Language Selection

English French German Italian Portuguese Spanish

February 2019

Best 15 Linux Painting Tools for Professionals and Digital Artists

Filed under
Software

Painting tools have been a must and an essential part of our daily life. From personal to professional purposes, it has an immense area to employ. Whether you wish to retouch your family photos or finalize the product photos for your business, painting software has been turned into an extraordinary source in all the platforms. Today I am going to discuss some vital Linux painting tools for professionals and digital artists.

Like the other operating systems, Linux has all the facilities with a great working environment. It is a stable and secure platform where you can use some excellent painting tools for your professional and personal purposes. You can get natural paint on a digital canvas with the help of different artistic tools.

Read more

Indie Makers Using Single-Board Computers

Filed under
Linux
Interviews

Two such projects have really caught my attention lately: the Noodle Pi and the TinyPi.

The Noodle Pi is a simple, handheld computer (about the size of a deck of playing cards). And, when I say simple, I mean simple. It's got a micro-USB charging port, another for plugging in USB devices, a touch screen and a battery. Think of it like an old-school PDA without any buttons (other than a small power toggle) and the ability to run a full Linux-based desktop.

Read more

MiyoLinux: A Lightweight Distro with an Old-School Approach

Filed under
Linux

If you’re itching to throw it back to a time when Linux offered you a bit of challenge to your daily grind, MiyoLinux might be just the operating system for you. It’s a lightweight operating system that makes good use of a minimal set of tools. Anyone who likes their distributions to be less modern and more streamlined will love this take on the Linux desktop. However, if you prefer your desktop with the standard bells and whistles, found on modern distributions, you’ll probably find MiyoLinux nothing more than a fun distraction from the standard fare.

Read more

KDE Chat on Matrix

Filed under
KDE
OSS

KDE and open source in general has used IRC since the 90s but times change and these days people expect more than text with lots of internals exposed to the user. So KDE has set up a Matrix server which talks to other Matrix server and importantly also talks to IRC servers and their channels because some people will never change. The bridging to IRC isn’t perfect but it works much neater than on e.g. Telegram where the IRC user is one bot, here the IRC user is an individual user and you can set it up to use the same nickname you’ve been using since 1995. Unless you use square brackets in your nickname in which case I’ve no sympathy.

But it still requires a bit of understanding and setup. For one thing you need an app to talk to it, and the more common apps seem to be Riot web and Riot Android. KDE has its own setup of Riot web called webchat.kde.org and you can get the Android client from F-Droid or Google Play. Once you make an account you also need to tick some boxes (including one saying you are over 16 which vexes somewhat but it doesn’t be beyond the ability of most 15 year old to work out how to work around it).

Read more

today's leftovers

Filed under
Misc
  • Sparky news 2019/02

    The 2nd monthly report of 2019 of the Sparky project

  • MX Linux and SystemRescueCD
  • Scaling PostgreSQL with Kubernetes Operators

    Crunchy Data's open source Crunchy PostgreSQL Operator is an Operator for PostgreSQL that is used in many production environments. It provides a simple yet powerful command-line interface that lets users deploy their own database-as-a-service system on any Kubernetes-enabled platform.

    For example, with the pgo create command, which is used to provision a database, you can set up a distributed, high-availability PostgreSQL cluster with full disaster recovery support along with a database monitoring sidecar powered by pgMonitor. In other words, in lieu of a complicated multi-step process or having to write your own scripts, you can create the type of PostgreSQL system required for production from a single command.

    While this may seem to be overkill if you are managing a handful of database clusters, the value of an Operator scales significantly if you need to support hundreds or thousands of different clusters. Having a standardized set of commands with the ability to flexibly deploy clusters for different workloads both eases the administration burden and provides more options for how a team can develop and deploy workloads into production.

  • Today's Context Demands Use of OER

    This movement is the most exciting thing to happen to higher ed in my lifetime. It brings together the humanity, respect for students (and instructors!) and impetus to make a positive change in students’ lives from thinkers like bell hooks, Paulo Freire and John Dewey with the technological know-how and thirst for openness, access and justice of Seymour Papert, Richard M. Stallman and Aaron Swartz.

