Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Thursday, 19 Sep 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story GNU lightning 2.1.3 released! Roy Schestowitz 19/09/2019 - 1:43am
Story Programming: Python and C++ Roy Schestowitz 19/09/2019 - 1:38am
Story Manjaro Linux 18.1.0 'Juhraya' has been officially released Roy Schestowitz 8 19/09/2019 - 1:30am
Story today's howtos Roy Schestowitz 19/09/2019 - 1:26am
Story The [EndeavourOS] September release has arrived Roy Schestowitz 19/09/2019 - 1:24am
Story Debian May Need To Re-Evaluate Its Interest In "Init System Diversity" Roy Schestowitz 19/09/2019 - 1:15am
Story Best Essential Apps for Linux 2019 Roy Schestowitz 19/09/2019 - 1:11am
Story Audiocasts/Shows: Linux Headlines, Void Linux, This Week in Linux and LINUX Unplugged Roy Schestowitz 19/09/2019 - 12:57am
Story Linux 5.4 Developments and Merges Roy Schestowitz 19/09/2019 - 12:54am
Story Announcing the release of Fedora 31 Beta Rianne Schestowitz 4 19/09/2019 - 12:51am

SUSE: Containers, IBM, Predictions and Openwashing SAP

Filed under
SUSE
  • Demystifying Containers – Part III: Container Images

    This series of blog posts and corresponding talks aims to provide you with a pragmatic view on containers from a historic perspective. Together we will discover modern cloud architectures layer by layer, which means we will start at the Linux Kernel level and end up at writing our own secure cloud native applications.

    Simple examples paired with the historic background will guide you from the beginning with a minimal Linux environment up to crafting secure containers, which fit perfectly into todays’ and futures’ orchestration world. In the end it should be much easier to understand how features within the Linux kernel, container tools, runtimes, software defined networks and orchestration software like Kubernetes are designed and how they work under the hood.

  • Announcing the new IBM LinuxONE III – Combined with SUSE for One of the Most Secure Platforms on the Planet

    Our guest blog writer is Kara Todd, Director of Linux at IBM with an exciting announcement from IBM – with SUSE Linux Enterprise playing an integral role!
    Announcing the new IBM LinuxONE III – the system you need for the most secure, flexible system to support your initiatives today, and you need that system to grow and evolve with you for tomorrow. The latest LinuxONE system was designed to support your mission-critical initiatives and allow you to be innovative as you design and scale your environment. LinuxONE III provides features for advanced data protection and privacy, enterprise resiliency and scalability, and cloud enablement and integration. These tools set the foundation to enable you to build with flexibility, deliver with confidence, and protect the future.

  • Top 10 Technology Predictions for 2019 Revisited – Here’s my Personal Performance Appraisal

    Open source continues to play a key role in all these other dominant technology trends. That’s why 82% of large organizations are more receptive to open source than they were 5 years ago, and 83% of hiring managers are looking for open source talent as a priority.

    So, how did I do overall with my predictions?

    Based on my own appraisal, I scored a creditable 9/10, and I’m feeling pretty good about that. However, I guess I wasn’t taking a huge risk. By way of full disclosure, I track all of these trends as part of my role at SUSE, and as a leading technology partner, SUSE works very closely with all its customers.

  • Introduction to SUSE Linux Enterprise is now available on openSAP

The community-led renaissance of open source

Filed under
OSS

With few commercial participants, early free software and open source communities were, by definition, community-led. Software was designed and created organically by communities of users in response to their needs and inspiration. The results, to a degree nobody predicted, were often magical.

First-generation open source businesses like Red Hat emerged to respond to these needs. They combined the best of both worlds: the flexibility and control of raw open source with the commercial support that enterprises depend on. These new open source businesses found their opportunity by adding the missing—but necessary—commercial services to community-led open source projects. These services would be costly for organizations to provide on their own and potentially even more costly to do without. One early leader of that era, Cygnus Solutions, even adopted the counter-intuitive tagline "Making free software affordable."

But back then, it was always overwhelmingly clear: The commercial vendors were in service of the community, filling in around the edges to enable commercial applications. The community was the star, and the companies were the supporting cast.

Read more

Election fraud: Is there an open source solution?

Filed under
OSS

Can open source technology help keep our elections honest? With its Trust The Vote Project, the Open Source Election Technology (OSET) Institute is working on making that a reality for elections in the United States and around the world.

The project is developing an open, adaptable, flexible, full-featured, and innovative elections technology platform called ElectOS. It will support all aspects of elections administration and voting, including creating, marking, casting, and counting ballots and managing all back-office functions. The software is freely available under an Open Source Initiative (OSI)-recognized public license for adoption, adaptation, and deployment by anyone, including elections jurisdictions directly or, more commonly, commercial vendors or systems integrators.

