• Motorola rolling out Android 9.0 Pie to Australian moto g6 phones

• Samsung Galaxy A8+ (2018) Starts Receiving Android Pie Update in India, With February Patch: Report

• Xiaomi Mi A1 gets support for LineageOS 16 based on Android Pie

• Google to be hit with new fines as it prompts Android users to choose browsers

• The new Blackview A60 is an Android Go phone with a big 4080 mAh battery

I have always been curious about the tiny computer called Raspberry Pi but I didn’t have the time or opportunity to buy one until now. I got the latest version (Raspberry Pi 3 Model B+) along with bundled accessories from AliExpress for $65. I think it was a good deal considering what I got which I will explain to you later on. But before that and for your convenience, here are some quick facts about Raspberry Pi that I got from Wikipedia...

• Parental controls & metered data hackfest: days 1 & 2

  I’m currently at the Parental Controls & Metered Data hackfest at Red Hat’s office in London. A bunch of GNOME people from various companies (Canonical, Endless, elementary, and Red Hat) have gathered to work out a plan to start implementing these two features in GNOME. The first two days have been dedicated to the parental control features. This is the ability for parents to control what children can do on the computer. For example, locking down access to certain applications or websites.

  Day one began with presentations of the Endless OS implementation by Philip, followed by a demonstration of the Elementary version by Cassidy. Elementary were interested in potentially expanding this feature set to include something like Digital Wellbeing – we explored the distinction between this and parental controls. It turns out that these features are relatively similar – the main differences are whether you are applying restrictions to yourself or to someone else, and whether you have the ability to lift/ignore the restrictions. We’ve started talking about the latter of these as “speed bumps”: you can always undo your own restrictions, so the interventions from the OS should be intended to nudge you towards the right behaviour.

  After that we looked at some prior art (Android, iOS), and started to take the large list of potential features (in the image above) down to the ones we thought might be feasible to implement. Throughout all of this, one topic we kept coming back to was app lockdown. It’s reasonably simple to see how this could be applied to containerised apps (e.g. Snap or Flatpak), but system applications that come from a deb or an rpm are much more difficult. It would probably be possible – but still difficult – to use an LSM like AppArmor or SELinux to do this by denying execute access to the application’s binary. One obvious problem with that is that GNOME doesn’t require one of these and different distributions have made different choices here… Another tricky topic is how to implement website white/blacklisting in a robust way. We discussed using DNS (systemd-resolved?) and ip/nftables implementations, but it might turn out that the most feasible way is to use a browser extension for this.

• GNOME ED Update – February

  Another update is now due from what we’ve been doing at the Foundation, and we’ve been busy!

  As you may have seen, we’ve hired three excellent people over the past couple of months. Kristi Progri has joined us as Program Coordinator, Bartłomiej Piorski as a devops sysadmin, and Emmanuele Bassi as our GTK Core developer. I hope to announce another new hire soon, so watch this space…

  There’s been quite a lot of discussion around the Google API access, and GNOME Online Accounts. The latest update is that I submitted the application to Google to get GOA verified, and we’ve got a couple of things we’re working through to get this sorted.

• Top 5 trending games on Android this week (March 10-16)

• The 7 Best Android TV Launcher Apps

• Manage Your Android Notifications with These Tips and Tricks

• Imagination delivers new and enhanced developer tools for Android

• Galaxy A8+ (2018) Android Pie update rolling out in India

• Samsung Galaxy A8+ (2018) Android Pie update rollout expands

• Google to prompt Android users to choose preferred browsers to allay EU concerns

• Google to prompt Android users to choose browsers, search apps

• Here are all the enterprise features in the Android Q beta

• Source: The Motorola One Vision is an Android One phone with the Exynos 9610

Why bother having a process for proposing changes to your open source project? Why not just let people do what they're doing and merge the features when they're ready? Well, you can certainly do that if you're the only person on the project. Or maybe if it's just you and a few friends.

But if the project is large, you might need to coordinate how some of the changes land. Or, at the very least, let people know a change is coming so they can adjust if it affects the parts they work on. A visible change process is also helpful to the community. It allows them to give feedback that can improve your idea. And if nothing else, it lets people know what's coming so that they can get excited, and maybe get you a little bit of coverage on Opensource.com or the like. Basically, it's "here's what I'm going to do" instead of "here's what I did," and it might save you some headaches as you scramble to QA right before your release.