    There is no point in my parodying the eloquence of the expositors of open pedagogy cited above -- please go read them right now, if you haven’t yet. But one thing I can do is add a small point I haven’t see those authors emphasize, in the spirit (following Green) of exploring what motivates faculty. One thing that faculty members love (perhaps particularly at primarily research institutions, where they may be worried about something with enormous impact on pedagogy but which will require a large investment of their time) is their academic freedom.

  • AMDGPU LLVM Backend Seeing A Number Of Fixes In Recent Days

    If you habitually use the latest open-source graphics drivers, you may want to pull down the latest LLVM code from SVN/Git as there has been a number of fixes to the AMDGPU back-end in recent days.

    For those that haven't upgraded in a while or perhaps still on the LLVM 8 code-base, the latest LLVM 9 development code has been seeing a number of AMDGPU commits during the second half of February. There's been enabling of function calls by default that fixes some crashes, other crash fixes, implementing various features, enabling the DPP combiner pass by default, and other bits.

  • PyCharm 2019.1 EAP 6

    A variable viewer for our native Jupyter Notebook support, an interpreter indicator in the status bar, and more. Try the PyCharm 2019.1 EAP now, you can download the latest version on our website.

  • Include the currency name into the forex application

    Hello and welcome back to this new python forex application project. In the previous chapter, we have successfully retrieved the name and the id pair for all the conbase supported currencies, and in this chapter, we will use that information to add the currency name beside each currency id when we are comparing that currency to the USD. Below is the modify version of this program.

  • IRC vs IRL: How to run a good IRC meeting

    There's an art to running a meeting in any format. Many people have learned to run in-person or telephone meetings, but Internet Relay Chat (IRC) meetings have unique characteristics that differ from "in real life" (IRL) meetings. This article will share the advantages and disadvantages of the IRC format as well as tips that will help you lead IRC meetings more effectively.

    Why IRC? Despite the wealth of real-time chat options available today, IRC remains a cornerstone of open source projects. If your project uses another communication method, don't worry. Most of this advice works for any synchronous text chat mechanism, perhaps with a few tweaks here and there.

AV1 Image File Format (AVIF), Awful Intel Standards, and Linux Kernel at LWN

Filed under
Graphics/Benchmarks
Linux
  • AV1 Image File Format v1.0 Finalized

    The AV1 Image File Format (AVIF) appears solid now with it having been promoted to version 1.0.0. 

    The AV1 Image File Format (AVIF) is the specification for storing images and image sequences (animated images) compressed via AV1 in the HEIF High-Efficiency Image File Format. AV1, of course, being the promising royalty-free video coding format competing with the likes of HEVC/H.265. This is to AV1 as the WebP image format is to VP9/WebM. 

    The AV1 Image File Format continues making inroads and being worked on by the likes of Netflix and Microsoft, among other tech companies. Back in December, Netflix began publishing sample AVIF sample images here.

  • USB 3.2 Is Here To Make Things More Confusing For Everyone

    But with the introduction of USB 3.2, things have become even more confusing.

    The USB standards body has now rebranded 5Gb/s devices as “USB 3.2 Gen 1,” 10Gb/s devices as “USB 3.2 Gen 2” and the latest standard offering 20Gb/s speed has been dubbed “USB 3.2 Gen 2×2” because two 10Gb/s connections run parallelly in the wire.

  • The Intel-Developed Vulkan Overlay Layer Picks Up New Features, Dump FPS To File

    It was just one week ago that developers from the Intel Open-Source Technology Center contributed their new Vulkan Overlay later to Mesa 19.1 for providing various performance metrics/statistics of use to application/driver developers. This Vulkan overlay continues being improved upon as well as making it more applicable to gamers/enthusiasts.

