Classic Emacs editor gets a new-school makeover
A new distribution of the Emacs editor, called Spacemacs, repackages the classic developer's tool in a new skin for greater usefulness to a new generation of programmers.
Emacs is one of the oldest text editors in existence. Its most popular variant (now 31 years old) is GNU Emacs, originally developed by Free Software Foundation president Richard Stallman. The editor's enduring popularity comes from its extensibility and programmability courtesy of the built-in Emacs Lisp scripting language -- and from the culture of tooling that's sprung up as a result. Extensions for Emacs (and, thus, Spacemacs) provide everything from integration with GitHub to Slack chat windows.
OSMC's September update is here
OSMC's September update is here. These changes come in light, as Kodi Jarvis (v16) is very stable as it nears its end of its life. We have been working on preparing OSMC for Kodi Krypton (v17) and will be offering some test builds for all platforms shortly.
We have also been working on a new version of the OSMC skin which will be compatible with the upcoming Kodi release. We've taken a lot of community feedback on board and updated the skin to reflect our new brand. As soon as we have some test builds for the new version of Kodi, we will also make our new skin available for public testing.
- OpenSUSE 42.2 Beta 3 Ships With KDE Plasma 5.8
- Red Hat Inc. (RHT) Director General Henry Hugh Shelton Sells 15,000 Shares
- Expert Analysts Perspective for: Red Hat, Inc. (NYSE:RHT)
Fedora Warns Against ‘dnf update’ in Graphical Environment
He goes on to say that he’s working to get to the root of the issue and hopes to have the issue patched soon. In the meantime, he suggests not running the update from a desktop environment.
“If you’re using Workstation, the offline update system is expressly designed to minimize the likelihood of this kind of problem, so please do consider using it,” he advised. “Otherwise, at least run ‘dnf update’ in a VT – hit ctrl-alt-f3 to get a VT console login prompt, log in, and do it there. Don’t do it inside your desktop.”
Dell refreshes the XPS 13 Developer Edition laptops with Kaby Lake processors
Senior Principal Engineer at Dell Barton George wrote in a recent blog the company unveiled a new version of its XPS 13 Developer Edition laptop in the United States and Europe. As a refresher, this laptop is the result of George’s Project Sputnik initiative to provide an Ubuntu-based solution to developers. The laptop is now in its sixth generation packing a seventh-generation Intel Kaby Lake processor and an InfinityEdge display.
“From the very beginning, the effort was designed to solicit and incorporate input from the developer community as to what they wanted in a laptop,” he said. “With the community’s input, Project Sputnik became an official product and continues to evolve.”
HPE, Dell & Cisco Lead Cloud Infrastructure Sales
Fifth place was a five-way tie between Lenovo, NetApp, IBM, Huawei, and Inspur. IDC declares a statistical tie when there is less than a one percent difference in revenue among two or more vendors.
Automation is not DevOps
It may sound counterproductive from an Automation specialist to reveal the limitations of his job, but I have seen a wide range of inefficiencies, and many failed attempt to fix them.
Making Sense of Cloud Native Applications, Platforms, Microservices, and More
As more and more of our infrastructure moves into the cloud, the proliferation of buzzwords, new terms, and new ways of doing things can be daunting. Fabio Chiodini, Principal System Engineer at EMC, spent some time helping us make sense of these concepts during his LinuxCon Europe talk, "Cloud Native Applications, Containers, Microservices, Platforms, CI-CD…Oh My!!"
Introducing InfraKit, an open source toolkit for creating and managing declarative, self-healing infrastructure
Docker’s mission is to build tools of mass innovation, starting with a programmable layer for the Internet that enables developers and IT operations teams to build and run distributed applications. As part of this mission, we have always endeavored to contribute software plumbing toolkits back to the community, following the UNIX philosophy of building small loosely coupled tools that are created to simply do one thing well. As Docker adoption has grown from 0 to 6 billion pulls, we have worked to address the needs of a growing and diverse set of distributed systems users. This work has led to the creation of many infrastructure plumbing components that have been contributed back to the community.
