• Tizen 3.0 being tested on all variants of Gear S3 Classic, Frontier, BT, LTE

• Samsung at the hub of Smart appliances development which will change the face of your home

• SDL 2.0.6 released, introduces Vulkan support

  The cross-platform development library has seen the release of its latest version. Quite a few exciting changes this time around, including support for Vulkan and more types of gamepads.

  SDL [Official Site] is something that has been used in quite a diverse array of projects and plenty of game ports that have made their way to Linux have taken advantage of it. The latest release has its fair share of general improvements but most noticeable is the implementation of Vulkan support. This hopefully will make it easier for developers to take advantage of the Vulkan API and help it gain more traction.

• X.Org Foundation Has Become A Khronos Adopter

  The X.Org Foundation board announced during this week's XDC2017 summit that they have officially completed the paperwork to become a Khronos adopter.

  The X.Org Foundation is now considered a pro-bono adopter for The Khronos Group so that the community-based open-source drivers targeting Khronos APIs for conformance can submit conformance test results and become a certified implementation.

• DHS tells 21 states they were Russia hacking targets before 2016 election

• 1. WikiLeaks, Russian edition: how it’s being viewed

  Russia has been investing heavily in a vision of cyberdemocracy that will link the public directly with government officials to increase official responsiveness. But it is also enforcing some of the toughest cybersecurity laws to empower law enforcement access to communications and ban technologies that could be used to evade surveillance. Could WikiLeaks put a check on Russia’s cyber regime? This week, the online activist group released the first of a promised series of document dumps on the nature and workings of Russia’s surveillance state. So far, the data has offered no bombshells. “It’s mostly technical stuff. It doesn’t contain any state contracts, or even a single mention of the FSB [security service], but there is some data here that’s worth publishing,” says Andrei Soldatov, coauthor of “The Red Web,” a history of the Soviet and Russian internet. But, he adds, “Anything that gets people talking about Russia's capabilities and actions in this area should be seen as a positive development.”

• Joomla patches eight-year-old critical CMS bug

  Joomla has patched a critical bug which could be used to steal account information and fully compromise website domains.

  This week, the content management system (CMS) provider issued a security advisory detailing the flaw, which is found in the LDAP authentication plugin.

  Lightweight Directory Access Protocol (LDAP) is used by Joomla to access directories over TCP/IP. The plugin is integrated with the CMS.

  Joomla considers the bug a "medium" severity issue, but according to researchers from RIPS Technologies, the problem is closer to a critical status.

• Joomla! 3.7.5 - Takeover in 20 Seconds with LDAP Injection

  With over 84 million downloads, Joomla! is one of the most popular content management systems in the World Wide Web. It powers about 3.3% of all websites’ content and articles. Our code analysis solution RIPS detected a previously unknown LDAP injection vulnerability in the login controller. This one vulnerability could allow remote attackers to leak the super user password with blind injection techniques and to fully take over any Joomla! <= 3.7.5 installation within seconds that uses LDAP for authentication. Joomla! has fixed the vulnerability in the latest version 3.8.

Pandora’s box of fonts is one of the many ailments of the distro world. As long as we do not have standards, and some rather strict ones at that, we will continue to suffer from bad fonts, bad contrast, bad ergonomics, and in general, settings that are not designed for sustained, prolonged use. It’s a shame, because humans actually use computers to interface with information, to READ text and interpret knowledge using the power of language. It’s the most critical element of the whole thing.

OpenSUSE under-delivers on two fonts – anti-aliasing and hinting options that are less than ideal, and then it lacks the necessary font libraries to make a relevant, modern and pleasing desktop for general use. All of this can be easily solved if there’s more attention, love and passion for the end product. After all, don’t you want people to be spending a lot of time interacting, using and enjoying the distro?

Hopefully, one day, all this will be ancient history. We will be able to choose any which system and never worry or wonder how our experience is going to be impacted by the choice of drivers, monitors, software frameworks, or even where we live. For the time being, if you intend on using openSUSE, this little guide should help you achieve a better, smoother, higher-quality rendering of fonts on the screen, allowing you to enjoy the truly neat Plasma desktop to the fullest. Oh, in the openSUSE review, I promised we would handle this, and handle it we did! Take care.

