Language Selection

English French German Italian Portuguese Spanish


today's leftovers

Filed under
  • [OpenMandriva] Additional desktop environments updated once again!

    I am pleased to announce that all currently the most popular desktops are available in the OpenMandriva repository and have been updated to the latest releases.

    So, if you don’t like the default Plasma 5, then you have option to use a different environment like Gnome, Cinnamon, Mate, Xfce, IceWM or i3. In addition @fedya has prepared Sway, and in the repository we can also find under the tutelage of @bero the LXQT and Lumina - both QT based environments. All desktop you can find in Cooker, Rolling* and in upcoming stable release Rock 4.1.


    GNOME environment was updated to latest stable 3.34.3 along with most components that fall into this gtk stack.

  • Ubuntu Weekly Newsletter Issue 613

    Welcome to the Ubuntu Weekly Newsletter, Issue 613 for the week of January 5 – 11, 2020. The full version of this issue is available here.

  • UVM gets $1 million from Google for open source research

    The school says the aim of the project is to broaden understanding of how people, teams and organizations thrive in technology-rich settings, particularly in open-source projects and communities.

  • Creative Commons and USAID Collaborate on Guide to Open Licensing

    Over the past two years, we’ve been working with USAID, the Global Book Alliance, the Global Digital Library, and the Global Reading Network on early childhood reading programs, with a focus on helping these programs to recognize the potential of open licensing to increase the reach and efficacy of resources that promote youth literacy. In the course of doing that work, we all realized that additional materials needed to be created for grantees of the programs to not only understand the open license grant requirements, but to undertake the practical steps of implementing open licenses. To respond to that need, we collaborated with USAID and the Global Reading Network to write and co-publish Open Licensing of Primary Grade Reading Materials: Considerations and Recommendations, a guide to open licenses that includes an introduction to the basics of copyright, an overview of the benefits of open licensing, and suggestions for choosing and implementing open licenses.

  • German Lawyer Niklas Plutte shares OSS tips

    Under the title « Open Source Software Recht: Große FAQ mit vielen Praxistipps” (in German language) the German lawyer Niklas Plutte (Rechtsanwalt) summarises the main questions related to open source licensing.

    In particular, the paper analyse how far open licences will produce a reciprocal (or copyleft) effect, meaning that in case or re-distribution of the program (as is, modified or in combination with other software) the copy, the modified or derivative work must be provided under the same licence and made available to the public in source code form, which could be shared and reused by anyone.

  • Cryptic Rumblings Ahead of First 2020 Patch Tuesday [iophk: why is Canonical not utilizing this already? Do they have too many microsofters inside the perimeter now?]

    According to sources, the vulnerability in question resides in a Windows component known as crypt32.dll, a Windows module that Microsoft says handles “certificate and cryptographic messaging functions in the CryptoAPI.” The Microsoft CryptoAPI provides services that enable developers to secure Windows-based applications using cryptography, and includes functionality for encrypting and decrypting data using digital certificates.

    A critical vulnerability in this Windows component could have wide-ranging security implications for a number of important Windows functions, including authentication on Windows desktops and servers, the protection of sensitive data handled by Microsoft’s Internet Explorer/Edge browsers, as well as a number of third-party applications and tools.

    Equally concerning, a flaw in crypt32.dll might also be abused to spoof the digital signature tied to a specific piece of software. Such a weakness could be exploited by attackers to make malware appear to be a benign program that was produced and signed by a legitimate software company.

  • Facebook Shares Its 2019 Year in Review for Open Source

    Facebook said it released 170 new open-source projects in 2019, bringing its total portfolio to 579 active repositories.

    Open-source developer advocate Dmitry Vinnik said in a blog post that the social network’s internal engineers contributed more than 82,000 commits in 2019, while some 2,500 external contributors committed over 32,000 changes.

    He added that almost 93,000 new people starred Facebook’s open-source projects last year.

  • Amazon accused of 'strip mining' open source software

    ust before the start of the festive season shut-down in mid-December, the New York Times published a long article accusing one of the world’s largest technology companies – Amazon – of nefarious business practices.

    Amazon reacted strongly, with Andi Gutmans, VP of Analytics and ElastiCache at Amazon Web Services (AWS) calling the NY Times article “skewed and misleading” as well as “silly and off-base”.

    Referring to open source companies that it said had complained about Amazon’s business practices, which included benefiting by integrating open source software pioneered by others into its own products, the NYTimes wrote: “Some of the companies have a phrase for what Amazon is doing: strip-mining software. By lifting other people’s innovations, trying to poach their engineers and profiting off what they made, Amazon is choking off the growth of would-be competitors and forcing them to reorient how they do business.”

  • Financial Services Firms Must Contribute More Software Repos, to Retain Staff and Stay Relevant [Ed: This article promotes the fiction that only code Microsoft controls counts as FOSS. It is a hostile and malicious takeover.]

    Does this tell us anything ? Overall, I was quite encouraged, but felt financial services firms in particular have more to do.

    My first observation regards firms not featuring on the list. Many Financial Services companies - banks, asset managers and other open source-consuming tier 1 hedge funds - are notable by their absence on Github, though in fairness some host repos elsewhere. While Goldman Sachs, for a long time active with Java, and JP Morgan are readily findable, many of their rivals sadly barely register. Kudos to those that have contributed, particularly the likes of Two Sigma and Man AHL, who have truly put money, time and effort where their mouths are.

    Vendors like Bloomberg and Thomson Reuters have found repos to be useful for promoting APIs to their databases, not unlike some internet services firm submissions represented in the list. They're doing well.

    Particularly pleasing for me were two "proprietary" software firms active in Financial Services, MathWorks and SAS, both releasing significant numbers of high calibre code repos, not least because I worked many years for one of them. Predictably, most repos from my former company are in their own proprietary though openly-viewable and editable language, MATLAB. For SAS, somewhat less predictably to my mind at least, more code submissions were in Python and JavaScript than SAS code itself. Kudos therefore to my former competitors at SAS ! It seems they understand the programming languages preferred by their staff's children and grandchildren, a bit like my using DuckDuckGo, chatting with gamers on Discord and shouting "boomer" at anyone over the age of 33.

