• Demystifying Containers – Part III: Container Images

  This series of blog posts and corresponding talks aims to provide you with a pragmatic view on containers from a historic perspective. Together we will discover modern cloud architectures layer by layer, which means we will start at the Linux Kernel level and end up at writing our own secure cloud native applications.

  Simple examples paired with the historic background will guide you from the beginning with a minimal Linux environment up to crafting secure containers, which fit perfectly into todays’ and futures’ orchestration world. In the end it should be much easier to understand how features within the Linux kernel, container tools, runtimes, software defined networks and orchestration software like Kubernetes are designed and how they work under the hood.

• Announcing the new IBM LinuxONE III – Combined with SUSE for One of the Most Secure Platforms on the Planet

  Our guest blog writer is Kara Todd, Director of Linux at IBM with an exciting announcement from IBM – with SUSE Linux Enterprise playing an integral role!
  Announcing the new IBM LinuxONE III – the system you need for the most secure, flexible system to support your initiatives today, and you need that system to grow and evolve with you for tomorrow. The latest LinuxONE system was designed to support your mission-critical initiatives and allow you to be innovative as you design and scale your environment. LinuxONE III provides features for advanced data protection and privacy, enterprise resiliency and scalability, and cloud enablement and integration. These tools set the foundation to enable you to build with flexibility, deliver with confidence, and protect the future.

• Top 10 Technology Predictions for 2019 Revisited – Here’s my Personal Performance Appraisal

  Open source continues to play a key role in all these other dominant technology trends. That’s why 82% of large organizations are more receptive to open source than they were 5 years ago, and 83% of hiring managers are looking for open source talent as a priority.

  So, how did I do overall with my predictions?

  Based on my own appraisal, I scored a creditable 9/10, and I’m feeling pretty good about that. However, I guess I wasn’t taking a huge risk. By way of full disclosure, I track all of these trends as part of my role at SUSE, and as a leading technology partner, SUSE works very closely with all its customers.

• Introduction to SUSE Linux Enterprise is now available on openSAP

• How to Create a Bootable USB from Ubuntu ISO

• Writing Characters Straight To The Linux Framebuffer

• Linux Fu: Shell Scripts In C, C++, And Others

• How to configure the time zone on Linux

• OnePlus 7T, Android TV set for global debut in India

• Using a VPN on Your Android TV

• Android 10 Custom ROM Released For Redmi Note 7, Mi 3, Mi 4

• OnePlus 7 and OnePlus 7 Pro are getting their second Android 10 beta updates with OxygenOS Open Beta 2

• OnePlus 7, OnePlus 7 Pro Recieve Android 10-based Oxygen OS Open Beta 2 Update

• Samsung’s One UI 2.0 beta based on Android 10 could start this month

• LG V30 finally starts getting Android 9 Pie in the US

• The vivo NEX 3 shows where Android OEMs are headed, and it is one that few will want

• NTT Docomo set to ditch Huawei phones over Android fears – report

• Best WhatsApp Alternatives That You Can Use On Android

• Google slams Aussie threat to 'directly intervene' on Android defaults

• Android Games Will Earn More Revenue Than iOS Games in 2019 According to Report

• Android update as millions of fans get the Google news they've been waiting for

With few commercial participants, early free software and open source communities were, by definition, community-led. Software was designed and created organically by communities of users in response to their needs and inspiration. The results, to a degree nobody predicted, were often magical.

First-generation open source businesses like Red Hat emerged to respond to these needs. They combined the best of both worlds: the flexibility and control of raw open source with the commercial support that enterprises depend on. These new open source businesses found their opportunity by adding the missing—but necessary—commercial services to community-led open source projects. These services would be costly for organizations to provide on their own and potentially even more costly to do without. One early leader of that era, Cygnus Solutions, even adopted the counter-intuitive tagline "Making free software affordable."

But back then, it was always overwhelmingly clear: The commercial vendors were in service of the community, filling in around the edges to enable commercial applications. The community was the star, and the companies were the supporting cast.

