• How Microsoft Tunes Linux and Windows to Boost Azure Performance, Reliability

• The percentage of open source code in proprietary apps is rising[Ed: Alarmist Black Duck smears FOSS to sell its proprietary products]

  The number of open source components in the codebase of proprietary applications keeps rising and with it the risk of those apps being compromised by attackers leveraging vulnerabilities in them, a recent report has shown.

• Open source: What will your business build? [Ed: Terrible piece that promotes FUD from Microsoft proxy Black Duck and says "Microsoft is now the biggest contributor to open source in the world"]

• Mozilla uncovers ‘new conceptual framework’ for open source

  A report has been generated which claims to offers ‘a new conceptual framework’ of open source project archetypes.

  This research cover aspects of open source spanning business objectives, licensing, community standards, component coupling and project governance.

  It also contains some practical advice on how to use the framework (it actually is a working framework) and on how to set up projects.

• Qt for WebAssembly – check out the examples!

  WebAssembly is now supported by all major web browsers as a binary format for allowing sand-boxed executable code in web pages that is nearly as fast as native machine code. Qt for WebAssembly makes it possible to run Qt applications on many web browsers without any download steps or special server requirements (other than serving the wasm file).

  To give you a closer look, we compiled some demos. For best performance, use Firefox.

• Redeploying Taskcluster: Hosted vs. Shipped Software

  The Taskcluster team’s work on redeployability means switching from a hosted service to a shipped application.

  A hosted service is one where the authors of the software are also running the main instance of that software. Examples include Github, Facebook, and Mozillians. By contrast, a shipped application is deployed multiple times by people unrelated to the software’s authors. Examples of shipped applications include Gitlab, Joomla, and the Rust toolchain. And, of course, Firefox!

• Lenovo denies claims it chose Windows over Linux in second row over technology

  Lenovo Group has angrily denied claims it chose the popular Microsoft Windows system over a domestically-produced Linux operating system (OS) in a recent government procurement programme.

  The company branded the allegations as “slander” in a statement that follows an internet storm in China in recent weeks over the company’s decisions on domestic versus overseas technology.

  China’s largest personal computer (PC) maker insisted it had suggested using a domestically-produced Linux OS for both desktop and notebook PCs in a recent PC procurement meeting for suppliers organised by the Central Government Procurement Center, according to the company statement on Tuesday.

• Lenovo denies on voting against preloading domestic operating systems: report

  Lenovo says the report about it voting against preloading domestic operating systems (O/S) are "deliberate slander," and the company "strongly condemns" the rumor, according to a report by qq.com late Monday.

  Lenovo claimed the suggestion it made was to use a separately made domestic Linux system solution, including in desktops and notebooks, adding that the advice has been submitted.

  The company has always supported the development of domestic O/S, Lenovo said.

  The response came after domestic news site guancha.cn reported earlier the same day that four leading computer manufacturers including Lenovo voted against preloading domestic O/S in personal computers in a poll organized by a government purchasing center on May 16.

• KDAB at Qt Contributor’s Summit 2018, Oslo

  KDAB is a major sponsor of this event and a key independent contributor to Qt as our blogs attest.

  Every year, dedicated Qt contributors gather at Qt Contributors’ Summit to share with their peers latest knowledge and best practices, ensuring that the Qt framework stays at the top of its game. Be a Contributor to Qt!

• Krita 2018 Sprint Report

  This weekend, Krita developers and artists from all around the world came to the sleepy provincial town of Deventer to buy cheese — er, I mean, to discuss all things Krita related and do some good, hard work! After all, the best cheese shop in the Netherlands is located in Deventer. As are the Krita Foundation headquarters! We started on Thursday, and today the last people are leaving.

• Back from Krita Sprint 2018

  Yesterday I came back from 3,5 days of Krita Sprint in Deventer. Even if nowadays I have less time for Krita with my work on GCompris, I’m always following what is happening and keep helping where I can, especially on icons, and a few other selected topics. And it’s always very nice to meet my old friends from the team, and the new ones!

