• Google still fails to secure its Android store from malicious apps

• Two-day workshop on Android Application Development at Ajeenkya D Y Patil University

• Nokia 9 PureView running Android 10 showed up on GeekBench

• Huawei Mate 20 Pro EMUI 10 beta (Android 10) arrives in Europe

• Samsung announces Android 10-based One UI 2.0 beta for the Galaxy S10

In 1998, the movie Titanic was released, mobile phones were just a luxury, and pagers were still in use. This was also the year I got my first computer. I can remember the details as if it were yesterday: Pentium 133MHz and just 16MB of memory. Back in that time (while running nothing less than Windows 95), this was a good machine. I can still hear in my mind the old spinning hard drive noise when I powered that computer on, and see the Windows 95 flag. It never crossed my mind, though (especially as an 8-year-old kid), that I would dedicate every minute of my life to Linux and open source.

Being just a kid, I always asked my mom to buy me every issue of PC Magazine instead of candies. I never skipped a single issue, and all of those dusty old magazines are still there in Costa Rica. It was in these magazines that I discovered the essential technology that changed my life. An issue in the year 2000 talked extensively about Linux and the advantages of free and open-source software. That issue also included a review of one of the most popular Linux distributions back then: Corel Linux. Unfortunately, the disc was not included. Without internet at home, I was out of luck, but that issue still lit a spark within me.

This quick tutorial explains how to create persistent LIVE USB using Fedora Operating system in Ubuntu.

• Google Officially Acknowledges Android 11 Via 2019 Android Dev Summit Schedule

• [Update: More details] OnePlus 6, 6T, 5, and 5T get Android 10 starting this month

• OnePlus 7 receiving Android 10 update ahead of Samsung Galaxy Note 10

• One UI Beta Program: Enjoy Android 10 on Galaxy S10

• Magisk v20 stable release now fully supports Android 10

• Android 10 internal beta leaks for the Nokia 6.1, 6.1 Plus, 7 Plus, and 7.1

• Pioneer Android Auto Receiver $248 off, Nest smart home deals, more

• Xiaomi officially announced the MIUI 11 launch date

• This video plots the rise and fall of smartphone OSes over the last 20 years

• New Android Warning: These 15 Malicious Apps May Be Hiding On Your Phone—Uninstall Now

• How to Install Google Camera 7.0 (GCam) on any Android Device

• Android Tool Lets You Check Crypto Payment Apps for Double-Spends

• Video shows how Android grew to dominate the global mobile OS market

• All the secret Android games you can still play

• Checking in any time at the hotel android can be heaven or hell

• Briefing: China Propaganda App Gives Backdoor Access To Android User Data

• How to Read SAS Files in Python with Pandas

  In this post, we are going to learn how to read SAS (.sas7dbat) files in Python.

  As previously described (in the read .sav files in Python post) Python is a general-purpose language that also can be used for doing data analysis and data visualization.

• Daudin – a Python shell

  A few nights ago I wrote daudin, a command-line shell based on Python. It allows you to easily mix UNIX and Python on the command line.

• How to Convert Python String to Int and Back to String

  This tutorial describes various ways to convert Python string to int and from an integer to string. You may often need to perform such operations in day to day programming. Hence, you should know them to write better programs.

  Also, an integer can be represented in different bases, so we’ll explain that too in this post. And there happen to be scenarios where conversion fails. Hence, you should consider such cases as well and can find a full reference given here with examples.

• Thousands of Scientific Papers May be Invalid Due to Misunderstanding Python

  It was recently discovered that several thousand scientific articles could be invalid in their conclusions because scientists did not understand that Python’s glob.glob() does not return sorted results.

  This is being reported on by Vice, Slashdot and there’s an interesting discussion going on over on Reddit as well.

• Open Source Security Podcast: Episode 165 - Grab Bag of Microsoft Security News

  Josh and Kurt about a number of Microsoft security news items. They've changed how they are handling encrypted disks and are now forcing cloud logins on Windows users.

• Linux Action News 127

  Richard Stallman's GNU leadership is challenged by an influential group of maintainers, SUSE drops OpenStack "for the customer," and Google claims Stadia will be faster than a gaming PC.

  Plus OpenLibra aims to save us from Facebook but already has a miss, lousy news for Telegram, and enormous changes for AMP.

• GNU World Order 13x42

  On the road during the **All Things Open** conference, Klaatu talks about how to make ebooks from various sources, with custom CSS, using the Pandoc command.

• Manjaro 19.09.28 KDE-DEV Run Through

  In this video, we are looking at Manjaro 19.09.28 KDE-DEV.

Last week the laptop I use for macOS development said that there is an XCode update available. I tried to install it but it said that there is not enough free space available to run the installer. So I deleted a bunch of files and tried again. Still the same complaint. Then I deleted some unused VM images. Those would free a few dozen gigabytes, so it should make things work. I even emptied the trash can to make sure nothing lingered around. But even this did not help, I still got the same complaint.

At this point it was time to get serious and launch the terminal. And, true enough, according to df the disk had only 8 gigabytes of free space even though I had just deleted over 40 gigabytes of files from it (using rm, not the GUI, so things really should have been gone). A lot of googling and poking later I discovered that all the deleted files had gone to "reserved space" on the file system. There was no way to access those files or delete them. According to documentation the operating system would delete those files "on demand as more space is needed". This was not very comforting because the system most definitely was not doing that and you'd think that Apple's own software would get this right.

