• HarfBuzz 2.0 Released For Advancing Open-Source Text Shaping

  The HarfBuzz open-source text shaping library that is used by GNOME, KDE, Firefox, LibreOffice, Chrome OS, Java, and countless other desktop applications has reached version 2.0.

• 5 open source intrusion detection tools that are too good to ignore

  As cybersecurity professionals, we try to prevent attackers from gaining access to our networks but protecting perimeters that have grown exponentially with the rise of mobile devices, distributed teams, and the internet of things (IoT) is not easy. The unpalatable truth is that sometimes the attackers are going to get through and the cost of a data breach grows the longer it takes you to uncover the attack.

  By employing a solid intrusion detection system (IDS) backed up by a robust incident response plan, you can reduce the potential damage of a breach.

• How Open Source Marketers Can Leverage Community For Success

  If you’re an open source marketer, you have some unique challenges to overcome. Not only does one of your primary audiences -- developers -- shy away from marketing, despite the fact open source needs it (as I wrote about previously), but you must let go of the traditional mindset that your job is to differentiate the product from its competitors. Products built on open source differentiate themselves, of course, but when you’re talking about the open core, that’s just not how it works.

• Petter Reinholdtsen: Release 0.2 of free software archive system Nikita announced

  This morning, the new release of the Nikita Noark 5 core project was announced on the project mailing list. The free software solution is an implementation of the Norwegian archive standard Noark 5 used by government offices in Norway.

• UTSA creates web-based open source dashboard of North Pole

  UTSA professors Hongjie Xie and Alberto Mestas-Nuñez examine images of sea ice in the Arctic Ocean.

  Xie along with Xin Miao at Missouri State University started working on the project five years ago. Now the National Science Foundation has given the green light in the way of funding to develop the online system which uses high resolution imaging either obtained on-site, via satellites, or via airborne monitoring.

  The system will allow the scientific community the ability to readily extract detailed information of various ice properties including submerged ice, ice concentration, melt ponds or ice edge—the boundary between an area of ice and the open sea. The on-demand database will be dynamic and allowed to include new algorithms as well as additional datasets as they become available. Currently, the cloud-based system holds about a terabyte of images but that number will surely grow. The earliest dataset is from 1998 from the Sheba expedition which conducted 13 flights over the Beaufort Sea. Now researchers will include close to 1760 declassified images.

• Open Access Is the Law in California

  Governor Jerry Brown recently signed A.B. 2192, a law requiring that all peer-reviewed, scientific research funded by the state of California be made available to the public no later than one year after publication.

  EFF applauds Governor Brown for signing A.B. 2192 and the legislature for unanimously passing it—particularly Assemblymember Mark Stone, who introduced the bill and championed it at every step. To our knowledge, no other state has adopted an open access bill this comprehensive.

  As we’ve explained before, it’s a problem when cutting-edge scientific research is available only to people who can afford expensive journal subscriptions and academic databases. It insulates scientific research from a broader field of innovators: if the latest research is only available to people with the most resources, then the next breakthroughs will only come from that group.

  A.B. 2192 doesn’t solve that problem entirely, but it does limit it. Under the new law, researchers can still publish their papers in subscription-based journals so long as they upload them to public open access repositories no later than one year after publication.

• How to use Pandoc to produce a research paper

  This article takes a deep dive into how to produce a research paper using (mostly) Markdown syntax. We'll cover how to create and reference sections, figures (in Markdown and LaTeX) and bibliographies. We'll also discuss troublesome cases and why writing them in LaTeX is the right approach.

• LLVM Continues Working On Its Transition From SVN To Git

  In addition to LLVM's multi-year effort on re-licensing their code, some developers also remain hard at work on officially migrating the project from an SVN development workflow to Git.

  For the past few years LLVM has been wanting to move from SVN to Git. While there are read-only Git copies of the LLVM repositories already and it's been that way for a while, officially moving over their code-bases to Git has proven to be a challenge for preserving all of the branches, keeping accurate commit messages, etc, for a sane transfer process. This is just like the complex process of moving the GCC compiler over to Git as well.