  • Spotify Accidentally Leaks Details on Its Home Thing Smart Speaker

    A leak may have revealed Spotify’s upcoming foray into smart home speakers. New setup images for something called ‘Spotify Home Thing’ have appeared online.

  • Bay Staters Continue to Lead in Right to Repair, and EFF Is There to Help

    Massachusetts has long been a leader in the Right to Repair movement, thanks to a combination of principled lawmakers and a motivated citizenry that refuses to back down when well-heeled lobbyists subvert the legislative process.

    In 2012, Massachusetts became the first US state to enact Right to Repair legislation, with an automotive law that protected the right of drivers to get their cars repaired by independent mechanics if they preferred them to the manufacturers' service depots. Though wildly popular, it took the threat of a ballot initiative to get the legislature to act, an initiative that ultimately garnered 86% of the vote. The initiative led to strong protections for independent repair in Massachusetts and set the stage for a compromise agreement leading to better access to repair information for most of the country.

  • Enjoy this peaceful 4 hour long trailer for THE LONGING, a game that takes 400 days to beat

    A curious one this, a game that has a clock that counts down from 400 days as soon as you start it and you don't even need to play it to get to the ending, as time continues when you're not playing. I've played some slow games before but this is an all new kind of sloth.

    It's called THE LONGING and you play as Shade, the last lonely servant of a King who once ruled an underground kingdom. The King's powers have faded and he sleeps for 400 days to regain strength and you're supposed to stick around until he awakens. Announced today, Studio Seufz have now given it a release date of March 5 and you can see the wonderful four hour long trailer below. The trailer is obviously a joke, at how you can just sit around and do nothing.

  • Feral Interactive are asking what you want ported to Linux again

    Feral Interactive, the porting studio behind a lot of great games available on Linux are asking for some feedback again on where they should go next.

    In the past, they've teased how they feed port requests into "THE REQUESTINATOR". Looks like my number three from when they asked in November 2018 turned out okay with Shadow of the Tomb Raider. As always though, we want additional ports to buy and more varied titles to play through.

  • OpenStack’s Complicated Kubernetes Relationship

    2020 may be the year the OpenStack community comes to terms with Kubernetes

    As the open source community heads into 2020, loyalties between OpenStack and Kubernetes are likely to become increasingly divided. Contributors to open source projects are trying to determine where to prioritize their efforts, while IT organizations are wondering to what degree they will need a framework such as OpenStack to deploy Kubernetes.

    Most Kubernetes deployments thus far have been on top of open source virtual machines or commercial platforms from VMware. Most of those decisions have been driven by the need to isolate Kubernetes environments sharing the same infrastructure. In addition, many IT organizations lacked the tools or expertise required to manage Kubernetes natively, so it became easier to simply extend existing tools to manage Kubernetes as an extension of a virtual machine-based platform.

    The debate now is to what degree that approach will continue as organizations become first more familiar with native Kubernetes toolsets and alternative approaches to isolating workloads using lighter-weight virtual machines emerge.

    Lighter-weight alternatives to OpenStack and VMware for deploying Kubernetes clusters already exist, notes Rob Hirschfeld, CEO of RackN, a provider of an infrastructure automation platform based on open source Digital Rebar software.

    At the same time, managed service providers such as Mirantis have begun rolling out highly distributed services based on Kubernetes that make no use of OpenStack at all.

today's leftovers

Filed under
  • Avoid Unnecessary Reboots: Set up the Livepatch Service on Ubuntu

    Rebooting should only be done if absolutely necessary, especially on servers. In this video, I show the process of enabling Canonical's Livepatch service, which will patch the Linux kernel automatically and allow you to avoid (most) reboots when the kernel updates.

  • Linux Action News 140

    Are we overloaded with open source licenses? We consider a simpler future. Results from the Debian init vote are in, and why Amazon’s new open source project might be worth checking out.

  • Phoronix Test Suite 9.4 Milestone 1 Released

    The first development release of Phoronix Test Suite 9.4-Vestby is now available for evaluation.

    Phoronix Test Suite 9.4-Vestby is the Q1'2020 feature update due out in about one month's time. With today's Milestone 1 release is the first batch of improvements arriving while more work should be landing over the next few weeks.

    With Phoronix Test Suite 9.4 Milestone 1 are a variety of low-level improvements, external dependency updates, various new helper string options for test profiles, pass/fail graph formatting improvements, Phodevi software/hardware detection improvements, support for the forthcoming Linux "drivetemp" ATA temperature driver as another fallback in monitoring drive temperatures, and other refinements and fixes.

  • Benchmarks Of LLVM Clang 6.0 Through Clang 10.0 Compilers

    At the end of 2019 I ran some GCC 5 through GCC 10 compiler benchmarks while here are the similar tests conducted on the LLVM side for seeing how the Clang C/C++ compiler performance has evolved over the past few years.

    This round of testing was done on LLVM Clang 6.0 through LLVM Clang 9.0 while building in the release modes and also testing with LLVM Clang 10.0 as the development code as of December. All the CFLAGS/CXXFLAGS remained the same throughout testing.

  • The next generation of low-cost, open-source oceanographic instruments is here! Meet the OpenCTD rev 2!

    In 2013, Kersey Sturdivant and I embarked upon a quixotic quest to create an open-source CTD — the core tool of all oceanographic research that measures the baseline parameters of salinity, temperature, and depth. We weren’t engineers; neither of us had any formal training in electronics or sensing. And, full confession, we weren’t (and still aren’t) even oceanographers! What we were were post-doc marine ecologists working with tight budgets who saw a desperate need among our peers and colleagues for low-cost alternatives to insurmountably expensive equipment. And we had ties to the growing Maker and DIY electronics movements: Kersey through his work developing Wormcam and me through my involvement with OpenROV.

  • Wi-Fi 6 is finally here

    The biggest leap forward for Wi-Fi 6 at this year’s conference came from affordable Wi-Fi routers. Last year, we saw lots of promises of routers coming soon, but when those routers showed up in stores, they tended to arrive at the highest of price points. This makes sense — Wi-Fi 6 is new tech, so of course it ended up in the highest end routers first. But widespread adoption depends on Wi-Fi 6 making it into the lower priced routers the majority of people actually buy. These new routers aren’t necessarily better than last year’s, but they offer a meaningful improvement upon the cheaper models they’re replacing.

today's leftovers

Filed under
  • Physics-based platformer LAZR has a very impressive new demo out

    Currently in development by Garrick Campsey, LAZR has to be one of the most unique platformers I've seen in some time with some very fun cloth simulation going on and a big new demo is out.

