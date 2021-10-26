Programming Leftovers
-
Subscriber and Subscription Management (SSM) is the system that funnels orders for IBM SaaS offerings offered through IBM and third-party marketplaces to the appropriate endpoints. This provisions orders for the customers and manages their entire subscriber and subscription lifecycle. It handles about 2,000 requests per hour.
SSM is a legacy monolith app. However, dealing with such a mission-critical application with millions of lines of code can be a nightmare. Making it more complex is the transaction handling implemented at every smallest service layer unit. To support high-end business use cases, there are dozens of composite APIs that SSM supports. These composite APIs internally make calls to the smallest-unit APIs, holding multiple DB connections for a single composite API request.
-
Boost is a very large and comprehensive set of (peer-reviewed) libraries for the C++ programming language, containing well over 100 individual libraries. The BH package provides a sizeable subset of header-only libraries for (easier, no linking required) use by R. It is fairly widely used: the (partial) CRAN mirror logs (aggregated from the cloud mirrors) show over 40 million package downloads.
-
Racket is a general-purpose, object-oriented, multi-paradigm, functional, imperative, logic based programming language based on the Scheme dialect of Lisp. It’s designed to be a platform for programming language design and implementation.
Racket is also used to refer to the family of Racket programming languages and the set of tools supporting development on and with Racket. It has a powerful cross-platform GUI library built in.
Racket’s core language includes macros, modules, lexical closures, tail calls, delimited continuations, parameters (fluid variables), software contracts, green and OS threads, and more. The language also comes with primitives, such as eventspaces and custodians, which control resource management and enables the language to act like an operating system for loading and managing other programs.
Racket is often used for scripting, computer science education, and research. It’s an open-source project (Apache/MIT).
-
We are happy to announce the release of Qt Creator 6.0.1!
-
Warnings category syntax contains a number of sub-categories representing possibly-problematic syntax. These include ambiguous syntax, problematic bareword usage, invalid printf conversions, and more. But there are also syntax diagnostics that do not fall under any of the sub-categories. These tend to be a miscellaneous group, and a normal-sized blog post can do no more than to give a sample.
Security Leftovers
-
Security updates have been issued by Debian (apache-log4j2 and mediawiki), Fedora (libmysofa, libolm, and vim), Oracle (httpd), Red Hat (go-toolset:rhel8), and Ubuntu (apache-log4j2 and mumble).
-
Access Now, Committee to Protect Journalists, Freedom House, and Human Rights First applaud the U.S. Congress for passing legislation that directs the U.S. State Department to develop a list of spyware purveyors with whom the Department should avoid doing business because of their poor human rights records. Included in the National Defense Authorization Act, this provision could provide greater transparency on invasive surveillance technologies, such as NSO Group’s Pegasus spyware, that are used against activists and journalists.
The law mandates that the State Department submit the spyware company list annually to Congress for a period of five years. This report should inform inter-agency coordination, especially to ensure that the Commerce Department continues to add human rights-violating spyware firms to the Entity List. (In November, the Department added NSO Group and Candiru to the List.) It also sends a strong message to the spyware industry and their investors that their days of operating in the shadows with impunity are over.
“For over a decade, the U.S. State Department has trumpeted internet freedom and human rights online, all while U.S. companies sold powerful surveillance technologies to the enemies of those cherished ideals,” said Jennifer Brody, U.S. Advocacy Manager at Access Now. “If leveraged to its full potential, the Department’s new spyware report will help to protect at-risk activists and journalists and safeguard freedom of expression in the most repressive environments. The U.S. must finally own its role in the global trade of these cyber weapons.”
-
On December 5th, someone by the IRC nickname of [ubuntu] joined the Pine64 Discord’s #pinephone channel through an IRC bridge. In the spirit of December gift-giving traditions, they have presented their fellow PinePhone users with an offering – a “Snake” game. What [ubuntu] supposedly designed had the potential to become a stock, out-of-the-box-installed application with a small but dedicated community of fans, modders and speedrunners.
Unfortunately, that would not be the alternate universe we live in, and all was not well with the package being shared along with a cheerful “hei gaiz I make snake gaem here is link www2-pinephnoe-games-com-tz replace dash with dot kthxbai” announcement. Shockingly, it was a trojan! Beneath layers of Base64 and Bashfuscator we’d encounter shell code that could be in the “example usage” section of a modern-day thesaurus entry for the word “yeet“.
[...]
That’s true for a lot of places – GitHub and GitLab releases, DockerHub, NPM, RubyGems, browser extension stores, PyPi, and even some supposedly safe Linux repositories, like F-droid, are vulnerable. Providing sourcecode along a malicious package adds legitimacy, and takes away incentives for skilled people to check the binary in the first place – hey, the code’s there to see already! If [ubuntu] did just that, perhaps we’d be talking about this incident a few days later and in a more somber tone. Supply-chain attacks are the new hotness in 2020 and 2021.
[...]
The PinePhone community has implemented some new rules, some channeling into the “automation” territory. This will possibly help a specific kind of problem to be less impactful in the future – though I’d argue that institutional memory should play a larger part in this. Beware of Greeks bearing gifts… until they learn how to work around your Discord bot’s heuristics? I already have, for instance. This is a monumental topic with roots beyond the Great PinePhone Snake Malware of 2021, and this article isn’t even about that as much as it’s about helping you understand what’s up with important aspects of Linux security, or maybe even the security of all open source software.
-
At the time of writing, we believe that Cytrox’s CEO is Ivo Malinkovksi, as stated on his LinkedIn page. Notably, Malinkovksi’s now-private Instagram account includes a 2019 image of him in front of the Pyramids of Giza in Egypt.