After a ton more googling I managed to find a chat buried somewhere deep in Reddit which listed the magical indentation that purges reserved space. It consisted of running tmutil from the command line and giving it a bunch of command line arguments that did not seem to make sense or have any correlation to the thing that I wanted to do. But it did work and eventually I got XCode updated.

After my blood pressure dropped to healthier levels I got the strangest feeling of déjà vu. This felt exactly like using Linux in the early 2000s. Things break at random for reasons you can't understand and the only way to fix it is to find terminal commands from discussion forums, type them in and hope for the best. Then it hit me.

In the last few years I have come across the CLA topic several times. It is and will be a popular topic in automotive the coming years, like in any industry that moves from being an Open Source Producer towards becoming an Open Source Contributor.

In my experience, many organizations take the CLA as a given by looking at the google, microsoft or intels of the world and replicate their model. But more and more organizations are learning about alternatives, even if they do not adopt them.

What I find interesting about discussing the alternatives is that it brings to the discussion the contributor perspective and not just the company one. This enrichs the debate and, in some cases, leads to a more balanced framework between any organization behind a project and the contriibutor base, which benefits both.

Throughout these years I have read a lot about it but I have never written anything. It is one of those topics I do not feel comfortable enough to write about in public probably because I know lots of people more qualified than I am to do so. What I can do is to provide some articles and links that I like or that have been recommended to me in the past.

• How to Create Fedora LIVE Persistent USB from Ubuntu

• How To Enable SSH on Debian 10 Buster

• How to Install and Configure an NFS Server on CentOS 8

• Introducing regular expressions

• once more: verify files with pgp – f-droid.org verify apk download gpg signature asc sig – md5sum and sha512sum linphone app

• Actually fixing a bug

• Bash Script to Delete Files/Folders Older Than “X” Days in Linux

• “The Stupidest [Patent/Tax] Policy Ever”
• Meme: Software Patents at the EPO
• Firm of Microsoft’s Former Litigation Chief Uses Microsoft-Connected Patent Lawsuit Against GNU/Linux (GNOME Foundation) for New Breed of FUD Campaigns
• “Widespread Adoption” (Did You Mean: Takeover by Monopolies?)
• IRC Proceedings: Sunday, October 13, 2019
• Links 13/10/2019: Red Hat CFO Fired and KDE Plasma 5.17 Preparations

Things continue to look fairly normal, with rc3 being larger than rc2,
as people are starting to find more regressions, but 5.4 so far
remains on the smaller side of recent releases.

The diffstat looks fairly flat too, although we had a couple of
staging drivers being removed here that show up as spikes. Drivers in
general account for about two thirds of the diff, and it's not just
those staging drivers, it's other small noise all over the place: usb,
drm, iio, rdma..

Outside of drivers, filesystems pop up more than perhaps usual, but
it's again mostly low-grade noise all over: btrfs, cifs, nfs, ocfs,
xfs and some core vfs fixes.

The rest is arch updates (mainly arm64, x86, mips), tooling (mostly
perf tooling updates, but also some selftest fixlets), documentation,
and misc core kernel and mm stuff.

There really isn't anything huge that stands out. You can scan the
appended shortlog for a flavor of the details, it's not too long to
just scroll through.

Linus

Also: Linux 5.4-rc3 Released Ahead Of Official Kernel Debut In November

Archman is an Arch Linux-based distribution developed in Turkey. The project's website is available in both Turkish and English, which makes the distribution approachable to non-Turkish audiences. Archman has various releases with different desktop environments and release dates. In this review, I will be reviewing Archman's Xfce 2019-09 release, which is codenamed Lake With Fish.

To begin, I downloaded the 1.6GB ISO and copied it to a flash drive. I rebooted my computer, turned off Secure Boot, and started Archman from the flash drive. The boot process was quick, but I ended up at a graphical login screen instead of a working desktop environment. I pressed the Enter key and I logged in without needing a password.

The live desktop looked very nice. It is an interesting blend of classic and modern. The live desktop has icons for the user's home folder and Trash. There is also a shortcut for Hexchat and the Calamares Archman Installer. The panel at the bottom of the screen holds the application menu, shortcuts for showing the desktop/quickly minimizing all running applications, Firefox, the user's home folder, sections for the currently running applications, switching desktops, a clock, Bluetooth and wireless controls, a battery meter, update notifications, volume control, and a log out/reboot/shutdown shortcut. The panel is 70% the width of the screen and set to automatically hide.

I looked around the live desktop for a little while. I tested to make sure that everything was working okay with my hardware, and once I was certain that all my hardware worked, I moved on to installing Archman.

• Blue Mail now available for Linux

• How to Enable EPEL Repository on CentOS 8 and RHEL 8 Server

• How to set up Cairo dock on the Linux desktop

• Open source Raspberry Pi microscope project

  Micropalaeontologist Martin Tetard has been developing a Raspberry Pi microscope aptly named the microscoPI. The Raspberry Pi based microscope can capture, process, and store images and image analysis results. Watch the video embedded below to learn more about the unique Raspberry Pi microscope, which features a rechargeable battery secured under the base of the microscope, making the system completely portable and measuring less than 30 cm in height.

