There seems to be a mad rush at the beginning of every year to find ways to be more productive. New Year's resolutions, the itch to start the year off right, and of course, an "out with the old, in with the new" attitude all contribute to this. And the usual round of recommendations is heavily biased towards closed source and proprietary software. It doesn't have to be that way.

Here's the seventh of my picks for 19 new (or new-to-you) open source tools to help you be more productive in 2019.

For two decades Apache held sway over the web server market which is shrinking by the day. Not only has Nginx caught up with the oldest kid on the block, but it is currently the toast of many high traffic websites. Apache users might disagree here. That is why one should not jump to conclusions about which web server is better. The truth is that both form the core of complete web stacks (LAMP and LEMP), and the final choice boils down to individual needs.

For instance, people running Drupal websites often call on Apache, whereas WordPress users seem to favor Nginx as much if not more. Accordingly, our goal is to help you understand your own requirements better rather than providing a one-size recommendation. Having said that, the following comparison between the two gives an accurate picture.

• Security updates for Friday

• How Do You Handle Security in Your Smart Devices?

  Look around your daily life and that of your friends and family, and you’ll see that smart devices are beginning to take over our lives. But this also means an increase in a need for security, though not everyone realizes it, as discussed in a recent article on our IoT-related site. Are you aware of the need for security even when it’s IoT-related? How do you handle security in your smart devices?

• A Vulnerability in ES File Explorer Exposes All of Your Files to Anyone on the Same Network

• 2018 Roundup: Q1

  One of our major pain points over the years of dealing with injected DLLs has been that the vendor of the DLL is not always apparent to us. In general, our crash reports and telemetry pings only include the leaf name of the various DLLs on a user’s system. This is intentional on our part: we want to preserve user privacy. On the other hand, this severely limits our ability to determine which party is responsible for a particular DLL.

  One avenue for obtaining this information is to look at any digital signature that is embedded in the DLL. By examining the certificate that was used to sign the binary, we can extract the organization of the cert’s owner and include that with our crash reports and telemetry.

  In bug 1430857 I wrote a bunch of code that enables us to extract that information from signed binaries using the Windows Authenticode APIs. Originally, in that bug, all of that signature extraction work happened from within the browser itself, while it was running: It would gather the cert information on a background thread while the browser was running, and include those annotations in a subsequent crash dump, should such a thing occur.

Red Hat announced the 1.0 release of its open-source Podman project on Jan. 17, which provides a fully featured container engine.

In Podman 1.0, Red Hat has integrated multiple core security capabilities in an effort to help enable organizations run containers securely. Among the security features are rootless containers and enhanced user namespace support for better container isolation. Containers provide a way for organizations to run applications in a virtualized approach on top of an existing operating system. With the 1.0 release, Red Hat is now also positioning Podman as an alternative to the Docker Engine technology for application container deployment.

"We felt the sum total of its features, as well as the project's performance, security and stability, made it reasonable to move to 1.0," Scott McCarty, product manager, Containers, Red Hat, told eWEEK. "Since Podman is set to be the default container engine for the single-node use case in Red Hat Enterprise Linux 8, we wanted to make some pledges about its supportability."

Also: Update on Volume Snapshot Alpha for Kubernetes

One of the GCC compiler features unfortunately not taken advantage of by most Linux distributions is FMV - Function Multi-Versioning. FMV is what allows for the compilation of different tuned code paths depending upon the processor and for the particular code-path to be chosen at run-time, i.e. optimizing to your heart's content with AVX, SSE4, and other instruction set extensions and compiling all of that into a single binary and for the preferred code path to be taken depending upon the CPU running the binary so it will still run on older CPUs as well as today's most powerful processors.

• Leaked Android Q build shows off dark mode, improved privacy controls

• Early Build of Android Q Installed on Google Pixel 3, Likely to Offer System-Wide Dark Theme

• Android Pie rolling out to Honor View 10 in United States

• Android 9 Pie certified for the Samsung Galaxy A7, A8, and A9 (2018)

• Nokia 3.1 Plus running Android Pie spotted on GeekBench, update imminent

• Android ES File Explorer open port vulnerability divulged

• Ingenious! The Android malware which only triggers if you're moving

• Android Game SDK for Unity in the Works

• Best Password Managers for Android in 2019

• 25 new and notable Android TV apps and games from the last 10 months (3/31/18 - 1/18/19)

• Google starts pulling unvetted Android apps that access call logs and SMS messages

SUSE has released its enterprise Linux distribution, SUSE Linux Enterprise Server (SLES), for all major ARM server processors. It also announced the general availability of SUSE Manager Lifecycle.