Read more

Meld is an excellent file and folder comparison tool for Windows and Linux

Filed under
Linux
OSS

Ever had two sets of the same files and folders and couldn't decide which one to retain? It may take a long time to actually open each to verify the one that's recent or the one you need; while dates associated with the files may help, they won't all the time as they don't tell you anything about the actual content.

This is where file comparison tools can be time-savers. Meld is an open source file comparison tool for Windows and Linux for exactly that purpose.

Read more

Did Lilu Ransomware Really Infect Linux Servers

Filed under
Linux
Server
Security

Note that the domain name of this folder has been hidden from view making it impossible for us to verify if these files were actually on a Linux server. The article goes on to note that “Lilocked doesn't encrypt system files, but only a small subset of file extensions, such as HTML, JS, CSS, PHP, INI, and various image file formats. This means infected servers continue to run normally.”

This limitation raises the obvious question of whether the core of the Linux server itself has been compromised or whether merely applications connected to the core have been hacked. There are many very insecure website building applications such as Wordpress and many insecure web mail applications such as Exim that have been repeatedly hacked over the years. Both Wordpress and Exim have suffered from dozens of major security problems that have nothing to do with the security of the Linux operating system which is at the core of all Linux servers. All of the file formats mentioned in the article are files used on Wordpress websites and files that can be transmitted via Exim email programs.

[...]

So instead of 6000 websites on 6000 servers being infected, it looks more like 6000 files on less than 1000 websites were infected. And many of these websites could have been on the same server – meaning that perhaps only a couple dozen out of the worlds 10 million Linux servers had infected files – and none of the files were actually in the core of any Linux servers.

[...]

Many of these articles were exact copies of the Zdnet article. Thus far, not a single so-called “security expert” has bothered either to look into the evidence provided much less challenge or disagree with this silly claim.

Instead, make even more extreme claims, noting that there are millions of Linux servers running outdated, un-patched and insecure versions of Exim software. This is a fact. But given how many holes have been found in the Exim software, the problem is not with the Linux servers, it is with the Exim software. In my humble opinion, the design of Exim is not secure and the design of Postfix is more secure.

The solution to this Exim problem is to demand that Cpanel support support Postfix and to ask Debian to also switch from Exim to Postfix (something Ubuntu has already done for very obvious reasons). This is the benefit of the diversity of free open source software. If one program has problems, there is quite often a more secure alternative that can be installed with just the click of a button. This is a problem that has been going on for years. But it can be fixed in a matter of minutes.

Read more

FOSS – A boon for e-governance and educational institutions

Filed under
OSS

Free and Open Source Software (FOSS) Community is By the Community, For the Community, of the Community, To the Community on No Profit No Loss Basis. Open Source Software, is and will always remain free. There is no license to pay to anybody.The central government mooted out a policy on adoption of open source software, which makes it mandatory for all software applications and services of the government be built using open source software, so that projects under Digital India “ensure efficiency, transparency and reliability of such services at affordable costs”. “Government of India shall endeavour to adopt Open Source Software in all e-Governance systems implemented by various Government organizations, as a preferred option in comparison to Closed Source Software,” said the policy statement, put on the website of the Department of Electronics and Information Technology.The Open Source Software shall have the following characteristics:- A) The source code shall be available for the community / adopter / end user to study and modify the software and to redistribute copies of either the original or modified software. Cool Source code shall be free from any royalty.

Read more

Programming: GitLab, JDK, Eclipse, pdb, Julia and More

Filed under
Development
  • GitLab Adopted by KDE to Foster Open Source Contributions

    Today GitLab, the DevOps platform delivered as a single application, announced that KDE, an international technology community that creates free and open source software for desktop and portable computing, is adopting GitLab for use by its developers to further enhance infrastructure accessibility and encourage contributions.

    KDE is a free and open source software community dedicated to creating a user-friendly computing experience. It offers an advanced graphical desktop, a wide variety of applications for communication, work, education and entertainment, and a platform for easily building new applications. Adding access to GitLab will provide the KDE community with additional options for accessible infrastructure for contributors, code review integration with git, streamlined infrastructure and tooling, and an open communication channel with the upstream GitLab community.

  • Oracle releases JDK 13 with switch expressions and text blocks preview features, and more!

    Yesterday, Oracle announced the general availability of Java SE 13 (JDK 13) and that its binaries are expected to be available for download today. In addition to improved performance, stability, and security, this release comes with two preview features, switch expressions and text blocks. This announcement coincides with the commencement of Oracle’s co-located OpenWorld and Code One conferences happening from September 16-17 2019 at San Francisco.