  • The case of the supersized shebang

    Regressions are an unavoidable side effect of software development; the kernel is no different in that regard. The 5.0 kernel introduced a change in the handling of the "#!" (or "shebang") lines used to indicate which interpreter should handle an executable text file. The problem has been duly fixed, but the incident shows how easy it can be to introduce unexpected problems and highlights some areas where the kernel's development process does not work as well as we might like.
    By longstanding Unix convention, an attempt to execute a file that does not have a recognized binary format will result in that file being passed to an interpreter. By default, the interpreter is a shell, which will interpret the file as a shell script. If, however, the file starts with the characters "#!", the remainder of the first line will be treated as the name of the interpreter to use (and possibly arguments to be passed to that interpreter). This mechanism allows programs written in almost any interpreted language to be executed directly; the user need never know which interpreter is actually doing the work behind the scenes.

  • Per-vector software-interrupt masking

    Software interrupts (or "softirqs") are one of the oldest deferred-execution mechanisms in the kernel, and that age shows at times. Some developers have been occasionally heard to mutter about removing them, but softirqs are too deeply embedded into how the kernel works to be easily ripped out; most developers just leave them alone. So the recent per-vector softirq masking patch set from Frederic Weisbecker is noteworthy as an exception to that rule. Weisbecker is not getting rid of softirqs, but he is trying to reduce their impact and improve their latency.
    Hardware interrupts are the means by which the hardware can gain a CPU's attention to signal the completion of an I/O operation or some other situation of interest. When an interrupt is raised, the currently running code is (usually) preempted and an interrupt handler within the kernel is executed. A cardinal rule for interrupt handlers is that they must execute quickly, since they interfere with the other work the CPU is meant to be doing. That usually implies that an interrupt handler will do little more than acknowledge the interrupt to the hardware and set aside enough information to allow the real processing work to be done in a lower-priority mode.

    The kernel offers a number of deferred-execution mechanisms through which that work can eventually be done. In current kernels, the most commonly used of those is workqueues, which can be used to queue a function call to be run in kernel-thread context at some later time. Another is tasklets, which execute at a higher priority than workqueues; adding new tasklet users tends to be mildly discouraged for reasons we'll get to. Other kernel subsystems might use timers or dedicated kernel threads to get their deferred work done.

Security: GNOME Security Internship, Supply Chain Security Talk, SHAREit is 'Cracked'

Filed under
Security
  • GNOME Security Internship - The end?

    The first part regarding protecting the system from potentially unwanted new USB devices can be considered completed. Probably now it will requires just bug fixing and minor changes, if necessary. The required merge requests are up.

    The second part regarding limiting the number of usable keys for untrusted keyboards reached a working stage. However it’s still under evaluation which is the best way to achieve it, because even if with the current solution works it doesn’t mean that this is the desirable way to do it.

  • Supply Chain Security Talk [iophk: "warning for Microsoft event; maybe don't want to [attend] despite Bunnie presenting"]

    In the talk, I relay some of my personal trials authenticating my supply chains, then I go into the why of the supply chain attacks to establish some scenarios for evaluating different approaches. The talk attempts to broadly categorize the space of possible attacks, ranging from attacks that cost a penny and a few seconds to pull off to hundreds of thousands of dollars and months. Finally, I try to outline the depth of the supply chain attack surface, highlighting the overall TOCTOU (time of check, time of use) problem that is the supply chain.

  • Critical SHAREit Flaw Gives Attackers Full Access To Device Files

    Data sharing apps like SHAREit and Xender have transformed the way files are shared, since their release a few years ago. The apps transfer files over wifi which is much faster compared to sending files using Bluetooth.

  • High-Severity SHAREit App Flaws Open Files for the Taking

    SHAREit has fixed two flaws in its app that allow bad actors to authenticate their devices and steal files from a victim’s device.

    Two high-severity flaws in the SHAREit Android app allow an attacker to bypass the file transfer application’s device authentication mechanism – and ultimately download content and arbitrary files from the victim’s device, along with a raft of data such as Facebook tokens and cookies.

Forget Windows Use Linux – A Distro Designed to Work with Android

Filed under
OS
GNU
Linux
Microsoft

Over a year ago, we published a list of the Top 10 Open Source Distros You Haven’t Heard About, and while we also had good suggestions in the comments but the subject of our article today was nowhere in our radar. It goes by the name of FWUL which, interestingly, stands for Forget Windows, Use Linux.

