Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Wednesday, 22 Jan 20 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Programming Leftovers Roy Schestowitz 21/01/2020 - 12:23pm
Story Games: Steam Client, Slay the Spire and DASH (Danger Action Speed Heroes) Roy Schestowitz 21/01/2020 - 12:15pm
Story Need a distraction-free art application on Linux? Try out MyPaint Roy Schestowitz 21/01/2020 - 12:11pm
Story today's howtos Roy Schestowitz 21/01/2020 - 11:19am
Story Android Leftovers Rianne Schestowitz 21/01/2020 - 10:47am
Story today's leftovers Roy Schestowitz 21/01/2020 - 10:35am
Story Security/Integrity/Availability Leftovers Roy Schestowitz 21/01/2020 - 10:29am
Story Entrapment by Microsoft GitHub or Censorship by Microsoft Roy Schestowitz 21/01/2020 - 10:27am
Story Here’s Why Windows 7 Users Should Switch to Linux Rianne Schestowitz 21/01/2020 - 10:11am
Story Have You Tried Kaisen Linux? — A New System Rescue Linux Distro Rianne Schestowitz 21/01/2020 - 10:00am

Linux 5.5 RC7

Filed under
Linux
  • Linux 5.5-rc7
    Well, things picked up at the end of the week, with half of my merges
    happening in the last two days.
    
    Whether that is the usual "send the weeks work to Linus on Friday", or
    a sign that things are just picking up in general after the holidays,
    I don't know.  If the former, I'll probably just release the final 5.5
    next week. But if it looks like there's pent-up fixes pending next
    week, I'll make another rc.
    
    Nothing in here looks particularly odd. Drivers is about half of the
    patch (networking, sound, gpio, gpu, scsi, usb, you name it), with the
    rest being the usual mix - arch, networking, filesystems, core
    kernel..  The diffstat looks mostly fairly nice and flat, with a
    couple of exceptions that look harmless (a few device tree file
    updates, some pure code movemment, and a couple of driver fixes that
    ended up changing calling conventions to get done and as a result got
    to be more lines than the bug otherwise would have merited).
    
    Please do test, there should be nothing scary going on.
    
                  Linus
    
  • Kernel prepatch 5.5-rc7

    The 5.5-rc7 kernel prepatch is out. Linus is still unsure whether the final 5.5 release will come out next week or not: "if it looks like there's pent-up fixes pending next week, I'll make another rc".

  • Linux 5.5-rc7 Kernel Released

    The seventh weekly release candidate to Linux 5.5 is now available for testing.

    Linus noted with Linux 5.5-rc7 there was a large uptick in patch volume at week's end. "Well, things picked up at the end of the week, with half of my merges happening in the last two days."

    Due to the recent holidays in large part, it's possible an eighth release candidate may be needed for Linux 5.5 before then releasing the kernel as stable on 2 February. However, in today's 5.5-rc7 announcement, Torvalds noted he may just end up releasing 5.5 stable next week. In any case, the release of Linux 5.5 is right on the horizon and this should be the kernel powering Ubuntu 20.04 LTS and other upcoming distribution releases.

GNU Make 4.3 Released!

Filed under
Development
GNU

The next stable version of GNU make, version 4.3, has been released and is available for download from https://ftp.gnu.org/gnu/make/

Please see the NEWS file that comes with the GNU make distribution for details on user-visible changes.

Read more

Also: GNU Make 4.3 Released With Performance Improvements, Newer GNU libc + Musl Support

Kernel: Zhaoxin, Arch Linux's Zen and WireGuard in Linux 5.6

Filed under
Linux
  • Zhaoxin 7-Series x86 CPUs Mitigated For Spectre V2 + SWAPGS

    When it comes to the Zhaoxin x86-compatible processors coming out of VIA's joint venture in Shanghai, their forthcoming 7-series (KX-7000) has hardware mitigations in place for some CPU vulnerabilities.

