero and Rock Band as well as some dance pads are autodetected.

  • Reintroducing Telegram: privately funded private chat with open source apps

    I started to write an article about the latest update for Telegram, when I realized I might only be speaking to a select few in-the-know users. Far fewer than I think should be interested, anyway. Telegram is a private chat system with end-to-end encryption support and cross-platform functionality. It’s privately funded by a guy named Pavel Durov, whose only goal seems to be “fast and secure messaging that is also 100% free.”

  • Daniel Silverstone: Subplot volunteers? (Acceptance testing tool)

    Subplot is a tool for capturing and automatically verifying the acceptance criteria for a software project or a system, in a way that's understood by all stakeholders.

    In a software project there are always more than one stakeholder. Even in a project one writes for oneself, there are two stakeholders: oneself, and that malicious cretin oneself-in-the-future. More importantly, though, there are typically stakeholders such as end users, sysadmins, clients, software architects, developers, and testers. They all need to understand what the software should do, and when it's in an acceptable state to be put into use: in other words, what the acceptance criteria are.

    Crucially, all stakeholders should understand the acceptance criteria the same way, and also how to verify they are met. In an ideal situation, all verification is automated, and happens very frequently.

    There are various tools for this, from generic documentation tooling (word processors, text editors, markup languages, etc) to test automation (Cucumber, Selenium, etc). On the one hand, documenting acceptance criteria in a way that all stakeholders understand is crucial: otherwise the end users are at risk of getting something that's not useful to help them, and the project is a waste of everyone's time and money. On the other hand, automating the verification of how acceptance criteria is met is also crucial: otherwise it's done manually, which is slow, costly, and error prone, which increases the risk of project failure.

    Subplot aims to solve this by an approach that combines documentation tooling with automated verification.

  • Ulrike Uhlig: Reasons for job burnout and what motivates people in their job

    Often, burnout is conceived as a weakness of the person experiencing it: "they can't work under stress", "they lack organizational skills", "they are currently going through grief or a break up, that's why they can't keep up" — you've heard it all before, right?

  • Hard disk reliability study - 2005-2020

    In other words, practically, if I keep two copies of any which data, the likelihood of data loss is 2.5% over a decade, or 0.06% for three disks. So this kind of confirms my backup strategy from a while back, and also shows that it is important for you to keep multiple copies of important files, if you want them to outlast your hardware.

    Conclusion

    There you go. I hope you find this 15-year-long study valuable. Of course, any techie like me could do it. All techies hoard hardware like mad, and I'm sure most of Dedoimedo readers have a bunch of computers and tons of hard disks strewn about, so it's just the matter of compiling the right data. And I'm sure every such compilation would be compelling. A compelling compiling, hi hi.

    If you have any comments or suggestions about my findings, I'd love to hear them. Again, I don't have a massive data center, so I can't do an accurate comparative study between vendors, disks sizes and alike, so do take my results with a pinch of cardamom. But I believe my numbers are quite indicative for home usage scenarios, so if you're mulling how to handle your data down the long trouser leg of time, you have some indication of where to start, and how to hedge your odds. Take care.

  • How 1500 bytes became the MTU of the internet

    On the face of it 1500 is a weird number, we would normally expect a lot of constants in computing to be based around mathematical constants, like powers of 2. 1500, however fits none of those.

    So where did 1500 come from, and why are we still using it?

  • Is it Possible to Identify DNS over HTTPs Without Decrypting TLS?

    Whenever I talk about DNS over HTTPS (DoH), the question comes up if it is possible to fingerprint DoH traffic without decrypting it. The idea is that something about DoH packets is different enough to identify them.

    [...]

    At this point, I would call the experiment a "proof of concept." It is not a conclusive experiment. I only collected a few minutes of traffic and went maybe to a dozen different sites. All tests were performed on a Mac using Firefox 71 and Cloudflare as a resolver. I may get around to do more testing during the day and will update this post accordingly.

  • More DNS over HTTPS: Become One With the Packet. Be the Query. See the Query

    Two days ago, I wrote about how to profile traffic to recognize DNS over HTTPS. This is kind of a problem for DNS over HTTPS. If you can see it, you may be able to block it. On Twitter, a few chimed in to provide feedback about recognizing DNS over HTTPS. I checked a couple of other clients, and well, didn't have a ton of time so this is still very preliminary:

    [..]

