Language Selection

English French German Italian Portuguese Spanish

November 2018

Debian and Ubuntu Leftovers

Filed under
Debian
Ubuntu
  • glBSP

    I was surprised to see glBSP come up for adoption; I found out when I was installing something entirely unrelated, thanks to the how-can-i-help package. (This package is a great idea: it tells you about packages you have installed which are in danger of being removed from Debian, or have other interesting bugs filed against them. Give it a go!) glBSP is a dependency on another of my packages, WadC, so I adopted it fairly urgently.

    glBSP is a node-building tool for Doom maps. A Map in Doom is defined in a handful of different lumps of data. The top-level, canonical data structures are relatively simple: THINGS is a list of things (type, coordinates, angle facing); VERTEXES is a list of points for geometry (X/Y coordinates); SECTORS define regions (light level, floor height and texture,…), etc. Map authoring tools can build these lumps of data relatively easily. (I've done it myself: I generate them all in liquorice, that I should write more about one day.)

  • How to Connect Your Android Phone to Ubuntu Wirelessly

    Easy: all you need is a modern Linux distro like Ubuntu and an open-source GNOME Shell extension called ‘GSConnect‘.

    GSConnect is a totally free, feature packed add-on that lets you connect your Android phone to Ubuntu over a wireless network, no USB cable required!

    In this post we talk about the features the extension offers, and show you how to install GSConnect on Ubuntu 18.04 LTS and above so that you can try it out for yourself!

Security: FSB and NSA in Linux, HTTPS is Not Enough, Microsoft Back Doors and Exploits (e.g. WannaCry), 5G China Scare

Filed under
Security
  • Linux 4.21 Positioned To Pickup Streebog Crypto Support Developed By Russia's FSB

    In addition to Linux 4.21 set to land Adiantum as the crypto algorithm backed by Google following the company's falling out with the NSA's Speck crypto for low-end data encryption, Streebog is also set to be introduced as a cryptographic hash function developed in large part by the Russian government.

    The Linux kernel patches introducing the Streebog code were posted back in October for review. Those patches were spearheaded by a developer from Russia's ALT Linux distribution. Those patches are now queued into the crypto subsystem's development branch ahead of the Linux 4.21 kernel.

  • HTTPS Is Almost Everywhere. So Why Isn’t the Internet Secure Now?

    Chrome used to display the word “Secure” and a green padlock in the address bar when you were visiting a website using HTTPS. Modern versions of Chrome simple have a little gray lock icon here, without the word “Secure.”

    That’s partly because HTTPS is now considered the new baseline standard. Everything should be secure by default, so Chrome only warns you that a connection is “Not Secure” when you’re accessing a site over an HTTP connection.

    However, the word “Secure” is also gone because it was a little misleading. It sounds like Chrome is vouching for the contents of the site as if everything on this page is “secure.” But that’s not true at all. A “secure” HTTPS site could be filled with malware or be a fake phishing site.

  • WannaCry: One year later, is the world ready for another major attack? [Ed: Somehow that neglects to mention that this was largely the result of a collusion involving Microsoft and the NSA]
  • UK gov report to raise fresh security concerns over Huawei's 5G kit

Linux Apps on Chromebooks Getting Google Drive, Play Store File Access Support

Filed under
GNU
Linux
Google

Linux apps on Chromebooks are slowly but surely gaining their legs. Sure, we’re still missing a few things here and there, but progress on this front is moving along at a nice, swift pace and today we are happy to be talking about another progression that will help the overall user experience in an important and meaningful way.

Read more

GNU: GCC and Wget Release

Filed under
GNU
  • GCC Compiler Picks Up New Option To Help With Live Kernel Patching

    Adding to the list of new features for GCC 9 due out early next year is a new -flive-patching= flag to help with scenarios like live Linux kernel patching.

    This GCC live-patching support addition was done by Oracle and is about controlling the optimizations/behavior when wanting to compile code for the context of applying it as a live patch. In particular, for Linux kernel live patching to avoid system reboots when applying security/maintenance updates. With Oracle the focus is on their own Ksplice live kernel patching to avoid reboots but this work should also be relevant to the likes of SUSE's kGraft and Red Hat's Kpatch kernel live patching.

  • GNU Wget 1.20 Released

    Noteworthy Changes in this release:
    Add new option `--retry-on-host-error` to treat local errors as transient and hence Wget will retry to download the file after a brief waiting period.
    Fixed multiple potential resource leaks as found by static analysis
    Wget will now not create an empty wget-log file when running with -q and -b switches together
    When compiled using the GnuTLS >= 3.6.3, Wget now has support for TLSv1.3
    Now there is support for using libpcre2 for regex pattern matching
    When downloading over FTP recursively, one can now use the

GameShell Linux-based Console Upgraded: New Board, 1GB Ram, HDMI Port

Filed under
GNU
Linux
Gaming
Gadgets

About a year ago, Clockwork put up a Linux-powered handheld gaming console called GameShell on Kickstarter website.