• Enterprise Java caretakers float new rules of engagement for future feature updates

  The Eclipse Foundation, saddled with oversight of Java EE last year after Oracle washed its hands of the thankless business of community governance, wants to revise the process by which enterprise Java – rechristened Jakarta EE when Oracle declined to grant use of its Java trademark – gets improved.

  Mike Milinkovich, executive director of the Eclipse Foundation, on Tuesday posted a draft of the Eclipse Foundation Specification Process (EFSP), seeking community review and comment. The intent is to replace the Java Community Process (JCP), the current system for evolving the technical specifications related to Java technology, as least as it applies to the enterprise flavored brew of Java.

  The need to replace the JCP for Jakarta EE arises from intellectual property concerns. As software developer Richard Monson-Haefel observed over the summer, "Unfortunately, Oracle was not able to donate all of the Java EE 8 specification documents (e.g. JMS, EJB, Servlet) because these specifications were developed under the Java Community Process and included the efforts of hundreds of people, many of who are not Oracle employees."

• Security updates for Friday

The new Ubuntu release "Cosmic Cuttlefish" has hit the OS market after 6 months of development. I've been using it since it came out and now here is what I have to say about it. In this article, I'll talk about the new things it brings in and also if it's the release worth upgrading to. So let's go.

• openSUSE Tumbleweed Snapshots Update, Nominations Now Open for 2019 Red Hat Women in Open Source Awards, OpenSSH 7.9 Released, Some VestaCP Servers Compromised by New Linux/ChachaDDOS Malware and Kraft 0.82 Now Available

  Nominations are open for 2019 Red Hat Women in Open Source Awards. This is the fifth year of the awards that "were created and are sponsored by Red Hat to honor women who make important contributions to open source projects and communities, or those making innovative use of open source methodology". Nominations are being accepted until November 12, 2018. See the 2019 Women in Open Source Award Page for further details.

• Buy And Hold, And Diversify: Copart, Inc. (CPRT), Red Hat, Inc. (RHT)

• Red Hat (RHT) Down 8.9% Since Last Earnings Report: Can It Rebound?

• Westbourne Investment Advisors Inc. Lifted Stake in Red Hat Inc (RHT)

• Red Hat Inc (RHT) Insider Sells $19,754.74 in Stock

• Using Composer on RHEL

• Retiring ASUS X550ZE and greeting HP Envy x360 Ryzen 5

• Edit your videos with Pitivi on Fedora

• Google to charge Android OEMs as much as $40 per phone in EU

• Google app suite costs as much as $40 per phone under new EU Android deal

• Google Pixel 3s purchased from Best Buy are SIM locked to Verizon

• Google Pixel 3 XL Review: Setting The New Goalposts for Android Phones

• The Google Pixel 3 camera is great, it just doesn't save pictures sometimes

• Oppo O-Free review: the $100 AirPods for Android

• Oppo's two latest Android phones were cheating on processor benchmarks

Complementing the just-published Intel Core i9 9900K Linux benchmarks with the launch-day embargo lift are the Linux gaming benchmarks... This article is looking at the Linux performance between the Core i9 9900K and AMD's Ryzen 7 2700X in a variety of native Linux games as well as comparing the performance-per-Watt. So if you are a Linux gamer and deciding between these sub-$500 processors, this article is for you.

If you didn't yet read the main article that features a 15-way CPU comparison on Ubuntu 18.10 with the Linux 4.19 kernel, here is a recap of this new Coffeelake refresh CPU. The Core i9 9900K is an eight-core / sixteen-thread processor with 3.6GHz base frequency and 5.0GHz turbo frequency. This 14nm CPU has a 16MB L3 cache, dual channel DDR4-2666 support, and a 95 Watt TDP. There is also the onboard UHD Graphics 630, but if you're a gamer, that isn't going to cut it. The Core i9 9900K is launching at $499 USD.

Intel sent over the Core i9 9900K as their first 9th Gen Coffeelake-S CPU hitting store shelves today. With the embargo on that now expired, let's have a look at how well this eight-core / sixteen-thread processor performs under Linux.

The Core i9 9900K is Intel's new answer for competing with the likes of the AMD Ryzen 7 2700X, but does come at a higher price point of $499 USD. While the Core i9 9900K is a Coffeelake refresh, rather than being six cores / twelve threads, they are matching AMD's precedent set by the Ryzen 7 processors in having eight cores / sixteen threads. This 14nm 8C / 16T processor has a base clock frequency of 3.6GHz with a turbo frequency at 5.0GHz, a 16MB L3 cache and supports dual-channel DDR4-2666 memory.