    Campsey calls their game a "Clothformer" due to the special mechanics it uses. You can climb across all sort of cloth-based objects, set them on fire, even some enemies are made of cloth for you to have some fun destroying them. The previous tech demo was already impressive and this new demo is much bigger featuring 5 mission levels, 5 challenge levels, 2 training levels and more to give a proper look at it.

  • FC Is Yet Another LLVM Fortran Compiler, Now Targeting The New MLIR IR

    While the Flang/f18 compiler is expected to land in the LLVM 10.0 source tree on Monday, another Fortran LLVM front-end continues in development.

    FC is another Fortran compiler for LLVM that is completely separate from the likes of Flang and f18 compilers. FC was announced last year as a new Fortran compiler being developed by little-known compiler consulting firm CompilerTree. At the time they said their Fortran compiler was delivering comparable performance to Flang and GCC's Fortran (Gfortran).

  • Library of Congress Storage Architecture Meeting

    The Library of Congress has finally posted the presentations from the 2019 Designing Storage Architectures for Digital Collections workshop that took place in early September, I've greatly enjoyed the earlier editions of this meeting, so I was sorry I couldn't make it this time. Below the fold, I look at some of the presentations.

  • Ring Throws A Moist Towelette On Its Dumpster Fire With A Couple Of Minimal Security Tweaks

    Things have gotten worse and worse for Amazon's Ring over the past several months. Once just the pusher of a snitch app that allowed city residents to engage in racial profiling from the comfort of their homes, Ring is now synonymous with poor security practices and questionable "partnerships" with hundreds of law enforcement agencies around the nation.

today's leftovers

Filed under
  • Make Linux Login Look Better than Windows

    In this video, I am going over how to make Linux login look better than Windows by modifying the config of LightDM.

  • Self-Hosted: Fixing Brent's WiFi | Jupiter Extras 45

    Join Alex and Brent for a chat about upgrading your home network with an eye towards stability, simplicity, and hosting things yourself.

  • Xiaomi Redmi AC2100 Router Sells for $35 and Up

    Xiaomi has launched several affordable WiFi routers over the years.

  • SimplePnP is a Low-Cost, Open Source Hardware Pick-and-Place Machine (Crowdfunding)
  • Seeeduino XIAO is the smallest Arduino compatible board from SeeedStudio’s Seeduino family.

    Seeeduino XIAO is the smallest Arduino compatible board from SeeedStudio’s Seeduino family.

  • LibreOffice QA/Dev Report: December 2019

    LibreOffice 6.4.0 RC1 was released on December 23 and a Bug Hunting Session took place the same day

  • Meet Guix at FOSDEM

    As usual, GNU Guix will be present at FOSDEM on February 1st and 2nd. This year, we're happy to say that there will be quite a few talks about Guix and related projects!

  • AWS announces AutoGluon, an open-source library for writing AI models

    Amazon Web Services Inc. today launched a new open-source library to help developers write, with just a few lines of code, machine learning-based applications that use image, text or tabular data sets.

    Building machine learning apps that rely on such data isn’t an easy task. For example, developers need to know how to tune the “hyperparameters” that represent the choices made when constructing an AI model. They also need to grapple with issues such as neural architecture search, which enables them to find the best architecture design for their machine learning models.

  • The ethical side of open source [Ed: Deeply unethical corporations trying to lecture us about ethics; this is all about control, in the name of 'safety'...]

    Over the summer, Facebook’s open-source JavaScript library React was under fire after racism and harassment were discovered within its community. The incident is known as #Reactgate and it ended with the designer Tatiana Mac, who raised awareness of some of the issues, resigning from the industry, and React software engineer Dan Abramov and library author Ken Wheeler deactivating their Twitter accounts temporarily.

  • Copyright Notices in Open Source Software Projects

    When source code, documentation and other content is contributed to an OSS project, the copyrights in those contributions typically remain owned by the original copyright holders.

    What follows is a discussion of the typical OSS project where each contributing organization and individual retains ownership of their copyrights that they make available under the project’s open source software license. In this case, the copyrights are licensed for distribution as part of the project. Whether a project uses the Developer Certificate of Origin (“DCO”) and/or a Contributor License Agreement (“CLA”), the original copyright holders retain their copyrights.


    If a file only contains code that originates from a third party source who didn’t contribute it themselves, then you would not want to add the notices above. (In a similar vein, you wouldn’t add a notice identifying you as the copyright holder either, if you didn’t own it.) Just preserve the existing copyright and license notices as they are.

    If, however, you add copyrightable content to a pre-existing file from another project, then at that point you could add a copyright notice similar to the one above.

  • Security updates for Friday

    Security updates have been issued by Debian (ldm and sa-exim), Mageia (firefox), openSUSE (chromium, firefox, and thunderbird), SUSE (containerd, docker, docker-runc, golang-github-docker-libnetwork, firefox, log4j, nodejs10, nodejs12, and openssl-1_0_0), and Ubuntu (firefox).

  • Some NYC subway riders are accidentally getting double-charged because of Apple Pay

    Dozens of subway riders in New York City are being charged extra for their transit rides, and the Metropolitan Transportation Authority suspects that Apple may be partly to blame.

    The MTA is not explicitly pointing the finger at Apple, but it appears that some riders may be unwittingly putting their iPhones too close to the system’s new tap-to-pay OMNY readers while simultaneously swiping their MetroCards at the turnstile.

today's howtos and leftovers

Filed under
  • My favorite Bash hacks
  • 5 ways to do serverless on Kubernetes
  • AMDGPU Linux 5.5 Fixes 8K / 4K120 Output, Hits Sync Object Timeline Support For Vulkan

    While on the back-half of the Linux 5.5 kernel cycle, sent in on Wednesday were an interesting batch of AMDGPU driver fixes that are quite notable.

    First up, the reverting of the retry faults behavior is part of this pull request. This code revert is about helping the stability of recent AMD APUs that for some Linux users has meant frequent hangs unless this functionality was disabled. The alternative to try this workaround is booting the kernel with amdgpu.noretry=0 to achieve the same effect on existing kernel releases.

