This week I posted some benchmarks looking at the Meltdown mitigation impact on BSD vs. Linux as well as some tests of DragonFly's stabilized HAMMER2 while for your viewing pleasure this weekend are a variety of general BSD vs. Linux benchmarks while using the newly-released DragonFlyBSD 5.2, TrueOS 18.03, FreeBSD 11.1, Ubuntu 16.04 LTS, Ubuntu 18.04, and Intel's Clear Linux.

All of these BSD/Linux operating system benchmarks were done using a system with an Intel Xeon E3-1280 v5 Skylake CPU, MSI MS-7998 motherboard, 2 x 8GB DDR4-2133 memory, and a 256GB Toshiba RD-400 NVMe SSD. All of the hardware components were maintained the same throughout the entire testing process.

For making the systems comparable and testing the operating systems in the manner set by the vendor, each platform was tested "out of the box" using the default settings.

While everyone knows that most Linux distributions (distros) are free to download, not everybody is aware that you also have access to thousands of cost-free applications through your operating system’s package manager.

Many of the more user-friendly distros will come with a selection of software preinstalled to help you get started, but there are many more apps out in the wild, under continuous development.

• CRI: The Second Boom of Container Runtimes

  Harry (Lei) Zhang, together with the CTO of HyperHQ, Xu Wang, will present “CRI: The Second Boom of Container Runtimes” at KubeCon + CloudNativeCon EU 2018, May 2-4 in Copenhagen, Denmark. The presentation will clarify about more about CRI, container runtimes, KataContainers and where they are going. Please join them if you are interested in learning more.

• Meet Gloo, the ‘Function Gateway’ That Unifies Legacy APIs, Microservices, and Serverless

  Gloo, a single binary file written in Go, can be deployed as a Kubernetes pod, in a Docker container, and now also on Cloud Foundry. The setup also requires a copy of Envoy, though the installation process can be greatly simplified through additional software developed by the company, TheTool. The user then writes configuration objects to capture the workflow logic.

• Why is the kernel community replacing iptables with BPF?

  The Linux kernel community recently announced bpfilter, which will replace the long-standing in-kernel implementation of iptables with high-performance network filtering powered by Linux BPF, all while guaranteeing a non-disruptive transition for Linux users.

• The developer of Helium Rain gave an update on their sales, low overall sales but a high Linux percentage

  Helium Rain [Steam, Official Site], the gorgeous space sim from Deimos Games is really quite good so it's a shame they've seen such low overall sales. In total, they've had around 14,000€ (~$17,000) in sales which is not a lot for a game at all.

  The good news, is that out of the two thousand copies they say they've sold, a huge 14% of them have come from Linux. It's worth noting, that number has actually gone up since we last spoke to them, where they gave us a figure of 11% sales on Linux.

• Want to try Wild Terra Online? We have another load of keys to give away (update: all gone)

  Wild Terra Online [Steam], the MMO from Juvty Worlds has a small but dedicated following, now is your chance to see if it's for you.

• Arch Linux Finally Rolling Out Glibc 2.27

  Arch Linux is finally transitioning to glibc 2.27, which may make for a faster system.

  Glibc 2.27 was released at the start of February. This updated GNU C Library shipped with many performance optimizations particularly for Intel/x86_64 but also some ARM tuning and more. Glibc 2.27 also has memory protection keys support and other feature additions, but the performance potential has been most interesting to us.

• Installed nvidia driver

• Stephen Smoogen: Fedora Infrastructure Hackathon (day 1-5)

• Design and Web team summary – 20 April 2018

  The team manages all web projects across Canonical. From www.ubuntu.com to the Juju GUI we help to bring beauty and consistency to all the web projects.

• Costales: UbuCon Europe 2018 | 1 Week to go!!

  We'll have an awesome weekend of conferences (with 4 parallel talks), podcasts, stands, social events... Most of them are in English, but there will be in Spanish & Asturian too.