• GSoC 2018 Week #1 with KDE

  There were quite some implementations out of the pre-plans and were huge. They got me very nervous at first. Such changes meant big updation in the code base and lots of time to have everything in place and with no warnings/errors ( well I can’t say much about bugs as they always arise in some cases which I or others haven’t tried, but hopefully they will be much less ).

• After Meltdown and Spectre, Another Scary Chip Flaw Emerges

  At the same time, though, a larger concern was also looming: Spectre and Meltdown represented a whole new class of attack, and researchers anticipated they would eventually discover other, similar flaws. Now, one has arrived.

• Email Might Be Impossible To Encrypt

• Email Is Dangerous

  One week ago, a group of European security researchers warned that two obscure encryption schemes for email were deeply broken. Those schemes, called OpenPGP and S/MIME, are not the kinds of technologies you’re using but don’t know it. They are not part of the invisible and vital internet infrastructure we all rely on.

  This isn’t that kind of story.

  The exploit, called Efail by the researchers who released it, showed that encrypted (and therefore private and secure) email is not only hard to do, but might be impossible in any practical way, because of what email is at its core. But contained in the story of why these standards failed is the story of why email itself is the main way we get hacked, robbed, and violated online. The story of email is also the story of how we lost so much of our privacy, and how we might regain it.

• Real Security Begins At Home (On Your Smartphone)

  When the FBI sued Apple a couple of years ago to compel Apple's help in cracking an iPhone 5c belonging to alleged terrorist Syed Rizwan Farook, the lines seemed clearly drawn. On the one hand, the U.S. government was asserting its right (under an 18th-century statutory provision called the All Writs Act) to force Apple to develop and implement technologies enabling the Bureau to gather all the evidence that might possibly be relevant in the San Bernardino terrorist-attack case. On the other, a leading tech company challenged the demand that it help crack the digital-security technologies it had painstakingly developed to protect users — a particularly pressing concern given that these days we often have more personal information on our handheld devices than we used to keep in our entire homes.

• Software fault triggered Telstra mobile network outage

  The blackout was the third in May, with an outage to its triple-zero service occurring on 4 May after a cable between Bowral and Orange in NSW was cut due to lightning. On 1 May, the telco suffered an outage of its NBN services and 4G services.

less is a very powerful program, and contrary to newer contenders in this space, such as most and moar, you are likely to find it on almost all the systems you use, just like vi. So, even if you use GUI viewers or editors, it's worth investing some time going through the less man page, at least to get a feeling of what's available. This way, when you need to do something that might be covered by existing functionality, you'll know to search the manual page or the internet to find what you need.

• KDAB at Italian Cpp 2018

• QtDay Italy, May 23-24

  Giuseppe D’Angelo will be giving a talk on Gammaray, KDAB’s open source profiling and debugging tool.

• All Systems Go! 2018 Conference Announced For The End Of September

  Lennart Poettering has announced the call for presentations of this year's All Systems Go! conference, what was born out of the earlier systemd.conf conference.

• All Systems Go! 2018 CfP Open

  The Call for Participation (CFP) for All Systems Go! 2018 is now open. We’d like to invite you to submit your proposals for consideration to the CFP submission site.

• Open Source Storage: 64 Applications for Data Storage

  As data storage needs continue to grow and many organizations move toward software-defined infrastructure, more enterprises are using open source software to meet some of their storage needs. Projects like Hadoop, Ceph, Gluster and others have become very common at large enterprises.

  Home users and small businesses can also benefit from open source storage software. These applications can make it possible to set up your own NAS or SAN device using industry-standard hardware without paying the high prices vendors charge for dedicated storage appliances. Open source software also offers users the option to set up a cloud storage solution where they have control over security and privacy, and it can also offer affordable options for backup and recovery.

• OpenStack Moves Beyond the Cloud to Open Infrastructure

  The OpenStack Summit got underway on May 21, with a strong emphasis on the broader open-source cloud community beyond just the OpenStack cloud platform itself.

  At the summit, the OpenStack Foundation announced that it was making its open-source Zuul continuous development, continuous integration (CI/CD) technology a new top level standalone project. Zuul has been the underlying DevOps CI/CD system that has been used for the past six years, to develop and test the OpenStack cloud platform.

• OpenStack makes Zuul continuous delivery tool its second indie project

  The OpenStack Foundation has launched its Zuul continuous delivery and integration tool as a discrete project.