• Open Source Hardware Trends, Arm Takes a Different Tack

  The open-source movement that has driven software innovation is now creating a buzz in the microprocessor realm, thanks to the growing popularity of open-source microprocessor instruction set architecture RISC-V. Although the term “open source” conveys sentiments such as research sharing and community building, leading semiconductor IP provider Arm, which supports 95 percent of smartphone embedded processors, is not a fan.

  Synced recently sat down with Rhonda Dirvin, who is Arm’s senior director of Embedded, IoT and Automotive Marketing. Dirvin believes today’s open source hardware landscape is not as simple and straightforward as it may seem: “We’re starting to see some people say free is not free. Because at the end of the day they have to look at what it takes to verify that and what it takes to implement the instruction or architecture. You don’t have the whole ecosystem out there that supports it the way that you do with Arm or some of the other more established vendors.”

• New Vector to scale open-source alternative to WhatsApp and Slack, where users own their data

  New Vector has announced $8.5 million in funding to scale its open-source, secure communication network, a bid to revolutionise data privacy and ownership in the messaging app space. The investments come from European VCs who specialize in enterprise tech: Notion Capital, Dawn and firstminute capital.

  Necessary for understanding New Vector’s business is to first understand Matrix. Matrix is an open-source project, building a global network for decentralised communication. Users can collaborate securely via end-to-end encryption, and notably, they retain all ownership and control over their data.

• New Vector raises $8.5 million to develop an open source Slack and WhatsApp

  Tech giants like Facebook, Google, Apple, and Microsoft needn’t be gatekeepers to communication. That’s the idea upon which Matrix, an open standard and decentralized protocol for real-time communication, was formulated. It’s designed to allow users of one service provider to communicate with users of different providers via online chat, voice over IP, and videotelephony, ideally as seamlessly as SMTP (Simple Mail Transfer Protocol) facilitates email exchanges across clients and services.

  Implementing the Matrix protocol at scale requires infrastructure and technical expertise, however — and that’s where startups like New Vector have carved out a niche for themselves. In a little over two years, the startup has helped to grow the Matrix network 400% to 11 million users across 40,000 deployments, including French and U.S. government agencies, Wikipedia parent Wikimedia, KDE, RedHat, and more.

• Paris uses open source to get closer to the citizen

  Around 35 per cent of Paris’ 1,000 IT applications are Lutece-driven and 15 per cent are based on other open-source software, with the remaining 50 per cent using proprietary systems. As applications are upgraded or new ones added, Lutece and open-source tools will be deployed as much as possible, Lanouar said, noting that this approach enables greater autonomy and agility for the City, as well as the ability to be more transparent and create a better user experience for the citizen.

• After Dallas County's TechShare software failure, the future must be open source

  There has been plenty of coverage of the very expensive failures of TechShare, Dallas County's attempt to create case-tracking software that could be used in any Texas criminal court. Like many battles over operations-level issues, it is easy to miss the forest for the trees.

  One basic principle of good governing was flagrantly violated in this instance: Government shouldn't be involved in a for-profit operation. TechShare's leadership sought profit, rather than to merely recoup costs. I hope members of both parties can agree this is a principle we should consciously adopt. A public discussion will help avoid future misadventures that cost the county $30 million for a hot plate of nothing.

  The term "crony capitalism" gets tossed around a lot, and it sometimes unfairly tarnishes good models of public-private partnerships. Crony capitalism usually means the government gives preference to certain favored private firms without seeking the best price (or quality) for a service or good. That preference is odious because it denies taxpayers the best price. Crony capitalism props up firms that would otherwise fail, using taxpayer money as insurance.

• AI Researchers' Open-Source Model Explanation Toolkit AllenNLP Interpret

  Although the techniques are generic, AllenNLP Interpret is intended for use in NLP. Inputs to NLP systems are strings of text, usually sentences or whole documents, and the text is parsed into its constituent words or tokens. AllenNLP Interpret includes saliency maps that show each token's contribution to the model prediction; a use case for this might be explaining which words in a sentence caused its sentiment to be classified as positive or negative. The toolkit also includes two adversarial methods that show how changing the tokens in the input could affect the output. The first, HotFlip, replaces the input word that has the highest gradient with other words until the model output changes. The other attack, input reduction, iteratively removes the word with the smallest gradient without changing the output; this results in input texts that are "usually nonsensical but cause high confidence predictions."

• The best open source software of 2019

• InfoWorld Identifies the Most Innovative Products Available to Developers, Data Analysts, and IT Organizations

  InfoWorld — the technology media brand committed to keeping IT decision-makers ahead of the technology curve — announces the winners of its 2019 Best of Open Source Software Awards, better known as the Bossies. The annual Bossie awards recognize the most important and innovative open source projects for businesses and the IT professionals who serve them. The 26 winners in this year’s Bossie Awards are the next-generation tools and technologies that are enabling digital transformation, allowing businesses to succeed and IT organizations to excel at a time when the technology is more complex than ever.

• Open Source Rules the World

  Not too long ago I attended Linux Foundation’s Open Source Summit in San Diego, and this declaration of world dominance (tongue in cheek) was a fairly prominent refrain throughout. From best practices in OS development to emerging technologies to getting started—how to create an open source strategy, sustain it, and the right path to developing an Open Source Program Office (OSPO).

  All open source all the time.

  What became abundantly clear to me through the cacophony of voices representing developers, technologists and enthusiasts is that at the center of all that is open source are three key components critical to ultimate success (however you define it): people, processes, and technology.

  [...]