• Google Open-sources Sandboxed API, a tool that helps in automating the process of porting existing C and C++ code

  Yesterday, the team at Google open-sourced Sandboxed API, a tool that Google has been using internally for its data centers for years. It is a project for sandboxing C and C++ libraries running on Linux systems. Google has made the Sandboxed API available on GitHub.

  Sandboxed API helps coders to automate the process of porting their existing C and C++ code in order to run on top of Sandbox2, which is Google’s custom-made sandbox environment for Linux operating systems. Sandbox2 has also been open-sourced and is included with Sandboxed API GitHub repository.

  Christian Blichmann & Robert Swiecki, from Google’s ISE Sandboxing team, said, “Many popular software containment tools might not sufficiently isolate the rest of the OS, and those which do, might require time-consuming redefinition of security boundaries for each and every project that should be sandboxed.”

• Google open-sources its Sandboxed API tools for isolating application processes

  Google LLC has open-sourced a new tool for developers that lets them sandbox C and C++ libraries that run on Linux-based operating systems.

  Developed internally by Google, the Sandboxed API has been used in its data centers for several years already, the company said in a blog post Monday announcing the move. Google has made Sandboxed API available to download on GitHub, together with its documentation that describes how to get it up and running.

• Init Container Build Pattern: Knative build with plain old Kubernetes deployment

  With Kubernetes evolving at supersonic speed and seeing a lot of adoption in the enterprise world, the developer community is now looking for solutions to common Kubernetes problems, such as patterns. In this article, I will explore a new Kubernetes pattern using Init Containers.

  Let’s start with the use case that gave birth to this problem: Quarkus—Supersonic and Subatomic Java—has excited the Java developer community with its amazing speed and all new native build artifact for Java applications. As one of those excited developers, I want to quickly build and deploy a Quarkus application on to Kubernetes.

• KubeEdge, a Kubernetes Native Edge Computing Framework

  Open source edge computing is going through its most dynamic phase of development in the industry. So many open source platforms, so many consolidations and so many initiatives for standardization! This shows the strong drive to build better platforms to bring cloud computing to the edges to meet ever increasing demand. KubeEdge, which was announced last year, now brings great news for cloud native computing! It provides a complete edge computing solution based on Kubernetes with separate cloud and edge core modules. Currently, both the cloud and edge modules are open sourced.

  Unlike certain light weight kubernetes platforms available around, KubeEdge is made to build edge computing solutions extending the cloud. The control plane resides in cloud, though scalable and extendable. At the same time, the edge can work in offline mode. Also it is lightweight and containerized, and can support heterogeneous hardware at the edge. With the optimization in edge resource utlization, KubeEdge positions to save significant setup and operation cost for edge solutions. This makes it the most compelling edge computing platform in the world currently, based on Kubernetes!

• Red Hat Security: The Product Security Blog has moved!

  Red Hat Product Security has joined forces with other security teams inside Red Hat to publish our content in a common venue using the Security channel of the Red Hat Blog. This move provides a wider variety of important Security topics, from experts all over Red Hat, in a more modern and functional interface. We hope everyone will enjoy the new experience!

• From virtualization to emerging workloads: How Red Hat and NVIDIA are driving enterprise innovation

  Innovations like artificial intelligence (AI), machine learning (ML) and other emerging workloads present a vision of IT’s future, one where intelligent solutions can more effectively analyze and address evolving business needs. But this vision can be limited by current IT infrastructure, which can often require significant investments in order to enable new workloads.

  One answer to this challenge is through workload acceleration, which uses specialized computational resources, like graphic processing units (GPUs) to tackle intense computing tasks. Established in scientific and research computing, GPUs such as those offered by NVIDIA are now catching the attention of enterprise IT as a technology that can accelerate compute-intensive operations found in data science and AI, extending their reach to a broader range of end users.

• SUSE Enterprise Storage 6 Beta Program

  SUSE Enterprise Storage 6, the upcoming release from SUSE, enables IT organizations to seamlessly adapt to changing business demands while reducing IT operational expense with new features focused on containerized and cloud workload support, improved integration with public cloud and enhanced data protection capabilities. This release of SUSE Enterprise Storage will be available for first customer ship in early June. However, you can download a BETA version today and give release 6 a test drive. It is built on the upstream Ceph release: Nautilus and updated to run on SUSE Linux Enterprise Server 15 SP1 BETA. There are a lot of new features in SUSE Enterprise Storage 6.