  Zuul is therefore Foundation’s second project other than OpenStack itself. The first was Kata Containers. Making Zuul a standalone effort therefore advance’s the Foundation’s ambition to become a bit like the Linux and Apache Foundations, by nurturing multiple open source projects.

• OpenStack spins out its Zuul open source CI/CD platform

  There are few open-source projects as complex as OpenStack, which essentially provides large companies with all the tools to run the equivalent of the core AWS services in their own data centers. To build OpenStack’s various systems the team also had to develop some of its own DevOps tools, and, in 2012, that meant developing Zuul, an open-source continuous integration and delivery (CI/CD) platform. Now, with the release of Zuul v3, the team decided to decouple Zuul from OpenStack and run it as an independent project. It’s not quite leaving the OpenStack ecosystem, though, as it will still be hosted by the OpenStack Foundation.

• Nextcloud 13: How to Get Started and Why You Should

  In its simplest form, the Nextcloud server is "just" a personal, free software alternative to services like Dropbox or iCloud. You can set it up so your files are always accessible via the internet, from wherever you are, and share them with your friends. However, Nextcloud can do so much more.

  In this article, I first describe what the Nextcloud server is and how to install and set it up on GNU/Linux systems. Then I explain how to configure the optional Nextcloud features, which may be the first steps toward making Nextcloud the shell of a complete replacement for many proprietary platforms existing today, such as Dropbox, Facebook and Skype.

• Why use Puppet for automation and orchestration

  Puppet the company bills Puppet the automation tool as the de facto standard for automating the delivery and ongoing operation of hybrid infrastructure. That was certainly true at one time: Puppet not only goes back to 2005, but also currently claims 40,000 organizations worldwide as users, including 75 percent of the Fortune 100. While Puppet is still a very strong product and has increased its speed and capabilities over the years, its competitors, in particular Chef, have narrowed the gap.

  As you might expect from the doyenne of the IT automation space, Puppet has a very large collection of modules, and covers the gamut from CI/CD to cloud-native infrastructure, though much of that functionality is provided through additional products. While Puppet is primarily a model-based system with agents, it supports push operations with Puppet Tasks. Puppet Enterprise is even available as a service on Amazon.

• Guide to Linux Environment Variables

• Easy & simple guide to Backup & Restore GITLAB

• A Collection Of Puzzle Games To Make Your Free Time Better

• L4Re: Textual Debugging Output on the Framebuffer

• PSA: stop using mozilla::PodZero and mozilla::PodArrayZero

• Runtime typing

• What does rm -rf command do on a Linux or Unix

• Shell script to setup an LXD (Linux Containers) VM lab for testing purpose

• Shell script to mirror backups to another server in pull mode using rsync

• Linux/Unix bash shell script to purge Cloudflare url/images from the command line

• How to Install CUDA on Ubuntu 18.04

• How to create FreeNAS Jails with iocage

Oregan Networks, a provider of digital TV software services, has announced the launch of a new set-top box client middleware product for pay-TV operators called SparQ. The software is designed to work on the most challenging and resource-limited STB platforms in the field, making it feasible to introduce new OTT content services and applications on customer devices that were deployed as part of the first wave of IPTV and hybrid broadcast deployments.

• Revisiting my talk at FOSSASIA summit, 2018

  Earlier this year, I had the chance to speak about one of KDE community’s cool projects that is helpding developers erase the line between desktop and mobile/tablet UI’s with ease. I’m referring to the Kirigami UI framework – a set of QtQuick components targetted at the mobile as well as desktop platforms.

  This is particularly important to KDE and a lot of projects are now migrating towards a Kirigami UI, particularly keeping in mind the ability to run the applications on the Plasma Mobile.

• This Week in KDE, Part 2 : OYLG, Workspace KCM, Single/Double Click

  Last weekend, I went to İstanbul to attend Özgür Yazılım ve Linux Günleri (Free Software and Linux Days 2018) to represent LibreOffice. We had 3 presentations during the event about LibreOffice Development and The Open Document Format. We had booth setup with stickers, flyers, roll-up etc. These were all thanks to The Document Foundation’s supports! You can find detailed information about the event from here : https://wiki.documentfoundation.org/Events/2018/OYLG2018

• Watching the Detectives

  For instance, Kevin Ottens has been writing about understanding the KDE community by the “green blobs” method, showing who is active when. Lays Rodrigues has written about using Gource to show Plasma growing up. Nate Graham describes the goings-on in the KDE community nearly every week.