• Tough, modular embedded PCs start at $875

  Advantech has launched two rugged, Linux-ready embedded DIN-rail computers with Intel Bay Trail SoCs and iDoor expansion: an “UNO-1372G-E” with 3x GbE ports and a smaller UNO-1372G-J with only 2x GbE, but with more serial and USB ports.

• IRS Website Crash Reminder of HealthCare.gov Debacle as OMB Pushes Open Source

  OMB is increasingly pushing agencies to adopt open source solutions, and in 2016 launched a pilot project requiring at least 20 percent of custom developed code to be released as open source – partly to strengthen and help maintain it by tapping a community of developers. OMB memo M-16-21 further asks agencies to make any code they develop available throughout the federal government in order to encourage its reuse.

  “Open source solutions give agencies access to a broad community of developers and the latest advancements in technology, which can help alleviate the issues of stagnated or out-dated systems while increasing flexibility as agency missions evolve over time,” says Henry Sowell, chief information security officer at Hortonworks Federal. “Enterprise open source also allows government agencies to reduce the risk of vendor lock-in and the vulnerabilities of un-supported software,” he adds.

• Migrations: the sole scalable fix to tech debt.

  Migrations are both essential and frustratingly frequent as your codebase ages and your business grows: most tools and processes only support about one order of magnitude of growth before becoming ineffective, so rapid growth makes them a way of life. This isn't because they're bad processes or poor tools, quite the opposite: the fact that something stops working at significantly increased scale is a sign that it was designed appropriately to the previous constraints rather than being over designed.

• Gui development is broken

  Why is this so hard? I just want low-level access to write a simple graphical interface in a somewhat obscure language.

• The OpenBSD Foundation 2018 Fundraising Campaign

  If a penny was donated for every pf or OpenSSH installed with a mainstream operating system or phone in the last year we would be at our goal.

• OpenBSD Community Goes Gold for 2018!

• New core team member - Taylor Campbell'

• Twitter banned Kaspersky Lab from advertising in Jan

   

  Twitter has banned advertising from Russian security vendor Kaspersky Lab since January, the head of the firm, Eugene Kaspersky, has disclosed.  

• When you go to a security conference, and its mobile app leaks your data

   

  A mobile application built by a third party for the RSA security conference in San Francisco this week was found to have a few security issues of its own—including hard-coded security keys and passwords that allowed a researcher to extract the conference's attendee list. The conference organizers acknowledged the vulnerability on Twitter, but they say that only the first and last names of 114 attendees were exposed.

• The Security Risks of Logging in With Facebook

   

  In a yet-to-be peer-reviewed study published on Freedom To Tinker, a site hosted by Princeton's Center for Information Technology Policy, three researchers document how third-party tracking scripts have the capability to scoop up information from Facebook's login API without users knowing. The tracking scripts documented by Steven Englehardt, Gunes Acar, and Arvind Narayanan represent a small slice of the invisible tracking ecosystem that follows users around the web largely without their knowledge.

• Facebook Login data hijacked by hidden JavaScript trackers

   

  If you login to websites through Facebook, we've got some bad news: hidden trackers can suck up more of your data than you'd intended to give away, potentially opening it up to abuse.

The team behind Sabayon Linux had issued a new release. Let’s take a quick look at what’s involved in this new release.

• Android P: Cheat sheet

• Fuchsia Friday: Early thoughts on how Android compatibility could potentially happen

• Android Circuit: New Galaxy Note Confirmed, OnePlus 6 Leaks, Samsung Patents 'iPhone X Style' Notch

• Google's plan to fix texting on Android is really about the death of SMS

• Google Photos for Android reorganizes bottom bar to prioritize main tab & view

• Cloud Foundry eyes China’s market with Alibaba Cloud’s membership

  Alibaba Cloud announced it is deploying Cloud Foundry on its infrastructure alongside joining the Cloud Foundry Foundation as a gold member.