A 2019 report in Forbes states that Cytrox was “rescued” by Tal Dilian, a former Israel Defence Forces (IDF) Unit 81 commander, whose company WiSpear (which appears to have been renamed Passitora Ltd.) is based in Limassol, Cyprus and reportedly acquired Cytrox in 2018 according to the Atooro Fund. Dilian is also known as the founder of Circles, a prominent cellular network surveillance company. In December 2020, the Citizen Lab published an investigation into Circles’ government clients. Dilian is also the founder and CEO of Intellexa.
Kernel: Resizable BAR, DRM/DRM-Next, and AMD Accelerator Clown
-
Resizable BAR support (also known as ReBAR / AMD Smart Access Memory) has been popular with gamers for supported configurations for being able to improve GPU performance. Intel is now working on enabling the Linux kernel to support Resizable BAR when in the context of I/O Virtualization.
Resizable BAR is a PCI Express feature can allow for the entire vRAM contents to be accessible by the CPU rather than being limited to a 256MB window. In turn that can lead to more efficient transfers between the CPU and GPU, but is contingent upon CPU/GPU/system support. Linux has supported Resizable BAR behavior as part of the PCIe specification and various Linux graphics drivers do make use of Resizable BAR in capable system configurations.
-
Already a lot of DRM display/graphics driver changes have been queued into DRM-Next ahead of the Linux 5.17 merge window while now is the latest weekly batch of drm-misc-next material. DRM-Misc maintainer Thomas Zimmermann of SUSE commented, "every single patchset in this [pull request] is awesome."
This drm-misc-next pull request sent out today follows other exciting improvements to be queued recently too for Linux 5.17, including initial Raptor Lake S graphics support, Alder Lake P is now stable, various AMDGPU improvements, variable rate refresh (VRR) for Intel Ice Lake graphics, DRM privacy screen support, Broadcom VC4 [email protected] support for that driver used by the latest Raspberry Pi boards, and much more.
-
AMD has made public the AMD Accelerator Cloud. No, they aren't getting into the cloud game per se, but rather allowing a place for customers to try out new EPYC processors and AMD Instinct accelerators running with the latest ROCm software components.
With the AMD Accelerator Cloud are AMD's latest wares both in the form of their newest processors and GPUs/accelerators as well as their latest software stack deployed for ensuring a turn-key trial of AMD's offerings.
Games: Valheim, ΔV: Rings of Saturn, Steam Deck, and Death Carnival
-
Iron Gate have given Valheim players an early Christmas present with a fresh update adding in a couple of seasonal bits and some free content.
Do you have lots of wolves tamed? Good noise, they will no longer annoy the heck out of you by howling constantly. Troll animations were overhauled, tamed animals have decided they like fire now, there's a profanity filter for the server list, a new armour stand to show off what you've got and a Yule tree! You can even craft little present boxes that act like tiny storage chests - how sweet.
-
ΔV: Rings of Saturn is a hard sci-fi physics-based space mining game from Kodera Software. A unique point about the demo was that you could previously play through everything, you just couldn't save the game and now that's changing.
Writing in a post on Indie DB, the developer talks about the changes that have happened and continued talking about their feelings towards providing a demo. The main adjustments done recently mean you can save in the demo but you're now limited to 30 days in-game time, which is still very generous.
Kodera Software mention that "It’s a popular opinion in the game development circles that having a free demo hurts game sales". They didn't agree, so a demo was put up. After a while, a bug was noticed where code to make the demo stop wasn't actually working and it wasn't noticed for quite some time as it didn't affect sales and so it became a proper thing. The developer still needs to eat though, and ΔV: Rings of Saturn is a game that can be tough to initially get into so having a save to come back to sounds like a great idea.
-
In context: While the Steam Deck has a lot of excitement surrounding it, there’s concern over how much the 64GB of eMMC storage in the base model could be a limitation—even with the SD slot. The fact that its Linux-based operating system had taken up 24GB of that space would have been even more worrying, but Valve has now managed to shrink it down to a more acceptable 10GB.
As reported by PCGamesN, MetaCouncil forum member Madjoki shared release notes for SteamOS image 20211120.2. They show that the Steam Deck’s operating system now takes up around 10GB of space, 14GB less than its previous size.
The reduction is good news for Steam Deck buyers, especially those opting for the base model. SteamOS will now take up a more acceptable 15% of its 64GB storage instead of the previous 37.5%.
That’s pretty impressive when you consider that the PS5’s operating system takes up 158GB and the Xbox Series X’s OS comes in at 198GB, roughly 20% of the consoles’ storage. The Nintendo Switch’s OS, meanwhile, requires 4GB, around 12.5% of the base storage.
-
Death Carnival (previously known as BulletRage) is still in progress and a new trailer has just been shown off giving a little look into the PvP mode it will have. This is a game that has stuck with me for some time, after playing through their older demo when it was BulletRage it was pretty immense.
What is it? A fast-paced arcade shooter with extreme weapons, wall-dashing and intense mid-air combat in online multiplayer action format like never before. Use the environment to discover new ways to destroy your enemies, and customize load-outs with the weapon socket system. Choose from over a dozen characters each with unique attacks and story campaigns. Enjoy the adrenaline-fuelled combat in single player, online co-op, or competitive PvP.
Recent comments
1 min ago
45 min 36 sec ago
1 hour 34 min ago
3 hours 42 min ago
3 hours 47 min ago
3 hours 54 min ago
3 hours 56 min ago
3 hours 57 min ago
5 hours 19 min ago
14 hours 30 min ago