  The entire tech space is being redesigned by a digital transformation and the emergence of new open source technology platforms. It’s a revolution of sorts, led by groundbreaking innovations in machine learning, open source IoT, cyber security, virtual reality, big data analytics, blockchain and open source development tools. Additionally, there’s technology to help you know what’s in your code and automate the detection and remediation of license compliance and security issues in your DevOps life cycle.

• Extreme Networks Transitions StackStorm to the Linux Foundation

  Extreme Networks, Inc. (EXTR) today announced it has turned governance of StackStorm™ platform, its popular open-source workflow automation platform, over to The Linux Foundation. In making this transition, Extreme expects the Foundation's open source community to accelerate development and adoption of the platform so enterprises everywhere can reap the benefits of new applications and use cases.

• ExpressionEngine Under New Ownership, Will Remain Open Source for Now

  EllisLab founder Rick Ellis announced yesterday that ExpressionEngine has been acquired by Packet Tide, the parent company of EEHarbor, one of the most successful EE add-on providers and development agencies in the community. A year ago EllisLab, the developers of EE core, was acquired by Digital Locations but Ellis said the company ended up not being a good fit for the future of the CMS...

• Open Source Seed, a Hoax or a Wake-Up Call?

  “Open source” is a trend in various industries. It started to take root in the software industry (Mozilla), followed by biotechnology (CAMBIA) and publishing, where the creative commons concepts have taken root. Several of these trends are based in an opposition against corporate power generated by exclusive rights provided by patents and copyright. Others have a positive goal, i.e. to enhance participation by a much wider population to generate, validate and share information (e.g. Wikipedia).

  The seed sector has a very good story to tell with regard to its contributions to societal goals, but in parts of society, the corporate image and the use of patents create questions, so we could expect that also our sector would be challenged. It is there now. The University of Wisconsin developed an Open Source Seed Initiative several years ago, which was followed in Germany more recently. Access to “freed” plant genetic resources is made conditional to users making them available under the same “open source” conditions – that no IP is vested. The system should thus go “viral” and “force” breeders to join and thus stop protecting their products through IP.

• Satellite images and open-source programs for mapping during disasters

  A few weeks ago, the states of Assam and Bihar were reeling under floods. Over 200 people were reported dead, with at least 10 million (one crore) of the states’ residents estimated to have been displaced. To save more lives and prevent further infrastructural damage, search and rescue missions during such disasters need to be effective, and more importantly, need to be rapid.

  The answer to this may lie in space.

  Open-source access to satellite images and new technologies to process these images have been a significant breakthrough to help document the true extent of flooding. Getting this information in time is key to plan and conduct evacuation missions, response operations and damage assessments.

  The European Space Agency (ESA)’s Sentinel-1 mission and the web-based Google Earth Engine (GEE) platform are two recent developments that have helped timely capture and analysis of satellite information.

  A research team from the Indian Institute for Human Settlements (IIHS) used this combination (Sentinel and GEE) to come up with an illustrative example of how such mapping can be used in the future to help in rescue missions, through accurate mapping of flood extents.

• Andile Ngcaba urges embracing open source

  Given the growth of data and the Internet of things, insofar as data is concerned, the fibre industry must adopt open source architecture in terms of designing and building networks.

  This is the sentiment shared by Andile Ngcaba, president of the FTTx Council Africa, at the annual Fibre Optic Conference that kicked-off at the Sandton Convention Centre yesterday.

  Ngcaba was speaking about the future of the industry and how to be part of it, pointing out that modern businesses are being built on open source, while modern telcos are going to be built on open source.

• All Things Open: The ‘hidden tech gem in the Triangle’ that draws thousands

  In its seventh year, All Things Open is preparing for more than 5,000 attendees. The conference will feature more than 250 talks from some of the top technologists and decision-makers discussing open source technology during three days of programming at the Raleigh Convention Center.

• Six reasons why you should attend All Things Open in Raleigh

  Haven’t decided whether to attend the All Things Open conference in Raleigh? Well, Open Source is growing more important in technology so you might want to keep an open mind about attending. And more than 4,500 people are already scheduled to attend. Action begins Sunday.

• Tech Village Hosting HacktoberFest Open-Source Meetup This Weekend

  The event will be hosted in Bulawayo in the 1st floor of the NetOne Building, Corner Fife Street and L.Takawira. Opposite Central Police Station.

  Maintainers -the guys/girls who build source code into a binary package for distribution, commit patches, or organize code in a source repository– will be present to help out would-be contributors to help move open-source projects forward.

• What to expect from Scylla Summit 2019

  Scylla (the company) takes its name directly from Scylla [pronounced: sill-la], a Greek god sea monster whose mission was to haunt and torment the rocks of a narrow strait of water opposite the Charybdis whirlpool.

  Outside of Greek history, Scylla is an open source essentially distributed NoSQL data store that uses a sharded design on each node, meaning each CPU core handles a different subset of data.

• Licence to grill: A year on, MongoDB's Eliot Horowitz talks to The Reg about SSPL

  A year after its controversial switch to the Server Side Public License (SSPL), and with new products livening up the summer, MongoDB remains unrepentant.

  The change was aimed at making vendors selling a service using the company's code share the source of applications used to run the service as well as any tweaks. The move appeared to be aimed squarely at cloud vendors, content to "capture all the value and give nothing back to the community," as Dev Ittycheria, CEO of MongoDB, told us at the time.