  Those are, roughly: a metric-, a visual-, and a story-based approach to understanding the community, over different timescales. But understanding of a system doesn’t come from a single dimension, from a single axis of measurement. It comes from mixing up the different views to look the system as a whole.

• Managing cooking recipes

  I like to cook. And sometimes store my recipes. Over the years I have tried KRecipes, kept my recipes in BasKet notes, in KJots notes, in more or less random word processor documents.

  I liked the free form entering recipes in various notes applications and word processor documents, but I lacked some kind of indexing them. What I wanted was free-ish text for writing recipes, and some thing that could help me find them by tags I give them. By Title. By how I organize them. And maybe by Ingredient if I don’t know how to get rid of the soon-to-be-bad in my refridgerator.

• Last Call for Librem 5 Dev Kit: order yours before June 1st 2018

  Purism has finalized the specifications for the Librem 5 development kit and will be placing all the component parts order and fabrication run the first week of June 2018. If you want to have early access to the hardware that will serve as the platform for the Librem 5 phone, you must place your dev kit order before June 1st, 2018. The price for the development kit is now $399, up from the early-bird pricing that was in effect during the campaign and until today. The dev kit is a small batch, “limited edition” product. After this batch, we are not planning for a second run (as the production of the phone itself will replace the dev kit in 2019).

• Top 3 mobile phones

  When purchasing a new mobile phone, there are hundreds of models to choose from and, there are dozens of “excellent” or top-rated brands to consider. Therefore, it can be difficult to know what you are getting. Buying the phone upfront, on contract or buying a smartphone on finance are all options that need to be considered too. If you are ready to invest in a new smartphone consider these three models.

  Galaxy S9 Plus. This phone by Samsung is sleek, elegant, has a vibrant screen, resolution and excellent fingerprint scanner. The curved edges give it a distinct look and style. It is the Plus model, so has a huge touchscreen which is extremely intuitive. Quality speakers, outdoor body/casing and internal functionality make it a top-choice for a new smartphone.

• De-Googling my phone, reloaded

  In this area the situation is now much happier than my first post indicated. As promised I used trainline.eu for booking some tickets (both for Deutsche Bahn and also on Thalys), and indeed this does a fine job. Same price, European rebate cards like BahnCard 50 are supported, and being able to book with a lot of European train services with just one provider is really neat. However, I’m missing a lot of DB navigator’s great features: realtime information and alternatives, seat selection, car position indicator, regional tariffs, or things like “Länderticket”.

  Fortunately it turns out that DB Navigator works just great with a trick: Disable the “Karte anzeigen” option in the menu, and it will immediately stop complaining about missing Play Services after each action. Also, logging in with your DB account never finishes, but after terminating and restarting the app you are logged in and everything works fine. That might be a “regular” bug or just a side effect without Play Services.

This review focuses on Ubuntu with Gnome 3 - and so I will leave my findings with the Unity desktop separate, except a single sentence: Unity is the desktop environment that 18.04 should have had, and everything else is a fallout consequence of that. So yes, Ubuntu Bionic Beaver is okay. But that's like saying paying mortgage for the rest of your life and then dying unceremoniously is okay. It's not okay. Mediocre has never been anything to strive for. EVER.

Ubuntu Beaver does a few things well - and with some updates, it's also polished up some of them early turds, as I've outlined in the Kubuntu review; hint, the same is ALSO happening in Kubuntu, and we may have a presentable offering soon. Yes to media, phones, app stack, package management. But then, the network side of things should be better, resource utilization should be better, the desktop should be more usable for ordinary humans. It's ridiculous that you NEED extensions to use Gnome 3, in addition to all the hacks Canonical introduced to make the system usable. So yes, if you wanna be mediocre go for it. 7/10. If not, wait for Kubuntu or MATE to get its game together, or stick Unity onto 18.04. More to follow soon.