    But to come back to the initial observation: The DoH traffic had specific packet sizes it preferred. So I was looking at this since it didn't seem random, meaning it leaked information.

  • ‘This Is Disastrous’: How the Vinyl Industry Is Responding to the Apollo Masters Fire

    The day that everyone in the vinyl-manufacturing world has been worried about for years finally arrived. Earlier this month, Apollo Masters Corp., one of the two places in the world that produce the lacquer discs needed to assemble master plates for pressing records, burned down. The blaze reportedly took 82 firefighters and three hours to extinguish. No one was harmed, but the fire obliterated the Banning, California, facility responsible for, by most estimates, 70 to 85 percent of the lacquer plates used in vinyl production. There is now just one such factory in the world capable of producing that crucial item, MDC in Japan, leaving the global supply of vinyl in peril.

    “We’ve all been worried about this, we’ve had meetings about it within the industry,” says Cash Carter, chief operating officer at Kindercore Vinyl Pressing in Athens, Georgia. “We’ve gotten together with all the other pressing plants, lacquer cutters, everybody, and been like, ‘What happens if MDC or Apollo goes away? We’re all fucked.’ We were dreading that day, but not thinking it would actually happen — that before anything disastrous happened, someone would come in and fix what needed to be fixed.… Now, is the sky falling? No. But this is disastrous. I think there are going to be pressing plants that close because of this.… We’ve been saying we need to fix this for years. Now, we actually need to fix this.”

  • How Kubernetes Became The Standard For Compute Resources
IBM/Red Hat/Fedora Leftovers

  • Red Hat Fuels Omnitracs to Deliver Cloud-Native Fleet Management Innovation

    Red Hat, Inc., the world's leading provider of open source solutions, today announced that Omnitracs, LLC, the global pioneer of fleet management solutions to transportation and logistics companies, has delivered its Omnitracs One platform, the next-generation of fleet management innovation, on the foundation of Red Hat OpenShift. Using the industry’s leading enterprise Kubernetes platform along with Red Hat Ansible Automation Platform, Omnitracs One is a completely cloud-native offering and provides an enhanced user experience with a clear path towards future innovations.

  • Orange Egypt Builds Horizontal Cloud on Red Hat Technologies, Improving Time-to-Market by up to 10x

    Red Hat, Inc., the world's leading provider of open source solutions, today announced that Red Hat’s open hybrid cloud technologies are providing a horizontal cloud platform for Orange Egypt’s virtual network functions (VNFs), helping the service provider to more quickly deliver new services to customers, optimize its network investments and reduce operational expenditure. Building on the foundation of Red Hat OpenStack Platform and Red Hat Ceph Storage, Orange Egypt is the first Orange affiliate to manage 100% of its live customer traffic over a fully software-based platform spanning several sites across its region.

  • Share-ing the News: the Mainframe is Back!

    What seems like a hundred years ago, I started in the technology business. My first job was as a computer operator for an IBM S/390 mainframe computer for a large networking company. The years zipped by and I now find myself at SUSE as the Product Marketing Manager for system Z and LinuxOne. My how things have come full circle! While the mainframes of today have transformed and are not quite the behemoths of yesteryear, the purpose of the mainframe is still the same – providing customers with increased security, fast processing time for large amounts of data, high availability, and rock-solid stability. Mainframes today like IBM LinuxOne and system Z provide unprecedented privacy and security for your infrastructure with encryption everywhere and instant recovery. And the best part is you can run your favorite Linux distribution on these systems – SUSE Linux Enterprise Server for system Z and LinuxOne

  • Building a community of practice in 5 steps

    In the first part of this series, we defined community as a fundamental principle in open organizations, where people often define their roles, responsibilities, and affiliations through shared interests and passions, not title, role, or position on an organizational chart. Then, in the second part of the series, we explored the many benefits communities of practice bring to open organizations—including fostering learning, encouraging collaboration, and offering an opportunity for creative problem-solving and innovation. Now you know you'd like to start a community of practice, but you may still be unsure where to start. This article will help define your roadmap and build a plan for a successful community of practice—in five simple steps (summarized in Figure 1).

  • Red Hat Combines Continuous Community Innovation with Long-Life Enterprise Support in Red Hat OpenStack Platform 16

    Red Hat, Inc., the world's leading provider of open source solutions, today announced the general availability of Red Hat OpenStack Platform 16, the latest version of its highly scalable and agile Infrastructure-as-a-Service (IaaS) solution. More than 1,000 enhancements and new features will lay the foundation for enterprise and telco workloads from programmable IaaS for hybrid clouds, developer clouds and production clouds and cloud-native applications like network functions virtualization (NFV), edge computing, artificial intelligence (AI) and machine learning (ML).