This portable retro console is shipped as a DIY kit that can let you play games, learn to code and also teach you a little about how the hardware works. And the best part is that it lets you upgrade the system without replacing it.

Read more

5 Reasons Why Linux OS Is A Hot Favorite Among Coders

Filed under
Development
GNU
Linux

Operating systems have come a long way in the past few decades. What was once dominated by Microsoft Windows or Apple MacOS is no longer the norm these days. After Y2K, a variety of OS have come into play as a result of people exploring the computing environment. One particular series of OS that has caught attention of the users is Linux. Although it was introduced way back in 1991, it gained popularity over time due to its decentralised development approach and a solid support from the software developer community as well.

Here we explore some reasons why Linux made it to the top among developers and tech enthusiasts.

Read more

Programming: Python, C++, Java and More

Filed under
Development
  • Amsterdam Python meetup, november 2018

    My summary of the 28 november python meetup at the Byte office. I myself also gave a talk (about cookiecutter) but I obviously haven't made a summary of that.

  • Trip Report: C++ Standards Meeting in San Diego, November 2018

    A few weeks ago I attended a meeting of the ISO C++ Standards Committee (also known as WG21) in San Diego, California. This was the third committee meeting in 2018; you can find my reports on preceding meetings here (June 2018, Rapperswil) and here (March 2018, Jacksonville), and earlier ones linked from those. These reports, particularly the Rapperswil one, provide useful context for this post.

    This meeting broke records (by a significant margin) for both attendance (~180 people) and number of proposals submitted (~270). I think several factors contributed to this. First, the meeting was in California, for the first time in the five years that I’ve been attending meetings, thus making it easier to attend for Bay Area techies who weren’t up for farther travels. Second, we are at the phase of the C++20 cycle where the door is closing for new proposals targeting to C++20, so for people wanting to get features into C++20, it was now or never. Finally, there has been a general trend of growing interest in participation in C++ standardization, and thus attendance has been rising even independently of other factors.

    This meeting was heavily focused on C++20. As discussed in the committee’s standardization schedule document, this was the last meeting to hear new proposals targeting C++20, and the last meeting for language features with significant library impact to gain design approval. A secondary focus was on in-flight Technical Specifications, such as Library Fundamentals v3.

    To accommodate the unprecedented volume of new proposals, there has also been a procedural change at this meeting. Two new subgroups were formed: Evolution Incubator (“EWGI”) and Library Evolution Incubator (“LEWGI”), which would look at new proposals for language and library changes (respectively) before forwarding them to the Evolution or Library Evolution Working Groups (EWG and LEWG). The main purpose of the incubators is to reduce the workload on the main Evolution groups by pre-filtering proposals that need additional work before being productively reviewed by those groups. A secondary benefit was to allow the attendees to be spread out across more groups, as otherwise EWG and LEWG would have likely exceeded their room capacities.

  • The Future of OpenJDK at Red Hat

    With the release of Java 11, the transition of Java into an OpenJDK-first project is finally complete. The days of most Java installations using the proprietary OracleJDK binaries are at an end. This increased focus on Open and Free Java naturally brings the contributions of companies other than Oracle into greater prominence. InfoQ recently spoke with Rich Sharples, Senior Director of Product Management for Middleware at Red Hat, to discuss OpenJDK and Red Hat's involvement with it.

  • PyBites: 3 Cool Things You Can do With the dateutil Module
  • Subtleties of Python

    A good software engineer understands how crucial attention to detail is; minute details, if overlooked, can make a world of difference between a working unit and a disaster. That’s why writing clean code matters a lot—and clean code isn’t just about neat indentation and formatting; it’s about paying attention to those details that can affect production.

    In this article, you’ll see a couple of short cases of problematic code in Python and how they can be improved. Please note that these are just examples and in no way must you interpret them to universally apply for real-world problems.

  • A Tale of Two Commits

    I’ve discussed and linked to articles about the advantages of splitting patches into small pieces to the point that I don’t feel the need to reiterate it here. This is a common approach at Mozilla, especially (but not just) in Firefox engineering, something the Engineering Workflow group is always keeping in mind when planning changes and improvements to tools and processes.

    Many Mozilla engineers have a particular approach to working with small diffs, something, I’ve realized over time, that seems to be pretty uncommon in the industry: the stacking of commits together in a logical series that solves a particular problem or implements a specific feature. These commits are generally authored, reviewed, updated, and even landed as a set. They tell a complete story; indeed, you could view this process as similar to writing a novel: the book is written, edited, and published as a complete unit.