    Oracle’s director of Java SE Product Management, Sharat Chander, wrote in the announcement, “Oracle offers Java 13 for enterprises and developers. JDK 13 will receive a minimum of two updates, per the Oracle CPU schedule, before being followed by Oracle JDK 14, which is due out in March 2020, with early access builds already available.”

    This release is licensed under the GNU General Public License v2 with the Classpath Exception (GPLv2+CPE). For those who are using Oracle JDK release as part of an Oracle product or service, it is available under a commercial license.

  • Eclipse Che, Kubernetes-native IDE, version 7 now available

    Today, the Eclipse Foundation announced the release of Eclipse Che 7, the Kubernetes-native IDE, enabling developer teams to code, build, test, and run cloud-native applications. We are excited by this announcement and the new capabilities that this version offers the community and developers building containerized applications.

  • Python Debugging With pdb

    Nowadays, we often take for granted the excellent debuggers built into our favorite IDEs. But how do you debug your Python code when you don’t have the luxury of using an IDE?

    pdb, short for Python DeBugger, is a module for interactive source code debugging. It’s built into the Python Standard Library, so it’s always accessible to you. Because it runs in the command line, it’s especially helpful when you’re developing on remote systems.

    In this course, you’ll learn how to perform the most common debugging tasks using pdb, including setting breakpoints, stepping through code, viewing stack traces, creating watch lists, and more.

  • Happy Birthday Practical Business Python!

    On September 17th, 2014, I published my first article which means that today is the 5th birthday of Practical Business Python. Thank you to all my readers and all those that have supported me through this process! It has been a great journey and I look forward to seeing what the future holds.

    This 5 year anniversary gives me the opportunity to reflect on the blog and what will be coming next. I figured I would use this milestone to walk through a few of the stats and costs associated with running this blog for the past 5 years. This post will not be technical but I am hopeful that my readers as well as current and aspiring bloggers going down this path will find it helpful. Finally, please use the comments to let me know what content you would like to see in the future.

  • 6 Excellent Free Books to Learn Julia

    Julia is a high-level, high-performance dynamic programming language for technical computing by Alan Edelman, Stefan Karpinski, Jeff Bezanson, and Viral Shah. Julia aims to create an unprecedented combination of ease-of-use, power, and efficiency in a single language.

    It’s a homoiconic functional language focused on technical computing. While having the full power of homoiconic macros, first-class functions, and low-level control, Julia is as easy to learn and use as Python.

    Although Julia is a new language, first appearing in 2012, its roots are in Lisp, so it comes with mature features like macros and support for other metaprogramming techniques like code generation. Julia’s expressive grammar lets you write easy-to-read and easier-to-debug code, and its speed gets you through more work in less time. It’s a great choice whether you’re designing a machine learning system, crunching statistical data, or writing system utilities.

    Distinctive aspects of Julia’s design include a type system with parametric polymorphism and types in a fully dynamic programming language and multiple dispatch as its core programming paradigm. It allows concurrent, parallel and distributed computing, and direct calling of C and Fortran libraries without glue code.

  • A slack hack

Security: TrendMicro, Mozilla's Firefox Monitor and Capsule8

Filed under
Security
  • New Linux malware mines crypto after installing backdoor with secret master password [Ed: Skips the part about it having to be installed in the first place (not the fault of Linux)]

    Cybersecurity researchers have identified a new strain of Linux malware that not only mines cryptocurrency illicitly, but provides the attackers with universal access to an infected system via a “secret master password.”

    TrendMicro’s latest blog also reveals that Skidmap attempts to mask its cryptocurrency mining by faking network traffic and CPU-related statistics.

  • Linux malware masks illicit crypto mining with fake network traffic

    A new cryptocurrency mining malware targeting Linux systems has demonstrated how complex this type of malware has become. Known as Skidmap, the malware is not only harder to detect, it also gives the attackers unfiltered access to the affected system.

  • What to do after a data breach

    You saw the news alert. You got an email, either from Firefox Monitor or a company where you have an account. There’s been a security incident — a data breach. And your account has been compromised.

    Getting notified that you’ve been a victim of a data breach can be alarming. You have valid cause for concern, but there are a few steps you can take immediately to protect your account and limit the damage.

  • Capsule8 Protect Earns HIPAA Compliance Certification

Graphics: CUDA, Radeon and Vulkan

Filed under
Graphics/Benchmarks
  • HIPCL Lets CUDA Run On OpenCL+SPIR-V

    Based off AMD's GPUOpen HIP as part of their ROCm stack, researchers at Tampere University in Finland have created HIPCL as leveraging HIP as well as POCL for routing CUDA codes to run on any hardware supporting OpenCL+SPIR-V.