• Cloud Foundry Remains Committed, Cautious on Kubernetes

  The Cloud Foundry Foundation continues to garner strong support from the developer community. But the ongoing surge in interest around the use of Kubernetes to exploit containers for cloud deployments has placed a focus on how the Cloud Foundry Foundation will evolve.

  The topic of Kubernetes integration with Cloud Foundry was part of several sessions and keynote addresses at this week’s Cloud Foundry Summit. While the organization has tangentially begun to integrate the container orchestrator into its work, it remains cautious on a stronger embrace.

• Kubernetes and Cloud Foundry grow closer

  Containers are eating the software world — and Kubernetes is the king of containers. So if you are working on any major software project, especially in the enterprise, you will run into it sooner or later. Cloud Foundry, which hosted its semi-annual developer conference in Boston this week, is an interesting example for this.

• Cloud Foundry PaaS shops hone software delivery process

  Enterprises that have deployed Cloud Foundry platform as a service found it catalyzed new thinking about the application delivery process and other organizational practices.

• Hyperledger bug bounty program goes public

  Hyperledger is an open-source project and hub for developers to work on blockchain technologies.

  The Hyperledger infrastructure is being developed in order to support cross-industry uses of distributed ledger technologies, most commonly associated with the exchange of cryptocurrency.

  [...]

  Over the past year, Hyperledger has formalized how blockchain projects can move from development to their first 1.0 release. This process now includes a number of security requirements, including meeting the demands of the Core Infrastructure Initiative (CII), which sets "best practice" requirements for open-source project security.

  In addition, up to three members of a project must be nominated to the Hyperledger security team to help triage and resolve vulnerabilities.

• iconectiv Brings Device ID Expertise to the Linux Foundation

  The Bridgewater, New Jersey-based company iconectiv this week joined the Linux Foundation Networking Fund. iconectiv is perhaps most well-known as a Local Number Portability Administrator (LNPA). In this role the company handles the administrative work to enable people to port their phone numbers between different service providers. It operates as the LNPA for the majority of countries in the world. It was named as the LNPA for the United States in 2016, taking over the role from Neustar.

• Google’s Crostini lets you run GNU/Linux apps on Chromebooks without enabling developer mode

  People have been running Ubuntu and other GNU/Linux distributions on Chromebooks for almost as long as Chromebooks have been available. While some folks have replaced Chrome OS altogether or created dual boot systems, the simplest method is to use Crouton, which allows you to install a Linux distribution in a chroot environment, allowing you to run Ubuntu or another OS alongside Chrome OS and switch between the two environments without rebooting.

• What Is Google’s ‘Chat’ For Android? An RCS-based Alternative To iMessage?

• Exclusive: Chat is Google’s next big fix for Android’s messaging mess

• 10 Best Fitness Apps For Android To Track Your Workouts In 2018

• Building Bold New Worlds With Virtual Reality

  From rich text to video to podcasts, the Internet era offers an array of new ways for creators to build worlds. Here at Mozilla, we are particularly excited about virtual reality. Imagine moving beyond watching or listening to a story; imagine also feeling that story. Imagine being inside it with your entire mind and body. Now imagine sharing and entering that experience with something as simple as a web URL. That’s the potential before us.

• This Week in Mixed Reality: Issue 3

  This week we’re heads down focusing on adding features in the three broad areas of Browsers, Social and the Content Ecosystem.

• New to me: the Taskcluster team

  At this time last year, I had just moved on from Release Engineering to start managing the Sheriffs and the Developer Workflow teams. Shortly after the release of Firefox Quantum, I also inherited the Taskcluster team. The next few months were *ridiculously* busy as I tried to juggle the management responsibilities of three largely disparate groups.

• Taskcluster migration update: we're finished!

  Over the past few weeks we've hit a few major milestones in our project to migrate all of Firefox's CI and release automation to taskcluster.