  Elements of the open source community were less than impressed. The Open Source Initiative (OSI) rejected the company's attempts to get the licence approved and eventually MongoDB withdrew the thing from the process, although the company continued to use it for its own products. Indeed, at MongoDB's London .Local event, where we met co-founder and CTO Eliot Horowitz, the company was trumpeting the opening up of its Compass GUI for MongoDB under the SSPL.

• From Russia with OLAP: Percona uses ClickHouse analytics

  At Percona Live Europe last week, one such example came up around the open source scene that is developing in Russia and how one of the projects that is now starting to open up to international use.

• The love and the lament: Percona CEO details state of open source data

  Open source has changed, obviously it has. Starting from its origins among the hobbyist programmers and hackers who dared to defy the proprietary Silicon Valley behemoths, the open community-centric model for software development has now been widely adopted by the commercial software sector.
  In many cases, open source has become the norm for modern platforms, tools and applications. But how has this affected the nature of open development and what impact has this shift left in its wake on the data landscape that we view today?

• GraphDB 9.0 Open Sources Its Front End and Engine Plugins to Support Knowledge Graph Solutions

  Ontotext has announced GraphDB 9.0, which is aimed at lowering the effort required for development and continuous operation of knowledge graphs by opening multiple integration extension points for its users and developers.

  GraphDB is a database for managing semantic information with more than 30 large production installations in big enterprises. With the growing complexity of enterprise data integration, many organizations are starting the journey of building knowledge graphs.

• Ververica Announces Open Source Framework to Enable Lightweight, Stateful Applications at Scale

  Ververica, the original creators of Apache Flink, today announced at Flink Forward Europe the launch of Stateful Functions (statefun.io), an open source framework that reduces the complexity of building and orchestrating stateful applications at scale. Stateful Functions enables users to define loosely coupled, independent functions with a low footprint that can interact consistently and reliably in a shared pool of resources. Ververica will propose the project, licensed under Apache 2.0, to the Apache Flink community as an open source contribution.

• DataStax offers bidirectional data dexterity for Apache Kafka

  DataStax has opened up ‘early access’ to its DataStax Change Data Capture (CDC) Connector for Apache Kafka, the open source stream-processing (where applications can use multiple computational units, similar to parallel processing) software platform.

  As a company, DataStax offers a commercially supported ‘enterprise-robust’ database built on open source Apache Cassandra.

  Stream processing is all about speed and cadence, so, the DataStax CDC Connector for Apache Kafka gives developers ‘bidirectional data movement’ between DataStax, Cassandra and Kafka clusters.

• WireGuard Snapshot `0.0.20191012` Available

  -----BEGIN PGP SIGNED MESSAGE-----
  Hash: SHA256
  
  Hello,
  
  A new snapshot, `0.0.20191012`, has been tagged in the git repository.
  
  Please note that this snapshot is a snapshot rather than a final
  release that is considered secure and bug-free. WireGuard is generally
  thought to be fairly stable, and most likely will not crash your
  computer (though it may).  However, as this is a snapshot, it comes
  with no guarantees; it is not applicable for CVEs.
  
  With all that said, if you'd like to test this snapshot out, there are a
  few relevant changes.
  
  == Changes ==
  
    * qemu: bump default version
    * netns: add test for failing 5.3 FIB changes
    
    Kernels 5.3.0 - 5.3.3 crash (and are probably exploitable) via this one liner:
    
    unshare -rUn sh -c 'ip link add dummy1 type dummy && ip link set dummy1 up && ip -6 route add default dev dummy1 && ip -6 rule add table main suppress_prefixlength 0 && ping -f 1234::1'
    
    We fixed this upstream here:
    
    https://git.kernel.org/pub/scm/linux/kernel/git/davem/net.git/commit/?id=ca7a03c4175366a92cee0ccc4fec0038c3266e26
    
    This is relevant to WireGuard because a very similar sequence of commands is
    used by wg-quick(8).
    
    So, we've now added some tests to catch this code path in the future. While
    the bug here was a random old use-after-free, the test checks the general
    policy routing setup used by wg-quick(8), so that we make sure this continues
    to work with future kernels.
    
    * noise: recompare stamps after taking write lock
    
    We now recompare counters while holding a write lock.
    
    * netlink: allow preventing creation of new peers when updating
    
    This is a small enhancement for wg-dynamic, so that we can update peers
    without readding them if they've already been removed.
    
    * wg-quick: android: use Binder for setting DNS on Android 10
    
    wg-quick(8) for Android now supports Android 10 (Q). We'll be releasing a new
    version of the app for this later today.
  
  This snapshot contains commits from: Jason A. Donenfeld and Nicolas Douma.
  
  As always, the source is available at https://git.zx2c4.com/WireGuard/ and
  information about the project is available at https://www.wireguard.com/ .
  
  This snapshot is available in compressed tarball form here:
    https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20191012.tar.xz
    SHA2-256: 93573193c9c1c22fde31eb1729ad428ca39da77a603a3d81561a9816ccecfa8e
    BLAKE2b-256: d7979c453201b9fb6b1ad12092515b27ea6899397637a34f46e74b52b36ddf56
  
  A PGP signature of that file decompressed is available here:
    https://git.zx2c4.com/WireGuard/snapshot/WireGuard-0.0.20191012.tar.asc
    Signing key: AB9942E6D4A4CFC3412620A749FC7012A5DE03AE
  
  If you're a snapshot package maintainer, please bump your package version. If
  you're a user, the WireGuard team welcomes any and all feedback on this latest
  snapshot.
  
