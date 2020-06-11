The first round of "x86/urgent" fixes have been sent in to Linux 5.8 just ahead of this weekend's 5.8-rc1 milestone while many of these fixes are marked for back-porting to the stable series. Making this pull of x86/urgent fixes notable is that it does include the work I first reported on a few days ago regarding a Google engineer uncovering some holes in Linux's Spectre mitigation handling. Some handling could result in some mitigation behavior being unfairly applied to AMD CPUs and in other fixes for addressing an issue that applications could be silently vulnerable to Spectre Variant Two attacks when thinking they are mitigated but in fact not. There is also a fix for a buggy optimization that could lead to Spectre V4 SSBD mitigation to be disabled for child processes.

When assessing corporate security, you need to approach it with the attitude that you are an outsider and want access. You must learn to view your network and your corporate facility from the outside, the same way as a potential attacker does. Performing internal scans is a good thing, but you also need to assess your external security. Is your network an easy mark for attackers? Is your corporate facility secure? Are employees safe? Can you gain access to valuable assets inside your network from the outside with minimal effort? Some companies hire outside security consultants who, as part of their service, attempt to breach corporate security just as real attackers would. They phish, they probe, they attempt to tailgate, they call into the office with legitimate-sounding requests, and they also attempt to gain physical access to employee areas and secured data centers.

KDE and GNOME: Calamares, Cantor and Fractal Calamares extensions and out-of-tree modules Calamares is a universal Linux installer framework. It provides a distribution- and desktop-agnostic set of tools that Linux distributions (and potentially FreeBSD as well) can use to build an installer for Live media (that is, ISO images). It is broadly themable, brandable, configurable and tweakable – the core repository contains 54 modules for various parts of the install process. Even 54 modules can’t do justice to all the breadth of things-people-might-want for Linux, so Calamares encourages people to write their own modules to solve specific problems. Calamares is also an eager upstream, so if the problem is specific, but affects lots of people, or can be made generally useful, then Calamares is eager to incorporate those modules into the “core” of the software product. To help and support people developing modules, Calamares should provide all the necessary bits for development: it has a C++ API and some CMake stuff that needs doing, for instance, and module-developers will need that.

Cantor Integrated Documentation : Week 1 and 2 Progress Hello KDE people!! It's been almost couple of weeks of the coding period already, and it has been hectic already. I was mostly able to stick to the timeline I had proposed, just loosing couple of days here and there. None the less, I am here presenting my progress on the project. [...] I have also tried customizing the official documentation. I personally did not liked the layout of the official documentation, so I tried to add some styling to it. Currently I am in process of doing it. Adding style to hundreds of HTML files was a challenge and tedious task to be completed manually. I again utilized Python's power and created a script to link the main CSS file to the HTML files.

Refactoring Fractal: Remove Backend (I) After a week and a half of starting work on Fractal in the GSoC and figuring things out, I could remove all state from one half of the backend, or what is called in Fractal as Backend. Confusing, right? Let me explain further. Actually the core of the application is split between two structs: one called AppOp, where most of the data is managed, and another one called Backend, out of the app crate, in fractal-matrix-api, where the calls to the server are done. They communicate between through message passing, but Backend stores some state that isn’t present in AppOp, or it’s even duplicated. So there are two sources of truth for state. That makes the process of implementing multi-account support harder and more error-prone than it should be. There are two paths to the solution here: remove AppOp and move all data to Backend or do the same in the opposite direction. I chose the latter because I wouldn’t have to transfer as much state as in the former case. Moreover, this way I can remove both loops and spawn threads directly and call functions directly from it instead of passing messages and matching against them (while spawning new threads anyways). Beware that these threads are kernel threads, not green threads or coroutines (aka Futures), so this is a very grotesque way of doing network requests without blocking the GUI as it is currently. It’s something that will be tackled in the future, though.