• Chrome OS Linux support to gain folder sharing, Google Drive, more

  Chrome OS has been shaping up to be the all-in-one system, combining the best of Google’s ecosystem, including Android apps, with the power of Linux apps. The latter is still in beta phase with improvements and new features in every update. Today we take a look at some of the features coming soon to Chrome OS Linux apps.

  Chrome OS first gained its Linux app support, also known as Crostini, with version 69. While it’s certainly not flawless, the support has been groundbreaking, enabling everything from full photo editors to Android Studio on Chrome OS. With upcoming versions of Chrome OS, Google is working to smoothen the rough edges of Crostini to make it easier to use.

• Google Cloud CTO Brian Stevens on using open source for competitive advantage in the public cloud

  As all three continue to vie for the affections of CIOs, how they market their respective public cloud propositions to enterprise IT buyers has subtly shifted over time.

  For evidence of this, one only has to look at how little fuss the big three now make about rolling out price cuts for their services compared to several years ago, when one provider announcing a price drop would not only make headlines, but prompt its competitors to publicly follow suit too.

  This in itself is indicative of the fact enterprises expect more from providers than just access to cheap commodity IT services these days, and that ongoing cost reductions are simply an accepted part of using cloud, Google Cloud CTO Brian Stevens, tells Computer Weekly.

• KUnit: A new unit testing framework for Linux Kernel

  On Tuesday, Google engineer Brendan Higgins announced an experimental set of 31 patches by introducing KUnit as a new Linux kernel unit testing framework to help preserve and improve the quality of the kernel’s code.

  KUnit is a lightweight unit testing and mocking framework designed for the Linux kernel. Unit tests necessarily have finer granularity, they are able to test all code paths easily solving the classic problem of difficulty in exercising error handling code.

The second major update to the LibreOffice 6 series, LibreOffice 6.2, is expected to arrive next year, in early February, and it may be the first release of the acclaimed and free office suite to drop support for 32-bit Linux builds. This means that 32-bit LibreOffice releases won't be available on the Linux platform anymore.

While The Document Foundation assures Linux users in the preliminary release notes for LibreOffice 6.2 that Linux x86 (32-bit) compatibility will not be removed from existing LibreOffice versions, the company noted the fact that no new builds will be produced for the Linux x86 platform starting with a future version.

Back in 2001, a new operating system arrived that promised to change the way users worked with their computers. That platform was BeOS and I remember it well. What I remember most about it was the desktop, and how much it looked and felt like my favorite window manager (at the time) AfterStep. I also remember how awkward and overly complicated BeOS was to install and use. In fact, upon installation, it was never all too clear how to make the platform function well enough to use on a daily basis. That was fine, however, because BeOS seemed to live in a perpetual state of “alpha release.”

[Ed: Rant warning]

• SD Times Open-Source Project of the Week: Infer.NET [Ed: SDTimes back to being a Microsoft booster, as it was for at least a decade (Microsoft had given them buckets of money for advertising)]

• Ethereum [ETH] Becomes the 5th Fastest Growing Open Source Project in the World [Ed: No, it's not. And Microsoft GitHub is not the same as "Open Source" in general ("in the world"). Stop spreading this myth.]

• Ethereum is the 5th Fastest Growing Open Source Project on Github [Ed: Company that commits crimes against humanity claims to tell us what's going on in FOSS -- as if Microsoft is the authority over its competition -- same thing it did using Black Duck]

• Ethereum (ETH) Is the 5th Fastest Growing Open Source Project on GitHub

• Ethereum Is 5th Fastest Growing Open Source Project Says GitHub Report

• The CEO who will run Microsoft's $7.5 billion bet on open source explains the vision for leading a software revolution it spent years fighting [Ed: Nat Friedman is a mole who attacks FOSS projects like RoboVM, but Microsoft booster Matt Weinberger entertains him.]