  • Common architectural elements for modern integration architectures

    In Part 1 of this series, we explored a use case around integration being the key to transforming your customer experience.

    I laid out how I’ve approached the use case and how I’ve used successful customer portfolio solutions as the basis for researching a generic architectural blueprint. The only thing left to cover was the order in which you’ll be led through the blueprint details.

Free-floating Ubuntu social bot chats up astronauts on International Space Station

Filed under
Ubuntu

An Ubuntu-powered social robot called CIMON (Crew Interactive Mobile CompaniON) has begun work on the International Space Station. The self-navigating bot recognizes faces and answers questions relayed to a ground-based IBM Watson computer.

A social robot with an Ubuntu OS has launched on the International Space Station (ISS) to answer astronauts’ questions via voice and an 8-inch display. On Nov. 15, German astronaut Alexander Gerst demonstrated the CIMON (Crew Interactive Mobile CompaniON) robot in action, showing off its facial recognition, voice assistance, and ability to autonomously navigate in the weightless environment of the ISS. CIMON can also play music, document results of experiments, or search for objects using its image recognition capability.

Read more

Graphics: Sway 1.0 Closer, AMDGPU FreeSync / Adaptive-Sync Update

Filed under
Graphics/Benchmarks
  • Sway 1.0 Beta 2 Rolls Out For Feature-Rich i3-Compatible Wayland Compositor

    The release of Sway 1.0 as the popular i3-compatible Wayland compositor is one step closer with the latest beta update.

    Sway 1.0 Beta 2 offers various i3 compatibility updates, implements the Wayland presentation-time protocol, introduces multi-seat support to the Swaylock, supports additional i3 window types, and has other usability enhancements while for the most part is made up of bug fixes. Bug fixes for Sway 1.0 Beta 2 range from XWayland fixes, Swaybar output hotplug handling, and a variety of other corrections.

  • AMDGPU FreeSync / Adaptive-Sync Is Set To Land For Linux 4.21

    AMD developers have a miraculous Christmas present for their open-source Linux users, particularly Linux gamers with FreeSync/Adaptive-Sync displays... This last major feature missing from AMDGPU DRM driver that's long been sought after is finally set to land in the mainline Linux kernel!

    It has been a long time coming but the FreeSync support (or VESA Adaptive-Sync / HDMI VRR) is finally set to be merged with the upcoming Linux 4.21 kernel cycle. FreeSync/Adaptive-Sync/VRR as a reminder is about adjusting monitor refresh rates dynamically without any mode change to reduce stuttering, tearing, and input lag. Previously this support was just available for Radeon Linux users via the AMDGPU-PRO components and not from the standard Linux kernel driver.

More in Tux Machines

OSS Leftovers

  • Hideki Yamane: Debian 10 "buster" release party @Tokyo (7/7)

    We ate a delicious cake to celebrate Debian 10 "buster" release, at party in Tokyo (my employer provided the venue, cake and wine. Thanks to SIOS Technology, Inc.! :)

  • First Global Students Open Source Conference to Bring Together Next-Generation Tech Community

    Open-source software is a piece of software whose source code is distributed, modified and reused by the public with a few restrictions. The emphasis of open-source development on freedom, collaboration and community appeals to Silicon Valley companies and student organizations alike.

  • Zstd 1.4.1 Further Improves Decode Speed, Other Optimizations

    Zstd 1.4.1 is out today as a maintenance release to Facebook's Zstandard compression algorithm but with this update comes even more performance optimizations.  [...] This Zstd release also has several bug fixes including for niche use-cases where it could hit a rare data corruption bug. There are also build system updates and documentation improvements. 

  • Kubernetes As A Service On Bare Metal | Boris Renski

    Mirantis is one of those companies that continues to evolve with change times. Mirantis is now upping its Kubernetes game by offering Kubernetes as a service that supports bare metal. Mirantis CMO and co-founder Boris Renski explains the service in this interview.

  • YugaByte Commits to 100 Percent Open Source with Apache 2.0 License

    Version 2.0 Release Candidate of YugaByte Distributed SQL DB Available; First Product Available Under License Created by the Polyform Project.

  • Databases adopt open licenses, JavaScript gets faster on Android, governments use more OSS, and more news

    In the last year, a handful of major open source database vendors have tightened their grip on their code to try to remain competitive. Two vendors have bucked that trend and have gone all in on open source. The first of those is Cloudera, which announced that it's making "closed license components of its products open source" under the AGPL and Apache 2.0 license. While Cloudera's executives said they "had been mulling a modified open source license" like the one adopted by some of their competitors, they decided to go open and to adopt a "licensing/subscription approach" that closely mirrors that of Red Hat. Distributed database vendor YugaByte also adopted an Apache 2.0 license, making its wares fully open source. That move brings "previously commercial-only, closed-source features such as Distributed Backups, Data Encryption, and Read Replicas into the open source core project." That code is available in the project's GitHub repository.