• From Paris with Love

  Last week, I had the great pleasure of being among the team representing SUSE at HPE’s Technology and Solutions Summit (aka HPE TSS) in Paris. HPE’s largest and most comprehensive technical and solutions knowledge transfer event is aimed at presales consultants and solutions architects from HPE and their partners, bringing together teams from within HPE and their partner community all with the aim of sharing knowledge about their products and services.

  Around 3,000 delegates converged upon the City of Lights to learn, exchange ideas and have a little fun in the city that is home to Notre Dame Cathedral, the Louvre Museum, the legendary Eiffel Tower, and of course the many creperies serving up delicious treats to hungry visitors!

• Latest UP board combines Whiskey Lake with AI Core X modules

  Aaeon has posted specs for a Linux-ready “UP Xtreme” SBC with a 15W, 8th Gen Whiskey Lake-U CPU, up to 16GB DDR4 and 128GB eMMC, 2x GbE, 6x USB, SATA, and optional AI Core X modules via M.2 and mini-PCIe.

  Aaeon’s community-backed UP project, which most recently brought us the Intel Apollo Lake based Up Squared and UP Core Plus SBCs, has announced an UP Xtreme hacker board built around Intel’s 8th Gen Whiskey Lake U-series Core processors. This is likely the fastest open-spec, community-backed SBC around, depending on your definition.

• When your profiler fools you

  If you've been following my blog, you'll know about Nageru, my live video mixer, and Futatabi, my instant replay program with slow motion. Nageru and Futatabi both work on the principle that the GPU should be responsible for all the pixel pushing—it's just so much better suited than the CPU—but to do that, the GPU first needs to get at the data.

  Thus, in Nageru, pushing the data from the video card to the GPU is one of the main CPU drivers. (The CPU also runs the UI, does audio processing, runs an embedded copy of Chromium if needed—we don't have full GPU acceleration there yet—and not the least encodes the finished video with x264 if you don't want to use Quick Sync for that.) It's a simple task; take two pre-generated OpenGL textures (luma and chroma) with an associated PBO, take the frame that the video capture card has DMAed into system RAM, and copy it while splitting luma from chroma. It goes about as fast as memory bandwidth will allow.

  [...]

  Seemingly after a little more tuning of freelist sizes and such, it could sustain eight 1080p59.94 MJPEG inputs, or 480 frames per second if you wanted to—at around three cores again. Now the profile was starting to look pretty different, too, so there were more optimization opportunities, resulting in this pull request (helping ~15% of a core). Also, setting up the command buffers for the GPU copy seemingly takes ~10% of a core now, but I couldn't find a good way of improving it. Most of the time now is spent in the original memcpy to NVIDIA buffers, and I don't think I can do much better than that without getting the capture card to peer-to-peer DMA directly into the GPU buffers (which is a premium feature you'll need to buy Quadro cards for, it seems). In any case, my original six-camera case now is a walk in the park (leaving CPU for a high-quality x264 encode), which was the goal of the exercise to begin with.

  So, lesson learned: Sometimes, you need to look at the absolutes, because the relative times (which is what you usually want) can fool you.

• Keith Packard: metro-snek

  When I first mentioned Snek a few months ago, Phillip Torrone from Adafruit pointed me at their Metro M0 board, which uses an Arduino-compatible layout but replaces the ATMega 328P with a SAMD21G18A. This chip is an ARM Cortex M0 part with 256kB of flash and 32kB of RAM. Such space!

  Even though there is already a usable MicroPython port for this board, called CircuitPython, I figured it would be fun to get Snek running as well. The CircuitPython build nearly fills the chip, so the Circuit Python boards all include an off-chip flash part for storing applications. With Snek, there will be plenty of space inside the chip itself for source code, so one could build a cheaper/smaller version without the extra part.

• Intel Working On Some Interesting Coreboot Improvements: Multi-CPU Support, SMM

  Last week during Facebook's Open Compute Project (OCP) Summit, some interesting details were revealed by Intel and their work on this open-source hardware initialization effort alternative to proprietary BIOS/firmware.