• Microsoft garners EU approval for $7.5bn GitHub purchase [Ed: So the EU demands billions from Google because its Free software project (AOSP) is popular; it happened after Microsoft told the EU to stop Android. And EU has no problem with these criminals who push blobs and back doors.]

• EU Commission approves Microsoft's acquisition of Github

• The EU has approved Microsoft’s $7.5 billion GitHub acquisition

• Microsoft’s $7.5BN GitHub buy gets green-lit by EU regulators

• Simplenote Note-Taking App Adds Focus Mode, Spellchecker, Option To Opt Out Of Analytics

  The Simplenote desktop apps were updated recently with focus mode, a spell checker, new option to opt out of analytics, and more.

  Simplenote is a note-taking application with optional Markdown support. There are applications for desktops (Linux, Windows and macOS), iOS and Android, and there's also a web client. The Simplenote applications are free and open source software, but the server is not (though there's no cost in using it to sync notes).

  Originally created by Simperium back in 2008, Simplenote is developed by Automattic, the company behind Wordpress.com, Akismet, etc., since 2013.

• 5 Best Tools to Improve Your Typing Speed in Linux

  Not too long ago, the ability to type was a skill that set people apart. Although that is still the case, there is more competition these days since it is important to not just be able to type but to be able to type fast.

  There are several applications and websites where you can test your typing speed and learn to type faster but not all of them are created equal – thus our list of the 5 best tools that, given your dedication, will improve your typing speed.

• Tumbleweed Gets New Versions of KDE Applications, Krita, Apache Subversion

  Since last week’s openSUSE Tumbleweed update, there were two snapshots released that brought KDE users a newer version of Applications 18.08.2 and all Tumbleweed users could update to Linux Kernel 4.18.13.

  Last week brought newer versions of KDE’s Plasma 5.14 and Frameworks 5.50.0, and this week the arrival of Applications 18.08.2 came in snapshot 20181015. Applications 18.08.2 contained only bug fixes and translation updates. Among the key bug fixes was the dragging of a file in Dolphin that no longer accidentally triggers inline renaming; KCalc again allows both ‘dot’ and ‘comma’ keys when entering decimals and a visual glitch in the Paris card deck for KDE’s card games was fixed. Snapshot 20181015 had a few other updated packages like the open source painting program krita 4.1.5, which fixed a missing shortcut from the Fill Tool tooltip and a change of importing SVG files as vector layers instead of pixel layers. The ibus-table 1.9.21 update, which is an engine framework for table-based input methods, migrated IBusConfig to GSettings; non-gnome users have a Draw InputMode text instead of icon into panel. The 4.18.13 Linux Kernel was also included in the snapshot and fixed an unexpected failure of nocow buffered writes for Btrfs after snapshoting when a user is low on space; the newer kernel also added support for Apple Magic Keyboards. Python-jedi 0.13.1 removed Python 3.3 support. The Apache version-control package subversion 1.10.3 fixed conflict resolver crashes and endless scan in some cases.

• Working on QML Book

  Do you remember QML Book? It started as a project between me and Jürgen Bocklage-Ryannel where we tried to fix the problem that there is no QML book out there.

  Back in the Qt 5.2 days, we spent wrote about a year. Unfortunately, the project has mainly been sitting idle since then. I’ve poked at issues every now and then, and Jürgen has done various fixes as well.

  Thanks to The Qt Company, this is changing. This autumn, it sponsors me to work on the project. The current plan is to add a chapter to Qt Quick Controls 2, and to update the entire contents to Qt 5.12 and Qt Creator 4.8. By doing so, many of the remaining bug reports will be resolved.

• Cleaning up the KDE Store

  In August of last year, i wrote a blog entry about my experience at Akademy 2017 in the amazing Almería, and in that blog entry, amongst many other things, i wrote about an effort which had been slowly brewing, conceptually, for about a year by then: Tagging support in the Open Collaboration Services API. Now, what does that have to do with the KDE Store, you might say? Well, that is the API used by the KNewStuff framework to interface with the store, and that in turn is what is used in the many various places in our software which show shiny, new content for downloading (or to put it in a different way: used by our software to let users Get Hot New Stuff).

• Snaps for Linux are a massive success

  One of the big knocks against Linux-based operating systems is lack of software. The truth is, there are countless excellent programs for both productivity and fun. One fair criticism, however, is fragmentation between distributions. For end users, it can be difficult installing an app that isn't designed for their distro. And yeah, that has been a pain point for years.