    We haven't heard much about these Chinese x86 CPUs with regards to speculative execution vulnerabilities but it appears the pre-7-Series is vulnerable to Spectre Variant Two and at least SWAPGS. But with their 7-series, hardware mitigations appear to be in place.

  • Benchmarks Of Arch Linux's Zen Kernel Flavor

    Following the recent Linux kernel tests of Liquorix and other scheduler discussions (and more), some requests from premium supporters rolled in for seeing the performance of Arch Linux's Zen kernel package against the generic kernel. Here are those benchmark results.

    These are some benchmarks I recently did on the AMD Ryzen Threadripper 3970X while running EndeavourOS. Tests were done with its default Linux 5.4.8-arch1 kernel compared to the same kernel revision but using Arch's Zen kernel flavor. That is Arch's spin of the Zen-kernel patches (not to be confused with AMD Zen).

  • Intel's ConnMan Is Ready With WireGuard Support

    In addition to NetworkManager having good WireGuard support in advance of this secure VPN tunnel tech landing with the Linux 5.6 kernel, Intel's ConnMan software is also ready with supporting WireGuard.

    Intel's ConnMan hasn't seen a new tagged release in nearly one year but over the past two months in the Git development code WireGuard support has materialized. ConnMan, as a reminder, is the Intel-led effort for providing an Internet connection manager on Linux designed for embedded/mobile use-cases that dates back to their Moblin days.

Update: State of CentOS Linux 8, and CentOS Stream

Filed under
Red Hat

We wanted to update you on what is happening, largely out of sight to most of the community, on the CentOS Linux 8 front. We have appreciated the patience of the community, but we understand that your patience won’t last forever.

A lot of the work in rebuilding RHEL sources into CentOS Linux is handled by automation scripts. Due to the changes between RHEL 7 and RHEL 8, many of these scripts no longer work, and had to be fixed to reflect the new layout of the buildroot. This work has been largely completed, allowing us to pull the source from Red Hat without a lot of manual work. This, in turn, should make the process of rebuilding RHEL 8.2 go much more smoothly than RHEL 8.0 and 8.1 have done.

Read more

Also: Retooled CentOS Build Scripts To Help Spin New Releases Quicker, More Automation

The Performance Cost To SELinux On Fedora 31

Filed under
Graphics/Benchmarks

Following the recent AppArmor performance regression in Linux 5.5 (since resolved), some Phoronix readers had requested tests out of curiosity in looking at the performance impact of Fedora's decision to utilize SELinux by default. Here is how the Fedora Workstation 31 performance compares out-of-the-box with SELinux to disabling it.

By default Fedora runs with SELinux enabled in an enforcing and targeted mode. But by booting with selinux=0 as a kernel parameter or editing /etc/selinux/config it's possible to outright disable the Security Enhanced Linux functionality or change its operating mode.

Read more

Events: XDC2020, SUSECON and Xen Project Developer & Design Summit

Filed under
OSS
  • X.Org's XDC2020 May Abandon Poland Conference To Find More Welcoming European Location

    Hopefully you didn't yet book your tickets to XDC2020 as the annual X.Org conference as the venue -- and host country for that matter -- may change.

    The annual X.Org Developers' Conference flips each year between different venues in North American and Europe. Last year it was announced XDC2020 would be hosted in Gdansk, Poland by a local Polish crew at Intel. But now that decision is being reassessed over finding a more welcoming and inclusive country for the event.

  • Top 5 Reasons Why You CAN’T MISS SUSECON 2020

    A new year, a new decade, and a new SUSE (now fully independent), all coalesce to a new SUSECON—bigger, more inspiring, and more focused on the world we live in than ever before. Like a pot of gold, SUSECON 2020 will be full of life-enhancing moments to make your world better. Here are the top five riches you have to look forward to when the rainbow lands in Dublin, March 23 – 27, 2020.

  • Xen Project Design and Developer Summit: Registration and CFP Open Now!

    Starting today, registration and Call for Proposals officially opens for the Xen Project Developer & Design Summit. This year’s Summit, taking place from June 2nd through the 4th at the PRECIS Center in Bucharest, Romania, will bring together the Xen Project community of developers and power users to share ideas, latest developments, and experiences, as well as offer opportunities to plan and collaborate on all things Xen Project.