  One is that Intel is working on multi-CPU support within Coreboot for multi-socket server platforms. The code for this has yet to be published.

• gym-gazebo2 toolkit uses ROS 2 and Gazebo for reinforcement learning

  The first gym-gazebo was a successful proof of concept, which is being used by multiple research laboratories and many users of the robotics community. Given its positive impact, specially regarding usability, researchers at Acutronic Robotics have now freshly launched gym-gazebo2.

• Installing network printers under Linux

• Installing Microsoft SQL Server on Red Hat Enterprise Linux 8 Beta

• Epiphany Technology Preview Upgrade Requires Manual Intervention

• [Quick Tip] Move Clock To The Right of Top Panel in Ubuntu 18.04

• Driftnet on Debian: Sniffing images within a network

• Install and Use Email Client on elementary OS

• CloudLinux Installation Wizard — From Beta to Production within a Week!

• Keep All Your Linux Servers in Check

• How to install Cachet status page system on Ubuntu Server 18.04

I have covered window tiling editors/managers previously with apps like herbstluftwm and Tilix so check them out if you haven’t already.

Sway is a free and open source tiling Wayland compositor that is compatible with the i3 window manager, uses the same configuration syntax, and works with most of the software designed for i3.

Sway makes use of all the available space on your screen and automatically adjusts window sizes as you open more apps and you can navigate between apps with your keyboard.

App windows can be arranged horizontally, vertically, stacked, or tabbed and you can change their size as well as split windows into containers of several windows all without touching your mouse. You could, however, use your mouse to rearrange windows and even take windows out of the tiling grid and manipulate them.44

• RADV Vulkan Driver Gets Patches For VK_KHR_8bit_storage

  The Mesa Radeon "RADV" Vulkan driver has a series of patches pending for introducing VK_KHR_8bit_storage support.

  Rhys Perry of the Nouveau crowd worked on the VK_KHR_8bit_storage support for RADV back in February while it's now being carried forward by Valve Linux developer Samuel Pitoiset. The VK_KHR_8bit_storage extension as implied by the name allows for using 8-bit types in uniform and storage buffers as well as push constant blocks.

• xf86-video-ati / xf86-video-amdgpu 19.0.1 Released To Better Deal With DP MST Displays

  Radeon DDX wrangler Michel Dänzer of AMD has announced the releases today of xf86-video-amdgpu 19.0.1 and the xf86-video-ati 19.0.1 release for older Radeon hardware.

  The lone change with the xf86-video-amdgpu X.Org driver update is support for the RandR output tile properties in better dealing with DisplayPort Multi-Stream Transport (DP MST) displays. This was the change that landed last week in these X.Org drivers and ushering out these new point releases to ship this support finally -- years after the support was added to the X.Org Server and xf86-video-modesetting.

• Nvidia ray traces the heck out of Quake II… launching for free in April

  Nvidia has been working behind the scenes on Q2VKPT with creator Christoph Schied to build Quake II RTX: a cutting-edge reimagining of the old school classic. While Schied has been working on a ray-traced version of Quake II for some time, and doing a grand job of it too, Nvidia has lent its expertise to bring the classic shooter into 2019 and utilise all that ray tracing has to offer.

• Google announce ‘Stadia’, their new cloud gaming service built on Linux and Vulkan

  Google have now finally unveiled their new cloud gaming service named Stadia, offering instant access to play games in Google Chrome.

  What they joked was the worst-kept secret in the industry (no kidding), sounds like quite an interesting service. Certainly one that could eventually end up redefining what gaming is. A little hyperbolic maybe? I'm not so sure considering how easy this should be to jump into a game. On top of that, they very clearly talked about how it's built on Linux (Debian specifically) and Vulkan with custom GPUs from AMD.

• Google’s Stadia Is “Netflix For Games” — Play Any Game Without Installation

  everaging the network of its highly efficient and scalable server infrastructure, Google has finally launched its much-anticipated game streaming service called Stadia. The announcement took place at the company’s keynote at the Game Developers Conference in San Francisco.

• Stadia is Google’s New Gaming Service Powered by Linux & Open-Source Tech

  Stadia, a brand new game streaming service from Google, has been revealed — and it’s powered by open source technology.