• The Court of Appeals for the Federal Circuit (CAFC) Gradually Champions Patent Quality, in a Spectacular Reversal on Its Past Ways
• The Mohawk-PTAB Fiasco Threatens the Tribe’s Reputation More Than It Threatens PTAB
• Latest EPO Rumours Allege That Benoît Battistelli Rigged the Process of EPO President’s Selection
• Links 23/9/2017: Mesa 17.1.10 RC, Samba 4.7.0, KStars 2.8.4

• Intel Prepping Support For Huge GTT Pages

  Intel OTC developers are working on support for huge GTT pages for their Direct Rendering Manager driver.

• Keith Packard's Work On Better Supporting VR HMDs Under Linux With X.Org/DRM

  Earlier this year Keith Packard started a contract gig for Valve working to improve Linux's support for virtual reality head-mounted displays (VR HMDs). In particular, working on Direct Rendering Manager (DRM) and X.Org changes needed so VR HMDs will work well under Linux with the non-NVIDIA drivers.

  A big part of this work is the concept of DRM leases, a new Vulkan extension, and other changes to the stack.

• Security Tools to Check for Viruses and Malware on Linux

  First and foremost, no operating system is 100 percent immune to attack. Whether a machine is online or offline, it can fall victim to malicious code. Although Linux is less prone to such attacks than, say, Windows, there is no absolute when it comes to security. I have witnessed, first hand, Linux servers hit by rootkits that were so nasty, the only solution was to reinstall and hope the data backup was current. I’ve been a victim of a (very brief) hacker getting onto my desktop, because I accidentally left desktop sharing running (that was certainly an eye opener). The lesson? Even Linux can be vulnerable.

  So why does Linux need tools to prevent viruses, malware, and rootkits? It should be obvious why every server needs protection from rootkits — because once you are hit with a rootkit, all bets are off as to whether you can recover without reinstalling the platform. It’s antivirus and anti-malware where admins start getting a bit confused.

  Let me put it simply — if your server (or desktop for that matter) makes use of Samba or sshfs (or any other sharing means), those files will be opened by users running operating systems that are vulnerable. Do you really want to take the chance that your Samba share directory could be dishing out files that contain malicious code? If that should happen, your job becomes exponentially more difficult. Similarly, if that Linux machine performs as a mail server, you would be remiss to not include AV scanning (lest your users be forwarding malicious mail).

• cmus – A Small, Fast And Powerful Console Music Player For Linux

  You may ask a question yourself when you see this article. Is it possible to listen music in Linux terminal? Yes because nothing is impossible in Linux.

  We have covered many popular GUI-based media players in our previous articles but we didn’t cover any CLI based media players as of now, so today we are going to cover about cmus, is one of the famous console-based media players among others (For CLI, very few applications is available in Linux).

• You Can Now Transform the Atom Hackable Text Editor into an IDE with Atom-IDE

  GitHub and Facebook recently launched a set of tools that promise to allow you to transform your Atom hackable text editor into a veritable IDE (Integrated Development Environment). They call the project Atom-IDE.

  With the release of Atom 1.21 Beta last week, GitHub introduced Language Server Protocol support to integrate its brand-new Atom-IDE project, which comes with built-in support for five popular language servers, including JavaScript, TypeScript, PHP, Java, C#, and Flow. But many others will come with future Atom updates.

• This open-source Android app is designed to detect nearby credit card skimmers

  Protecting our data is a constant battle, especially as technology continues to advance. A recent trend that has popped up is the installation of credit card skimmers, especially at locations such as gas pumps. With a simple piece of hardware and 30 seconds to install it, a hacker can easily steal credit card numbers from a gas pump without anyone knowing. Now, an open-source app for Android is attempting to help users avoid these skimmers.

• Microservice architecture takes a whole new approach to infrastructure

  With services like Netflix, Uber, YouTube, and Facebook, most people are used to apps that respond quickly, work efficiently, and are updated regularly. Patience is no longer a virtue, and thanks to apps like the ones mentioned above, when people use applications, they expect blistering speeds and uninterrupted service. If you do not provide that, users aren’t exactly starved for choice; it takes less than a minute to delete an app and download something else as a replacement.