FWUL (Forget Windows Use Linux) is a lightweight open-source Operating System based on Arch Linux that started as an initiative to create a smooth Android-like User Experience for desktop users who had issues with Microsoft Windows.

The same FWUL has an interesting name for an Operating System is the same way it has an interesting back story. The developer always pointed users to Linux whenever the complained about their issues with Windows because he believed that most of them were fixable in Linux.

However, popular distros like Ubuntu and Linux Mint didn’t include everything Android users need. For example, Ubuntu users still need to enter commands to install some apps, flashing Android phones requires the installation of certain drivers, etc.

Read more

Mozilla and Mycroft: WebRender and Voice Recognition

Filed under
Moz/FF
  • Mozilla GFX: WebRender newsletter #41

    Welcome to episode 41 of WebRender’s newsletter.

    WebRender is a GPU based 2D rendering engine for web written in Rust, currently powering Mozilla’s research web browser Servo and on its way to becoming Firefox‘s rendering engine.

    Today’s highlights are two big performance improvements by Kvark and Sotaro. I’ll let you follow the links below if you are interested in the technical details.
    I think that Sotaro’s fix illustrates well the importance of progressively rolling out this type of project a hardware/OS configuration at a time, giving us the time and opportunity to observe and address each configuration’s strengths and quirks.

  • Sharing our Common Voices – Mozilla releases the largest to-date public domain transcribed voice dataset

    Mozilla crowdsources the largest dataset of human voices available for use, including 18 different languages, adding up to almost 1,400 hours of recorded voice data from more than 42,000 contributors.

    From the onset, our vision for Common Voice has been to build the world’s most diverse voice dataset, optimized for building voice technologies. We also made a promise of openness: we would make the high quality, transcribed voice data that was collected publicly available to startups, researchers, and anyone interested in voice-enabled technologies.

    Today, we’re excited to share our first multi-language dataset with 18 languages represented, including English, French, German and Mandarin Chinese (Traditional), but also for example Welsh and Kabyle. Altogether, the new dataset includes approximately 1,400 hours of voice clips from more than 42,000 people.

  • Securing privacy with Mycroft, an Open AI voice assistant

    Voice-assisted technologies are extremely popular; already there are 2.5 billion such devices in use and that's expected to triple to 8 billion by 2023. This growth appears to be unstoppable—despite the privacy and security vulnerabilities in mainstream voice-assisted technology.

    One of these is the "open-window" vulnerability where, for example, a malicious person walks by an open window and shouts, "Hey, unlock the door!" and gains access to the house. Researchers have also identified thousands of false-positive wake words for Alexa and Google, potential attack vectors to inject malicious commands. Some people bring up the risk of subsonic commands injected over TV. Amazon may already be using frequency manipulations to keep Alexa from activating during its commercials. And, as with any web-connected computer device, there's the potential for backdoors and other common vulnerabilities.

Development: LibreOffice Asia Conference 2019, Fedora Development Docs, GNOME Online Accounts (GOA) and Another Developer Gathering for Devuan

Filed under
OS
LibO
  • LibreOffice Asia Conference 2019, Tokyo: Call for Papers is open

    Call for Papers for LibreOffice Asia Conference 2019, held at the Nihonbashi Tokyo Tower (at Cyboze, Inc., Tokyo Office) on May 25th (Sat) and 26th (Sun), is now open.

    LibreOffice Asia Conference will be the first event gathering LibreOffice users, advocates and contributors (not only development, but also localization, PR/marketing, documentation, quality assurance, … etc.) from different countries in Asia, to exchange and share experiences and knowledge.

    During the conference, we will discuss LibreOffice related business such as supporting and training, migrating to LibreOffice and the ODF true standard format, developing, and any other community activity in Asia. In addition, we will have guests from the core team at The Document Foundation, which is a charitable foundation and the home of LibreOffice.