  • Red Hat OpenStack lives on in a new release

    This new OpenStack is built on the foundation of Red Hat Enterprise Linux (RHEL) 8. The version adds a refined long-life support lifecycle, comprehensive feature consolidation, and a new commitment to delivering continuous community innovation as enterprise-ready features via stream releases. It combines the best features of the last three OpenStack release Train along with Red Hat's own special sauce. Modular by design, the new Red Hat OpenStack is meant to optimize IT operations for existing traditional applications. But it's not just the same old IaaS file storage cloud it was 10 years ago. It can now be used as the foundation for cloud-native applications such as network functions virtualization (NFV), edge computing, artificial intelligence (AI) and machine learning (ML).

  • Fedora Council November 2019 meeting: more miscellaneous stuff

    In addition to the big topic of the Fedora Project Vision, we used the opportunity to cover some other Fedora Council business. Because it’s a lot, we’re breaking the reporting on this into two posts, kind of arbitrarily — here’s the second of those.

  • Return of the son of the panda badger

    Here’s an initial mockup of a new sticker sheet design for Fedora! It features artwork from Fedora Badges. (Actually, now that I think of it, it would be nice to have a licensing notice for the artwork along the bottom or side of the sheet.) The idea behind this is just to be a fun piece of swag to give away at events. Before my leave, we produced a Fedora Diversity sticker sheet that has proven to be very popular at events, so it’s time for our panda and badger friends to have their time to shine I think

Programming: PHP, Scheme, Perl, Python and JavaScript

  • PHP version 7.2.28, 7.3.15 and 7.4.3

    RPMs of PHP version 7.4.3 are available in remi repository for Fedora 32 and remi-php74 repository for Fedora ≥ 30 and Enterprise Linux ≥ 7 (RHEL, CentOS). RPMs of PHP version 7.3.15 are available in remi repository for Fedora 30-31 and remi-php73 repository for Enterprise Linux ≥ 6 (RHEL, CentOS). RPMs of PHP version 7.2.28 are available in remi-php72 repository for Enterprise Linux ≥ 6 (RHEL, CentOS).

  • Excellent Free Tutorials to Learn Scheme

    Scheme is a general-purpose, functional, programming language descended from Lisp and Algol. It is a statically scoped and properly tail-recursive dialect of Lisp. Scheme is a very simple language with a very simple syntax based on s-expressions. Its simplicity is fundamental in making it a popular introductory language. It follows a minimalist design philosophy specifying a small standard core with powerful tools for language extension. This philosophy helps make Scheme a programming language that can be learned over a weekend. Nevertheless, Scheme is a very versatile language being used to write a diverse range of applications such as financial analysis tools, compilers, virtual reality systems, as well as more mundane software. Scheme is used in computing education and research as well as a wide range of industrial applications.

  • Don't like IDEs? Try grepgitvi

    Like most developers, I search and read source code all day long. Personally, I've never gotten used to integrated development environments (IDEs), and for years, I mainly used grep and copy/pasted file names to open Vi(m). Eventually, I came up with this script, slowly refining it as needed.

  • Perl Weekly Challenge 48: Survivor and Palindrome Dates

    These are some answers to the Week 48 of the Perl Weekly Challenge organized by Mohammad S. Anwar.

  • Deprecating or Transferring Mojo::ACME

    While Mojo::ACME was a fun experiment, it has several shortcomings at this point and I’ve officially stopped using it. If someone is interested in maintaining it, and if I’m sufficiently convinced of your credibility since this is a security module after all, I can hand it over. Otherwise I will be marking it as deprecated soon. Some background Mojo::ACME was mostly an experiment for me in learning the ACME (v1) protocol. It was a port of the acme-tiny script to mojo with one significant difference. When used as a plugin in your application it actually could listen for a local connection over websocket from the certificate issuance command to prepare for the authentication challenges. This allowed for zero-downtime intervention-free certificate issuance for your application. It was pretty neat and I’m still proud that it worked. Meanwhile the letsencrypt client, later to be renamed certbot, was in a very painful infancy.