• Clear Linux Project Announces the Next Generation of Intel's Clear Containers

  Intel's Clear Linux and Clear Containers teams are happy to introduce the next-generation of Intel's Clear Containers project, version 3.0, which bring many important new features and performance improvements.

  Rewritten in the Go language, Intel Clear Containers 3.0 introduces support for leveraging code used for namespace-based containers and better integrates into the container ecosystem, allowing support for Docker container engine and Kubernetes. It also improves the compatibility with the POSIX family of standards.

  "Today’s release presents a generational and architectural shift to utilize virtcontainers, a modular and hypervisor agnostic library for hardware virtualized containers. Clear Containers 3.0 is written in Go language and boasts an OCI compatible runtime implementation (cc-runtime) that works both on top of virtcontainers, and as a platform for deployment," said Amy L Leeland, Technical Program Manager, Intel Corporation.

• “Spaceborne” Linux Supercomputer Starts Running In Space, Achieves 1 Teraflop Speed

  About one month ago, the HPE’s Spaceborne Computer was launched into the space using SpaceX Dragon Spacecraft. This beast was launched as a result of a partnership between Hewlett Packard Enterprise (HPE) and NASA to find out how high-performance computers perform in space. Now, this supercomputer is fully installed and operational in ISS.

  The performance experiment will be carried out for one year, which is roughly the time it will take for a spacecraft to travel to Mars. At the moment, lots of calculations for space research projects are carried out on Earth, but this brings in an unavoidable factor of latency.

System76 is getting ready to unleash the first Beta release of their upcoming Pop!_OS Linux distribution, which should be available to download next week based on the Ubuntu 17.10 Final Beta.

It appears that System76's development team recently dropped focus on the Pop!_OS Installer, which they develop in collaboration with the elementary OS team, to concentrate on fixing critical bugs and add the final touches to the Beta release. They still need to add some patches to fix backlight brightness issues on Nvidia GPUs.

• Technical Facts to Know Red Hat, Inc. (RHT) moves 55.88% away from One Year Low

• Red Hat, Inc. (NYSE:RHT) is Under Analysts Radar

• Linux IoT botnet retooled to send spam email

  An IoT botnet has set its hooks in about 4,500 – 5,000 proxy devices to send spam emails which each device capable of sending 400 messages or a total of 1.8 million messages per day.

• Mini-Heartbleed info leak bug strikes Apache, airborne malware, NSA algo U-turn, and more

  As ever, it's been a doozy of a week for cybersecurity, or lack thereof. The Equifax saga just keeps giving, the SEC admitted it was thoroughly pwned, and Slack doesn't bother to sign its Linux versions. We do spoil you so, Reg readers. And that was only yesterday. Here's the rest of the week's shenanigans we didn't get round to.

• Samba 4.7.0 released

• Samba 4.7.0 Available for Download

• Hybrid datacenter is Docker’s latest open source goal

  Docker, Docker, Docker — everyone’s talking about Docker. A surprising fact is that Docker wasn’t on anyone’s roadmap in 2014, but was on everyone’s roadmap just a year later. A lot of people are calling it the most phenomenal, amazing, and speedy adoption of technology that they’ve witnessed during their careers. But this sudden rise to fame hasn’t been a lonely one. Docker has shared this amazing growth spurt with an entire ecosystem of tools and services.

• Microsoft and Canonical Increase Velocity with Azure Tailored Kernel

• MongoDB finally files to go public

• MongoDB Projects $100M from IPO

• The PocketBeagle is the tiniest and most whimsically-named single-board computer on the market

• Register: Better In App Billing Testing on Android

  To get around these problems, we developed Register, an open-source library and companion app that allows seamless mocking of responses from Google Play’s In-app Billing.

• What does Google want with HTC's smartphone business?

  Google is acquiring a $1bn chunk of HTC’s smartphone arm, including 2,000 employees and access to intellectual property [sic], as it bets big on hardware

• Should OEMs continue working with Google in light of HTC deal?