Can open source technology help keep our elections honest? With its Trust The Vote Project, the Open Source Election Technology (OSET) Institute is working on making that a reality for elections in the United States and around the world.

The project is developing an open, adaptable, flexible, full-featured, and innovative elections technology platform called ElectOS. It will support all aspects of elections administration and voting, including creating, marking, casting, and counting ballots and managing all back-office functions. The software is freely available under an Open Source Initiative (OSI)-recognized public license for adoption, adaptation, and deployment by anyone, including elections jurisdictions directly or, more commonly, commercial vendors or systems integrators.

Ever had two sets of the same files and folders and couldn't decide which one to retain? It may take a long time to actually open each to verify the one that's recent or the one you need; while dates associated with the files may help, they won't all the time as they don't tell you anything about the actual content.

This is where file comparison tools can be time-savers. Meld is an open source file comparison tool for Windows and Linux for exactly that purpose.

Note that the domain name of this folder has been hidden from view making it impossible for us to verify if these files were actually on a Linux server. The article goes on to note that “Lilocked doesn't encrypt system files, but only a small subset of file extensions, such as HTML, JS, CSS, PHP, INI, and various image file formats. This means infected servers continue to run normally.”

This limitation raises the obvious question of whether the core of the Linux server itself has been compromised or whether merely applications connected to the core have been hacked. There are many very insecure website building applications such as Wordpress and many insecure web mail applications such as Exim that have been repeatedly hacked over the years. Both Wordpress and Exim have suffered from dozens of major security problems that have nothing to do with the security of the Linux operating system which is at the core of all Linux servers. All of the file formats mentioned in the article are files used on Wordpress websites and files that can be transmitted via Exim email programs.

[...]

So instead of 6000 websites on 6000 servers being infected, it looks more like 6000 files on less than 1000 websites were infected. And many of these websites could have been on the same server – meaning that perhaps only a couple dozen out of the worlds 10 million Linux servers had infected files – and none of the files were actually in the core of any Linux servers.

[...]

Many of these articles were exact copies of the Zdnet article. Thus far, not a single so-called “security expert” has bothered either to look into the evidence provided much less challenge or disagree with this silly claim.

Instead, make even more extreme claims, noting that there are millions of Linux servers running outdated, un-patched and insecure versions of Exim software. This is a fact. But given how many holes have been found in the Exim software, the problem is not with the Linux servers, it is with the Exim software. In my humble opinion, the design of Exim is not secure and the design of Postfix is more secure.

The solution to this Exim problem is to demand that Cpanel support support Postfix and to ask Debian to also switch from Exim to Postfix (something Ubuntu has already done for very obvious reasons). This is the benefit of the diversity of free open source software. If one program has problems, there is quite often a more secure alternative that can be installed with just the click of a button. This is a problem that has been going on for years. But it can be fixed in a matter of minutes.

Free and Open Source Software (FOSS) Community is By the Community, For the Community, of the Community, To the Community on No Profit No Loss Basis. Open Source Software, is and will always remain free. There is no license to pay to anybody.The central government mooted out a policy on adoption of open source software, which makes it mandatory for all software applications and services of the government be built using open source software, so that projects under Digital India “ensure efficiency, transparency and reliability of such services at affordable costs”. “Government of India shall endeavour to adopt Open Source Software in all e-Governance systems implemented by various Government organizations, as a preferred option in comparison to Closed Source Software,” said the policy statement, put on the website of the Department of Electronics and Information Technology.The Open Source Software shall have the following characteristics:- A) The source code shall be available for the community / adopter / end user to study and modify the software and to redistribute copies of either the original or modified software. Source code shall be free from any royalty.

• GitLab Adopted by KDE to Foster Open Source Contributions

  Today GitLab, the DevOps platform delivered as a single application, announced that KDE, an international technology community that creates free and open source software for desktop and portable computing, is adopting GitLab for use by its developers to further enhance infrastructure accessibility and encourage contributions.

  KDE is a free and open source software community dedicated to creating a user-friendly computing experience. It offers an advanced graphical desktop, a wide variety of applications for communication, work, education and entertainment, and a platform for easily building new applications. Adding access to GitLab will provide the KDE community with additional options for accessible infrastructure for contributors, code review integration with git, streamlined infrastructure and tooling, and an open communication channel with the upstream GitLab community.