  • Why Carl Malamud's Latest Brilliant Project, To Mine The World's Research Papers, Is Based In India

    Carl Malamud is one of Techdirt's heroes. We've been writing about his campaign to liberate US government documents and information for over ten years now. The journal Nature has a report on a new project of his, which is in quite a different field: academic knowledge. The idea will be familiar to readers of this site: to carry out text and data mining (TDM) on millions of academic articles, in order to discover new knowledge. It's a proven technique with huge potential to produce important discoveries. That raises the obvious question: if large-scale TDM of academic papers is so powerful, why hasn't it been done before? The answer, as is so often the case, is that copyright gets in the way. 

Security Leftovers

  • Researchers Build App That Kills To Highlight Insulin Pump Exploit

    By now the half-baked security in most internet of things (IOT) devices has become a bit of a running joke, leading to amusing Twitter accounts like Internet of Shit that highlight the sordid depth of this particular apathy rabbit hole. And while refrigerators leaking your gmail credentials and tea kettles that expose your home networks are entertaining in their own way, it's easy to lose sight of the fact that the same half-assed security in the IOT space also exists on most home routers, your car, your pacemaker, and countless other essential devices and services your life may depend on. Case in point: just about two years ago, security researchers discovered some major vulnerabilities Medtronic's popular MiniMed and MiniMed Paradigm insulin pumps. At a talk last year, they highlighted how a hacker could trigger the pumps to either withhold insulin doses, or deliver a lethal dose of insulin remotely. But while Medtronic and the FDA warned customers about the vulnerability and issued a recall over time, security researchers Billy Rios and Jonathan Butts found that initially, nobody was doing much to actually fix or replace the existing devices. [...] And of course that's not just a problem in the medical sector, but most internet-connected tech sectors. As security researcher Bruce Schneier often points out, it's part of a cycle of dysfunction where the consumer and the manufacturer of a flawed product have already moved on to the next big purchase, often leaving compromised products, and users, in a lurch. And more often than not, when researchers are forced to get creative to highlight the importance of a particular flaw, the companies in question enjoy shooting the messenger.

  • Desktop Operating Systems: Which is the safest? [Ed: This shallow article does not discuss NSA back doors and blames on "Linux" devices with open ports and laughable passwords -- based on narrative often pushed by corporate media to give illusion of parity. Also pushes the lie of Linux having minuscule usage.]
  • How Open Source Data Can Protect Consumer Credit Card Information
  • Open Source Hacking Tool Grows Up

    An open source white-hat hacking tool that nation-state hacking teams out of China, Iran, and Russia have at times employed to avoid detection....

Games: Dota Underlords and Stadia

  • Dota Underlords has another update out, this one changes the game quite a lot

    Valve continue to tweak Dota Underlords in the hopes of keeping players happy, this mid-Season gameplay update flips quite a few things on their head. I like their sense of humour, with a note about them removing "code that caused crashes and kept code that doesn't cause crashes". There's a few smaller changes like the addition of Loot Round tips to the Season Info tab, the ability to change equipped items from the Battle Pass and some buffs to the amount XP awarded for your placement in matches and for doing the quests. Meaning you will level up the Battle Pass faster.

  • Interested in Google's Stadia game streaming service? We have a few more details now

    With Google's game streaming service Stadia inching closer, we have some more information to share about it. Part of this, is thanks to a recent AMA (Ask Me Anything) they did on Reddit. I've gone over what questions they answered, to give you a little overview. Firstly, a few points about the Stadia Pro subscription: The Pro subscription is not meant to be like a "Netflix for Games", something people seem to think Stadia will end up as. Google said to think of it more like Xbox Live Gold or Playstation Plus. They're aiming to give Pro subscribers one free game a month "give or take". If you cancel Stadia Pro, you will lose access to free games claimed. However, you will get the previously claimed games back when you re-subscribe but not any you missed while not subscribed. As for Stadia Base, as expected there will be no free games included. As already confirmed, both will let you buy games as normal.

LabPlot has got some beautifying and lots of datasets

Hello everyone! The second part of this year's GSoC is almost over, so I was due to let you know the progress made in the last 3 weeks. I can assure you we haven't lazed since then. I think I managed to make quite good progress, so everything is going as planned, or I could say that even better. If you haven't read about this year's project or you just want to go through what has already been accomplished you can check out my previous post. So let's just go through the new things step by step. I'll try to explain the respective feature, and also give examples using videos or screenshots. The first step was to improve the welcome screen and make it easily usable, dynamic, clean and intuitive for users. This step was very important since the welcome screen is what the users will first get in contact with when they start using LabPlot. Read more