  Android fragmentation and Google’s “increasingly mute voice” are reasons why the latter company needs to “raise the stakes and engage with manufacturers”, according to Dr John Baptista.

• AKiTiO Node: Testing NVIDIA eGPU Support in Ubuntu 17.10

  Ever since the announcement of Intel’s Thunderbolt 3 technology there has been external graphics card (eGPU) support. Unfortunately for most of last year, including with Intel’s own Skull Canyon NUC, putting this solution to use was challenging at best. Most motherboards didn’t fully support the technology and those that did typically required a system that was far more expensive. For example, the Skull Canyon NUC at release was $700, unconfigured. Adding SSDs and RAM usually bumped that up well over $1000.

• Ubuntu Podcast from the UK LoCo: S10E29 – Adamant Terrible Hammer

  It’s Season Ten Episode Twenty-Nine of the Ubuntu Podcast! Alan Pope, Martin Wimpress, Marius Quabeck, Max Kristen, Rudy and Tiago Carrondo are connected and speaking to your brain.

• Vivaldi 1.12 Web Browser Debuts with Highly Requested Features, Improvements

  Vivaldi, the Chromium-based web browser designed with the power user in mind, has been recently updated to version 1.12, a release that introduces highly requested features and a whole lot of under-the-hood improvements.

  There are three big new features implemented in Vivaldi 1.12. The first is a built-in Image Properties feature that works when you right-click on an image on the Web, showing you a bunch of useful information, such as camera model, depth of field, ISO sensitivity, focal length, exposure, histogram, time and date, and white balance.

• Chromium Will Soon Let You Browse the Web in VR with a Daydream View Headset

  Chromium evangelist François Beaufort posted today on his Google+ profile information regarding the VR (Virtual Reality) capabilities of the open-source web browser, which is the base of Chrome OS and Google Chrome.

  It would appear that the Chromium team is working on a set of new virtual reality features for the web browser, which means that more VR goodies are coming to popular Chromium-based web browsers like Opera, Vivaldi, and Google Chrome.

• libinput and the HUION PenTablet devices

  HUION PenTablet devices are graphics tablet devices aimed at artists. These tablets tend to aim for the lower end of the market, driver support is often somewhere between meh and disappointing. The DIGImend project used to take care of them, but with that out of the picture, the bugs bubble up to userspace more often.

• The Meteoric Rise Of Open Source And Why Investors Should Care

  The adoption and integration of open-source technologies have rapidly usurped the closed-source incumbents, so much so that investors are pouring record amounts of money into open-source software investments.

• Coming up on 28th September: Reddit “Ask us Anything” (and a birthday)

  Thursday, 28th September 2017 will be a special day – not only is it the seventh birthday of The Document Foundation, but we will also be running an “Ask me (us) Anything” session on Reddit – specifically, the /r/linux subreddit.

• Facebook U-turn: React, other libraries freed from unloved patent license

  Faced with growing dissatisfaction about licensing requirements for some of its open-source projects, Facebook today said it will move React, Jest, Flow, and Immutable.js under the MIT license next week.

  "We're relicensing these projects because React is the foundation of a broad ecosystem of open source software for the web, and we don't want to hold back forward progress for nontechnical reasons," said Facebook engineering director Adam Wolff in a blog post on Friday.

  Wolff said while Facebook continues to believe its BSD + Patents license has benefits, "we acknowledge that we failed to decisively convince this community."

• New Collaboration To Deliver Open-Source Submission And Peer-Review Platform

  This week, eLife and Collaborative Knowledge Foundation announced a partnership “to build a user-driven, open-source submission and peer-review platform” aimed at improving on existing industry models.

  Working together, the two organisations “hope to accelerate progress in delivering a modern, fast and user-driven system,” they said in a press release. “The project will be designed to help streamline communications between authors, editors and reviewers at all stages of the submission and review process.”

• Slovenia publishes statistics on open data portal

  As of this month, the Statistical Office of the Republic of Slovenia is making available 3374 data collections on the country’s open data portal, making it by far the portal’s biggest contributor. The Ministry of Labour, Family, Social Affairs and Equal Opportunities comes second, with 62 datasets.