SUSE is on par with the other major enterprise Linux distributions — Red Hat and Ubuntu — in the x86 space, but it has lagged in its ARM support. It’s not like SLES for ARM is only now coming to market for the first time, either. It has been available for several years, but on a limited basis.

With my CD collection spiraling out of control, I’m spending more time listening to music with a number of popular streaming services.

Linux offers a great range of excellent open source music players. But I’m always on the look out for fresh and innovative streaming players. Step forward MellowPlayer.

MellowPlayer offers a web view of various music streaming services with integration with your desktop. It was developed to provide a Qt alternative to Nuvola Player.

The software is written in C++ and QML.

Nothing is inherently anti-business about Free and Open Source Software (FOSS). In fact, a number of different business models are built on top of FOSS. The best models are those that continue to further FOSS by internal code contributions and that advance the principles of Free Software in general. For instance, there's the support model, where a company develops free software but sells expert support for it.

Here, I'd like to talk a bit about one of the more problematic models out there, the open core model, because it's much more prevalent, and it creates some perverse incentives that run counter to Free Software principles.

If you haven't heard about it, the open core business model is one where a company develops free software (often a network service intended to be run on a server) and builds a base set of users and contributors of that free code base. Once there is a critical mass of features, the company then starts developing an "enterprise" version of the product that contains additional features aimed at corporate use. These enterprise features might include things like extra scalability, login features like LDAP/Active Directory support or Single Sign-On (SSO) or third-party integrations, or it might just be an overall improved version of the product with more code optimizations and speed.

Because such a company wants to charge customers to use the enterprise version, it creates a closed fork of the free software code base, or it might provide the additional proprietary features as modules so it has fewer problems with violating its free software license.

The AMDGPU Linux kernel driver for a while has now offered command-line-driven OverDrive overclocking for recent generations of Radeon GPUs. This has allowed manipulating the core and memory clock speeds as well as tweaking the voltage but has not supported increasing the TDP limit of the graphics card: that's in place with Linux 4.20

Up until now with the AMDGPU Linux kernel driver there hasn't been support for increasing the TDP power limit beyond its default, but has allowed for reducing that limit should you be trying to conserve power / allow your GPU to run cooler. A change was quietly added to the Linux 4.20 kernel to allow increasing the power limit when in the OverDrive mode.

This change wasn't prominently advertised but fortunately a Phoronix reader happened to run across it today and tipped us off.

• The Beta of Zombie Panic! Source was updated recently, should work better on Linux

  Zombie Panic! Source is currently going through an overhaul, as part of this it's coming to Linux with a version now in beta and the latest update should make it a better experience.

  [...]

  I personally haven't been able to make any of the events yet, so I have no real thoughts on the game. Once it's out of beta and all servers are updated, I will be taking a proper look as it looks fun. No idea when this version will leave beta, might be a while yet.

• Dicey Dungeons, the new unique roguelike from Terry Cavanagh and co introduces quests

  We have a lot of roguelikes available on Linux (seriously, we do) yet Dicey Dungeons from Terry Cavanagh, Marlowe Dobbe, and Chipzel still remains fresh due to the rather unique game mechanics.

  I still can't get over how fun the dice mechanic is, as you slot dice into cards to perform actions. It's different, clever and works really well.

• Quake 2 now has real-time path tracing with Vulkan

  If you have one of the more recent NVIDIA RTX graphics cards, here's an interesting project for you to try. Q2VKPT from developer Christoph Schied implements some really quite advanced techniques.

• Steam Play versus Linux Version, a little performance comparison and more thoughts

  Now that Steam has the ability officially to override a Linux game and run it through Steam Play instead, let's take a quick look at some differences in performance.

  Before I begin, let's make something clear. I absolutely value the effort developers put into Linux games, I do think cross-platform development is incredibly important so we don't end up with more lock-in. However, let's be realistic for a moment. Technology moves on and it's not financially worth it to keep updating old games, they just don't sell as well as newer games (with exceptions of course). As the years go on, there will be more ways to run older games better and better, of that I've no doubt.

• Battle Motion, a really silly massive fantasy battle game will have Linux support

  Sometimes when looking around for new games I come across something that really catches my eye, Battle Motion is one such game as it looks completely silly.