  • KBOS types

    After introducing KBOS I should write about the most fundamental concept in this Perl syntax extension. In fact it's so basic, you could use it even without objects. Of course this is not a full fledged type system. Use Raku to get that. Variables with KBOS will stay your perly whatever data container. But like in Moose or Zydeco, you want to verify data - if its consistent with your expectation. And you don't want to write the checking code lines over and over, plus they pollute method logic anyway. One of the advantages to have objects in the first place is to be sure, that the attributes obey requirements and you do not have to check them at every function all.

  • Let’s Build A Simple Interpreter. Part 18: Executing Procedure Calls
  • PyCharm 2020.1 EAP 4

    We have a new Early Access Program (EAP) version of PyCharm that can be now downloaded from our website. We’ve been hard at work making PyCharm easier to use and adding and improving features to get PyCharm 2020.1 ready for release. We have some good ones for you to try in this build. This EAP also includes loads of fixes from the IntelliJ Platform teams.

  • No Python 2 On Upcoming Ubuntu 20.04 LTS Version!

    Python 2 will no longer be available on upcoming Ubuntu 20.04 LTS version”, said by Matthias Klose. The team canonical had a very long discussion and came to a decision to remove Python 2 from Focal Fossa. The exact words are, Sorry for delaying that email. Based on some discussions, we are going forward with the Python2 removal.Matthias Klose

  • Android home screen widgets in HTML and JS

    I like having the news headlines on my phone’s home screen. (Well, on the screen to the right.) It helps me keep up with what’s going on in the world. But it’s hard to find a simple headline home screen widget which isn’t full of ads or extra frippery or images or tracking; I just want headlines, plain text, not unpleasantly formatted, and high-density. I don’t want to see three headlines; I’d rather see ten. I tried a whole bunch of news headline home screen widgets and they’re all terrible; not information-dense enough, or they are but they’re ugly, or they insist on putting pictures in, or they display a ton of other information I don’t want.

SharkLinux – Virtualization and cloud compatible Linux distro

Today, we are going to take a look at a specialized Linux distro, SharkLinux. It is a cloud compatible and virtualization Linux distro that you can use in the cloud. SharkLinux is an Ubuntu-based distribution featuring the MATE desktop and is best aimed for sysadmin testing, developers, and virtualization hobbyists. It follows a rolling release model for updates. Read more

Events: WordPress Livestream, SUSECon, JupyterCon, LibrePlanet

  • Pop-Up Livestream on February 22

    This should be a great way to get to hear from some speakers who have yet to share their knowledge on a global stage. WordPress is enriched by a multitude of experiences and perspectives, and I hope you are as excited as I am to hear new voices from a part of the world that is frequently underrepresented in the WordPress open source project.

  • Get Expert Guided Hands-On Experience at the SUSECON 2020 Pre-Conference Workshops
  • Get Certified During SUSECON 2020
  • JupyterCon 2020 is a go!

    Just over a year ago, Project Jupyter announced it was reevaluating its annual community conference. An advisory committee of volunteers recommended a JupyterCon 2020 emphasizing a focus on access and leadership. We are now thrilled to announce a global Jupyter conference...

  • Announcing JupyterCon 2020

    NumFOCUS is excited to be a part of JupyterCon 2020. JupyterCon will be held August 10 – 14 in Berlin, Germany at the Berlin Conference Center.

  • Hot off the presses: a sneak peek at the LibrePlanet 2020 schedule

    LibrePlanet 2020 is organized by the FSF. Hundreds of people from across the globe will converge to explore this year's theme, "Free the Future." We'll be delving into the threats to user freedom that we've all been reading about every day in the media, as well as the unique role the free software movement plays in solving these problems. In addition to the first keynote we announced last month, Brewster Kahle, LibrePlanet 2020 will feature a panoply of presentations. Our lineup includes some talks we absolutely can't wait to see, and we think you'll feel the same way! You can now dive in to the speakers already confirmed and start planning your itinerary. [...] LibrePlanet 2020 offers lots of opportunities for socializing, too! The annual FSF open house will take place on the evening of Friday, March 13th, at the FSF office. And the LibrePlanet Saturday night party will feature a sparkling new location. As we have in the past, we'll organize a dinner specifically for women, genderqueer, nonbinary, and gender non-conforming attendees, please mail campaigns@fsf.org if you're interested in joining. If you are looking to organize your own dinner or meetup, you can do so using the LibrePlanet wiki 2020 conference social and dinner pages as a central place for communication about this.