New Linux Kernel 4.8 -- Plus a Kernel-Killing Bug
After nearly exactly two months, Linus Torvalds released kernel 4.8 into the wild on Sunday, October 2nd. Torvalds dubbed 4.8 Psychotic Stoned Sheep, probably inspired by the news that a flock of woolly ruminants ate some abandoned cannabis and, high as kites, run amok in rural Wales, striking terror into the hearts of the locals.
This has been one of the larger releases, with many patches being sent in before the first release candidate was published. However, Torvalds attributes many of the changes to the switch to a new documentation format -- instead of using the DocBook, documentation must now be submitted in the Sphinx doc format.
Linus Torvalds Apologizes for Inclusion of a Kernel Bug in the Linux 4.8 Release
Two days after announcing the release of the Linux 4.8 kernel as the latest stable and most advanced kernel branch for GNU/Linux operating systems, Linus Torvalds apologizes on the kernel mailing list for the inclusion of bug.
According to Mr. Torvalds, the bug was left in the last RC8 (Release Candidate 8) build by kernel developer Andrew Morton, which caused problems when attempting to compile it, thus resulting in a dead kernel. If you're curious, the full report is attached to Linus Torvalds' mailing list announcement.
Buggy code to the left of me, perfect source to the right, here I am, stuck in the middle with EU
Midway through SUPERSEDE, the EU three-year project backed by €3.25m in funding to make software better, software still sucks.
It's always been thus, but now that computer code has a say in the driving of Teslas, confronts everyone daily on smartphones, and has crept into appliances, medical devices, and infrastructure, it's a more visible problem.
Robert Vamosi, security strategist at Synopsys, told The Register in a phone interview that software quality matters more than ever.
"We're seeing real-world examples of automobiles remotely attacked and medical devices being suspended when they need to keep functioning," he said. "It's becoming life-critical."
The organizations involved in SUPERSEDE – ATOS, Delta Informatica, SEnerCon, Siemens, Universitat Politècnica de Catalunya (UPC), the University of Applied Sciences and Arts Northwestern Switzerland (FHNW), and the University of Zurich (UZH) – aim to improve the user experience of their software products with a toolkit to provide better feedback and analytics data to application developers.
5 Tips on Using OAuth 2.0 for Secure Authorization
OAuth is an open standard in authorization that allows delegating access to remote resources without sharing the owner's credentials. Instead of credentials, OAuth introduces tokens generated by the authorization server and accepted by the resource owner.
In OAuth 1.0, each registered client was given a client secret and the token was provided in response to an authentication request signed by the client secret. That produced a secure implementation even in the case of communicating through an insecure channel, because the secret itself was only used to sign the request and was not passed across the network.
OAuth 2.0 is a more straightforward protocol passing the client secret with every authentication request. Therefore, this protocol is not backward compatible with OAuth 1.0. Moreover, it is deemed less secure because it relies solely on the SSL/TLS layer. One of OAuth contributors, Eran Hammer, even said that OAuth 2.0 may become "the road to hell," because:
"… OAuth 2.0 at the hand of a developer with deep understanding of web security will likely result in a secure implementation. However, at the hands of most developers – as has been the experience from the past two years – 2.0 is likely to produce insecure implementations."
Despite this opinion, making a secure implementation of OAuth 2.0 is not that hard, because there are frameworks supporting it and best practices listed. SSL itself is a very reliable protocol that is impossible to compromise when proper certificate checks are thoroughly performed.
Of course, if you are using OAuth 1.0, then continue to use it; there is no point in migrating to OAuth 2.0. But if you are developing a new mobile or an Angular web application (and often mobile and web applications come together, sharing the same server), then OAuth 2.0 will be a better choice. It already has some built-in support in the OWIN framework for .NET that can be easily extended to create different clients and use different security settings.