• Ravva and the Cyclops Curse looks like a rather nice NES-inspired platformer

  Another lovely looking retro-inspired platformer! Ravva and the Cyclops Curse from developer Galope just released this week with Linux support.

• Become a fish inside a robot in Feudal Alloy, out now with Linux support

  We've seen plenty of robots and we've seen a fair amount of fish, but have you seen a fish controlling a robot with a sword? Say hello to Feudal Alloy.

I wrote some time ago on how platforms have a responsibility to respect the identity of applications, but now there’s some rumblings that Ubuntu’s community-built Yaru icon set (which is a derivative of the Suru icon set I maintain) intends to ignore this and infringe upon applications’ brands by modifying their icons...

[...]

For instance, the entire point of the GNOME icon refresh initiative is to address visual mismatches between third-party app icons and GNOME icons and we been have reaching out to developers to see about updating their icons to new design—this is the appropriate approach for a platform visual overhaul, by the way—which could always use more help on.

Now I don’t see this ever happening, but I have hopes that someday Ubuntu will fully embrace GNOME and promote it as its desktop solution—especially given the desktop is out of the scope of the Ubuntu business these days.

• Wine Announcement

  The Wine development release 4.0-rc7 is now available.The Wine development release 4.0-rc7 is now available.

• Juicy like the good stuff, Wine 4.0 RC7 is out with a delightful aroma

  No need to worry about a sour aftertaste here, we're of course talking about the wonderful software and not the tasty liquid.

  As usual, they're in bug-fix mode while they attempt to make the best version of Wine they can and so no super huge features made it in.

• Wine 4.0-RC7 Released With Fixes For Video Player Crashes, Game Performance Issues

  Wine 4.0 should be officially out soon, but this weekend the latest test release of it is Release Candidate 7 that brings more than one dozen fixes.

  Wine 4.0 remains in a feature freeze until its release, which will likely be within the next two weeks or so. Since last Friday's Wine 4.0-RC6, the RC7 release has 13 known bug fixes. Catching our interest are some game performance regressions being resolved, including for Hot Pursuit, Project CARS, Gas Guzzlers, and others. There are also video player crash fixes when opening audio or video files.

My first introduction to the command line was in the 80s when I first started learning about computers and, like many geeky kids of the time, wrote my first BASIC computer programs. But it wasn’t until my job starting Nupedia (and then Wikipedia) that I spent much time on the Bash command line.
(Let me explain. “Bash” means “Bourne-again shell,” a rewrite of the class Unix shell “sh.” A “shell” is a program for interacting with the computer by processing terse commands to do basic stuff like find and manipulate files; a terminal, or terminal emulator, is a program that runs a shell. The terminal is what shows you that command line, where you type your commands like “move this file there” and “download that file from this web address” and “inject this virus into that database”. The default terminal used by Linux Ubuntu, for example, is called Gnome Terminal–which runs Bash, the standard Linux shell.)
Even then (and in the following years when I got into programming again), I didn’t learn much beyond things like cd (switch directory) and ls (list directory contents).
It was then, around 2002, that I first decided to install Linux. Back then, maybe the biggest “distro” (flavor of Linux) was Red Hat Linux, so that’s what I installed. I remember making a partition (dividing the hard disk into parts, basically) and dual-booting (installing and making it possible to use both) Linux and Windows. It was OK, but it was also rather clunky and much rougher and much less user-friendly than the Windows of the day. So I didn’t use it much.

• Android-x86’s stable Android 8.1 Oreo image is now available

• Save $200 on Optoma's 4K Android-powered portable projector

• Redmi 6, Redmi 6A MIUI 10.2.2 update with December Android security patch, bug fixes rolled out

• How to See Recent Tweets First on Android

• OnePlus phones are discarding Android's battery optimization whitelist, a problem as more apps update to target Oreo

• HMD updates the update tracker for Nokia Android phones

• Get started with WTF, a dashboard for the terminal

• How to Install Microsoft PowerShell 6.1.1 on Ubuntu 18.04 LTS [Ed: For the insane... or people who like to run malware (it's widely known that malware writers prefer this shell)]

• Tethered Camera Control & Capture ‘Entangle’ 2.0 Released (Howto Install)

• WebRender newsletter #36

  Hi everyone! This week’s highlight is Glenn’s picture caching work which almost landed about a week ago and landed again a few hours ago. Fingers crossed! If you don’t know what picture caching means and are interested, you can read about it in the introduction of this newsletter’s season 01 episode 28.