  Long rumoured, but only formally announced at Games Developer Conference (GDC) 2019, the cloud gaming service promises to let gamers game from pretty much anywhere they want.

  There’s no Stadia console; no box you buy and hook up to your TV. Instead, games run from a datacenter and are streamed to you via the internet. Games can be streamed at up to 4k at 60fps, depending on your connection, of course.

  So folks, the dream of playing AAA games on Stadia on your crummy downstairs TV; your mid-range Android; or a potato laptop running Linux and Google Chrome, is now real.

• Stadia Is Google's Cloud Gaming Service Using Linux, Vulkan & A Custom AMD GPU

  Google used the annual Game Developers Conference (GDC 2019) to officially unveil "Stadia" as their cloud-based game streaming service formerly known as Project Stream.

  To little surprise these days, the Google Stadia streaming service is built on Linux servers. Also to not a lot of surprise, Vulkan is their graphics API of choice for streaming right now up to 4K at 60FPS while they plan to expand to 8K at 120FPS in the future.

• The Humble Curve Digital Bundle is out with four nice Linux games

  Now that the dust has settled on the Google Stadia news, here's something entirely different: the Humble Curve Digital Bundle.

• Atari VCS Release Delayed – But There’s a Good Reason Why

  Remember the Atari VCS, aka the crowd-funded Linux-based games console that is totally not vapourware and will absolutely be released?

  Well, its release just got delayed.

  Those who backed the (very successful) IndieGoGo campaign won’t receive their units until late 2019 at the earliest. The console had originally planned to ship to backers in the summer of 2019, and go on general sale soon after.

  But although this delay is disappointing development for fans of this particular vintage gaming icon, there is an upside.

  Yup, it turns there is a very good reason for the delay…

The official KDE Connect Android app was briefly removed from the Google Play Store for “violating” app permission policies.

Google yanked the phone-side companion app, which works with desktop tools like GSconnect, from its Android app store on March 19. It said the app did not adhere to its new rules on apps that can access to SMS messages.

Michlmayr made the comments as part of his platform for the leadership elections; he and four others are contesting for leader of the project, with the campaigning period running until 6 April. Nominees also take part in online debates as part of pushing their claims to the post of leader.

He said that he had not been active in Debian of late but believed that the role of DPL should have three sides to it: administrator, facilitator and leader.

Having been the DPL in 2003 and 2004, Michlmayr said he was familiar with the role. "If I didn't believe in Debian, I wouldn't run in this DPL election. I acted as DPL before and know how difficult being the DPL can be sometimes. Yes, I see severe problems in Debian, but I firmly believe that together we can solve them!" he added.

• 40 Linux Server Hardening Security Tips [2019 edition]

• Why Trust Is Key for Cyber-Security Risk Management

  "Trust" is an often-overused term, but according to Rohit Ghai, president of RSA Security, trust is the key to understanding and managing digital risk.

  In a video interview with eWEEK, Ghai discusses his views on trust, where the concept of an artificial intelligence "digital twin" fits in and why there could well be a need to redefine industry cyber-security categories to better reflect how risk management technologies should work. He also provides insight into how RSA Security's products, including Archer, Netwitness and SecurID, fit together to help organizations provide trust and manage risk.

  "As long as we pay attention to the idea of risk and trust co-existing and taking a risk orientation to security, I think we'll be fine," Ghai said. "Trust is important. We are living in an era where people are losing faith or trust in technology, and we have to act now to restore it."

• IPFire 2.21 - Core Update 129 is ready for testing

  The next release is available for testing - presumably going to be last release in the 2.21 series before we bring some bigger changes. This update has a huge number and significant changes for IPsec as well as many updates to the core system and various smaller bug fixes.

• Superuser accounts: What they are and how to secure them

  Most security technologies are helpless in protecting against superusers because they were developed to protect the perimeter – but superusers are already on the inside. Superusers may be able to change firewall configurations, create backdoors and override security settings, all while erasing traces of their activity.

  Insufficient policies and controls around superuser provisioning, segregation and monitoring further heighten risks. For instance, database administrators, network engineers and application developers are frequently given full superuser-level access. Sharing of superuser accounts among multiple individuals is also a rampant practice, which muddles the audit trail. And in the case of Windows PCs, users often log in with administrative account privileges –far broader than what is needed.