  • Fedora IoT Docs are Live

    Design ideas: My focus was on technical content. The basic layout is dictated by the Fedora Docs project but a bit of design work on the welcome page and the addition of any IoT specific logos would be nice. Also, there are a few screenshots that could use a pointer or box to highlight the area described in the text.

    Verify links for downloads and upgrades: The working group now has regular updated images available in a CDN and the next downloadable image is in progress along with the final version of the landing page for downloads. Once the update and release schedule process is smoothed out, the documentation needs to be verified.

    Get ready for F30: When Fedora 30 is ready, the site will need some Release Notes and the User Guide will need some updates to cover new features. You can submit suggestions as iot-docs issues in pagure.

  • Some challenges for GNOME online accounts

    The cynical among us might be tempted to think that an announcement from the GNOME project about the removal of a feature — a relatively unused feature at that — would be an unremarkable event. In practice, though, Debarshi Ray's announcement that the GNOME Online Accounts (GOA) subsystem would no longer support the "documents" access point touched off a lengthy discussion within the project itself. The resulting discussion revealed a few significant problems with GOA and, indeed, with the concept of online-account management in any sort of open-source umbrella project like GNOME.

    GOA is meant to provide a single sign on system integrating GNOME applications with web-based services. Any application that, for example, wants to access files stored in Google Drive would ordinarily have to ask the user for credentials and log into Drive separately, which gets tiresome for users running a lot of applications. By routing this access through GOA, the GNOME developers hope to simplify the process of using those services. GOA includes a number of different "integration points" for different types of services, including files, email, calendars, contacts, and more.

    The "documents" point was used by the Documents application, which is meant to help users manage their documents. It has suffered, though, from a lack of both users and developers and lacks basic features; Michael Catanzaro described it as "basically just 'bad evince'". That certainly restricts its prospects for success; as Ray put it: "it doesn't stand any chance of adoption unless it can open files like /usr/bin/evince". Documents has duly been removed from the core set of GNOME applications. Since it was the only core application using the "documents" integration point, that point is now being removed.

  • Systemd-Free Debian "Devuan" Planning Their First Developer Gathering This Spring

    For fans of Devuan, the downstream of Debian focused on "init system independence" or just "Debian without systemd", their first-ever conference is happening in just over one month.

More in Tux Machines

Kernel: Linux 5.10, Linux 5.9 and Hardware Support

      
  • Linux 5.10 ARM64 Has A "8~20x" Performance Optimization Forgotten About For Two Years - Phoronix

    Last week was the main set of ARM 64-bit architecture updates for Linux 5.10 while today a second batch of changes were sent in for this kernel. That first round had the Memory Tagging Extension (MTE) and Pointer Authentication support among other improvements while this secondary pull has two notable performance optimizations.  First up is a performance optimization that the Arm developers acknowledge was seemingly forgotten about for some two years. Back in 2018 was a memory management speed-up by around 20x for the mremap system call on large memory regions. That work was merged but the feature never enabled for the ARM64 Linux kernel builds until now. 

  •   
  • Kernel 5.9: Onwards and upwards

    With version 5.9 of the Linux Kernel now released, it is time to, once again, review Collabora's contributions to this release which contains many improvements, primarily in hardware support, multimedia, graphics, testing and continuous contributions to other subsystems. The importance of software maintenance has been highlighted in the last week with the discovery of a high-severity Bluetooth flaw. Whilst some reports have suggested that 5.9 contains the required fixes, many articles have been updated to reflect the fact that this is not the case. The required changes should be available as part of the 5.10 kernel when it is released and the kernel stable branches have picked them up. Many distributions are also now providing security releases covering this issue, we advise that you look out for (and apply) security fixes from your distribution of choice.