  • flexiWAN Open Source SD-WAN Platform Hits GA

    flexiWAN launched the first stable release of its open-source SD-WAN platform, which is available through one of the company’s hardware partners: Advantech, Lanner, and Silicom.

    “This release is a major milestone for flexiWAN and our community as it is the world’s first production-ready open and community-driven SD-WAN solution,” said Amir Zmora, CEO and co-founder of flexiWAN, in a statement. “Our innovation and openness doesn’t stop at the technical level. By offering our services as a freemium business model, along with publicly sharing our pricing and source code with the community, we strive to lead the industry to more openness.”

  • 11 top open-source API testing tools: What your team needs to know

    How do you find the right open-source API testing tool for your needs? Since my last roundup of the best candidates, a few more tools have appeared that warrant consideration—and there's a new technique that's all the buzz in AI automation circles that you need to know about.

    While most vendors are talking up the benefits of AI- and UI-based testing tools in general, AI- and machine learning-based applications that help with API testing have arrived.

    Before you begin API testing, however, make sure you understand test automation basics and know how to avoid the most common test automation mistakes.

  • Enterprise Networking Planet Predictions for 2020

    With 2020 now ramping up there's a lot to look forward to in the networking space this new year. Some of the trends have been going on for years, some are newer, but these are the areas where we expect to see big things in 2020


    Simply put, all major networking efforts in 2020 will have some form of open source component. Whether its via code, participation in an Linux Foundation collaboration project or otherwise, the reach of open source is inescapable.

  • Odoo Raises $90M To Advance Open Source ERP

    Odoo brings in new funds as it aims to further expand its enterprise resource planning platform.

    Enterprise Resource Planning (ERP) software has long been dominated by established proprietary vendors, but that's not to say there isn't open source competition in the market.

    Odoo, a company formerly known as OpenERP, develops a suite of open source ERP tools and built a solid user base of over 4.5 million users. The core open source Odoo community version is complemented with the Odoo enterprise edition that adds proprietary features that can be useful for larger organizations.

    In December 2019, Odoo got a strong vote of confidence, with an investment of $90 million, led by Summit Partners, with the participation of existing investor SRIW and its affiliate Noshaq. Total funding to date for Odoo is approximately $104 million.

  • Daniel Stenberg: webinar: Why everyone is using curl and you should too

    I’m please to invite you to our live webinar, “Why everyone is using curl and you should too!”, hosted by wolfSSL. Daniel Stenberg (me!), founder and Chief Architect of curl, will be live and talking about why everyone is using curl and you should too!

    This is planned to last roughly 20-30 minutes with a following 10 minutes Q&A.

  • Bring the planet to LibrePlanet by sponsoring an attendee

    LibrePlanet 2020: Free the Future is only ten weeks away! On March 14 and 15, we will welcome free software enthusiasts and experts to Boston for the Free Software Foundation's (FSF) annual conference on technology and social justice.

    We're hard at work creating an event with engaging talks with speakers from all over the world, and without spoiling any future announcements, we're very excited about the program we have so far. It is promising to be a year filled with talks about interesting and successful projects. Anticipated talks will expose the fascinating parallels between social movements in free software, dig into community-related subjects, and as always, explore the latest issues in licensing, security, education, and government adoption of free software with experts from these fields.

    The FSF is proud of the fact that the LibrePlanet audience and speakers come from a diverse range of backgrounds, countries, and cultures. We believe that anyone who wants to attend or speak at the conference should not be held back by financial burdens, so if you have a few dollars to spare, why not make a donation in support of the LibrePlanet Scholarship Fund? You'll be supporting a robust, diverse free software community by helping to reduce the financial barrier for those who need the help.


    On top of all the free software work we fund and do year-round, with your financial support, we can invite speakers who can enlighten us with their knowledge and experience. Your donations will also help free software enthusiasts attend who otherwise would not have the means to do so. Your contribution, even if it's only a couple dollars, can be the difference between someone attending or not.

  • The open source licence debate: dead project walking & incentive models

    Open source grew, it proliferated… and it became something that many previously proprietary-only software vendors embraced as a key means of development.

    If you don’t accept the options offered by the community contribution model of development, then you risk becoming a Proprietary 2.0 behemoth… or so the T-shirt slogan might go.

    But the issue of how open source software is licenced is still the stuff of some debate.

  • Uber open-sources Manifold, a visual tool for debugging AI models

    Debugging machine learning (ML) models isn’t a walk in the woods. Just ask the data scientists and engineers at Uber, some of whom have the unenviable task of digging into algorithms to diagnose the causes of their performance issues.

    To lighten the workload, Uber internally developed Manifold, a model-agnostic visual tool that surfaces the differences in distributions of features (i.e., the measurable properties of the phenomena being observed). It’s a part of the ride-hailing company’s Michelangelo ML platform, where it’s helped various product teams analyze countless AI models. And as of today, it’s available in open source on GitHub.

  • Y2K20 - The Infamous Millennium Bug Strikes Back 20 Years Later

    The new millennium presented the coders of the 90s with a unique problem know as the Y2K bug. Many computers of the time counted years by the last two digits, and they were about to roll back to 00. Come January 1st, a lot of systems were going to jump back to 1900, instead of 2000.

    Y2K was a coding complication that added to the plethora of scares surrounding the mysterious year 2000. Some people feared supernatural entities or extraterrestrial creatures would roam the earth. Others worried that every nuclear weapon in the world would misfire all at once as a result of the bug. In actuality, banking errors were among the worst things to come out of it.

today's leftovers

Filed under
  • GL.iNet Slate OpenWrt Travel Router Supports Tor, Wireguard VPN, and Cloudflare DNS over HTTPS/TLS

    A couple of months ago, we wrote about GL.iNet Mudi portable WiFi router with built-in 4G LTE connectivity and supporting features such as the Tor Project...

  • $4 Orange Pi 4/4B PCIe Expansion Board Includes an mPCIe socket, and a SIM card Slot

    Rockchip RK3399 based Orange Pi 4 & 4B boards launched last year with a PCIe connector.