  Firefox 60 and higher are now 100% on taskcluster!

• After the First US Transaction, Propy Announces an Open Source Developer Program

  California-based blockchain startup Propy, is bringing the commercial use of blockchain technology to the US. After facilitating the first US Blockchain-based real estate deed in Vermont, Propy announced a new open source Developer Program.

  The idea behind Propy: it allows anyone to buy or sell real estate, anywhere, online. Propy provides an efficient crypto and fiat payment and an immutable record on the blockchain, ensuring that title deeds and property rights will be there forever.

• Titus, the Netflix container management platform, is now open source

  Titus powers critical aspects of the Netflix business, from video streaming, recommendations and machine learning, big data, content encoding, studio technology, internal engineering tools, and other Netflix workloads. Titus offers a convenient model for managing compute resources, allows developers to maintain just their application artifacts, and provides a consistent developer experience from a developer’s laptop to production by leveraging Netflix container-focused engineering tools.

• Netflix's Container Management System Is Now Open Source

  On Thursday Netflix announced it's made its home grown container management system, Titus, open source.

• Lumina Networks on delivering open source SDN

  What kinds of companies should consider open source SDN, and what are the associated challenges in using such open source deployments? Lumina Networks has unrivalled expertise in working with customers and partners to deliver implementations, and explains its processes and outlines the benefits of using open source SDN.

• Luxoft launches PELUX 1.0 open source platform for automotive

  Luxoft’s automotive division has launched PELUX 1.0, an open source platform available to developers. This has been developed from its PELUX software suite as used by carmakers and tier 1 suppliers to build converged infotainment, autonomous driving, communication, HMI and car body control systems.

• Dev Preview: MongoDB Enterprise Running on OpenShift

  In order to compete and get products to market rapidly, enterprises today leverage cloud-ready and cloud-enabled technologies. Platforms as a Service (or PaaS) provide out-of-the-box capabilities which enable application developers to focus on their business logic and users instead of infrastructure and interoperability. This key ability separates successful projects from those which drown themselves in tangential work which never stops.

  In this blog post, we’ll cover MongoDB’s general PaaS and cloud enablement strategy as well as touch upon some new features of Red Hat’s OpenShift which enable you to run production-ready MongoDB clusters. We’re also excited to announce the developer preview of MongoDB Enterprise Server running on OpenShift. This preview allows you to test out how your applications will interact with MongoDB running on OpenShift.

• Is Open Source The AI Nirvana for Intel? [Ed: openwashing a malicious company using buzzwords and urban myths]

• Writing Chuck – Joke As A Service

  Recently I really got interested to learn Go, and to be honest I found it to be a beautiful language. I personally feel that it has that performance boost factor from a static language background and easy prototype and get things done philosophy from dynamic language background.

  The real inspiration to learn Go was these amazing number of tools written and the ease with which these tools perform although they seem to be quite heavy. One of the good examples is Docker. So I thought I would write some utility for fun, I have been using fortune, this is a Linux utility which gives random quotes from a database. I thought let me write something similar but let me do something with jokes, keeping this mind I was actually searching for what can I do and I landed up on jokes about Chuck Norris or as we say it facts about him. I landed up on chucknorris.io they have an API which can return different jokes about Chuck, and there it was my opportunity to put something up and I chose Go for it.

• A handy way to add free books to your eReader

• A Perl module for better debugging

• [From Arch] glibc 2.27-2 and pam 1.3.0-2 may require manual intervention

• How to start developing on Java in Fedora

• Use Peek to take quick GIF screencasts

• Deploying to OpenShift – Our latest free eBook

• Managing OPA

• How to Install Log.io Realtime Log Monitoring Tool on Ubuntu 16.04 LTS

• How to patch Meltdown and Spectre vulnerabilities on FreeBSD

• How To Remove Password From A PDF File in Linux

• Security updates for Friday

• IBM Security launches open-source AI

  IBM Security unveiled an open-source toolkit at RSA 2018 that will allow the cyber community to test their AI-based security defenses against a strong and complex opponent in order to help build resilience and dependability into their systems.

