One of the wonderful things about Python is the ease with which you can start writing a script - just drop some code into a .py file, and run python my_file.py. Similarly it’s easy to get started with modularity: split my_file.py into my_app.py and my_lib.py, and you can import my_lib from my_app.py and start organizing your code into modules. However, the details of the machinery that makes this work have some surprising, and sometimes very security-critical consequences: the more convenient it is for you to execute code from different locations, the more opportunities an attacker has to execute it as well...

If you go to YouTube and search for SpotMicro you will find a number of videos showing completed robots. The one that attracted my attention was built by Michael Romanko. What is special about this version is that it has a Raspberry Pi as its brain.The original uses an Arduino and the printer files have to be changed to accommodate a Pi. The important thing about installing a Pi is that you can easily fit Ubuntu, complete with a version of ROS (Robot Operating System). For most robot builders, ROS is the way to go and it makes development of software easier. I wouldn't say easy, it's still a challenge. The ROS nodes have been written in C++ and Python. You can see it in action in the video...

The rootkit won’t persist if you have UEFI boot fully enabled (although many Linux computers turn UEFI signing off rather than work through the steps to install an OS with it enabled). The malware is easy to spot if you dump raw information from the network, but the kernel module makes it hard to find on the local machine. It hooks many kernel functions so it can hide processes from both the ps command and the /proc filesystem. Other hooks remove file names from directory listings and also hides sockets. The paper describes how to identify the malware and they are especially interested in detection at scale — that is, if you have 1,000 Linux PCs on a network, how do you find which ones have this infection?

Consider the evolution of humankind. When we do, we will recognize that having global discussions and acting on global decisions is a relatively new phenomenon—only 100 years old, give or take a few years. We're still learning how to make global decisions and execute on them successfully. Yet our ability to improve those globally focused practices and skills is critical to our continued survival. And open principles will be the keys to helping us learn them—as they have been throughout history.

Google's Chromium team has proposed a way to allow web apps to establish direct TCP and UDP network connections, a powerful capability that could complicate web security. The Raw Sockets API, which may end up being renamed the Direct Sockets API, represents an attempt to give browser apps networking capabilities that aren't possible via data transport options like HTTP, WebSockets and WebRTC. It essentially allows the browser to talk directly to devices and other computers via the network. Chromium engineer Eric Willigers announced plans to prototype the API on Wednesday. Assuming testing goes well, the intent is to ship the tech for Chrome OS before there's a general Chromium release. "Many network devices use their own protocols over TCP or UDP, instead of using HTTPS or a WebSockets-compatible server," Willigers explained. "Like WebUSB, WebMIDI and WebBluetooth, this API allows web apps to communicate with local devices and information systems."

Earlier this week, NVIDIA dropped a bomb on the gaming world by releasing the web-based version of GeForce Now. Much to the surprise of many, the service that lets you bring your games with you didn’t arrive for browsers of any flavor. Instead, NVIDIA made our day by launching GeForce Now as a Chrome OS exclusive. We can, and probably will wax philosophic about the implications this could have for Chrome OS as a platform. Today, however, I’m reaching out to the masses who were left out in the cold when GeForce Now debuted. [...] You should now spoof Chrome OS anytime you navigate to Geforce Now’s streaming player. I can’t guarantee that NVIDIA won’t put a stop to this at some point but for now, it’s a sure-fire way to play GeForce Now on your Linux device.

HSE amounts to a well optimized key-value store database geared for high performance solid-state drives and persistent memory. Micron's original announcement talked of HSE providing as much as doubling the throughput and improving read latencies by around four times. With HSE is also a modified MongoDB implementation as a real-world reference implementation. Besides MongoDB, Micron hopes HSE will see use for various NoSQL, SDS, and big data use-cases along with other verticals.

As client certificates are on the way out and Debian's SSO solution is effectively not maintained any longer, I switched self-service buildd givebacks over to Salsa authentication. It lives again at https://buildd.debian.org/auth/giveback.cgi. For authorization you still need to be in the "debian" group for now, i.e. be a regular Debian member.

In case you follow the mailing lists or openSUSE groups in social media you might have come to know that the openSUSE community holds ad-hoc board elections to refill an open spot in the openSUSE board. If you did not know or even if you knew, you might not know that I was honored by being suggested as a candidate for that elections by Gerald and that I accepted the nomindation.

In the KSyntaxHighlighting framework we use small example files for the individual languages as regression tests. See the current collection here. We will create HTML output and two internal formats to check highlighting attributes & folding regions. These results are then diffed with version controlled reference files. At the moment we only check the default light theme for the HTML output, but I intend to extend this to check the dark theme, too. This will e.g. make it easier to spot problematic hard coded colors that are not readable in one of both variants. I updated our tooling to link the test output HTML files we actually have already on our syntax overview page. As you can see there, still a lot of languages we support are lacking example files. Just scan the page for the “submissions welcome” lines ;) These words are linked to the part of our README that talks about our regression tests. If you can provide an example file under a permissive license (MIT/BSD/GPL/…), please submit them e.g. as merge request.

Pheww!… GSoC coding period is in its last stage, The final evaluation is starting from tomorrow, I am really happy that all activities have been finished on time, 7 of them already merged in master and I hope the last one would also merge soon.

GSoC is finally coming to end, and what an exciting experience it has been! In this post I’ll be showing off the fruits of my labor. User collections were added to Games last week, and that marks the last major milestone of my GSoC project of “Implementing game collections in GNOME Games”. I’m very glad that I was able to finish all the major milestones in time. Below I’ll give a quick summary of my journey.

This video shows you how to play Fortnite or any GeForce Now game on Linux. This includes a variety of easy anti-cheat games that were unplayable before.