• Oracle releases JDK 13 with switch expressions and text blocks preview features, and more!

  Yesterday, Oracle announced the general availability of Java SE 13 (JDK 13) and that its binaries are expected to be available for download today. In addition to improved performance, stability, and security, this release comes with two preview features, switch expressions and text blocks. This announcement coincides with the commencement of Oracle’s co-located OpenWorld and Code One conferences happening from September 16-17 2019 at San Francisco.

  Oracle’s director of Java SE Product Management, Sharat Chander, wrote in the announcement, “Oracle offers Java 13 for enterprises and developers. JDK 13 will receive a minimum of two updates, per the Oracle CPU schedule, before being followed by Oracle JDK 14, which is due out in March 2020, with early access builds already available.”

  This release is licensed under the GNU General Public License v2 with the Classpath Exception (GPLv2+CPE). For those who are using Oracle JDK release as part of an Oracle product or service, it is available under a commercial license.

• Eclipse Che, Kubernetes-native IDE, version 7 now available

  Today, the Eclipse Foundation announced the release of Eclipse Che 7, the Kubernetes-native IDE, enabling developer teams to code, build, test, and run cloud-native applications. We are excited by this announcement and the new capabilities that this version offers the community and developers building containerized applications.

• Python Debugging With pdb

  Nowadays, we often take for granted the excellent debuggers built into our favorite IDEs. But how do you debug your Python code when you don’t have the luxury of using an IDE?

  pdb, short for Python DeBugger, is a module for interactive source code debugging. It’s built into the Python Standard Library, so it’s always accessible to you. Because it runs in the command line, it’s especially helpful when you’re developing on remote systems.

  In this course, you’ll learn how to perform the most common debugging tasks using pdb, including setting breakpoints, stepping through code, viewing stack traces, creating watch lists, and more.

• Happy Birthday Practical Business Python!

  On September 17th, 2014, I published my first article which means that today is the 5th birthday of Practical Business Python. Thank you to all my readers and all those that have supported me through this process! It has been a great journey and I look forward to seeing what the future holds.

  This 5 year anniversary gives me the opportunity to reflect on the blog and what will be coming next. I figured I would use this milestone to walk through a few of the stats and costs associated with running this blog for the past 5 years. This post will not be technical but I am hopeful that my readers as well as current and aspiring bloggers going down this path will find it helpful. Finally, please use the comments to let me know what content you would like to see in the future.

• 6 Excellent Free Books to Learn Julia

  Julia is a high-level, high-performance dynamic programming language for technical computing by Alan Edelman, Stefan Karpinski, Jeff Bezanson, and Viral Shah. Julia aims to create an unprecedented combination of ease-of-use, power, and efficiency in a single language.

  It’s a homoiconic functional language focused on technical computing. While having the full power of homoiconic macros, first-class functions, and low-level control, Julia is as easy to learn and use as Python.

  Although Julia is a new language, first appearing in 2012, its roots are in Lisp, so it comes with mature features like macros and support for other metaprogramming techniques like code generation. Julia’s expressive grammar lets you write easy-to-read and easier-to-debug code, and its speed gets you through more work in less time. It’s a great choice whether you’re designing a machine learning system, crunching statistical data, or writing system utilities.

  Distinctive aspects of Julia’s design include a type system with parametric polymorphism and types in a fully dynamic programming language and multiple dispatch as its core programming paradigm. It allows concurrent, parallel and distributed computing, and direct calling of C and Fortran libraries without glue code.

• A slack hack

• New Linux malware mines crypto after installing backdoor with secret master password [Ed: Skips the part about it having to be installed in the first place (not the fault of Linux)]

  Cybersecurity researchers have identified a new strain of Linux malware that not only mines cryptocurrency illicitly, but provides the attackers with universal access to an infected system via a “secret master password.”

  TrendMicro’s latest blog also reveals that Skidmap attempts to mask its cryptocurrency mining by faking network traffic and CPU-related statistics.