    If you’d like to present a talk at the Summit, the Call For Proposals is open now and will close Friday, March 6, 2020.

    The Xen Summit brings together key developers in this community and is an ideal sponsorship opportunity. If you are interested in sponsoring this year’s event, check out the Sponsorship Page. For information regarding registration, speaking opportunities and sponsorships, head over the event website and learn more!

This Cool Cyberpunk Desktop is Easy to Recreate on Kubuntu

Filed under
KDE

Arguably the most striking feature of this neo-noir desktop in the video above is the vivid live wallpaper. Atmospheric, this instantly instills an edgy, futuristic vibe reminiscent of films like Blade Runner, Dark City, and eXistenZ.

I am even more impressed by easy it is to recreate the whole look (assuming you’re running KDE Plasma desktop) for yourself.

On a regular Ubuntu desktop with GNOME Shell setting up a live wallpaper requires some a bit of effort (installing an unmaintained app from a random repo or getting tricksy with mpv, fining the numbers and deftly placing enough hyphens).

Read more

AMD: Ryzen, AMDGPU and More

Filed under
Graphics/Benchmarks
Linux
Hardware
  • ASUS TUF Laptops With Ryzen Are Now Patched To Stop Overheating On Linux

    The AMD Ryzen Linux laptop experience continues improving albeit quite tardy on some elements of the support. In addition to the AMD Sensor Fusion Hub driver finally being released and current/voltage reporting for Zen CPUs on Linux, another step forward in Ryzen mobile support is a fix for ASUS TUF laptops with these processors.

  • AMD Sends In A Bunch Of Fixes For Linux 5.6 Along With Pollock Support

    After already several rounds of feature work queued in DRM-Next for Linux 5.6, AMD has submitted a final batch of feature work for this next kernel as it concerns their AMDGPU graphics driver.

    While Linux 5.6's merge window isn't opening until around the start of February, with RC6 having come, it effectively marks an end to the feature window of DRM-Next for targeting the next kernel. AMD's final pull request is mostly centered on fixes plus a few other extras and also enabling AMD Pollock display/graphics support for that forthcoming hardware.

  • The AMD Ryzen Thermal / Power Linux Reporting Improvements Working Well - V2 Up For Testing

    A few days ago I reported on AMD's "k10temp" Linux kernel driver finally seeing the ability to report CCD temperatures and CPU current/voltage readings as a big improvement to this hardware monitoring driver. The work hasn't yet been queued for inclusion into the mainline kernel, but initial testing is working well and a second revision to the patches has been sent out.

    Linux HWMON maintainer Guenter Roeck who spearheaded this work independent of AMD sent out the "v2" k10temp driver improvements on Saturday. This allows core complex tie temperature reporting for Zen 2 CPUs and allows current and voltage reporting for Ryzen CPUs. While this information has long been available to Windows users, sadly it's not been the case for Linux at least as far as mainline drivers go -- the out-of-tree Zenpower driver and other third-party attempts have been available but nothing mainline.

Intel's OSPray 2.0 Ray-Tracing Engine Released

Filed under
Hardware
Software

An area where Intel continues striking with rhythm and near perfection is on the open-source software front with their countless speedy and useful open-source innovations that often go unmatched as well as timely hardware support. Out this weekend is their OSPray 2.0 release for this damn impressive ray-tracing engine.

OSPray 2.0 is out as their latest big upgrade to this open-source ray-tracing engine that supports photo-realistic global illumination, MPI for exploiting large system performance, volume rendering, and is all open-source software. OSPray 2.0 is another big advancement for this project that is part of Intel's growing oneAPI tool-kit.

Read more

Mozilla Leftovers

Filed under
Moz/FF
  • webcompat.com: Project belt-on.

    So last week, on Friday (Japanese time), I woke up with a website being half disabled and then completely disabled. We had been banned by GitHub because of illegal content we failed to flag early enough. And GitHub did what they should do.