  • Will Kahn-Greene: Socorro Engineering: Year in Review 2019

    Last year at about this time, I wrote a year in review blog post. Since I only worked on Socorro at the time, it was all about Socorro. In 2019, that changed, so this blog post covers the efforts of two people across a bunch of projects.

    2019 was pretty crazy. We accomplished a lot, but picking up a bunch of new projects really threw a wrench in the wheel of ongoing work.


    I redid how Socorro handles queueing crash reports for processing. Previously, it used RabbitMQ. I switched it to Google Pub/Sub. In doing this, I removed one of the components between the collector and the processor which was sometimes flakey, so that was good. This was the first step in moving all of Socorro to Google Cloud Platform.


    During the Buildhub and Buildhub2 audits, I decided that while Buildhub2 has a different set of issues with its data, it was better than maintaining two indexes. I wrote up a plan to shut down Buildhub, identified and fixed blocking issues in Buildhub2, and migrated projects from Buildhub to Buildhub2.

    Then we shut down and dismantled Buildhub.


    Mozilla Location Services had been dormant for years. It was running Python 2.6 on Scientific Linux. It had a deploy pipeline that was several generations old. It was in an unmaintainable state.

    We overhauled it, finished up the Docker-ization of the services, finished the mostly-done migration from Python 2.6 to Python 3, updated dependencies, reduced a bunch of complexity, wrote a lot of documentation, fixed a ton of issues, pushed out a new deploy pipeline and Docker-based infrastructure, and did a series of stop-gap fixes for processing.

  • Mozilla VR Blog: Mozilla Announces Deal to Bring Firefox Reality to Pico Devices

    For more than a year, we at Mozilla have been working to build a browser that was made to showcase the best of what you love about browsing, but tailor made for Virtual Reality.

    Now we are teaming up with Pico Interactive to bring Firefox Reality to its latest VR headset, the Neo 2 – an all-in-one (AIO) device with 6 degrees of freedom (DoF) head and controller tracking that delivers key VR solutions to businesses. Pico’s Neo 2 line includes two headsets: the Neo 2 Standard and the Neo 2 Eye featuring eye tracking and foveated rendering. Firefox Reality will also be released and shipped with previous Pico headset models.

  • Security updates for Monday

    Security updates have been issued by Fedora (chromium, cyrus-imapd, drupal7-l10n_update, drupal7-webform, htmldoc, nethack, php, and singularity), Mageia (advancecomp, apache-commons-compress-, cyrus-imapd, cyrus-sasl, dia, freeimage, freeradius, igraph, jhead, jss, libdwarf, libextractor, libxml2, mediawiki, memcached, mozjs60, openconnect, openssl, putty, python-ecdsa, python-werkzeug, shadowsocks-libev, and upx), Oracle (container-tools:1.0 and container-tools:ol8), and Red Hat (kpatch-patch).

  • Reproducible Builds in December 2019

    In these reports we outline the most important things that we have been up to over the past month. As a quick recap, whilst anyone can inspect the source code of free software for malicious flaws, almost all software is distributed to end users as pre-compiled binaries.

    The motivation behind the reproducible builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.

  • Open Source Supply Chain: A Matter Of Trust [Ed: Linux Foundation still does openwashing puff pieces for proprietary software giant VMware; more of the same]

    Open source software is often considered safer and more secure than proprietary software because users can, if they want, compile the software from the source code. They know the source of the code running in their environment.  Every component that they are running in their environment can be audited and the developer held accountable.  

  • How I went nomad

    In 2016, I discovered this concept of digital nomadism, the idea that for knowledge workers who only need a laptop and an internet connection, you don’t really need to work in an office anymore. You can simply work remotely for companies that will allow it, or as a freelancer for clients who don’t really care where you are so long as the job is done. Many people were already doing it, and even though it had started off as a very difficult lifestyle, in the tracks of the 4-hour work week and other inspiring lifehackers, it had become easier and easier over the years with coworking spaces, AirBnB and even coliving spaces (coworking spaces combined with accomodations, NDLR). The only thing you needed was a knowledge job that could sustain your travels, making it possible for you to pay for temporary accomodation and flights. Some were doing it with dropshipping, others with ad-monetized niche websites, but one of the holy grails gigs seemed to be software development. How fortunate for me!


    But at this point in my life, experience had already taught me that I shouldn’t jump into this sort of transition without a little bit of cautious preparation and experimentation.

    First things first, let’s expose the fears, since none of them is irrelevant, none of them should be kept under the rugs. All our fears exist to tell us something, and ignoring them is never the answer.

    The one fear I had heard of the most throughout forums and Slack groups about nomadism, and that I could relate to, was loneliness. When you move regularly and on your own, it can be really hard to create connections with other human beings, whether they live in the places where you live for a while, or they are other travellers like you. Bonding takes time, especially for an introvert with trust issues like myself, so I could see myself suffering from that. Thankfully, since it is such a widespread concern, some services had already started to appear to address that. Coliving spaces were a first answer, as they let travellers share accommodations with other travellers, or locals for that matter, creating a de facto sense of community, even for just a few weeks. On the other hand, except if you made a really good friend in that amount of time, you also had to start over almost from scratch in every space. Another answer that looked way more promising to me was travel groups. In addition to helping you with other issues we will talk about later, they also formed those groups of travellers who could follow each other from places to places, and also curated those communities around common sets of values and lifestyles.

    But then there was another fear, the extreme opposite one in fact. If it’s not a good idea to hide your fears under the rug, it’s also rarely a good one to forget who you are or try to disguise as someone else to fit into a new lifestyle. I had done that before, but no more. And for better or worse I am an introvert. I am not shy, but energy tends to flow outwards from myself to other people, which means I need some me time every once in a while to recharge. And I wanted to honor and respect that. Which meant I can support more lonely time than extroverts, but I also need to be able to take a step back from time to time. And some of those travel groups I just mentioned looked like a giant frat party, attracting a lot of twenty-something party-goers with their bad habits of peer-pressuring anyone who doesn’t follow along.

  • Matrix In, Telegram Out

    We would like to thank those of you who have participated in the Ubuntu Studio Telegram Groups over the past year. While it has been productive, we decided that it would be best to sunset our Telegram bridge to our IRC channels, thereby dropping Telegram from our official support and community channels.