    HIPCL provides a path of running CUDA on top of OpenCL, permitting the OpenCL driver also supports the SPIR-V intermediate representation. The OpenCL implementation also needs to support Shared Virtual Memory (SVM) so that actually rules out using NVIDIA's own driver for taking this route in place of their actual CUDA driver. HIPCL also relies upon a patched version of the LLVM Clang compiler.

  • Radeon RADV Vulkan Driver Tackling NGG Stream-Out

    One of the areas the RadeonSI OpenGL and RADV/AMDVLK Vulkan drivers have had a challenging time promptly support with AMD Navi GPUs has been the NGG (Next-Gen Geometry) functionality but it's slowly getting worked out.

    The NGG engine support has required various fixes to the graphics drivers, Navi 14 NGG support is borked, and various other Next-Gen Geometry support issues in the Navi driver code. At least on the software side the open-source developers have continued to improve the support and today the latest improvements arrived for the Mesa RADV Vulkan driver.

  • Radeon Navi 12/14 Open-Source Driver Support Now Being Marked As "Experimental"

    In an interesting change of course, the open-source driver support for AMD Radeon Navi 12 and Navi 14 GPUs is being flagged as experimental and hidden behind a feature flag.

    Back at the start of August AMD sent out their AMDGPU Linux kernel driver support for Navi 12 along with Navi 14. That Navi 12/14 support has since been queued up for introduction in the Linux 5.4 kernel along with the new Vega-based Arcturus GPU.

  • Vulkan 1.1.123 Released With Two New Extensions

    Vulkan 1.1.123 is the latest weekly update to this high performance graphics API and it's formally introducing two more extensions.

    Besides the usual variety of documentation clarifications and corrections, there are two new Vulkan extensions with version 1.1.123.

Purism: A Privacy Based Computer Company

Filed under
GNU
Linux
Gadgets

It all started when Todd Weaver, Founder and CEO of Purism, realized Big Tech could not be trusted as moral guardians of his and his children’s data. The current paradigm of corporations data hoarding is, as Todd describes it, built on “a tech-stack of exploitation”–and not by accident, but by design. Companies such as Google and Microsoft–and especially Facebook–intentionally collect, store and share user data to whomever they see fit. In recent events, the California Consumer Privacy Act, which becomes effective on January 1, 2020, will make residents of California able to know what personal data is being collected about them, know whether their personal data is sold or disclosed and to whom, say no to the sale of personal data, access their personal data, request a business delete any personal data information about a consumer collected from that consumer and not be discriminated against for exercising their privacy rights. This sounds good, and it is, but not according to Big Tech. Big Tech such as Facebook hired a firm to run ads that said things like “Your next click could cost you $5! Say no to the California Consumer Privacy Act”. Big Tech does not care about privacy, they care about their bottom line. This is where Purism comes in.

Purism is a privacy focused company. Their devices, the Librem5, Librem13 and Librem15 run PureOS–a GNU/Linux distribution that puts privacy, security and freedom first, by design. It includes popular privacy-respecting software such as PureBrowser. The OS helps you “Surf the web safely without being tracked by advertisers or marketers” and allows you to easily encrypt your entire OS and data with your own encryption keys. This is huge, especially if you understand how much of your “private” data is actually being shared.

Read more

Benchmarks: Linux Boot Times, 16-Core HoneyComb LX2K ARM Workstation and New PTS Release

Filed under
Graphics/Benchmarks
  • A Look At The Speedy Clear Linux Boot Time Versus Ubuntu 19.10

    Given the interest last week in how Clear Linux dropped their kernel boot time from 3 seconds to 300 ms, here are some fresh boot time benchmarks of Clear Linux compared to Ubuntu 19.10 on both Intel and AMD hardware.

    The systemd-reported boot time was compared between the latest Clear Linux and Ubuntu 19.10 daily images. Ubuntu 19.10 was used for offering the bleeding-edge packages and being more in line to what is offered by the rolling-release Clear Linux. As well, Canonical has been working on some boot time improvements for Ubuntu 19.10.

  • 16-Core HoneyComb LX2K ARM Workstation Looks To Offer A Decent Performance Oomph

    When it comes to ARM-powered workstation boards there hasn't been a whole lot to get excited about with the likes of the Socionext 96Boards Developerbox being quite expensive and not yielding good performance or featureful boards compared to alternative Intel/AMD/POWER workstation/enthusiast boards. One of the more promising ARM workstation boards we have been following is the HoneyComb LX2K (formerly the "ClearFog" board) and it's looking like it could end up being a decent offering in this space.

    The HoneyComb LX2K / ClearFog is the 16-core mini-ITX workstation board we have been following since earlier this year. They have been aiming for this 16-core ARM workstation board for $500~750 USD and it looks like they will actually strike on the lower-end of that price-range.