    Oh… and last but not least… mike asked me what Belt-on meant. I guess so let's make it more explicit.

  • Units of Measure in Rust with Refinement Types

    Years ago, Andrew Kennedy published a foundational paper about a type checker for units of measure, and later implemented it for F#. To this day, F# is the only mainstream programming language which provides first class support to make sure that you will not accidentally confuse meters and feet, euros and dollars, but that you can still convert between watts·hours and joules.

  • This post focuses on the work I accomplished as part of the Treeherder team during the last half of last year.

    The Taskcluster team requested that we stop ingesting tasks from the taskcluster-treeherder service and instead use the official Taskcluster Pulse exchanges (see work in bug 1395254). This required rewriting their code from Javascript to Python and integrate it into the Treeherder project. This needed to be accomplished by July since the Taskcluster migration would leave the service in an old set up without much support. Integrating this service into Treeherder gives us more control over all Pulse messages getting into our ingestion pipeline without an intermediary service. The project was accomplished ahead of the timeline. The impact is that the Taskcluster team had one less system to worry about ahead of their GCP migration.

Python Programming Leftovers

Filed under
Development
  • The tiniest of Python templating engines

    In someone else's project (which they'll doubtless tell you about themselves when it?s done) I needed a tiny Python templating engine. That is: I wanted to be able to say, here is a template string, please substitute a bunch of variables into it. Now, Python already does this, in about thirty different ways, and str.format or string.Template do most of it as built-in.

  • How to set a variable in Django template
  • Why ASGI is Replacing WSGI in Django

    When I first learnt about how to deploy my Django website. I took the easy route which was deploying it on Heroku.

    There's literally tons of tutorial on how the process of deploying it work. Heck, there was even a book about the benefits of deploying Django using Heroku.

    Soon in my own work, I needed to deploy my own Django project. It was working well for a bundled development grade web server. I thought to myself, why not find a better way on a production-grade web server. Instead of just a miserable default web server that is not production-grade.

    My journey in searching on deploying Django started for me. Which if you look at multiple tutorial references they still suggest the use of Heroku or Digital Ocean.

  • Weekly Python StackOverflow Report: (ccxi) stackoverflow python report
  • Understand predicate pushdown on row group level in Parquet with pyarrow and python

    We are using the NY Taxi Dataset throughout this blog post because it is a real world dataset, has a reasonable size and some nice properties like different datatypes and includes some messy data (like all real world data engineering problems).

MNT Reform 2 Open Source DIY Arm Linux Modular Laptop Coming Soon (Crowdfunding)

Filed under
Linux
OSS

We first covered MNT Reform in fall of 2017, when it was a prototype for a DIY and modular laptop powered by NXP i.MX 6QuadPlus processor, and with plans to eventually use i.MX 8 hexa-core processor.

Last year they designed several beta units of Reform to get feedback for a dozen users, and have now fully redesigned the laptop based on an NXP i.MX 8M system-on-module with the crowdfunding campaign expected to go live in February on Crowd Supply.

The goals of the project are to provide an open-source hardware laptop that avoids binary blobs as much as possible and is environmentally friendly. These goals guided many of the technical decisions.

For example, there are many NXP i.MX 8M SoM’s, but MNT selected Nitrogen8M as the schematics are available after registration on Boundary Devices website, and that means people wanting to create their own module compatible with Reform 2 could do so.

Read more

today's leftovers and howtos

Filed under
Misc
HowTos
  • [Ubuntu] Design and Web team summary – 17 January 2020

    The second iteration of this year is the last one before our mid-cycle sprint next week.

    Here’s a short summary of the work the squads in the Web & Design team completed in the last 2-week iteration.

  • 5 key steps to take your IoT device to market

    IoT businesses are notoriously difficult to get off the ground. No matter how good your product is or how good your team is, some of the biggest problems you will face are just in getting to market and maintaining your devices once they’re in the field. The webinar will take a look at how Canonical’s Brand Store product allows you to get to market while catering for long term problems and the need to keep your product up to date in the future.