  •  
  • It’s in the Air: The Corsair HS70 Wireless Headset & Linux

    Looking more widely at headset support in Linux, what can we expect? Unfortunately there’s a dearth of information, especially once you get away from the most popular models. Analog headsets will of course be fine (the joys of analog!), and Bluetooth should also work well, as long as you have that working. Though note that some Bluetooth audio devices prefer mobile, like some Jabra wireless earbuds that have spotty records of connecting to computers in general. Otherwise, though, there lacks any central database or way to find out what the support is like for a device you are interested in. You’ll have to rely on your search skills, maybe GitHub, and probably sorting out random forum or Reddit posts to figure out any issues. The Arch Wiki tends to be a great hardware reference, but here there’s just a page for Bluetooth headsets. These days it seems quite likely that your random USB audio device, even wireless, has a decent chance of working. But maybe not, and if you rely on any features that may require software or special drivers (controlling the device beyond volume, sound virtualization, etc.) it is still is a bit of a guessing game. At least HeadsetControl provides an indirect way of knowing if something will work, as they list many models of headsets which I assume means all the standard audio works already. When in doubt, make sure you check that return policy!

Security: Patches, FUD, and Incidents

  • Making the Grade with Linux and Cybersecurity at the Intelligent Edge

    As intelligent edge deployments accelerate, we have reached a crossroads where many are being forced to choose between the accessibility, ease of use, flexibility, and leading-edge capabilities of open source software and the safety and security of systems in the field. How we proceed has the potential to lead massive transformation in the embedded industry. “Using open source early in the proof-of-concept cycle means taking advantage of the rapid pace of open source innovation,” says Matt Jones, Chief Architect at Wind River. “Taking your solution to market comes with additional measures meant to protect your device throughout its lifecycle.”

  • Security updates for Thursday [LWN.net]

    Security updates have been issued by Arch Linux (freetype2), Debian (bluez, firefox-esr, and freetype), Fedora (firefox), openSUSE (chromium), Oracle (kernel), Red Hat (java-11-openjdk), Slackware (kernel), SUSE (freetype2, gnutls, kernel, php7, and tomcat), and Ubuntu (flightgear, italc, libapache2-mod-auth-mellon, libetpan, and php-imagick).

  • Snyk to automatically check Docker Official Images for security problems [Ed: ZDNet pushing FUD vendors again, ones connected to Microsoft]
  • OpenDev’s Gerrit deployment back online after suspected admin account compromise

    OpenDev.org’s Gerrit deployment has been restored after being taken offline following the detection of malicious activity on its repositories. The repositories were disabled two hours after project maintainers were alerted to a suspected security breach on Tuesday morning (October 20). “We believe an admin account in Gerrit was compromised allowing an attacker to escalate privileges within Gerrit,” said Clark Boylan in a service announcement issued later that day. “Around 02:00 UTC October 20 suspicious review activity was noticed, and we were made aware of it shortly afterwards. “The involved account was disabled and removed from privileged Gerrit groups. After further investigation we decided that we needed to stop the service, this happened at about 04:00 UTC.”

Turing Pi 2 clusters four Raspberry Pi CM4 modules

Turing Machines unveiled a “Turin Pi 2” Mini-ITX board that clusters 4x Raspberry Pi CM4 modules with a Layer-2 managed switch along with 2x GbE, 4x USB, 2x mini-PCIe, and 2x SATA 3.0. Turing Machines Inc., which earlier this month announced a final 1K run of its Turing Pi cluster board, announced a second-gen Turing Pi 2. Due to ship in 2021, the board offers 4x nodes to cluster Raspberry Pi Compute Modules, compared to 7x for the original Turing Pi. The Gen2 design supports the new Raspberry Pi Compute Module 4 and is equipped with additional interfaces, including 2x mini-PCIe and 2x SATA 3.0. Read more

5 of the Best Linux Text Editors

A text editor is very important for any operating system. Be it taking quick notes, drafting a document, or even coding a script, it is the best tool for the job. For Linux, you’d be amazed by just how many different text editors there are out there. To help you decide which text editor you want to use, here we cover the best text editors on Linux. [...] Linux Text editors are serious business. Everyone has a strong opinion about what they feel is the best one. None of them are wrong, of course. Each editor has its strengths and weaknesses, and even if none of the text editors in the above list interest you, there are still many alternatives around, like the CherryTree Notepad, which didn’t make the list above. Read more