  • 16 Best Platforms for Selling Digital Products 2020

    If you are considering starting an online business using the WordPress website then it is important for you to read our article on the Best WordPress Invoice Plugins in 2019. If what you want to do is sell digital/downloadable content without necessarily creating a website from scratch then read on.

  • Apple targets jailbreaking in lawsuit against iOS virtualization company

    Apple has expanded a lawsuit against an iOS virtualization company, claiming that its actions facilitate jailbreaking and violate the Digital Millennium Copyright Act (DMCA) prohibition on circumvention of copyright-protection systems.

    Apple sued Corellium, a company that sells access to virtual machines that run copies of the operating system used in iPhones and iPads, in August 2019. We detailed the initial allegations in a previous article; Apple said that Corellium sells "perfect replicas" of iOS without a license from Apple and markets its software as "a research tool for those trying to discover security vulnerabilities and other flaws in Apple's software." But instead of aiding good-faith security research, Corellium "encourages its users to sell any discovered information on the open market to the highest bidder," Apple alleged.


    Jailbreaking of smartphones and tablets such as iPhones and iPads is allowed in the US due to a DMCA exemption granted by the US Copyright Office (a division of the Library of Congress).

    The Copyright Office says the DMCA exemption for jailbreaking phones and tablets is intended "to allow the device to interoperate with or to remove software applications." There's also a DMCA exemption for security research on all types of devices. But to qualify for the security exemption, it must be "good-faith security research" that is "carried out in an environment designed to avoid any harm to individuals or the public."

    The Electronic Frontier Foundation describes DMCA exemptions in general as "too narrow and too complex for most technology users."

today's leftovers

Filed under
  • GNU World Order 334

    The **ap** software series, starting with the **a2ps** package, containing some useful and some obscure PostScript utils.

  • SMLR 319: Happy GNU Year

    Tony Bemus, Tom Lawrence, Phil Porada and Jay LaCroix

  • 22+ Best Lightweight Linux Operating Systems In 2020

    Let’s have a quick look into the list of some of the best lightweight Linux operating system for your old computers or laptop.

  • Ken Thompson: Moscow adventures

    1/4/2020 – In the early 1980s, FREDERIC FRIEDEL spent a week in Moscow with Unix pioneer Ken Thompson, who was supposed to demonstrate his computer chess world champion machine Belle to the Soviet Chess Federation, and to former World Champion Mikhail Botvinnik, who was developing a rival strategy in chess programming. Unfortunately Thompson's computer did not arrive with him in Moscow. But in spite of this, the trip turned out to be quite an adventure.


    In the early 1980s, Ken, who has given the world the operating system Unix and the computer language C — both still going strong — had revolutionized computer chess by building a hardware-based chess playing program. It was called “Belle” and its development is described in my first article of this series: Ken — an introduction in three syllables. The Soviet Union, at the time still alive and kicking, had for decades dominated chess. They had all the strongest players (except for Bobby Fischer), whom the state maintained using the latest research technology — teams of grandmasters, libraries of books and a huge “kartotek” I actually saw and have described. They had also started dabbling in computer chess, and their brute force program Kaissa had won the first World Computer Chess Championship, in 1974. The title was subsequently taken from them, in 1977, by a giant American mainframe program, Chess 4.6, which in turn was defeated in 1980 by Ken’s Belle. I have traced the ascent of Belle.

    The Soviets were troubled by this development, and were looking for alternatives. The great World Champion Mikhail Botvinnik, an electrical engineer, was trying to find a way of managing the Soviet economy using artificial intelligence. With a team of computer scientists Botvinnik designed a highly selective chess program that used general principles of chess to drastically restrict the search.

  • Bringing artificial intelligence and MIT to middle school classrooms

    In the age of Alexa, YouTube recommendations, and Spotify playlists, artificial intelligence has become a way of life, improving marketing and advertising, e-commerce, and more. But what are the ethical implications of technology that collects and learns personal information? How should society navigate these issues and shape the future?

    A new curriculum designed for middle school students aims to help them understand just that at an early age, as they grow up surrounded by the technology. The open-source educational material, designed by an MIT team and piloted at this year’s Massachusetts STEM Week this past fall, teaches students how AI systems are designed, how they can be used to influence the public — and also how to use them to be successful in jobs of the future.

    During Mass STEM Week in October, middle schools across the commonwealth replaced their regular curriculum with an immersive week of hands-on learning led by a team including Cynthia Breazeal, associate professor of media arts and sciences at MIT; Randi Williams ’18, graduate research assistant in the Personal Robots Group at the MIT Media Lab; and the nonprofit organization i2 Learning.

  • CES chief defends invite for Ivanka Trump

    He declined, however, to say if her appearance had been his organisation's idea or if the White House had requested the address.

Standards/Consortia: Lanner, WiFi 6E and SRT Alliance

Filed under
  • Lanner Electronics announces participation in Open Compute Project

    Lanner Electronics, a provider of customizable SDN and NFV network appliances and uCPE/vCPE Whitebox Solutions, announced its participation as Community Member of the Open Compute Project (OCP), an open consortium aiming to design and enable the delivery of the most efficient server, storage, and data center hardware for scalable computing. Lanner continues to play a role in industry forums, such as the Telecom Council and OCP, contributing Lanner’s expertise in developing carrier-grade network platforms for 5G Cloud-RAN, Mobile Edge Computing, and Hyper Converged Infrastructure.

  • WiFi 6E Opens Up WiFi To 6GHz Operation

    WiFi 6E has all of the features of last year's WiFi 6 specification but opens it up for devices operating on a 6GHz band. WiFi at 6GHz should offer better performance and lower latency, pending regulatory approvals for utilizing this additional (currently unlicensed) spectrum.

  • Haivision-led SRT Alliance Adds Alibaba Cloud, Internet Initiative Japan, Kiswe, Red5 Pro as Members

    The SRT Alliance, supporting the SRT Open Source Project, has gained Alibaba Cloud, Internet Initiative Japan, Kiswe, and Red5 Pro as new members, showing their support of the cross-industry adoption of the SRT (Secure Reliable Transport) Open Source protocol and technology. This brings the total number of SRT Alliance members to more than 300 companies.

today's leftovers

Filed under
  • The Magic SysRQ Key on the Keyboard
  • About problems in LibreOffice from Linux distro packages

    Very big thank you for all people who write bug reports about LibreOffice in to our bugzilla. But sometime I see, that your problems are only in Linux distro's (like SuSe, Ubuntu, Arch, etc.) LibreOffice and we can't repro your problem in LibreOffice from TDF site.