  Thankfully, Canonical -- maker of Ubuntu -- aimed to alleviate that problem with Snaps. These containerized packages can be installed on pretty much any Linux distribution, making things easier for both users and developers. But has the organization's standard been a success? Apparently, very much so. As a way to celebrate yesterday's release of Cosmic Cuttlefish, Canonical shares the following infographic.

• Canonical releases statistics showing “exceptional adoption of snaps”

  Canonical has revealed some statistics pertaining to its relatively new snap packages. The firm stated that there are now more than 4,100 snaps available, several of which we’ve reported on, they include the Opera web browser, PowerShell Core, Slack, the Kotlin programming language, Plex, Firefox Quantum, Microsoft's VoIP client - Skype, the popular music streaming service - Spotify, and Visual Studio Code.

  Impressively, snaps are seeing 100,000 installs every day on cloud, server, container, desktop and on IoT devices, which works out to around three million installs each month. Of course, these statistics don’t only take into account snap installs on Ubuntu, but other distributions too. Canonical said that snaps are supported on 41 Linux distributions including Ubuntu, Debian, Linux Mint, Arch Linux, Fedora, and many more.

• Ubuntu 18.10 Released: All Flavors Download Links, Torrents, and Checksums

  Ubuntu 18.10 "Cosmic Cuttlefish" just released yesterday 18 October 2018. I wrote the short welcome review here, and now this article lists all download links of Ubuntu and 7 Official Flavors including torrents. I include a brief how to download below as well just in case it's your first experience with Ubuntu. Last but not least, I list all MD5SUM values of them in the end so you can verify your downloads. Happy downloading, happy installing, and happy running with Ubuntu. Good luck!

• Ubuntu 18.10 released with new desktop theme

  Canonical released a new version of the organization's Ubuntu GNU/Linux distribution; Ubuntu 18.10, called Cosmic Cuttlefish, comes with a new community desktop theme, improved snap desktop integration, multi-cloud computing optimizations and other improvements.

  Ubuntu 18.10 will be supported for nine months; organizations and users who require long term support should stay with Ubuntu 18.04 LTS instead which is supported for five years.

• Ubuntu 18.10 ‘Cosmic Cuttlefish’ releases with focus on AI development, multi-cloud and edge deployments, and much more!

  Yesterday (on 18th October), Canonical announced the release of Ubuntu 18.10 termed as ‘Cosmic Cuttlefish’. This new release is focussed on multi-cloud deployments, AI software development, a new community desktop theme, and richer snap desktop integration.

  According to Mark, the new release will help accelerate developer productivity and help enterprises operate at a better speed whilst being scalable across multiple clouds and diverse edge appliances.

• How to build NGINX with TLS support on Ubuntu Server 18.04

• Linux tr Command Tutorial for Beginners (with Examples)

• How to cite bibliography ISO/IEC standards

• How to Search and Remove Directories Recursively on Linux

• How to Install VsFTPD Server with TLS on Ubuntu 18.04 LTS

• How to Install Odoo 12 on Ubuntu 16.04

• How To Encrypt An USB Drive With VeraCrypt (Compatible With Windows, macOS and Linux)

• How to Delete Apps from Your Chromebook

• 4 Ways to Disable Root Account in Linux

• 3 Different Methods To Upgrade Ubuntu To Latest Version

• Use digiKam with a NAS and MariaDB

A new release of Kraft, the Qt- and KDE based software to help to organize business docs in small companies, has arrived.

A couple of days ago version 0.82 was released. It mainly is a bugfix release, but it also comes with a few new features. Users were asking for some new functions that they needed to switch to Kraft with their business communication, and I am always trying to make that a priority.

The most visible feature is a light rework of the calculation dialog that allows users to do price calculations for templates. It was cleared up, superflous elements were finally removed and the remaining ones now work as expected. The distinction between manual price and calculated price should be even more clear now. Time calculations can now not only done in the granularity of minutes, as this was to coarse for certain usecases. The unit for a time slice can now be either seconds, minutes or hours.