J&J warns diabetic patients: Insulin pump vulnerable to hacking
Johnson & Johnson is telling patients that it has learned of a security vulnerability in one of its insulin pumps that a hacker could exploit to overdose diabetic patients with insulin, though it describes the risk as low.
Medical device experts said they believe it was the first time a manufacturer had issued such a warning to patients about a cyber vulnerability, a hot topic in the industry following revelations last month about possible bugs in pacemakers and defibrillators.
J&J executives told Reuters they knew of no examples of attempted hacking attacks on the device, the J&J Animas OneTouch Ping insulin pump. The company is nonetheless warning customers and providing advice on how to fix the problem.
Who Makes the IoT Things Under Attack?
As KrebsOnSecurity observed over the weekend, the source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released. Here’s a look at which devices are being targeted by this malware.
The malware, dubbed “Mirai,” spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default usernames and passwords. Many readers have asked for more information about which devices and hardware makers were being targeted. As it happens, this is fairly easy to tell just from looking at the list of usernames and passwords included in the Mirai source code.
- Steven Ovadia's Learn Linux in a Month of Lunches (Manning Publications Co.)
- Free Open Cloud Educational Tools
- Running the Cyrus SASL Sample Server and Client
- Naming devices in ModemManager
- How to solve 5 Elasticsearch performance and scaling problems
- How to Install official Android Emulator (SDK) on Linux
- Attempt of RDO Newton instack-virt-setup on CentOS 7.2 VIRTHOST
- ISPConfig 3.1: Automated installation on Debian and Ubuntu
- Linux Directory Structure (File System Hierarchy) Explained with Examples
- So You Think You Know Linux User Management
- How to Install GenyMotion (Android Emulator) on Linux
Kickstarter-Funded Game Drops DRM-Free Version It Promised, Then Promises It Again After The Backlash
Readers of this site should know by now that, as a general rule, DRM is equal parts dumb and ineffective. What in theory is a way for game publishers to stave off piracy typically instead amounts to a grand digital method for making sure legitimate customers can't play the games they buy. Now, not all DRM is created equally shitty, of course -- one of the more benign forms of DRM is Valve's Steam platform. Because games purchased on the platform check in with Steam servers for product keys and otherwise encrypts the individual files for the game each user downloads, it's a form of DRM.
And because DRM is almost always annoying even at its best, there are some gamers who will only buy DRM-free games. Many Kickstarter campaigns for video games, in fact, explicitly state that backers and non-backers will have a DRM-free option for the game available, either through platforms like GOG and HumbleBundle, or directly from the developer. Duke Grabowski, Mighty Swashbuckler! was one such game, with developer Venture Moon Industries promising both a Steam release and a DRM-free release when it collected funds from backers. Then, suddenly, once the company got a publisher on board for the project, it announced that the game would only be available on Steam.
Steam woes in OpenMandriva.... Again!
Steam updated today and, as a nasty surprise, I hit the same problem I had before with it.
I tried the solution here, but it was not working this time: the code reverted to its original form, preventing the Steam runtime to work.
Mad Max Open World Action-Adventure Video Game Is Coming to SteamOS and Linux
You won't believe this, by Feral Interactive announced a few hours ago, October 5, 2016, that it will port the awesome Mad Max open world action-adventure video game to the SteamOS, Linux, and Mac platforms.
Developed by Avalanche Studios and published by Warner Bros. Interactive Entertainment, the Mad Max has been officially released for Microsoft Windows operating systems, as well as PlayStation 4 and Xbox One gaming consoles a year ago, on September 2015.
KDE Student Programs announces Season of KDE 2016-2017
KDE Student Programs announces the 2016-2017 Season of KDE for those who want to participate in mentored projects which enhance KDE in some way. Projects from past Seasons of KDE include new application features, the KDE Continuous Integration system, new reporting for developers, as well as a web framework, porting and a plethora of other work.