  • Phoronix Test Suite 9.0 Released With New Result Viewer, Offline/Enterprise Benchmarking Enhancements

    Phoronix Test Suite 9.0 is now available as the latest quarterly feature release to our cross-platform, open-source automated benchmarking framework. With Phoronix Test Suite 9.0 comes a rewritten result viewer to offer more result viewing functionality previously only exposed locally via the command-line or through a Phoromatic Server (or OpenBenchmarking.org when results are uploaded), new offline/enterprise usage improvements, various hardware/software detection enhancements on different platforms, and a variety of other additions.

SDR dev kit builds on Zynq UltraScale+ RFSoC

Filed under
Linux
Hardware

Avnet has launched an “RFSoC Development Kit” that extends Xilinx’s eval kit for its Linux-powered, Zynq UltraScale+ RFSoC. The kit adds a Qorvo 2×2 Small Cell RF front-end for SDR prototyping and integrates MATLAB and Simulink.

Xilinx launched its 5G-focused Zynq UltraScale+ RFSoC variant of its Arm/FPGA hybrid Zynq UltraScale+ MPSoc last year and then announced a Gen3 update in early February. Avnet has now launched an extended version of the Linux-driven Xilinx Zynq UltraScale+ RFSoC ZCU111 Evaluation Kit that adds a Qorvo 2×2 Small Cell RF Front-end 1.8GHz Card and MATLAB support for software-defined radio (SDR) prototyping,

Read more

Also: SMARC 2.0 module runs Linux on i.MX8M Mini

PCLinuxOS 2019.09 updated installation media release

Filed under
GNU
Linux
PCLOS

The KDE versions both full and the minimalistic Darkstar contain kernel 5.2.15 plus a fully updated KDE Plasma desktop. Plasma desktop 5.16.5, Plasma Applications 19.08.1 and Plasma Frameworks 5.62.

The Mate Desktop was refreshed with kernel 5.2.15 and the applications and libraries were updated to their most recent stable versions from the previous release.

The Xfce Desktop was tweaked and now uses the Whisker menu by default. A login sound was added and the applications were updated along with some minor bug fixes.

In addition all ISOs now include the Nvidia 430.50 driver and will be used instead of the nouveau driver if your video card supports it. Hardware detection scripts were updated to provide better support for video cards that can use the Nvidia 430.50 driver. Pulseaudio has been updated to the stable 13.0 release. The Simple Update Notifier was reworked and now works for keeping you notified of system updates and the ability to update from the applet using apt-get. Small improvements were made to the Live media boot scripts. Vbox test media is also included on the installation media. This program allows you to quickly test an ISO on the fly or usbstick with various options without having to create a permanent VM in Virtualbox. Requires a valid Virtualbox installation. Thanks to the people involved for their contributions to this program.

Read more

OSGeoLive 13.0 Released, which Brings Some New Applications

Filed under
OS
GNU
Linux

Astrid Emde has announced the new release of OSGeoLive 13.0 on Sep 12, 2019.

This release has improved the Python experience a lot by adding an additional Python modules like Fiona, rasterio, cartopy, pandas, geopandas, mappyfile.

Also, added the following new applications MapCache, GeoExt, t-rex, actinia.

Many packages have been updated to the latest version.

[...]

It is featuring a large collection of open-source geospatial software and free world maps.

It provides bootable ISO-Images and Virtual Machines which allow users to try out fully-operational versions of popular Free Geospatial Software without the need to install a thing.

Read more

Security: Updates, Drama and FUD

Filed under
Security
  • Security updates for Tuesday

    Security updates have been issued by Debian (dino-im, python2.7, python3.4, and wpa), Fedora (kmplayer), openSUSE (podman and samba), Oracle (thunderbird), Red Hat (thunderbird), Slackware (expat), SUSE (curl), and Ubuntu (apache2).

  • This New Linux Malware Mines Crypto By Creating Malign Linux Modules

    As per the research, the new Linux malware mines crypto by creating malicious loadable kernel modules (LKM) to stay under the wraps. As the malware utilizes Linux kernel module rootkits, it becomes difficult to detect and patch it. This is because of its overwriting and modification of kernel parts capabilities.

  • A Critical Exim Vulnerability, Lilocked Ransomware on the Rise, but Linux Not to Blame

    In the context of these recent vulnerabilities and exploits, it is easy to label Linux and Open Source as “vulnerable” or “insecure”. However, doing so is unfair as well as incorrect. Unlike Windows and MacOS, Linux is a multi-user environment (a characteristic that the OS inherited from Unix) where users are granted specific privileges. This design prevents the compromise of one user account from impacting an entire system. In order to gain control over a Linux system, malware would have to gain root access to the system.