Ubuntu 18.10 code named ‘Cosmic Cuttlefish’ is released after 6 months of development efforts. The latest release of Ubuntu comes with some major feature updates and latest software.

This release is a short term release and would be receiving updates and security fixes till July 2019.

• Open source web hosting software compromised with DDoS malware [Ed: CBS hired Catalin Cimpanu for him to have a broader platform with which to associate "Open Source" with security issues (does he say "proprietary" when it's proprietary, too?). Microsoft has long financed efforts to associate FOSS/copyleft with security issues and stigmatise it with licensing terror.]

• Commission tried to hide details of 'WiFi4EU' glitch

  The European Commission has tried to hide information related to technical problems its free wifi fund portal suffered, by claiming that it was "out of scope".

  It released documents to EUobserver following an access to documents request - but heavily redacted some of the key papers.

  However, one of the documents has been leaked and published online. A comparison between the leaked version and the one released by the commission clearly shows that the commission went too far with its redactions.

• The Flawed System Behind the Krack Wi-Fi Meltdown

  "If there is one thing to learn from this, it's that standards can't be closed off from security researchers," says Robert Graham, an analyst for the cybersecurity firm Erratasec. "The bug here is actually pretty easy to prevent, and pretty obvious. It's the fact that security researchers couldn't get their hands on the standards that meant that it was able to hide."

  The WPA2 protocol was developed by the Wi-Fi Alliance and the Institute of Electrical and Electronics Engineers (IEEE), which acts as a standards body for numerous technical industries, including wireless security. But unlike, say, Transport Layer Security, the popular cryptographic protocol used in web encryption, WPA2 doesn't make its specifications widely available. IEEE wireless security standards carry a retail cost of hundreds of dollars to access, and costs to review multiple interoperable standards can quickly add up to thousands of dollars.

• Google officially opens up Digital Wellbeing to Android One devices running Pie

• Android Integration Extension For Gnome GSConnect v13 Stable Released

• iPhone users thinking of switching to Android should pick Google's Pixel 3 phones for the best Android experience

• Google is unbundling Android apps: all the news about the EU's antitrust ruling

• Announce: dnsmasq-2.80

  I just published dnsmasq-2.80, available at

  http://www.thekelleys.org.uk/dnsmasq/dnsmasq-2.80.tar.gz

  Changelog attached below.[...]

• Announce: OpenSSH 7.9 released

  OpenSSH 7.9 has just been released. It will be available from the
  mirrors listed at http://www.openssh.com/ shortly.

• OpenBSD 6.4 Released

  Rather than reproducing the full list of new features here, we refer readers to the official OpenBSD 6.4 page.

  [...]

  Security enhancements include unveil(2), MAP_STACK, and RETGUARD. Meltdown/Spectre mitigations have been extended further, and SMT is disabled by default.

• OpenBSD Foundation gets a second Iridium donation from Handshake!

• Braiins OS: An Open Source Alternative to Bitcoin Mining Firmware

  The company behind Slush Pool recently rolled out the initial release of its ASIC miner firmware: Braiins OS. The operating system is advertised as “the very first fully open-source, Linux-based system for cryptocurrency embedded devices,” an alternative to the factory-default firmware that comes with most popular mining hardware.

  Upon visiting the project’s website, visitors are greeted with a clear message, a mantra that resonates with its related industry’s ethos: “Take back control.”

• Cryptoexchange Coinbase open sources its security scanner tool Salus

  The renowned United States-based cryptocurrency exchange, Coinbase always focuses on the security of its platform. Moreover, it has developed novel solutions to implementing security protocols to further strengthen their security. Furthermore, just recently, they announced that they are listing their security scanner execution tool, Salus as open source.

• Crypto Exchange Coinbase Open-Sources Its Security Scaling Tool

  U.S.-based cryptocurrency exchange Coinbase is making a recently developed automated security scaling tool available to the public.

  Called Salus, after the Roman the goddess of safety and well-being, the program can automatically choose to run and configure different security scanners and issue a report on the results, according to a Thursday blog post from Coinbase developer Julian Borrey.

  Available as an open-source tool on GitHub from today, Salus is said to offer the advantage of being able to centrally coordinate security scans across a large number of software storage repositories, avoiding having to configure a scanner for each different project.