• Red Hat Summit: Lowering the risk of monolith to microservices

  When considering risk, we think we know the bad things that can happen and the probabilities of those bad things actually happening. Christian defines a monolith as a large application developed over many years by different teams that delivers proven business value while being very difficult to update and maintain. Its architecture, elegant at one point, has eroded over time. That makes it difficult to assess the risk of migrating a monolith.

• Red Hat embraces open source play in Raleigh with Marbles Children’s Museum

  When you think Red Hat, you don’t instantly think of children’s museums. So it may surprise you that on May 16, Red Hat president and CEO, Jim Whitehurst, took the stage at the annual conference for the Association of Children's Museums (ACM) to deliver the keynote address.

  More than 1,000 executives and representatives from children's museums around the globe gathered at the Raleigh Convention Center for the event themed, “Open Source Play, Sharing the Creative Code.” Open source play is the intersection between children's museums and open source innovation that is driving the technology industry. The event explored how innovation is fueled by the open exchange of ideas, engaged participation and strength of community, and how those concepts can be brought to the development of play experiences and people management at museums.

• Red Hat OpenStack Platform celebrates five years of accelerating private and hybrid clouds

  This summer, OpenStack turns eight -- and it’s hard to believe how far the open source project has come in under a decade. It continues to be one of the most popular open source projects to date, according to the OpenStack Foundation, and one that is used in production by companies around the globe, including nearly half of all Fortune 100 companies.

• Red Hat Ships OpenStack Platform 13 for Enterprise Digital Transformation

  OpenStack Summit Vancouver 2018 - Red Hat, Inc. today announced Red Hat OpenStack Platform 13, the latest version of Red Hat's massively scalable and agile cloud Infrastructure-as-a-Service (IaaS) solution. Based on the OpenStack "Queens" release, Red Hat OpenStack Platform 13 provides a powerful foundation for enterprises using hybrid cloud for digital transformation strategies, helps to minimize the growing pains often involved with new technology adoption with its new Fast Forward upgrades feature, and is designed to also improve integration across the emerging technology stack.

• Integration drives Red Hat 3scale API Management platform roadmap

  Nothing stands still in technology, so Red Hat API Infrastructure head and Senior Director Steve Willmott has a full plate. On his immediate agenda are the alignment of 3scale with Red Hat JBoss Fuse integration platforms, API gateway evolution and the disruptions driven by service mesh technology.

• Speculative Store Bypass explained: what it is, how it works

• Cool retro-inspired racer that was developed on Linux 'Slipstream' is now out

  Slipstream [Steam] is awesome for two reasons, the first being that it was developed on Linux using free software tools and second, it's really darn fun.

  I played a lot of similarly styled racers way back in the days of the Amiga, to see more come out like this is excellent. Although, don't get me started on how many times I failed the drifting tutorial…stupid fence. When I finally got it though—damn it feels good!

• The rather sweet hack and slash 'Son of a Witch' released in full

  Son of a Witch [Steam] is a rather good hack and slash title from Bigosaur that officially left Early Access last week and it's well worth a look.

• Standalone Steam Controller kernel driver coming to Linux 4.18

  With Linux 4.17 reaching release candidate six yesterday it won’t be too long until it is finally released. The subsequent release Linux 4.18, which is due this autumn, will finally include initial support for Valve's Steam Controller meaning that neither the Steam client or third-party applications will be needed to get it working.

  According to Phoronix, work on the driver has been ongoing since at least February. The primary developer on the project was Rodrigo Rivas Costa, who built a driver through reverse engineering, managing to get the controller working via USB and wireless. Jiri Kosina, the HID subsystem maintainer, has now queued the driver for Linux 4.18.

Canonical, the company best known for its Ubuntu Linux distribution, is on a path to an IPO. That’s something Canonical founder and CEO Mark Shuttleworth has been quite open about. But don’t expect that IPO to happen this year.

“We did decide as a company — and that’s not just my decision — but we did decide that we want to have a commercial focus,” Shuttleworth told me during an interview at the OpenStack Summit in Vancouver, Canada today. “So we picked cloud and IoT as the areas to develop that. And being a public company, given that most of our customers are now global institutions, it makes for us also to be a global institution. I think it would be great for my team to be part of a public company. It would be a lot of work, but we are not shy of work.”