• 2018 Malcolm Tredinnick Memorial Prize awarded to Kojo Idrissa

  The Board of the Django Software Foundation is pleased to announce that the 2018 Malcolm Tredinnick Memorial Prize has been awarded to Kojo Idrissa.

• Python Decorators 101

• Python Tuples: Cheat Sheet

• Clean up and remove a Python3 homebrew install

• PyCoder’s Weekly: Issue #360 (March 19, 2019)

• How to Distribute a wxPython Application

Install fests invite users to bring their computers so that experts can install GNU/Linux on them. This is meant to promote the idea of free software as well as the use of free software. In practice, these two goals conflict: users that want to reject nonfree software entirely need to choose their computers carefully to achieve that goal.

The problem is that most computers can't run with a completely free GNU/Linux distro. They contain peripherals, or coprocessors, that won't operate unless the installed system contains some nonfree drivers or firmware. This happens because hardware manufacturers refuse to tell us how to use their products, so that the only way to figure out how is by reverse engineering, which in most cases has not yet been done.

This presents the install fest with a dilemma. If it upholds the ideals of freedom, by installing only free software from 100%-free distros, partly-secret machines won't become entirely functional and the users that bring them will go away disappointed. However, if the install fest installs nonfree distros and nonfree software which make machines entirely function, it will fail to teach users to say no for freedom's sake. They may learn to like GNU/Linux, but they won't learn what the free software movement stands for. In effect, the install fest makes a tacit deal with the devil that suppresses the free software movement's message about freedom and justice.

The nonfree software means the user sacrifices freedom for functionality. If users had to wrestle with this choice, they could draw a moral lesson from it, and maybe get a better computer later. But when the install fest makes the compromise on the user's behalf, it shelters the user from the moral dimension; the user never sees that something other than convenience is at stake. In effect, the install fest makes the deal with the devil, on the user's behalf, behind a curtain so the user doesn't recognize that it is one.

I propose that the install fest show users exactly what deal they are making. Let them talk with the devil individually, learn the deal's bad implications, then make a deal—or refuse!

As always, I call on the install fest itself to install only free software, taking a strict stance. In this way it can set a clear moral example of rejecting nonfree software.

My new idea is that the install fest could allow the devil to hang around, off in a corner of the hall, or the next room. (Actually, a human being wearing sign saying “The Devil,” and maybe a toy mask or horns.) The devil would offer to install nonfree drivers in the user's machine to make more parts of the computer function, explaining to the user that the cost of this is using a nonfree (unjust) program.

Also: RMS article: "Install fests: What to do about the deal with the devil"

The LinHES Dev team is pleased to announce the release of LinHES R8.6!

LinHES R8.6 updates MythTV to 30-fixes as well as updates to the kernel, system libraries, graphics drivers and many other parts of LinHES.

Release notes and upgrade instructions can be found here.

Also: Tails 3.13 is out

• How To Install Plex Media Server on Ubuntu 18.04 LTS

• How To Set Up an OpenVPN Server on Debian 9

• How to Extract tar xz File in Linux

• How to Use the ls Command in Linux

• How to Use the rm Command in Linux

• How to change the ssh port on Linux or Unix server

• How to Install and Setup Thunderbird Email Client in Ubuntu

• How to disable auto-dismiss for notifications on Firefox

• How to install ROSA R11

• How to install Spotify on elementary OS

• How to play N64 games with Retroarch on Linux

• Google Calendar update brings automatic room suggestion to Android, iOS

• Google Photos update fixes buggy dark mode on Android Q (mostly)

• Google Photos adds Express Backup and Data Caps for Android users in India

• Google Stadia announced, a game streaming service for Chrome, Android, and TVs

• Nokia 5.1 is the latest handset to get Android Pie update

• A study analyzes pre-installed software on Android devices and its privacy risks for users

• The EPO Has Sadly Taken a Side and It’s the Patent Trolls’ Side
• Where the USPTO Stands on the Subject of Abstract Software Patents
• Links 19/3/2019: Jetson/JetBot, Linux 5.0.3, Kodi Foundation Joins The Linux Foundation, and Firefox 66
• Links 18/3/2019: Solus 4, Linux 5.1 RC1, Mesa 18.3.5, OSI Individual Member Election Won by Microsoft