  Finally, WireGuard development thrives on donations. By popular demand, we
  have a webpage for this: https://www.wireguard.com/donations/
  
  Thank you,
  Jason Donenfeld
  

• WireGuard 0.0.20191012 Released With Latest Fixes

  WireGuard is still working on transitioning to the Linux kernel's existing crypto API as a faster approach to finally make it into the mainline kernel, but for those using the out-of-tree WireGuard secure VPN tunnel support, a new development release is available.

• SafeBreach catches vulnerability in controversial HP Touchpoint Analytics software

  Now the feature is embroiled in another minor controversy after security researchers at SafeBreach said they uncovered a new vulnerability. HP Touchpoint Analytics comes preinstalled on many HP devices that run Windows. Every version below 4.1.4.2827 is affected by what SafeBreach found.

  In a blog post, SafeBreach Labs security researcher Peleg Hadar said that because the service is executed as "NT AUTHORITY\SYSTEM," it is afforded extremely powerful permissions that give it wide access.

  "The CVE-2019-6333 vulnerability gives attackers the ability to load and execute malicious payloads using a signed service. This ability might be abused by an attacker for different purposes such as execution and evasion, for example: Application Whitelisting Bypass Signature Validation Bypassing," Hadar wrote.

  [...]

  The company has long had to defend HP Touchpoint Analytics against critics who say it gives HP unnecessary access to users' systems. When it first became widely noticed in 2017, dozens of users complained that they had not consented to adding the system.

• Security Tool Sprawl Reaches Tipping Point

• How trusted digital certificates complement open source security

  Application developers incorporating open source software into their designs may only discover later that elements of this software have left them (and their customers) exposed to cyber-attacks.

• Securing the Container Supply Chain

• Chris J. Terry, Internet Industry Veteran, Joins Open Source Blockchain Project Ether1.org

• UK forcing AML regulations on cryptocurrency exchanges, ATMs, and open-source wallets

• UNICEF Launches Cryptocurrency Fund to Back Open Source Technology

  UNICEF, the United Nations Children’s Fund, has launched a crypto fund to receive, hold and distribute donations of bitcoin and ether in its aim to back open source technology for children around the world.

  UNICEF said in an announcement on Wednesday that in a first for United Nations organizations, the Cryptocurrency Fund will receive contributions in cryptocurrency and grant out in the same digital currency form.

• ConsenSys Gives Ethereum A Boost: $175k Given to 7 Open-Source Initiatives

  ConsenSys, a Brooklyn, New York-based Ethereum development studio studio, is awarding $175,000 to seven different open-source projects being developed on the Ethereum (ETH) blockchain.

  Revealed on October 10, the software development projects include Lighthouse, an innovative Ethereum software client, Tellor, an oracle network for handling off-chain data, Alice, a mobile-based platform for developing decentralized applications (dApps).

• FINOS Spearheads Open Innovation In Fintech Space With Open Source Strategy Forum

  Benzinga is highlighting nominees for the fifth annual Benzinga Global Fintech Awards ahead of the event Nov. 19 in New York City.

  One nominee is the Fintech Open Source Foundation, or FINOS, a nonprofit for the promotion of open innovation in the financial services and tech spaces.

• 0x introduces OpenZKP, an open-source zk-STARK implementation

• Minsheng Life partners with open-source blockchain infrastructure project

  Minsheng Life Insurance has come onboard as a partner of the PlatONE open-source blockchain infrastructure, a project recently launched by non-profit research institution Wanxiang Blockchain and the PlatON global computing network.

• Xilinx unveils open source FPGA platform

  The Vitis unified software platform from FPGA vendor Xilinx is the result of five-year project to create software development tools using familiar languages like C++ and Python to develop a wide range of applications for its reprogrammable chip.

• Listen: How ActiveState is tackling “dependency hell” by providing enterprise-level support for open source programming languages [Podcast]

  “Open source back in the late nineties – and even throughout the 2000s – was really hard to use,” ActiveState CEO Bart Copeland says. “Our job,” he continues, “was to make it much easier for developers to use open source and much easier for enterprises to use open source.”

• 10 open source projects proving the power of Google Go

  Now 10 years in the wild, Google’s Go programming language has certainly made a name for itself. Lightweight and quick to compile, Go has stirred significant interest due to its generous libraries and abstractions that ease the development of concurrent and distributed (read: cloud) applications.

  But the true measure of success of any programming language is the projects that developers create with it. Go has proven itself as a first choice for fast development of network services, software infrastructure projects, and compact and powerful tools of all kinds.

• The Eclipse Foundation Launches The Eclipse Cloud Development Tools Working Group for Cloud Native Software

  The Eclipse Foundation today announced the launch of the Eclipse Cloud Development Tools Working Group (ECD WG), a vendor-neutral open source collaboration that will focus on development tools for and in the cloud. The ECD WG will drive the evolution and broad adoption of emerging standards for cloud-based developer tools, including language support, extensions, marketplaces, and developer workspace definition. Founding members of the ECD WG include Broadcom, EclipseSource, Ericsson, IBM, Intel, Red Hat, SAP, Software AG, and Typefox among many others.