    More specifically, this webinar will look at the common problems we see organisations facing on their way to getting an IoT device to market, and cover five key steps to solve these problems. Along the way we will dig a little into serval case studies Canonical has done with various customers and partners to show you what has already been achieved with these solutions.

  • Fake cases — make sure yours is the real deal

    We’ve had some reports of people finding cases that pretend to be official Raspberry Pi products online — these are fakes, they’re violating our trademark, they’re not made very well, and they’re costing you and us money that would otherwise go to fund the Raspberry Pi Foundation’s charitable work. (Reminder, for those who are new to this stuff: we’re a not-for-profit, which means that every penny we makes goes to support our work in education, and that none of us gets to own a yacht.)

  • Let’s Talk With Neal Gompa of Fedora @ openSUSE Conference

    In this episode of Let’s Talk, we sat down with Neal Gompa of the Fedora community at openSUSE Conference

  • FOSSCOMM 2019 aftermath

    FOSSCOMM (Free and Open Source Software Communities Meeting) is a Greek conference aiming at free-software and open-source enthusiasts, developers, and communities. This year was held at Lamia from October 11 to October 13.

    It is a tradition for me to attend this conference. Usually, I have presentations and of course, booths to inform the attendees about the projects I represent.

    This year the structure of the conference was kind of different. Usually, the conference starts on Friday with a "beer event". Now it started with registration and a presentation. Personally, I made my plan to leave Thessaloniki by bus. It took me about 4 hours on the road. So when I arrived, I went to my hotel and then waited for Pantelis to go to University and set up our booths.

  • Fugue open sources Regula to evaluate Terraform for security misconfigurations and compliance violations

    Regula rules are written in Rego, the open source policy language employed by the Open Policy Agent project and can be integrated into CI/CD pipelines to prevent cloud infrastructure deployments that may violate security and compliance best practices.

    “Developers design, build, and modify their own cloud infrastructure environments, and they increasingly own the security and compliance of that infrastructure,” said Josh Stella, co-founder and CTO of Fugue.

    “Fugue builds solutions that empower engineers operating in secure and regulated cloud environments, and Regula quickly and easily checks that their Terraform scripts don’t violate policy—before they deploy infrastructure.”

  • Finance goes agile as open source checks the security box

    “At Northwestern Mutual, we’ve finally gotten past that curve,” said Sean Corkum (pictured, right), senior engineer at Northwestern Mutual. “Now we’re trying to make it even easier for our internal developers to participate in open source … and contribute more to the community.”

  • Top NLP Open Source Projects For Developers In 2020
  • Kiwi TCMS: Project roadmap 2020

    Hello testers, the Kiwi TCMS team sat down together last week and talked about what we feel is important for us during the upcoming year. This blog post outlines our roadmap for 2020!

  • Shift on Stack: api_port failure
  • How To Git Commit With Message

Proprietary Software and Openwashing

Filed under
Software
Security
  • Boeing discovers new software problem in 737 Max

    The news comes following the release of internal documents showing employees knew about problems with pilot training for the 737 MAX and tried to conceal them from regulators. In the documents released by US lawmakers, Boeing employees said the aircraft was "designed by clowns, who in turn are supervised by monkeys," in an apparent reference to regulators.

  • A Georgia election server was vulnerable to Shellshock and may have been hacked

    Forensic evidence shows signs that a Georgia election server may have been hacked ahead of the 2016 and 2018 elections by someone who exploited Shellshock, a critical flaw that gives attackers full control over vulnerable systems, a computer security expert said in a court filing on Thursday.

    Shellshock came to light in September 2014 and was immediately identified as one of the most severe vulnerabilities to be disclosed in years. The reasons: it (a) was easy to exploit, (Cool gave attackers the ability to remotely run commands and code of their choice, and (c) opened most Linux and Unix systems to attack. As a result, the flaw received widespread news coverage for months.