• Elytron: A New Security Framework in WildFly/JBoss EAP

  Elytron is a new security framework that ships with WildFly version 10 and Red Hat JBoss Enterprise Application Platform (EAP) 7.1. This project is a complete replacement of PicketBox and JAAS. Elytron is a single security framework that will be usable for securing management access to the server and for securing applications deployed in WildFly. You can still use the legacy security framework, which is PicketBox, but it is a deprecated module; hence, there is no guarantee that PicketBox will be included in future releases of WildFly. In this article, we will explore the components of Elytron and how to configure them in Wildfly.

• PodCTL #32 – Container Vulnerability Scanning

It's a busy month for the BSDs with DragonFlyBSD 5.2 having come along with OpenBSD 6.3 and right before that was TrueOS 18.03. Now there's finally the release candidate of the long-awaited NetBSD 8.0 update.

NetBSD 7.0 arrived back in October 2015 while the NetBSD 8.0 release should not be too much further out. Arguably most interesting with NetBSD 8.0 is its finally bring initial USB 3.0 support though the change-log currently just describes it as "some USB 3 support."

• FFmpeg 4.0 released

  Version 4.0 of the FFmpeg multimedia toolkit is out. There is a long list of new filters, formats, and more; see the announcement for details.

• April 20th, 2018, FFmpeg 4.0 "Wu"

• FFmpeg 4.0 Released With New Encoders/Decoders, NVIDIA NVDEC Decoding

  FFmpeg 4.0 is now available as the latest major release for this widely-used open-source multimedia encode/decoder library.

  FFmpeg 4.0 introduces NVIDIA NVDEC GPU-based decoding for H264 / MJPEG / HEVC / MPEG-1/2/4, VC1, VP8, and VP9 formats. This release also adds an Intel QSV accelerated overlay filter, an OpenCL overlay filter, VA-API MJPEG and VP8 decoding support, new VA-API filters, and many other accelerated code path improvements.

• AMDGPU DC Fixes For Linux 4.17 Take Care Of "The Dark Screen Issue"

  AMD's Alex Deucher has sent in a small set of fixes for the AMDGPU Direct Rendering Manager driver in the Linux 4.17 kernel.

  The three patches are for fixing a dark screen issue with AMDGPU DC, a fix for clock/voltage dependency tracking for WattMan, and an updated SMU interface for the yet-to-be-announced Vega 12 GPU.

• Intel KVMGT 2018-Q1 Release Offers Mediated GPU Pass-Through Improvements

  While the relevant bits for supporting Intel GPU mediated pass-through to virtual machines with KVM are now upstream in the Linux kernel as well as in QEMU 2.12, Intel developers have just announced their quarterly release of "KVMGT" for those wanting the officially blessed configuration for running Intel virtual GPU support with KVM virtual machines.

• RADV Vulkan Driver Adds Vega M Support

  Following RadeonSI adding "Vega M" support for the new Radeon graphics appearing embedded on select Intel Kabylake processor packages, the RADV developers have similarly staged their Vega M support in this open-source Vulkan driver.

• The Forge Now Offers Full-Featured Vulkan Support On Linux

  Earlier this month we covered "The Forge" picking up initial Linux support and now they have rounded out their full-featured Linux support with Vulkan rendering.

• What you need to know about blockchain technology and gaming

  To say that blockchain technology is big news is an understatement. It is the technology to be involved with right now if you’re interested in a disruptive technology. As a refresher, it is the underlying technology behind cryptocurrencies like Bitcoin and Ethereum. It is also behind an emerging trend in gaming called blockchain gaming, or crypto gaming.