  • The Month in WordPress: December 2019

    As 2019 draws to a close and we look ahead to another exciting year let’s take a moment to review what the WordPress community achieved in December.

    WordPress 5.3.1 and 5.3.2 Releases

    The WordPress 5.3.1 security and maintenance release was announced on December 13. It features 46 fixes and enhancements. This version corrects four security issues in WordPress versions 5.3 and earlier. Shortly afterwards, WordPress 5.3.2 was released, addressing a couple high severity Trac tickets, and includes 5 fixes and enhancements, so you’ll want to upgrade. You can read more about these releases in the announcements for 5.3.1 and 5.3.2.

  • Bunnie Huang's Betrusted Project

    As usual, Bunnie is realistic about the limits of what he is doing:

    I personally regard Betrusted as more of an evolution toward — rather than an end to — the quest for verifiable, trustworthy hardware. I’ve struggled for years to distill the reasons why openness is insufficient to solve trust problems in hardware into a succinct set of principles. I’m also sure these principles will continue to evolve as we develop a better and more sophisticated understanding of the use cases, their threat models, and the tools available to address them.

  • Security updates for Friday

    Security updates have been issued by Debian (netty) and Fedora (libssh, nethack, php, samba, and xen).

  • Wyze Breach Leaves Data Of 2.4 Million Users Exposed Online

    Another day, another company leaving massive troves of consumer data openly accessible to the internet.

  • De-Googling Yourself, Part 8

    HTTPS (HTTPS) is an implementation of the HTTP protocol over an additional layer of security that uses the SSL/TLS protocol. This additional layer allows data to be transmitted over an encrypted connection and to verify server and client authenticity through digital certificates. The TCP port used by default for the HTTPS protocol is 443.

    The HTTPS protocol is used, as a rule, when it is desired to prevent the information transmitted between the client and the server from being viewed by third parties, such as online shopping. The existence in the address bar of a lock (which can be left or right depending on the browser used) demonstrates secure page certification (SSL/TLS). The existence of this certificate indicates the use of the HTTPS protocol and that communication between the browser and the server will take place securely. To verify the identity of the server, double-click the lock to view the certificate.

    Over HTTPS connections, third-party MITM attacks are not possible because the connection is encrypted end-to-end. Thus, it is possible to track that you have accessed a particular site, but not what you have accessed on that site.

  • Apple’s ServiceTalk Goes Open Source

    Apple’s ServiceTalk is now open source! For the uninitiated, ServiceTalk is a JVM network application framework that is aimed at providing a common and extensible networking abstraction on top of a lower-level networking framework (for instance, Netty).

  • Open source storage: driving intelligence in the small data sprawl era

    Open source storage is an emerging phenomenon; data storage software that is developed in a public, collaborative manner under a license that permits the free use, distribution and modification of the source code.

    Organisations are now dealing with a huge amount of data, petabytes-worth, and it all needs to be stored in manner that is flexible, accessible and secure, while allowing analytics and intelligence-driven solutions to gain actionable insights from it.

    There are a three trends that have given rise to open source storage and Stephen Manley — chief technologist at Druva — has helped Information Age dissect the subject.


    He pointed to two of the most popular open source storage offerings, Ceph and Lustre. Both of them have a very different architecture than file systems before, such EXT4 or ZFS. One of the big differences with them is that they separate out the data storage into “a big book object” and they store the metadata in a separate database. And to Manley, this reflects that they’re building for a cloud architecture, “because cloud storage only started being anchored on object storage and then offers database services on top”, he explained.

  • Researchers develop new open-source system to manage and share complex datasets

    A research team has developed an open-source data-management system that the scientists hope will solve all of those problems. The researchers outlined their system today in the journal PLOS ONE.

    "We wanted to create a file format and a dataset model that would encapsulate the majority of datasets we work on, on all the instruments in a lab," said Philip Grandinetti, professor of chemistry at The Ohio State University and senior author of the paper. "There's this long-standing problem, pervasive among scientists, that you buy a multimillion-dollar instrument and the companies that make that instrument have their own proprietary format, and it's a nightmare to share with anyone else."

    Large datasets are tricky to share, in part because software is often proprietary, but also in part because the files are often so large that they are hard to share in an email or through a cloud-based server. And even if the files can be exported as a file type that can be shared, important metadata—the things that explain what the dataset actually is—are often lost.

today's leftovers

Filed under
  • Kubernetes Distribution: What It Is and What It Isn’t

    It’s easy to define what a Kubernetes distribution is not: It’s not “vanilla” Kubernetes, meaning a Kubernetes installation that you create by downloading the Kubernetes source code from GitHub, compiling it and installing it yourself. Almost no one would install Kubernetes that way because it would take way too much work.

    Instead, most people who use Kubernetes install it using a distribution. At a high level, a Kubernetes distribution is any pre-built, prepackaged software platform that includes Kubernetes.

    Not only do Kubernetes distributions save you from the hassle of having to download and build a bunch of stuff from source yourself, but most also feature user-friendly installers to help simplify the complex task of installing Kubernetes’ various components.

  • Dominique Leuenberger: openSUSE Tumbleweed – Review of the week 2020/01

    Dear Tumbleweed users and hackers,

    Happy new year! The year 2020 has started in full swing and I wish everybody a great new year!

    For Tumbleweed, things have started off reasonably well: Snapshot 20200101 (first one of the year) has been published, and 0102 will be discarded. Ups  But let’s step back a bit and do the review of the whole week (which was the crossing over of 2019 to 2020). In the last week, we have released a total of 6 snapshots! Ok, I admit, they were all rather ‘small’ updates, as many contributors are with their families and have better things to do than submitting breaking updates. The six updates released were, still from 2019: 1227, 1228, 1229, 1230 and 1231 and from 2020 the one mentioned earlier: 20200101.