  • Micro Focus AD Bridge 2.0: Extending security policies and access controls to cloud-based Linux

    With AD Bridge 2.0, organizations can leverage existing infrastructure authentication, security as well as policy, in order to simplify the migration of on-premises Linux Active Directory to the cloud, resulting in fully secured and managed Linux virtual machines in the cloud.

  • [Attacker] stole [sic] over 10,000 hospital files

    Jason Corden-Bowen, of the CPS, said: “Moonie had no right to access confidential patient and staff records. He admitted his earlier wrongdoing and accepted a police caution yet he went ahead to reoffend knowing fully well it was not just against hospital procedures but it was wrong and illegal.

  • Facebook Releases Open Source Speech Recognition Platform

    Facebook has announced that it will be making its wav2letter@anywhere online speech recognition framework more readily available as an open source platform. The framework was developed by Facebook AI Research (FAIR), which claims that it has created the fastest open source automatic speech recognition (ASR) platform currently on the market.

  • Microsoft opens up Rust-inspired Project Verona programming language on GitHub

What's your favorite Linux terminal trick?

Filed under
Linux

The beginning of a new year is always a great time to evaluate new ways to become more efficient. Many people try out new productivity tools or figure out how to optimize their most mundane processes. One area to assess is the terminal. Especially in the world of open source, there are tons of ways to make life at the terminal more efficient (and fun!) with shortcuts and commands.

We asked our writers about their favorite terminal trick. They shared their time-saving tips and even a fun terminal Easter egg. Will you adopt one of these keyboard shortcuts or command line hacks? Do you have a favorite you'd like to share? Tell us about it by taking our poll or leaving a comment.

Read more

One open source chat tool to rule them all

Filed under
OSS

Last year, I brought you 19 days of new (to you) productivity tools for 2019. This year, I'm taking a different approach: building an environment that will allow you to be more productive in the new year, using tools you may or may not already be using.

Instant messaging and chat have become a staple of the online world. And if you are like me, you probably have about five or six different apps running to talk to your friends, co-workers, and others. It really is a pain to keep up with it all. Thankfully, you can use one app (OK, two apps) to consolidate a lot of those chats into a single point.

Read more

Syndicate content

More in Tux Machines

today's howtos

GameMode 1.5

  • Feral's GameMode 1.5 Now Supports Changing The CPU Governor Differently For iGPUs

    With Feral's GameMode 1.5 the big change facing users is for those running integrated graphics. In a change led by an Intel open-source graphics driver developer, GameMode now supports setting an alternative CPU frequency scaling governor for integrated graphics use-cases. Up to now GameMode has defaulted to always using the "performance" CPU frequency scaling governor for normally delivering the best performance, but for integrated graphics that in some situations can lead to lower performance. Due to the integrated graphics and CPU cores sharing the same power envelope, ramping up the CPU performance can throw the graphics performance out of balance and at least for some games lead to lower performance. So with GameMode 1.5, the user can now opt for "powersave" or an alternative governor instead when using an iGPU.

  • Feral Interactive's open source 'GameMode' system performance booster has a new release

    Feral Interactive don't just port a lot of games to Linux, they also work on some open source bits here and there. One of their projects is GameMode, which just got a new release. GameMode is a "daemon/lib combo for Linux that allows games to request a set of optimisations be temporarily applied to the host OS and/or a game process". In simple terms, it can help ensure your Linux PC is giving the game all it can to run smoothly. Looks like someone new is handling the project too, with Alex Smith having left Feral Interactive.

Mozilla on Privacy Badger, Rust and Digital ID Systems

  • Firefox Extension Spotlight: Privacy Badger

    People can't be expected to understand all of the technically complex ways their online behavior is tracked by hidden entities. As you casually surf the web, there are countless techniques different third party actors use to secretly track your online movement. So how are we supposed to protect our privacy online if we don't even understand how the game works? To help answer this, the good folks at the Electronic Frontier Foundation (a non-profit devoted to defending digital privacy) built Privacy Badger--a browser extension designed to give you highly advanced tracking protection, while requiring you to do nothing more than install it on Firefox. No configuration, no advanced settings, no fuss. Once you have Privacy Badger installed, it automatically scours every website you visit in its relentless hunt for hidden trackers. And when it finds them, blocks them.