    Vulnerabilities exist in every system, and in terms of security vulnerabilities, Linux has a relatively clean record when compared to other popular operating systems. In the words of Linux creator Linus Torvalds, “Given enough eyeballs, all bugs are shallow”. Because of the intense review that Linux is continuously undergoing from security experts in the Open Source community, vulnerabilities are quickly identified and fixed. Because of this, as well as the way in which Linux manages privileges, relatively few viruses and worms are written to attack Linux systems. In comparison, proprietary operating systems like Microsoft Windows are easy targets for malicious coders, making them frequent victims of malware and viruses. This year, a total of 700 vulnerabilities in Microsoft Windows were disclosed, 189 of which were classified as critical.

    Exim, however, is a notoriously insecure mail server. In spite of this, it has a market share of over 57 percent, due to the fact that the MTA has been bundled with many Linux distros, including Debian and Red Hat. Thus, the frequent security bugs and exploits involving Exim affect a large number of Linux users, but are not a reflection of the inherent security of the Linux OS.

Syndicate content

More in Tux Machines

OSS: Cisco Openwashing, GitLab Funding, Amazon Openwashing, Chrome OS Talk and More Talks

  • Why Open Source continues to be the foundation for modern IT

    Open source technology is no longer an outlier in the modern world, it's the foundation for development and collaboration. Sitting at the base of the open source movement is the Linux Foundation, which despite having the name Linux in its title, is about much more than just Linux and today is comprised of multiple foundations, each seeking to advance open source technology and development processes. At the recent Open Source Summit North America event held in San Diego, the width and breadth of open source was discussed ranging from gaming to networking, to the movie business ,to initiatives that can literally help save humanity. "The cool thing is that no matter whether it's networking, Linux kernel projects, the Cloud Native Computing Foundation projects like Kubernetes, or the film industry with the Academy Software Foundation (ASWF), you know open source is really pushing innovation beyond software and into all sorts of different areas," Jim Zemlin, executive director of the Linux Foundation said during his keynote address.

  • GitLab Inhales $268M Series E, Valuation Hits $2.75B

    GitLab raised a substantial $268 million in a Series E funding round that was more than doubled what the firm had raised across all of its previous funding rounds and pushed its valuation to $2.75 billion. It also bolsters the company’s coffers as it battles in an increasingly competitive DevOps space. GitLab CEO Sid Sijbrandij said in an email to SDxCentral that the new Series E funds will help the company continue to move on its goal of providing a single application to support quicker delivery of software. It claims more than 100,000 organizations use its platform. “These funds will help us to keep up with that pace and add to that with our company engineers,” Sijbrandij explained. “We need to make sure every part of GitLab is great and that CIOs and CTOs who supply the tools for their teams know that if they bet on GitLab that we’ll stand up to their expectations.”

  • Amazon open-sources its Topical Chat data set of over 4.7 million words [Ed: openwashing of listening devices without even releasing any code]
  • How Chrome OS works upstream

    Google has a long and interesting history contributing to the upstream Linux kernel. With Chrome OS, Google has tried to learn from some of the mistakes of its past and is now working with the upstream Linux kernel as much as it can. In a session at the 2019 Open Source Summit North America, Google software engineer Doug Anderson detailed how and why Chrome OS developers work upstream. It is an effort intended to help the Linux community as well as Google. The Chrome OS kernel is at the core of Google's Chromebook devices, and is based on a Linux long-term support (LTS) kernel. Anderson explained that Google picks an LTS kernel every year and all devices produced in that year will use the selected kernel. At least once during a device's lifetime, Google expects to be able to "uprev" (switch to a newer kernel version). Anderson emphasized that if Google didn't upstream its own patches from the Chrome OS kernel, it would make the uprev process substantially more difficult. Simply saying that you'll work upstream and actually working upstream can be two different things. The process by which Chrome OS developers get their patches upstream is similar to how any other patches land in the mainline Linux kernel. What is a bit interesting is the organizational structure and process of how Google has tasked Chrome OS developers to work with upstream. Anderson explained that developers need to submit patches to the kernel mailing list and then be a little patient, giving some time for upstream to respond. A key challenge, however, is when there is no response from upstream. "When developing an upstream-first culture, the biggest problem anyone can face is silence," Anderson said. Anderson emphasized that when submitting a patch to the mailing list, what a developer is looking for is some kind of feedback; whether it's good or bad doesn't matter, but it does matter that someone cares enough to review it. What the Chrome OS team does in the event that there is no community review is it will have other Chrome OS engineers publicly review the patch. The risk and worry of having Chrome OS engineers comment on Chrome OS patches is that the whole process might look a little scripted and there could be the perception of some bias as well. Anderson noted that it is important that only honest feedback and review is given for a patch.