  On a more general note, the team continues focusing on the remaining list of blocker bugs which grows and shrinks depending on when you look, but the overall trend is looking good.

• Happy BMO Push Day!

• Understanding Debian: The Universal Operating System

  "And my final test as to whether or not Debian succeeded was: could the founder step away from the project and could the project keep going because that is the only point at which you know that the project has basically taken a life of its own." ~ Ian Murdock

• Week 5: Resolving the blocker

  This post is about my work on the subscription feature for Debian derivatives - first of the two main issues to be resolved within my internship. And this week’s topic from the organizers is “Think About Your Audience”, especially newcomers to the community and future Outreachy applicants. So I’ll try to write about the feature keeping the most important details but taking into account that the readers might be unfamiliar with some terms and concepts.

• Nouveau Open-Source Driver Will Now Work With NVIDIA RTX 2080 Ti On Linux 5.0

  Among the many Linux 5.0 kernel features is initial open-source NVIDIA driver support for the latest-generation Turing graphics processors. Missed out on during the Linux 5.0 merge window was "TU102" support but now that is coming down as a fix for the 5.0 kernel.

  Back in December, Ben Skeggs of Red Hat posted the initial Turing support for Nouveau in the form of the TU104 (RTX 2080) and TU106 (RTX 2060/2070) but was lacking coverage of the TU102, which is for the flagship RTX 2080 Ti and TITAN RTX. He wasn't able to test the support at the time and thus left it out. Skeggs has now been able to verify the TU102 support is working and that patch is now on its way to the mainline kernel tree.

• Quake 2 Gets Real-Time Path Tracing Powered By NVIDIA RTX / VK_NV_ray_tracing

  For those Linux gamers with a NVIDIA RTX "Turing" graphics card, there's finally an interesting open-source workload to enjoy that makes use of the RTX hardware and NVIDIA's VK_NV_ray_tracing extension... A real-time path tracing port of the legendary Quake 2 game.

  While Quake II recently saw a Vulkan port, university students have now done an "RTX" port for Quake 2 with the new Q2VKPT project.

• KDE Plasma 5.15 Beta Wayland Run Through

  In this video, we look at KDE Plasma 5.15 Beta the Wayland Session. Please keep in mind that it is still in development and the Xorg session is perfect.

• Qt 5.13 Might Add QTelemetry For Opt-In Anonymous Data Collection

  The next release of the Qt5 tool-kit might introduce a potentially controversial module to facilitate anonymous data collection of Qt applications. 

  The addition of Qt Telemetry has been under code review since last September. There was some reviews taking place and code revisions happening but since November that review dried up. 

• Red Hat drops MongoDB over SSPL; MDB -3%

  Amazon responded by launching DocumentDB, a managed database that's compatible with existing MongoDB applications and tools. DocumentDB works with MongoDB version 3.6, which predates the SSPL license.

• Governance without rules: How the potential for forking helps projects

  The speed and agility of open source projects benefit from lightweight and flexible governance. Their ability to run with such efficient governance is supported by the potential for project forking. That potential provides a discipline that encourages participants to find ways forward in the face of unanticipated problems, changed agendas, or other sources of disagreement among participants. The potential for forking is a benefit that is available in open source projects because all open source licenses provide needed permissions.

  In contrast, standards development is typically constrained to remain in a particular forum. In other words, the ability to move the development of the standard elsewhere is not generally available as a disciplining governance force. Thus, forums for standards development typically require governance rules and procedures to maintain fairness among conflicting interests.

• Oracle exec: Open-source vendors locking down licences proves 'they were never really open'

• MoltenVK Sees Big Update To Jump-Start Vulkan On macOS In 2019

• Facebook 'Likes' (And Open Sources) Better Mobile Image Software

• Open source Spectrum library enables edge processing of images for faster performance

  Spectrum, an open source image processing library from Facebook, aims to give developers the ability to perform image transformation client-side, with predictable, repeatable results on different platforms. The library can be integrated into Android or iOS apps, and uses C/C++ code for higher performance with Java and Objective-C wrapper APIs for integration ease. Spectrum's API is declarative, allowing developers to define the target output characteristics, leaving the work of formulating settings to achieve that goal to the library itself.

LibreOffice is a free and open source office suite written in C++, Java, and Python. It was first released in January 2011 by The Document Foundation and has since known to be the most reliable open source office suite.