  • November and December Update for FreeCAD & Debian Science

    In November a strange bug was found in the OpenFOAM package which led to only one core being used during builds, even though the logs reported an N core build. In the worst case scenario, on the mipsel architecture, this led to an increase in build times from 17 to 92 hours! I did some troubleshooting on this but found it a bit difficult since OpenFOAM uses a bespoke build system called wmake. I found myself wishing for the simplicity of CMake, and found there was an experimental repo implementing support for it but it didn't seem to work out of the box or with a bit of effort. I wonder if there's any consideration amongst OpenFOAM developers in moving away from wmake?

    Anyway, OpenFOAM ended up getting removed from Debian Testing, but thankfully Adrian Bunk identified the problem, which is that the environment variable MAKEFLAGS was getting set to 'w' for some reason, and thus falling through the wmake code block that set up a proper parallel build for OpenFOAM. So, unsatisfyingly, as a workaround I uploaded the latest OpenFOAM version, 1906.191111, with unexport MAKEFLAGS. It would be nice to find an explanation, but I didn't spend much more time digging.


    For the past several summers, FreeCAD has participated in the Google Summer of Code program under an umbrella organization led by Sean Morrison of BRL-CAD. BRL-CAD is a very interesting bit of software with a long history, in fact the oldest known public version-controlled codebase in the world still under development, dating back to 1983-12-16 00:10:31 UTC. It is inspired by the development ideas of the era, a sort of UNIX philosophy for CAD, made up of many small tools doing one thing well and meant to be used in a normal UNIXy way, being piped into one another and so forth, with a unifying GUI using those tools. Since it's made up of BSD/LGPL licensed code, it ought to be available as part of the Debian Science toolkit, where it may be useful for FreeCAD as an included alternative CAD kernel to the currently exclusive OpenCASCADE. For example, fillets in OpenCASCADE are somewhat buggy and unmaintainably implemented such that an upstream rewrite is the only hope for long-term improvement. BRL-CAD could potentially improve FreeCAD in areas like this.

    It turns out a Debian Request for Packaging bug for BRL-CAD has been open since 2005. I plan to close it! It turns out there's already existing Debian packaging work, too, though it's quite a few years old and thus some adaptation still is required.

  • Firefox 72 new contributors

    With the release of Firefox 72, we are pleased to welcome the 36 developers who contributed their first code change to Firefox in this release, 28 of whom were brand new volunteers!

  • Daniel Stenberg: curl receives 10K USD donation

    The largest ever single-shot monetary donation to the curl project just happened when graciously boosted our economy with 10,000 USD. (It happened before the new year but as I was away then I haven’t had the chance to blog about it until now.)

    curl remains a small project with no major financial backing, with no umbrella organization (*) and no major company sponsorships.

  • Free Software for Privacy and Education: Support for REUSE (SPDX) headers in emacs-reveal

    I continue to use and develop emacs-reveal, a FLOSS bundle to create HTML presentations based on reveal.js as Open Educational Resources (OER) from Org mode source files in GNU Emacs. Last time, I mentioned license attribution for OER figures as tedious challenge, which I believe to be addressed properly in emacs-reveal.

    Over the last couple of days, I added functionality that generates license information in my OER HTML presentations from SPDX headers embedded in source files. The FSFE project REUSE recommends the use of SPDX headers to indicate copyright and licensing information in free software projects, and, although OER are not software, I started to make my OER source files REUSE compliant.

Syndicate content

More in Tux Machines

LibreOffice 6.4.3 Release Candidate Version 1 Released Today!

LibreOffice 6.4.3 RC1 Released: LibreOffice is one of the best open-source text editors. LibreOffice comes as default application release of Linux OS. LibreOffice is developed by Team Document Foundation. Today they announced that the LibreOffice 6.4.3 RC1 version has been released. As per their calendar, LibreOffice 6.4.3 RC1 has been released exactly on today!. This RC1 version has many bugs fixes and tweaks in essential features. Read more

Unifont 13.0.01 Released

Unifont 13.0.01 is now available. This is a major release. Significant changes in this version include the addition of these new scripts in Unicode 13.0.0: U+10E80..U+10EBF: Yezidi, by Johnnie Weaver U+10FB0..U+10FDF: Chorasmian, by Johnnie Weaver U+11900..U+1195F: Dives Akuru, by David Corbett U+18B00..U+18CFF: Khitan Small Script, by Johnnie Weaver U+1FB00..U+1FBFF: Symbols for Legacy Computing, by Rebecca Bettencourt Read more

Programming: micro.sth, RProtoBuf, Perl and Python

  • Introducing micro.sth

    Many developers turn their noses up at PHP, but I have a soft spot for it. For me, it's the most approachable programming language by far. It feels intuitive in a way no other languages do, and it makes it possible to cobble together a working application with just a handful of lines of code. So whenever I can't find a tool for a specific job, I try to build one myself. The latest project of mine is a case in point. I was looking for a simple application for keeping a photographic diary, and I was sure that I'd be able to find an open-source tool for that. I searched high and low, but I came back empty-handed. Sure, there are plenty of static website generators, but I'd prefer something that doesn't require me to perform the write-generate-upload dance every time I want to post a quick update. And I need something that I can use not only to maintain a simple diary, but also store notes, manage tasks, and draft articles -- all this without getting bogged down by configuring templates, defining categories, and tweaking settings. And because I want most of my content to be private, I should be able to protect access to it with a password.

  • Dirk Eddelbuettel: RProtoBuf 0.4.17: Robustified

    A new release 0.4.17 of RProtoBuf is now on CRAN. RProtoBuf provides R with bindings for the Google Protocol Buffers (“ProtoBuf”) data encoding and serialization library used and released by Google, and deployed very widely in numerous projects as a language and operating-system agnostic protocol. This release contains small polishes related to the release 0.4.16 which added JSON support for messages, and switched to ByteSizeLong. This release now makes sure JSON functionality is only tested where available (on version 3 of the Protocol Buffers library), and that ByteSizeLong is only called where available (version 3.6.0 or later). Of course, older versions build as before and remain fully supported.

  • Perl Weekly Challenge 53: Rotate Matrix and Vowel Strings

    These are some answers to the Week 53 of the Perl Weekly Challenge organized by Mohammad S. Anwar.

  • Weekly Python StackOverflow Report: (ccxxi) stackoverflow python report
  • Python: Is And ==

    In Python, == compares the value of two variables and returns True as long as the values are equal.

today's howtos