• Linux malware masks illicit crypto mining with fake network traffic

  A new cryptocurrency mining malware targeting Linux systems has demonstrated how complex this type of malware has become. Known as Skidmap, the malware is not only harder to detect, it also gives the attackers unfiltered access to the affected system.

• What to do after a data breach

  You saw the news alert. You got an email, either from Firefox Monitor or a company where you have an account. There’s been a security incident — a data breach. And your account has been compromised.

  Getting notified that you’ve been a victim of a data breach can be alarming. You have valid cause for concern, but there are a few steps you can take immediately to protect your account and limit the damage.

• Capsule8 Protect Earns HIPAA Compliance Certification

• HIPCL Lets CUDA Run On OpenCL+SPIR-V

  Based off AMD's GPUOpen HIP as part of their ROCm stack, researchers at Tampere University in Finland have created HIPCL as leveraging HIP as well as POCL for routing CUDA codes to run on any hardware supporting OpenCL+SPIR-V.

  HIPCL provides a path of running CUDA on top of OpenCL, permitting the OpenCL driver also supports the SPIR-V intermediate representation. The OpenCL implementation also needs to support Shared Virtual Memory (SVM) so that actually rules out using NVIDIA's own driver for taking this route in place of their actual CUDA driver. HIPCL also relies upon a patched version of the LLVM Clang compiler.

• Radeon RADV Vulkan Driver Tackling NGG Stream-Out

  One of the areas the RadeonSI OpenGL and RADV/AMDVLK Vulkan drivers have had a challenging time promptly support with AMD Navi GPUs has been the NGG (Next-Gen Geometry) functionality but it's slowly getting worked out.

  The NGG engine support has required various fixes to the graphics drivers, Navi 14 NGG support is borked, and various other Next-Gen Geometry support issues in the Navi driver code. At least on the software side the open-source developers have continued to improve the support and today the latest improvements arrived for the Mesa RADV Vulkan driver.

• Radeon Navi 12/14 Open-Source Driver Support Now Being Marked As "Experimental"

  In an interesting change of course, the open-source driver support for AMD Radeon Navi 12 and Navi 14 GPUs is being flagged as experimental and hidden behind a feature flag.

  Back at the start of August AMD sent out their AMDGPU Linux kernel driver support for Navi 12 along with Navi 14. That Navi 12/14 support has since been queued up for introduction in the Linux 5.4 kernel along with the new Vega-based Arcturus GPU.

• Vulkan 1.1.123 Released With Two New Extensions

  Vulkan 1.1.123 is the latest weekly update to this high performance graphics API and it's formally introducing two more extensions.

  Besides the usual variety of documentation clarifications and corrections, there are two new Vulkan extensions with version 1.1.123.

It all started when Todd Weaver, Founder and CEO of Purism, realized Big Tech could not be trusted as moral guardians of his and his children’s data. The current paradigm of corporations data hoarding is, as Todd describes it, built on “a tech-stack of exploitation”–and not by accident, but by design. Companies such as Google and Microsoft–and especially Facebook–intentionally collect, store and share user data to whomever they see fit. In recent events, the California Consumer Privacy Act, which becomes effective on January 1, 2020, will make residents of California able to know what personal data is being collected about them, know whether their personal data is sold or disclosed and to whom, say no to the sale of personal data, access their personal data, request a business delete any personal data information about a consumer collected from that consumer and not be discriminated against for exercising their privacy rights. This sounds good, and it is, but not according to Big Tech. Big Tech such as Facebook hired a firm to run ads that said things like “Your next click could cost you $5! Say no to the California Consumer Privacy Act”. Big Tech does not care about privacy, they care about their bottom line. This is where Purism comes in.

Purism is a privacy focused company. Their devices, the Librem5, Librem13 and Librem15 run PureOS–a GNU/Linux distribution that puts privacy, security and freedom first, by design. It includes popular privacy-respecting software such as PureBrowser. The OS helps you “Surf the web safely without being tracked by advertisers or marketers” and allows you to easily encrypt your entire OS and data with your own encryption keys. This is huge, especially if you understand how much of your “private” data is actually being shared.