Successful mentees earn a certificate of completion along with a very cool t-shirt and other goodies. Any person who wants to complete a project is eligible to enter.
KDE Plasma 5.8 LTS released
After many work around in the previous beta version of KDE Plasma 5.8 beta,KDE team is finally here with their first LTS of Plasma desktop software release, KDE Plasma 5.8 LTS.
Believe it or not, this release is surely gong to attract plenty of non-techie or simple users.But Techies are also not going to lose interest, this Ubuntu based beauty is going to prove the beast features as well.
While Google's Ara Modular Phone Is Dead, Greybus Still Appears To Have A Future
With the Linux 4.9 staging pull request comes the addition of the Greybus subsystem.
- Google melts 78 Android security holes, two of which were critical
- Remix OS Brings Android For PC
Lenovo exec: Nope, not building Windows Phones [Ed: learning from mistakes?]
Lenovo will not build smartmobes running on Microsoft’s Windows operating system because it doubts the software giant’s long term commitment to the market.
This is the view from Lenovo’s chief operations officer Gianfranco Lanci, who told attendees at the Canalys Channel Forum 2016 that Windows 10 was generating interest in the corporate market for PCs but that his company won’t entertain basing its phones on the OS.
“We don’t have Windows phones or any plans to introduce a Windows Phone,” he said.
“I don’t see the need to introduce a Windows Phone and I am not convinced Microsoft is supporting the phone for the future,” Lanci added.
According to Gartner, Windows Phone/Windows 10 Mobile was the third most popular OS on the planet behind Android and iOS during Q2, running on 1.97 million phones compared to 297 million on Google’s OS and 44.39 million on Apple’s software.
Tips for Evaluating a Company's Open Source Culture
There are four essential questions a company should ask before it decides to create an open source project, according to Duane O'Brien, open source programs evangelist at PayPal.
Are we still using it?
Are we committing our own resources?
Can we develop it all in the open?
This framework, developed by O'Brien's boss Danese Cooper, is useful in vetting internal software for release as open source projects.
ETSI Releases Its Open Source MANO Software Stack
ETSI’s Open Source MANO (OSM) group today announced Release ONE, the first code out of the NFV management and orchestration (MANO) project.
ETSI touts that OSM can natively support VIMs from VMware and OpenStack and can also support various software-defined networking (SDN) controllers. It can also create a plug-in framework to improve platform maintenance and extensions.
The Evolution of Open Source Networking at AT&T
For many years AT&T has been on the forefront of virtualizing a Tier 1 carrier network. They’ve done so in a very open fashion and are actively participating in, and driving, many open sources initiatives. Their open initiatives include Domain 2.0, ECOMP, and CORD, all of which are driving innovation in the global service provider market. Chris Rice, Sr. VP of Domain 2.0 Architecture and Design of AT&T, provided an overview of how AT&T got where they are today during his keynote address at the ODL Summit.
Providing a bit of history of this journey, Rice noted that today’s implementations and visions started years ago. One of the first steps was the creation of what he called a router farm, which was initiated because of the end of life of a router and there wasn’t a new router that could just take its place. The goal was to remove the static relationship between the edge router and the customer. Once this was done, AT&T could provide better resiliency to their customers, detect failures, do planned maintenance, and schedule backups. They could also move configurations from one router to another vendor’s router. The result was faster and cheaper; however, “it just wasn’t as reusable as they wanted.” They learned the importance of separating services from the network and from the devices.
The legacy of Pieter Hintjens
When I watched Chad Fowler’s GOTO Amsterdam 2014 Keynote it got me thinking about what our aims should be in life.
He mentions Joel Spolsky’s post from 2001: Good Software Takes Ten Years. Get Used To It, and says software typically only lasts five years so rarely gets to be very good.
He asks, what does it take create legacy software with a positive meaning, that is software so good that you are fondly remembered for it for many years to come.