Unsurprisingly, Shuttleworth didn’t want to talk about the exact timeline for the IPO, though. “We will do the right thing at the right time,” he said. That right time is not this year, though. “No, there is a process that you have to go through and that takes time. We know what we need to hit in terms of revenue and growth and we’re on track.”

Also: Ubuntu Weekly Newsletter Issue 528

• Google and Microsoft disclose new CPU flaw, and the fix can slow machines down

  Microsoft and Google are jointly disclosing a new CPU security vulnerability that’s similar to the Meltdown and Spectre flaws that were revealed earlier this year. Labelled Speculative Store Bypass (variant 4), the latest vulnerability is a similar exploit to Spectre and exploits speculative execution that modern CPUs use. Browsers like Safari, Edge, and Chrome were all patched for Meltdown earlier this year, and Intel says “these mitigations are also applicable to variant 4 and available for consumers to use today.”

  However, unlike Meltdown (and more similar to Spectre) this new vulnerability will also include firmware updates for CPUs that could affect performance. Intel has already delivered microcode updates for Speculative Store Bypass in beta form to OEMs, and the company expects them to be more broadly available in the coming weeks. The firmware updates will set the Speculative Store Bypass protection to off-by-default, ensuring that most people won’t see negative performance impacts.

• Spectre variants 3a and 4

  Intel has, finally, disclosed two more Spectre variants, called 3a and 4. The first ("rogue system register read") allows system-configuration registers to be read speculatively, while the second ("speculative store bypass") could enable speculative reads to data after a store operation has been speculatively ignored. Some more information on variant 4 can be found in the Project Zero bug tracker. The fix is to install microcode updates, which are not yet available.

• Red Hat Says It'll Soon Fix the Speculative Store Bypass Security Vulnerability

  Red Hat informed us today that they are aware of the recently disclosed Speculative Store Bypass (CVE-2018-3639) security vulnerability and will soon release updates to mitigate the issue on all of its affected products.

  Speculative Store Bypass (CVE-2018-3639) is a security vulnerability recently unearthed by various security researchers from Google and Microsoft, and it appears to be a fourth variant of the Spectre hardware bug publicly disclosed earlier this year in modern microprocessor, and later discovered to affect billions of devices. The Speculative Store Bypass vulnerability appearently lets an unprivileged attacker to bypass restrictions and gain read access to privileged memory.

Emmabuntüs Linux developer Patrick d'Emmabuntüs informs us today on the immediate availability for download of the Emmabuntüs Debian Edition 2 1.02 release.

Emmabuntüs Debian Edition 2 1.02 is the second maintenance update to the Debian-based operating system used in schools and other educational institutions across the globe. It's based on the latest Debian GNU/Linux 9.4 "Stretch" operating system and brings various updated components, as well as improvements like the ability to turn off the script that handles the screensaver images and support for automatically detecting and configuring printers.

• Android 8.0 Oreo rolls out to unlocked Moto Z handsets in US

• Red Hydrogen One: $1300 but this Android phone's holographic display impresses

• Get iPhone X navigation gestures on Android: here's how

• GRID Autosport for Android: Everything you need to know

• LG G7 vs. Samsung Galaxy S9+: Which should you buy?

• Best PDF reader for Android of 2018

• Twitter for Android no longer shows native emoji since phones aren't updated fast enough

• When is your phone getting Android P? We asked every major manufacturer

Now that Canonical released Ubuntu 18.04 LTS (Bionic Beaver), more and more Ubuntu-based GNU/Linux distributions would want to upgrade to it for their next major releases, including Bodhi Linux with the upcoming 5.0 series. The first Alpha is here today to give us a glimpse of what to expect from the final release.

Besides being based on Ubuntu 18.04 LTS, the Bodhi Linux 5.0 operating system will be shipping with the forthcoming Moksha 0.3.0 desktop environment based on the Enlightenment window manager/desktop environment, and it's powered by the Linux 4.9 kernel series. Also, it supports 32-bit PAE and non-PAE systems.