• Retiring the Debian-Administration.org site

  So previously I've documented the setup of the Debian-Administration website, and now I'm going to retire it I'm planning how that will work.

• Manjaro Linux Discontinues 32-bit Support

  You might already know that I love Manjaro Linux. And as an ardent Manjaro Linux fan, I have a bad news for you.

  Recently, Philip, the lead developer of Manjaro Linux, announced that the project would be dropping support for the 32-bit architecture. He said that the reason for the move was “due to the decreasing popularity of i686 among the developers and the community”.

• Google Android Updated for Corporate Smartphone Users | Fortune

• How Malware Keeps Sneaking Past Google Play's Defenses

• Android Users Now Have A Big Advantage On Instagram

• Don't Rely On an Unlock Pattern To Secure Your Android Phone

• Nokia Prepares Android Oreo For Flagship Smartphone

• What's New In Android 8.0 Oreo Security

• Android's 'check for update' button will now finally do something

• Android Circuit: New Galaxy S9 Leak, Nokia 9's Powerful Surprise, Latest Pixel 2 Launch Details

• Red Hat Enlarges Its Open Source Patent Promise Umbrella

  Red Hat on Thursday announced major enhancements to the Patent Promise it first published 15 years ago, with the intention of providing new protections to innovation in the open source community. In its 2002 Patent Promise, Red Hat vowed not to pursue patent infringement actions against parties that used its covered Free and Open Source Software, or FOSS, subject to certain limitations. The current Patent Promise reaffirms the 2002 pledge and extends the zone of non-enforcement.

• Red Hat breaks new ground with open source Patent Promise

  Red Hat has decided to revise its 2002 Patent Promise that originally signalled the company’s intention not to enforce its patents against free and open source software.

  The company, which is famed for its open source approach, had laid out in its original promise that it was designed to discourage patent aggression against free and open source software. The updated version not only reaffirms this but “extends the zone of non-enforcement.”

• Two Docs Workshops at Flock 2017

• Documentation and Modularity at Flock 2017

• Join the Magazine team

  The recent Flock conference of Fedora contributors included a Fedora Magazine workshop. Current editorial board members Ryan Lerch, Justin W. Flory, and Paul W. Frields covered how to join and get started as an author. Here are some highlights of the workshop and discussion that took place.

• Security updates for Friday

• SEC Chairman reveals financial reporting system was hacked

• CCleaner malware outbreak is much worse than it first appeared

• CCleaner Hack May Have Been A State-Sponsored Attack On 18 Major Tech Companies

  At the beginning of this week, reports emerged that Avast, owner of the popular CCleaner software, had been hacked. Initial investigations by security researchers at Cisco Talos discovered that the intruder not only compromised Avast's servers, but managed to embed both a backdoor and "a multi-stage malware payload" that rode on top of the installation of CCleaner. That infected software -- traditionally designed to help scrub PCs of cookies and other tracking software and malware -- was subsequently distributed by Avast to 700,000 customers (initially, that number was thought to be 2.27 million).

  And while that's all notably terrible, it appears initial reports dramatically under-stated both the scope and the damage done by the hack. Initially, news reports and statements by Avast insisted that the hackers weren't able to "do any harm" because the second, multi-stage malware payload was never effectively delivered. But subsequent reports by both Avast and Cisco Talos researchers indicate this payload was effectively delivered -- with the express goal of gaining access to the servers and networks of at least 18 technology giants, including Intel, Google, Microsoft, Akamai, Samsung, Sony, VMware, HTC, Linksys, D-Link and Cisco itself.

• Facebook relicenses several projects

  Facebook has announced that the React, Jest, Flow, and Immutable.js projects will be moving to the MIT license. This is, of course, a somewhat delayed reaction to the controversy over the "BSD+patent" license previously applied to those projects.

• Relicensing React, Jest, Flow, and Immutable.js

  Next week, we are going to relicense our open source projects React, Jest, Flow, and Immutable.js under the MIT license. We're relicensing these projects because React is the foundation of a broad ecosystem of open source software for the web, and we don't want to hold back forward progress for nontechnical reasons.