Pieter was a man who knew all of this. His deep passion for optimal collaboration lead to the creation of C4: The Collective Code Construction Contract. Not only was he very talented technically, he also understood people and how to foster a strong community.
Transitioning from OpenStack Hobbyist to Professional
To land your first OpenStack job, you’ll want to prove you have a functional understanding of OpenStack basics, can navigate the resources to solve problems, and have recognized competency in your focus area.
Used with permission
The hardest part of pivoting your career is proving that you are qualified in your new focus area. To land your first OpenStack job, you’ll want to prove you have a functional understanding of OpenStack basics, can navigate the resources to solve problems, and have recognized competency in your focus area.
“A functional understanding of OpenStack” means you know how to work in OpenStack––not just naming the projects in alphabetical order or giving an overview of its history. While you’ll want to read up on its origins and future roadmap, you’ll also want to jump in by using tools like DevStack or TryStack to explore.
CMSpotlight: 5 CMS apps that deserve more attention
Everybody knows about WordPress, Drupal and Joomla, although they are great and they are popular for a reason, there are quite a few other alternatives that you may have never heard of. Thousands of quality developers and designers work hard to create amazing masterpieces of applications. Most of them release their applications for free and they make them open source. The least we can do is spread the word so they can get the attention they well deserve. We’ve already listed a dozen CMS apps in our self-hosted alternatives post, but in this article, we’ll focus more on each CMS and its features. Here, 5 open source CMS apps will get the spotlight.
Charlie Reisinger: FOSS in Education Proponent…and Practitioner
“Charlie serves as the Technology Director for Penn Manor School District in Lancaster County Pennsylvania. A member of the senior leadership team, he directs instructional technology programs and technical infrastructure and operations. A passionate advocate and speaker on open source values in education, Charlie and his team implemented the largest classroom desktop Linux program in Pennsylvania.
“Under his leadership, Penn Manor School District received the 2011 School of Excellence in Technology Award from the Pennsylvania School Boards Association (PSBA). In 2016, Penn Manor was recognized with the Districts of Distinction Award for the Open Source one-to-one Laptop Program.”
The book’s title is The Open Schoolhouse: Building a Technology Program to Transform Learning and Empower Students. The Kindle version is only $4.99. I’ve read it. You should read it, too, if you’re a teacher, school administrator, student, parent, uncle or aunt or have friends or family with kids in school — or even if you’re a taxpayer someplace where they have public school or you’re connected in some way with a charter school or private school.
My job is getting wonky and have been extremely stingy with training. Just got through an all-hands meeting where they announced More Bad Things yet to come.
I need to up my game and then play it with someone else.
My company refuses to pay for training and certifications. It is to the point where a lot of my skills have atrophied and I am basically acting as a Project Manager more than anything else. I need this to change.
I am looking at this book as a good place to get up to speed on RHEL 7 and hopefully get myself certified. I have not had a lot of luck with self-study in the past, but I am hoping that this time will be different...
Anyway, before I sink money and time into this, I want to hear from you. I want to know your opinion on this book, or if you have other options that you would recommend.
Thanks!submitted by /u/knylok
LinuxTechI: Templates help us to reduce the time to deploy virtual machine and also reduce the amount of disk space needed.
Docker 1.12.2 App Container Engine Is Almost Here, Second RC Brings More Fixes
The development cycle of the Docker 1.12.2 maintenance update to the widely-used open-source and cross-platform application container engine continues with a second Released Candidate, as announced on October 3, 2016, by Docker engineer Victor Vieux.
Docker 1.12.2 Release Candidate 2 (RC2) comes one week after the unveiling of the first RC milestone, mainly to address more of the bugs and annoyance discovered lately or reported by users since the first point release of the major Docker 1.12 release. Again, the entire changelog is attached below if you like to read the technical details.
As you might know, Docker 1.12 introduced a lot of exciting new features, such as the built-in orchestration and routing mesh, the brand new Swarm Mode, as well as a bunch of networking improvements for better security. And it looks like Docker 1.12.2 will attempt to further improve the Swarm Mode and networking functionalities.