  • This Week In Rust: This Week in Rust 322
  • What could an “Open” ID system look like?: Recommendations and Guardrails for National Biometric ID Projects

    Digital ID systems are increasingly the battlefield where the fight for privacy, security, competition, and social inclusion is playing out. In our ever more connected world, some form of identity is almost always mediating our interactions online and offline. From the corporate giants that dominate our online lives using services like Apple ID and Facebook and Google’s login systems to government IDs which are increasingly required to vote, get access to welfare benefits, loans, pay taxes, get on transportation or access medical care. Part of the push to adopt digital ID comes from the international development community who argue that this is necessary in order to expand access to legal ID. The UN Sustainable Development Goals (SDGs) call for “providing legal identity for all, including birth registration” by 2030. Possessing legal identity is increasingly a precondition to accessing basic services and entitlements from both state and private services. For the most marginalised communities, using digital ID systems to access essential services and entitlements from both state and private services are often one of their first interactions with digital technologies. Without these commonly recognized forms of official identification, individuals are at risk of exclusion and denial of services. However, the conflation of digital identity as the same as (or an extension of) “legal identity”, especially by the international development community, has led to an often uncritical embrace of digital ID projects. In this white paper, we survey the landscape around government digital ID projects and biometric systems in particular. We recommend several policy prescriptions and guardrails for these systems, drawing heavily from our experiences in India and Kenya, among other countries. In designing, implementing, and operating digital ID systems, governments must make a series of technical and policy choices. It is these choices that largely determine if an ID system will be empowering or exploitative and exclusionary. While several organizations have published principles around digital identity, too often they don’t act as a meaningful constraint on the relentless push to expand digital identity around the world. In this paper, we propose that openness provides a useful framework to guide and critique these choices and to ensure that identity systems put people first. Specifically, we examine and make recommendations around five elements of openness: multiplicity of choices, decentralization, accountability, inclusion, and participation.

Red Hat/IBM: Red Hat Enterprise Linux, OpenShift 4.3 and OpenSCAP

  • Red Hat Enterprise Linux 8 for SAP Solutions on IBM POWER9: An open foundation to power intelligent business decisions

    At Red Hat Summit 2019, we unveiled Red Hat Enterprise Linux 8, the next generation of the world’s leading enterprise Linux platform, which provides the scale, flexibility and innovation to drive enterprise workloads across the hybrid cloud. Even with the advancements across the platform, we recognize that there’s no singular panacea to overcome every unique IT challenge. To meet these needs, Red Hat delivers specialized offerings built around Red Hat Enterprise Linux to address specific hardware, applications and environment requirements, and Red Hat Enterprise Linux 8 continues this strategy with the availability of Red Hat Enterprise Linux 8 for SAP Solutions on IBM Power Systems (POWER9).

  • OpenShift 4.3: Quay Container Security Integration

    In the Red Hat OpenShift 4.2 Web UI Console, we introduced a new Cluster Overview Dashboard as the landing page when users first log in. The dashboard is there to help users resolve issues more efficiently and maintain a healthy cluster. With the latest 4.3 release, we added an image security section to the cluster health dashboard card. This section will appear on the dashboard when the Container Security Operator gets installed.

  • Deploying OpenSCAP on Satellite using Ansible

    In many environments today, security is one of the top priorities. New information security vulnerabilities are discovered regularly, and these incidents can have a significant impact on businesses and their customers. Red Hat customers I talk to are frequently looking for tools they can use to help evaluate and secure their environments. One of these tools is OpenSCAP, which is included in Red Hat Enterprise Linux (RHEL), and can perform compliance and vulnerability scanning on RHEL servers. Satellite makes OpenSCAP easier to use by allowing you to deploy the OpenSCAP agent to hosts, manage the OpenSCAP policies centrally, and to view OpenSCAP reports from the Satellite web interface.