• You cannot cURL under pressure

  With cURL having this many features (with the general mass of them being totally unknown to me, let alone how you use them) got me thinking… What if you could do a game show style challenge for them?

• Follow-up on ‘ASCII Transliteration without ICU or iconv’

  By an anonymous commenter, I got pointed to that Unicode (in Qt) is slightly more complicated than I had considered when writing the code: I missed to handle planes beyond the Basic Multilingual Plane (BMP) and the ‘surrogates’ between code points 0xD800 and 0xDFFF. In a series of recently pushed Git commits I addressed problem of surrogates and fixed some more issues. Some preparatory work has been done to support more planes in the future, but as of now, only the BMP is supported. For details, please have a look at the five commits posted on 2019-10-12.

• Weekly Refresh: 3 Acquisitions, and RideAustin Goes Open Source

  RideAustin will make its ride-hailing software open to the public. The company announced Thursday it will open source its platform so other entities can make use of its market-proven non-profit model

• RideAustin to release rideshare software to jumpstart networks of rideshare alternatives around the globe

• Why Open Models Can Actually Improve Your Quality Control

  Winsor: What advice would you offer to businesses who are building out open source programs?

  Hlivko: Before you launch, you’ll start running into engineering challenges, funding questions, dev/ops pipeline integration, branding considerations and a host of other small items to work through. I would recommend identifying key talent, both leadership and team members, which are good at leaning into the model and thinking through these problems horizontally. A small core internal team can advocate for the crowd and evangelize it when ready.

• Open Core Summit: The Value of Cloud and Commercial Open Source Software

• Fidectus announces open source interoperability for electronic Settlement Matching (EFET eSM)

• PyTorch 1.3 comes with speed gains from quantization and TPU support

  Facebook today released the latest version of its deep learning library PyTorch with quantization and Google Cloud TPU support for speedier training of machine learning models.

  Tensor processing unit support begins with the ability to train a model with a single chip and will later be extended to Cloud Pods, Facebook CTO Mike Schroepfer said today.

• Facebook Open-Sources Hydra to Simplify Configuration Management in Python Programs

  Facebook Hydra is a new open-source framework aimed to speed up the creation of Python applications by simplifying the implementation of common functionality such as command-line argument handling, configuration management, and logging.

  Facebook developed Hydra to accelerate development of several research projects where the ability to cope with changing requirements was key.

• Will big money destroy the open source dream?

  According to the report, open source monetisation strategies vary and evolve. One of the most popular models at present is what is referred to as “open core”. This involves a blend of free open source and proprietary software, with different levels of openness within the model. Docker, Elastic, GitLab, MongoDB and Redis are all identifiable as open core companies.

  Another open source monetisation strategy is the development of a corporate-sponsored open source project which is often used as a business development resource rather than as the company’s primary offering. An example of this is Kubernetes, which has been developed primarily by Google and which, through its widespread adoption, has boosted awareness of Google Cloud Platform.

  “Within the increasingly competitive cloud services market, building developer trust with open source initiatives (like Kubernetes) provides valuable differentiation,” CB Insights comments.

• Packetcraft Launches Open Source Bluetooth Low Energy Stack, Which is Integrated With Arm Mbed OS for Seamless IoT Connectivity

  "Packetcraft is excited to offer open source Bluetooth protocol stacks that are qualification tested and up to date with the latest specifications," said John Yi, founder and CEO of Packetcraft. "We are offering BLE software solutions with a combination of quality, features, and licensing flexibility that is unmatched in the industry."

• Enea Runs Joint PoC with FlexiWAN and Intel for Secure SD-WAN based on Open Source Applications

  Enea this week announced a joint Proof of Concept (PoC) with flexiWAN and Intel, demonstrating a reference solution for secure SD-WAN based on open source applications. It will be showcased at the SDN NFV World Congress in The Hague, October 14-17.

• Big list of open-source MacOS apps
  

• Version 2.0 of eToro's Open-Source Programming Language Lira Developed to Write Options Contracts

• Theta Open Source Network Partners With PewDiePie-Supported Streaming Platform

• Understanding the open source model for CSPs

  How can communication service providers best use open source development and deployment models, and how does the increasing viability and visibility of open source software impact how CSPs and their suppliers do business? Does it really result in lower equipment and development costs for operators, and how much of an investment - in terms of time and money - does a CSP need to make in open source and the community in order to maximise its returns? If open source results in an unmanageable increase in software components with too many variants, then do we instead need a “curated” open source model driven by CSP-led reference designs? Above all, is open source beneficial or detrimental to the telecoms supply chain?

• AI-enabled drone maps disaster victims' location, need

• Fugue Supports Open-Source Policy Engine For Cloud

• Alluxio Innovation Recognized by Database Trends and Applications' Big Data Quarterly and Solutions Review

  Alluxio, developer of open source data orchestration technology used by seven of the world’s top 10 Internet companies, today announced it has been named to the Database Trends and Applications “Big Data 50 – Companies Driving Innovation in 2019” list featured in its Big Data Quarterly and Solutions Review “The Top 13 Free Open Source Storage Solutions” list.

• Google takes AMP to the OpenJS Foundation

  AMP, Google’s somewhat controversial project for speeding up the mobile web, has always been open-source, but it also always felt like a Google project first. Today, however, Google announced that the AMP framework will join the OpenJS Foundation, the Linux Foundation-based group that launched last year after the merger of the Node.js and JS foundations. The OpenJS Foundation is currently the home of projects like jQuery, Node.js and webpack, and AMP will join the Foundation’s incubation program.