  • Open Source Builds Trust & Credibility | Karyl Fowler

    Karyl Fowler is co-founder and CEO of Transmute, a company that’s building open source and decentralized identity management. We sat down with Fowler at the Oracle OpenWorld conference to talk about the work Transmute is doing.

  • What Is Infrastructure As Code?

    Rob Hirschfeld, Founder, and CEO of RackN breaks Infrastructure As Code (IaC) into six core concepts so users have a better understanding of it.

  • Everything You Need To Know About Redis Labs

    At the Oracle OpenWorld conference, we sat down with Kyle Davis – Head of Developer Advocacy at Redis Labs – to better understand what the company does.

Programming: Java, Python, and Perl

  • Oracle Releases Java 13 with Remarkable New Features

    Oracle – the software giant has released Java SE and JDK 13 along with the promise to introduce more new features in the future within the six-month cycle. The Java 13’s binaries are now available for download with improvements in security, performance, stability, and two new additional preview features ‘Switch Expressions’ and ‘Text Blocks’, specifically designed to boost developers’ productivity level. This gives the hope that the battle of Java vs Python will be won by the former. Remarking on the new release, Oracle said: “Oracle JDK 13 increases developer productivity by improving the performance, stability and security of the Java SE Platform and the JDK,”. [...] Speaking of the Java 13 release, it is licensed under the GNU General Public License v2 along with the Classpath Exception (GPLv2+CPE). The director of Oracle’s Java SE Product Management, Sharat Chander stated “Oracle offers Java 13 for enterprises and developers. JDK 13 will receive a minimum of two updates, per the Oracle CPU schedule, before being followed by Oracle JDK 14, which is due out in March 2020, with early access builds already available.” Let’s look into the new features that JDK 13 comes packed with.

  • 8 Python GUI Frameworks For Developers

    Graphical User Interfaces make human-machine interactions easier as well as intuitive. It plays a crucial role as the world is shifting.

  • What's In A Name? Tales Of Python, Perl, And The GIMP

    In the older days of open source software, major projects tended to have their Benevolent Dictators For Life who made all the final decisions, and some mature projects still operate that way. Guido van Rossum famously called his language “Python” because he liked the British comics of the same name. That’s the sort of thing that only a single developer can get away with. However, in these modern times of GitHub, GitLab, and other collaboration platforms, community-driven decision making has become a more and more common phenomenon, shifting software development towards democracy. People begin to think of themselves as “Python programmers” or “GIMP users” and the name of the project fuses irrevocably with their identity. What happens when software projects fork, develop apart, or otherwise change significantly? Obviously, to prevent confusion, they get a new name, and all of those “Perl Monks” need to become “Raku Monks”. Needless to say, what should be a trivial detail — what we’ve all decided to call this pile of ones and zeros or language constructs — can become a big deal. Don’t believe us? Here are the stories of renaming Python, Perl, and the GIMP.

  • How to teach (yourself) computer programming

    Many fellow students are likely in the same boat, the only difference being that the vast majority not only that don’t list computer science as one of their passions (but more as one of their reasons for not wanting to live anymore), but they get a very distorted view of what computer science and programming actually is.

    Said CS classes tend to be kind of a joke, not only because of the curriculum. The main reason why they are bad and boring is the way they are taught. I am going to address my main frustrations on this matter together with proposed solutions and a guide for those who want to start learning alone.

  • [Old] Perl Is Still The Goddess For Text Manipulation

    You heard me. Freedom is the word here with Perl.

    When I’m coding freely at home on my fun data science project, I rely on it to clean up my data.

    In the real world, data is often collected with loads of variations. Unless you are using someone’s “clean” dataset, you better learn to clean that data real fast.

    Yes, Perl is fast. It’s lightening fast.

Server: Ubuntu 19.10 Release Schedule, IBM LinuxONE III with Ubuntu and SUSE on Cloud Foundry Foundation and More LF

  • Ubuntu 19.10 Release Schedule and Expected Features

    This is a continually updated article to inform you about Ubuntu 19.10 release date, features and other important things associated with it. The development for Ubuntu 19.10 is nearing its end and it’s time to look at what new features and improvement this new release brings. Ubuntu 19.10 is an important release because it will set the course of development for Ubuntu 20.04 LTS (long term support). I have always felt that the LTS version release takes a lot of features from its predecessor. In other words, Ubuntu 19.10 will be a glimpse of the features you would be getting in Ubuntu 20.04.