• A Look At The Speedy Clear Linux Boot Time Versus Ubuntu 19.10

  Given the interest last week in how Clear Linux dropped their kernel boot time from 3 seconds to 300 ms, here are some fresh boot time benchmarks of Clear Linux compared to Ubuntu 19.10 on both Intel and AMD hardware.

  The systemd-reported boot time was compared between the latest Clear Linux and Ubuntu 19.10 daily images. Ubuntu 19.10 was used for offering the bleeding-edge packages and being more in line to what is offered by the rolling-release Clear Linux. As well, Canonical has been working on some boot time improvements for Ubuntu 19.10.

• 16-Core HoneyComb LX2K ARM Workstation Looks To Offer A Decent Performance Oomph

  When it comes to ARM-powered workstation boards there hasn't been a whole lot to get excited about with the likes of the Socionext 96Boards Developerbox being quite expensive and not yielding good performance or featureful boards compared to alternative Intel/AMD/POWER workstation/enthusiast boards. One of the more promising ARM workstation boards we have been following is the HoneyComb LX2K (formerly the "ClearFog" board) and it's looking like it could end up being a decent offering in this space.

  The HoneyComb LX2K / ClearFog is the 16-core mini-ITX workstation board we have been following since earlier this year. They have been aiming for this 16-core ARM workstation board for $500~750 USD and it looks like they will actually strike on the lower-end of that price-range.

• Phoronix Test Suite 9.0 Released With New Result Viewer, Offline/Enterprise Benchmarking Enhancements

  Phoronix Test Suite 9.0 is now available as the latest quarterly feature release to our cross-platform, open-source automated benchmarking framework. With Phoronix Test Suite 9.0 comes a rewritten result viewer to offer more result viewing functionality previously only exposed locally via the command-line or through a Phoromatic Server (or OpenBenchmarking.org when results are uploaded), new offline/enterprise usage improvements, various hardware/software detection enhancements on different platforms, and a variety of other additions.

Avnet has launched an “RFSoC Development Kit” that extends Xilinx’s eval kit for its Linux-powered, Zynq UltraScale+ RFSoC. The kit adds a Qorvo 2×2 Small Cell RF front-end for SDR prototyping and integrates MATLAB and Simulink.

Xilinx launched its 5G-focused Zynq UltraScale+ RFSoC variant of its Arm/FPGA hybrid Zynq UltraScale+ MPSoc last year and then announced a Gen3 update in early February. Avnet has now launched an extended version of the Linux-driven Xilinx Zynq UltraScale+ RFSoC ZCU111 Evaluation Kit that adds a Qorvo 2×2 Small Cell RF Front-end 1.8GHz Card and MATLAB support for software-defined radio (SDR) prototyping,

Also: SMARC 2.0 module runs Linux on i.MX8M Mini

• How to install the LosslessCut video editor on Linux

• How to Install Mastodon on Debian 9

• SUSE 15 update installed packages for security

• OpenBSD Install BASH Shell Package Command

• 50 Useful and Simple IPtables Rules for Linux Administrator

• Getting started with Zsh

• Changing code to use fedora-messaging instead of fedmsg

The KDE versions both full and the minimalistic Darkstar contain kernel 5.2.15 plus a fully updated KDE Plasma desktop. Plasma desktop 5.16.5, Plasma Applications 19.08.1 and Plasma Frameworks 5.62.

The Mate Desktop was refreshed with kernel 5.2.15 and the applications and libraries were updated to their most recent stable versions from the previous release.

The Xfce Desktop was tweaked and now uses the Whisker menu by default. A login sound was added and the applications were updated along with some minor bug fixes.

In addition all ISOs now include the Nvidia 430.50 driver and will be used instead of the nouveau driver if your video card supports it. Hardware detection scripts were updated to provide better support for video cards that can use the Nvidia 430.50 driver. Pulseaudio has been updated to the stable 13.0 release. The Simple Update Notifier was reworked and now works for keeping you notified of system updates and the ability to update from the applet using apt-get. Small improvements were made to the Live media boot scripts. Vbox test media is also included on the installation media. This program allows you to quickly test an ISO on the fly or usbstick with various options without having to create a permanent VM in Virtualbox. Requires a valid Virtualbox installation. Thanks to the people involved for their contributions to this program.