• OpenJS Foundation welcomes AMP project to help improve user experience on the web

  AMP enters the open source foundation to broaden open governance, drive diverse, cross-industry adoption and continue improving the web for all.

• Google sparks open source unrest over Knative, Istio

  Google is keeping its Knative and Istio projects close to the vest, which could limit their reach long term, early adopters say.

• Global Amsterdam Exchange Modernises With Open Source Solutions

  “The cost savings of open networking are certainly compelling, but for our team it is the fabric-wide visibility together with the SDN automation that make the Pluribus Networks solution so valuable to us, said Bart Myszkowski, AMS-IX network engineer.

• EOS developer Block.one releases version 2.0 of its EOSIO open source protocol

• SD Times Open-Source Project of the Week: ABAP SDK for IBM Watson

  IBM has announced that the ABAP SDK for IBM Watson is now available. The open-source project is designed to allow developers to use IBM Watson Developer Services within SAP environments and directly from Advanced Business Application Programming (ABAP) code.

• IBM Releases Open Source SDK that Plugs SAP into Watson

  IBM has rolled out a new open source Software Developer Kit (SDK) that lets users call Watson services directly from ABAP code in SAP systems.

  The project’s lead developer, IBM’s Bradley Knapp described the release to Computer Business Review as a “perfect entrance point for the democratisation of AI and machine learning for the SAP ERP space.”

• IBM and McAfee Spearhead Formation of Open Source Cybersecurity Alliance

  In a bid to provide interoperability and data-sharing across several cybersecurity products and companies, IBM Security and McAfee are spearheading an open-source cybersecurity alliance along with 14 other cybersecurity companies across the globe.

• IBM and McAfee primary backers of new open source cybersecurity group

  Cybersecurity is headed to open source with a new initiative backed by IBM and McAfee, among other companies.

  The Open Cybersecurity Alliance (OCA) was formed to pull the fragmented elements of the cybersecurity landscape under one roof by using open source code and practices. The new open source group is under the umbrella of the Organization for the Advancement of Structured Information Standards (OASIS).

• IBM, McAfee among founders of open source security alliance

• McAfee, IBM join forces for global open source cybersecurity initiative

  That's about to change as dozens of tech companies have joined together to create the Open Cybersecurity Alliance, which is an effort to share security solutions and increase mutually beneficial security cooperation.

• Not just a barking dog: Open-source developers grow to embrace software as a service

  The open-source movement has a history that captures both its community spirit and renegade impact. Sometimes, that history even involves a yapping animal.

  In Linux, the “biff” command notifies users when mail arrives and identifies the deliverer. Was “biff” a cleverly conceived acronym for a remarkably sophisticated programming language?

  No. It was named after a dog owned by the developer of Berkeley Software Distribution or BSD, a Unix-similar operating system built in the 1970s. Biff used to run out and bark every time the mailman showed up.

  Open-source code has moved way beyond its early days as a barking dog in the computer world. Today, open-source companies are commanding huge multiples on Wall Street and major players are opening wallets, as evidenced by IBM Corp.’s purchase of Red Hat Inc. in October for $34 billion.

• Steiner on the hypocrisy of open source parts

  Guenther Steiner has called out Haas’ rivals’ hypocrisy with some teams keen to adopt an open-source approach to parts of their design but not go down the standard parts route.

  As part of the debate over the 2021 regulations, some teams have balked against the idea of introducing more standard parts into Formula 1.

  However, those same teams are keen on putting parts of their designs out on open-source, allowing others to copy them.

• Why teaming up be a huge benefit to all involved

• OpenSUSE's OBS Can Now Spin Windows Subsystem for Linux Images

  The openSUSE's Open Build Service (OBS) has been picking up the ability to build Windows Subsystem for Linux (WSL) images for those wishing to craft their own WSL distribution or just rebuild openSUSE from source as a reproducible/verifiable build. 

• Bingbot goes evergreen

• Employees ask GitHub to cancel ICE contract: ‘We cannot offset human lives with money’

  Employees sent an open letter to Github's CEO asking the company to shed its contract with U.S. Immigration and Customs Enforcement

• GitHub CEO discussed ‘evolving’ position on China in private all-hands meeting

  Tensions continue to grow over a GitHub contract with Immigration and Customs Enforcement, as employee activists pressure the company to cut ties with the agency.

  In a standing-room-only meeting yesterday, executives answered questions from employees on the controversial contract. CEO Nat Friedman fielded questions from employees and attempted to explain why the company would renew a $200,000 contract with the immigration agency. The Verge has obtained a transcript of the conversation.

  “This is an important topic not just because we find this issue of US immigration policy so odious, offensive, abhorrent, cruel, evil, such a meaningful topic,” Friedman said, according to the transcript. “I personally feel that. I know many other Hubbers share that thought.”

• Reliance Jio steps up open source efforts as it pursues new markets

• Winding Tree and Travel Forward to host open-source Hackathon at World Travel Market London 2019

  Winding Tree, the open-source travel distribution platform, announces today that it will be hosting its third travel hackathon with Travel Forward, the newly created technology track of World Travel Market (WTM). The hackathon will run throughout the duration of WTM London 2019, one of the largest travel trade shows in the industry, taking place in London from November 4-6, 2019.