  • Announcing the new IBM LinuxONE III with Ubuntu

    Enterprises today need the most secure, and flexible system to support their initiatives, and for that system to grow and evolve for tomorrow. The latest LinuxONE system was designed to support mission-critical initiatives and allow enterprises to be innovative as they design and scale their environment. LinuxONE III provides features for advanced data protection and privacy, enterprise resiliency and scalability, and cloud enablement and integration. Reliability and continuity are critical to the success of any business. With this release, they’ll benefit from up to 10:1 consolidation for key workloads, and up to 190 cores and 40TB of memory. And with 99.999%* availability and up to 7.4x better resilience, enterprises can confidently run and scale their business-critical workloads. The new LinuxONE III provides the highest levels of availability and scalability, so business-critical workloads run flawlessly, recover quickly, and grow seamlessly.

  • Project Quarks: Native Cloud Foundry for Kubernetes

    At the recent Cloud Foundry Summit EU in the Netherlands, Vlad Iovanov of SUSE gave a keynote demo of Project Quarks, the project that integrates Cloud Foundry and Kubernetes, by packaging the Cloud Foundry Application Runtime as containers instead of virtual machines. Vlad explains the current capabilities of Quarks, with a look at its future as a Kubernetes Operator. It’s a fairly technical topic, but Vlad uses creative diagrams and an understandable demo to show the power of Quarks. Cloud Foundry Foundation has posted all recorded talks from CF Summit EU on YouTube. Check them out if you want to learn more about what is happening in the Cloud Foundry world! I’ll be posting more SUSE Cloud Application Platform talks here over the coming days. Watch Vlad’s talk below...

  • Broad Deployment Of Cloud Foundry Almost Double In Just 2 Years

    As businesses embark on their digital transformation journey, developers are driving innovation across cloud native environments for building into the future. According to a recently released report by Cloud Foundry Foundation, 45 percent of user respondents describe their Cloud Foundry use as “broad” compared to 30 percent in 2018 and 24 percent in 2017. The report also revealed that 39 percent of developers are deploying applications in less than one day. What points out towards a healthy and growing community of developers is the fact that almost one in five respondents started using Cloud Foundry in just the last 12 months.

  • The Linux Foundation to Host Open Source Project for Drone Aviation Interoperability

    The Linux Foundation today announced it will host the InterUSS Platform Open Source Project to enable trusted, secure and scalable interoperability between UAS Service Suppliers (USSs) that advances safe, equitable and efficient drone operations. Initial contributors include both industry and regulatory organizations Wing, AirMap, Uber and the Swiss Federal Office of Civil Aviation (FOCA). Similar to the evolution of cities, our skies are becoming busier with traffic. In an effort to unleash innovation and ensure safety, aviation regulators around the world are implementing UAS Traffic Management (UTM, also referred to as U-Space) to support rapidly increasing and highly diverse drone operations. Under UTM, a set of USSs (also known as U-Space Service Providers orUSPs) assist drone operators to conduct safe and compliant operations. USSs can provide service in overlapping airspace and share data when required to support services such as a strategic deconfliction of flight plans and remote identification and industry is developing standards for this data sharing through organizations such as ASTM International. The InterUSS Project provides a forum for collaboration and development of standards-compliant, open source implementations that facilitate communication in the UTM/U-Space environment.

Security Leftovers

  • Security updates for Wednesday

    Security updates have been issued by CentOS (firefox and kernel), Debian (thunderbird), Fedora (curl), openSUSE (curl and python-Werkzeug), Oracle (kernel and thunderbird), Red Hat (rh-nginx114-nginx), SUSE (curl, ibus, MozillaFirefox, firefox-glib2, firefox-gtk3, openldap2, openssl, openssl1, python-urllib3, and util-linux and shadow), and Ubuntu (linux, linux-aws, linux-azure, linux-lts-trusty, linux-lts-xenial, linux-oracle, linux-raspi2, linux-snapdragon, and wpa).

  • SGX and security modules

    Software Guard Extensions (SGX) is a set of security-related instructions for Intel processors; it allows the creation of private regions of memory, called "enclaves". The aim of this feature is to work like an inverted sandbox: instead of protecting the system from malicious code, it protects an application from a compromised kernel hypervisor, or other application. Linux support for SGX has existed out-of-tree for years, and the effort of upstreaming it has reached an impressive version 22 of the patch set. During the upstreaming discussion, the kernel developers discovered that the proposed SGX API did not play nicely with existing security mechanisms, including Linux security modules (LSMs).

  • GitHub acquires Semmle to help developers spot security vulnerabilities [Ed: Company in NSA PRISM pretends to care about security (and also, Microsoft now uses GitHub to change people's code without asking the developers)]

    Software hosting service GitHub has acquired Semmle, a code analysis platform that helps developers discover security vulnerabilities in large codebases.