  This decision comes after several weeks of disappointment and uncertainty for our community. Although we still believe our BSD + Patents license provides some benefits to users of our projects, we acknowledge that we failed to decisively convince this community.

• Cloud Native Open Source License Choices

  One of the most common questions regarding open source licensing today concerns trajectories. Specifically, what are the current directions of travel both for specific licenses as well as license types more broadly. Or put more simply, what licenses are projects using today, and how is that changing?

  We’ve examined this data several times, most recently in this January look at the state of licensing based on Black Duck’s dataset. That data suggested major growth for permissive licenses, primarily at the expense of reciprocal alternatives. The Apache and MIT licenses, for example, were up 10% and 21% respectively, while the GPL was down 27%. All of this is on a relative share basis, of course: the “drop” doesn’t reflect relicensing of existing projects, but less usage relative to its peers.

  [...]

  One such community with enough of a sample size to be relevant is the one currently forming around the Cloud Native Computing Foundation. Founded in 2015 with the Kubernetes project as its first asset, the Foundation has added eleven more open source projects, all of which are licensed under the same Apache 2 license. But as a successful Foundation is only a part of the broader ecosystem, the real question is what are the licensing preferences of the Cloud Native projects and products outside of the CNCF itself.

  [...]
  Unsurprisingly, perhaps, given the influence of the CNCF itself, Apache strongly outperforms all other licenses, showing far greater relative adoption than it has in more generalized datasets such as the Black Duck survey. Overall in this dataset, approximately 64% of projects are covered by the Apache license. No other project has greater than a 12% share. The only other licenses above 10%, in fact, are the GPL at 12% and MIT at 11%. After that, the other projects are all 5% or less.

• Google Earth Pro on Ubuntu Installing Problems and Fixes

• How to Install and Configure Askbot with Nginx on CentOS 7

• How to find bash shell function source code on Linux/Unix

• userdel: user vivek is currently used by process 749 error and fix on Linux

• How to Query Audit Logs Using ‘ausearch’ Tool on CentOS/RHEL

• How To Use Ping, fping, and Gping For Varies Purpose In Linux

• How to enable HTTP2 on WHM/cPanel with EasyApache 4

• How to Create a Bootable Windows 10 USB in Linux

• Half-Life: C.A.G.E.D. from former Valve worker should hopefully come to Linux

  Half-Life: C.A.G.E.D. [Steam] is a mod from former Valve worker Cayle George, it's a short prison escape and it should be coming to Linux.

  Mr George actually worked on Team Fortress 2 and Portal 2 during his time at Valve, but he's also worked for other notable developers on titles like Horizon Zero Dawn.

• Game Engine Powered Arcan Display Server With Durden Desktop Updated

  Arcan, the open-source display server powered by a game engine, is out with a new release. Its Durden desktop environment has also been updated.

  Arcan is a display server built off "the corpse of a game engine" and also integrates a multimedia framework and offers behavior controls via Lua. Arcan has been in development for a half-decade while its original code traces back more than a decade, as explained previously and has continued advancing since.

• Arcan 0.5.3, Durden 0.3

  It’s just about time for a new release of Arcan, and way past due for a new release of the reference desktop environment, Durden. Going through some of the visible changes on a ‘one-clip or screenshot per feature’ basis:

• Razer plans to release a mobile gaming and entertainment device soon

  NVIDIA, another big player in the gaming hardware and lifestyle space, released an Android-based portable gaming and entertainment console called the NVIDIA Shield that emphasized in-home streaming, and the Ouya console that Razer acquired (and discontinued) ran Android. But Razer decided to use Windows instead of Android on the Edge.

• Wine Staging 2.17 is out with more Direct3D11 features fixing issues in The Witcher 3, Overwatch and more

  Wine Staging 2.17 is another exciting release, which includes more Direct3D11 features which fixes issues with The Witcher 3, Overwatch and more.

  As a reminder, Wine Staging is the testing area for future Wine development released, which will eventually be made into stable Wine releases.