Kodi 17 "Krypton" Beta 3 Adds More PVR and Video Playback Improvements, Bugfixes
The day of October 5, 2016, also brought us a new Beta of the upcoming Kodi 17 "Krypton" open-source and cross-platform media center software, the third and most probably the last for this development cycle.
As we told you in the report about the second Beta of Kodi 17, the final release of the popular media center is launching later this fall with numerous new features and improvements in areas like skinning, video playback, PVR/DVR, live TV, music library, etc. Beta 3 comes three weeks after the release of the second Beta milestone, and it includes a bunch of fixes for various issues reported by users since then.
Frogr 1.2 released
Of course, just a few hours after releasing frogr 1.1, I’ve noticed that there was actually no good reason to depend on gettext 0.19.8 for the purposes of removing the intltool dependency only, since 0.19.7 would be enough.
Frogr Flickr Uploader for Linux Is Now Available as a Flatpak
Like most people living in 2016 I don’t use Flickr. But if I did, I’d probably use Frogr to manage and upload my photos. Frogr is one of a few apps that I’ve written about across all 7+ years I’ve run this site.
Libvirt 2.3 Virtualization API Released
The libvirt Linux virtualization API has been updated to version 2.3 today with some new features and plenty of bug fixes.
Harmony Music Player Gets A Gorgeous Dark Mode, Other Improvements
If you're a fan of the Harmony music player then listen up: there's a new update waiting for you to download.
This Extension Adds Dynamic Transparency to GNOME Shell’s Top Bar
Making the GNOME top panel transparent is something a lot of users like to do — but it can look a little out of place when you maximise a window. Dynamic TopBar is a nifty little extension for the GNOME Shell desktop that “makes the top bar transparent when no window is maximized.”
ActivityPub and MediaGoblin at TPAC 2016 (or: ActivityPub needs your review!)
It seems a recurring meme in MediaGoblin land to say “we’ve been quiet, because we’ve been busy” (or maybe historically on every tech blog ever), but I guess I can’t resist repeating the mantra. It’s true! Though the weight of my focus has been shifted from where I expected it to be. From the last few updates over the last year, you would be right to anticipate that the main thing I would be working on would be merging the federation code Jessica has written and getting 1.0 out the door. That was the plan, and we’re still working towards that, but priorities shifted as we realized the opportunities and time pressures we were under with ActivityPub. After the Social Working Group face to face meeting in June, Jessica and I sat down and talked about what we should do. Jessica had recently started working at Igalia (great people!) and was busy with that and other transitions in her life, so we discussed whether we thought it was most sensible to focus my energy on MediaGoblin or on ActivityPub. It was clear that ActivityPub was shaping into a solid specification, but it was also made clear that the Social Working Group’s charter was running out by the end of 2016. We both think ActivityPub is key to MediaGoblin’s success and didn’t want to see our invested time go to waste, so decided my immediate focus should switch to ActivityPub so it could successfully make it as a standard.
Which isn’t doom and gloom for MediaGoblin! MediaGoblin development has continued… the community is good enough that people have been able to work while I’ve been busy. I’m happy to say we also appointed longtime contributor Boris Bobrov as co-maintainer to help reduce me being a bottleneck. (Thank you Boris, and congrats!) Other contributors have also stepped up to the plate. I’m especially thankful of Ben Sturmfels for hosting MediaGoblin hackathons and being so responsive to community members. (And of course, there are many others to thank, too!)
Anyway, I’m not going anywhere, I’ve just been shifting focus to standards work for a bit… but it’s all for the greater good of MediaGoblin. (Well, and the greater federated social web!) Soon, we’ll be putting the work we’re doing on ActivityPub directly into MediaGoblin. When we merge Jessica’s work on federation, we will also retool it so that the first federated release of MediaGoblin will be blazing the trails with ActivityPub.