• Top 7 Best Android GIF Apps – 2019

• How to change the Google Maps voice on an Android phone or iPhone

• How to avoid the dreaded Video4Linux flaw in Android

• How to use gesture navigation in Android 10, or how to turn it off

• Samsung’s Android 10 beta program may start in October w/ Galaxy S10, Note 10

• Samsung Android 10 beta could arrive very soon

• Nova Launcher beta adds support for Android 10 dark theme

• LG's next Android tablet is already listed for sale in the US

• OnePlus TV teaser shows off smartphone integration w/ custom Android TV keyboard

Astrid Emde has announced the new release of OSGeoLive 13.0 on Sep 12, 2019.

This release has improved the Python experience a lot by adding an additional Python modules like Fiona, rasterio, cartopy, pandas, geopandas, mappyfile.

Also, added the following new applications MapCache, GeoExt, t-rex, actinia.

Many packages have been updated to the latest version.

[...]

It is featuring a large collection of open-source geospatial software and free world maps.

It provides bootable ISO-Images and Virtual Machines which allow users to try out fully-operational versions of popular Free Geospatial Software without the need to install a thing.

• Security updates for Tuesday

  Security updates have been issued by Debian (dino-im, python2.7, python3.4, and wpa), Fedora (kmplayer), openSUSE (podman and samba), Oracle (thunderbird), Red Hat (thunderbird), Slackware (expat), SUSE (curl), and Ubuntu (apache2).

• This New Linux Malware Mines Crypto By Creating Malign Linux Modules

  As per the research, the new Linux malware mines crypto by creating malicious loadable kernel modules (LKM) to stay under the wraps. As the malware utilizes Linux kernel module rootkits, it becomes difficult to detect and patch it. This is because of its overwriting and modification of kernel parts capabilities.

• A Critical Exim Vulnerability, Lilocked Ransomware on the Rise, but Linux Not to Blame

  In the context of these recent vulnerabilities and exploits, it is easy to label Linux and Open Source as “vulnerable” or “insecure”. However, doing so is unfair as well as incorrect. Unlike Windows and MacOS, Linux is a multi-user environment (a characteristic that the OS inherited from Unix) where users are granted specific privileges. This design prevents the compromise of one user account from impacting an entire system. In order to gain control over a Linux system, malware would have to gain root access to the system.

  Vulnerabilities exist in every system, and in terms of security vulnerabilities, Linux has a relatively clean record when compared to other popular operating systems. In the words of Linux creator Linus Torvalds, “Given enough eyeballs, all bugs are shallow”. Because of the intense review that Linux is continuously undergoing from security experts in the Open Source community, vulnerabilities are quickly identified and fixed. Because of this, as well as the way in which Linux manages privileges, relatively few viruses and worms are written to attack Linux systems. In comparison, proprietary operating systems like Microsoft Windows are easy targets for malicious coders, making them frequent victims of malware and viruses. This year, a total of 700 vulnerabilities in Microsoft Windows were disclosed, 189 of which were classified as critical.

  Exim, however, is a notoriously insecure mail server. In spite of this, it has a market share of over 57 percent, due to the fact that the MTA has been bundled with many Linux distros, including Debian and Red Hat. Thus, the frequent security bugs and exploits involving Exim affect a large number of Linux users, but are not a reflection of the inherent security of the Linux OS.

• 30 Nmap examples

• /dev/random vs /dev/urandom and are they secure?

• Recover Removed Files from Windows NTFS Drive using Live Ubuntu DVD

• Configure Git Server with HTTP on Ubuntu

• How to Install Krita 4.2.6 in Ubuntu 18.04 via PPA

• Announcing New Course: Hyperledger Sawtooth for Application Developers

• Setup a Local WordPress Development Environment with Vagrant