  Blockchain is simply a transaction that is recorded and added to a previous transaction, forming a chain of data. Each transaction added to the chain can account for many different things. For example, with Bitcoin, the transaction that makes up blockchain data here is the movement/discovery of units of the cryptocurrency.

• Don't Bother Trying AMDVLK Vulkan With Rise of the Tomb Raider Right Now

  Following yesterday's 20-way graphics card comparison for Rise of the Tomb Raider that debuted yesterday on Linux and is exclusively powered by Vulkan, my next benchmarking objective was trying out the official AMD Vulkan driver, AMDVLK, to see how it would work given the successes of RADV on launch-day for this latest Feral Interactive game port.

• Strategic RPG 'For The King' has left Early Access and is now on Linux

  For The King, a strategic RPG with tabletop and roguelike elements has recently left Early Access, it seems they also published the Linux version too.

  We've reached out to the developer for a review key, so hopefully we can give it some proper thoughts in good time. At least early indications are that it's quite good, going by what users think of it.

• Hollow Knight: Lifeblood is out as another free update and it's looking good

  Hollow Knight: Lifeblood has just released aiming to make the already amazing action adventure game even better. I must say,

• Basingstoke, the new tense stealth and action title from Puppy Games to release April 27th

  Puppy Games latest game Basingstoke, which mixes in stealth and action is going to release April 27th with full Linux support.

• God game 'The Universim' to enter Steam Early Access in August with Linux support

  I spoke to Alex Koshelkov, Founder & CEO Crytivo last night. They confirmed to me that the Steam Early Access release will indeed have a Linux version, which will not use their current updater (which requires a mono-complete install to work) since it will update via Steam directly which is going to be much nicer. The actual game is built from Unity, so it should be fine.

• Graveyard Keeper looks weird and interesting in their new gameplay reveal

  Graveyard Keeper [Official Site], from Lazy Bear Games and tinyBuild finally has some proper gameplay to show off and it's equal parts weird, grim and quite interesting.

• Want to try Wild Terra Online? We have another load of keys to give away

• Taking a look at Red Hat’s ‘radically open brand evolution project’

  The project was disclosed by Red Hat in a blog post in February as part of what the Hatters describe themselves as a “radically open brand project.” The Linux and cloud services firm ran a survey seeking “input. It closed Feb. 25.

• Fedoras forever? A logo change at Red Hat is coming this year.

  As corporate logos go, Red Hat's fedora-sporting "Shadowman" is about as iconic as they come, but he could be living on borrowed time.

  The software company, based in downtown Raleigh, is in the midst of an "open brand project" and in October is due to roll out an all-new logo. The color red, and a hat, are likely to figure in it somehow presuming in-house designers follow the advice they're getting from customers and employees.

  But Shadowman's survival is far from assured, as the company has already said its research suggests he's "seen as more secretive than open, and more villainous than heroic."

• 2 Stocks Taking a Gut Shot: Urban Outfitters, Inc. (URBN), Red Hat, Inc. (RHT)

• Risk Malaise Alert in Option Market: Red Hat Inc Implied Price Swing Hits A Weakened Level

• How open source databases are sucking revenue out of legacy vendors’ pockets

  In other words, the value of the open source database market to customers/users is measured in the tens of billions, or even hundreds of billions, of dollars. One other way of thinking about this? That's tens or hundreds of billions of dollars that proprietary vendors will never capture.

• Has the time finally come for PostgreSQL?

  For nearly 30 years, PostgreSQL (a.k.a., Postgres) has arguably been the most common SQL open source database that you have never heard of. Call it the Zelig of databases, its technology either sat behind or acted as the starting point behind an array of nearly a dozen commercial database offerings from EnterpriseDB to Redshift, Greenplum, Netezza, CockroachDB and a host of others. And PostgreSQL has distinguished lineage as one of the brainchilds of Turing Award winner and database legend Dr. Michael Stonebraker, who started the PostgreSQL project based on the lessons learned from his previous database venture, Ingres.