Language Selection

English French German Italian Portuguese Spanish

June 2019

Security Leftovers

Filed under
Security
  • To defeat ransomware, we must first diagnose it correctly: Today's Talker [iophk: "Windows TCO. Ransomware is a symptom of the cancer of Windows deployment."]

    Before the attack on Stuart, there were rapid-fire attacks through eight weeks. The enemy targeted the city of Baltimore, Maryland; Howard County, Indiana; Imperial County, California; Potter County, Texas; city of Albany, New York; the city of Greenville, North Carolina; Genesee County, Michigan; Orange County, North Carolina; Jackson County, Georgia; and the Cleveland airport.

  • Artificial Intelligence and Counterterrorism: Possibilities and Limitations

    Prepared Written Testimony and Statement for the Record of Alexander Stamos, Director, Stanford Internet Observatory before The U.S. House of Representatives Committee on Homeland Security, Subcommittee on Intelligence and Counterterrorism on June 25, 2019.

  • Premature Cyber Escalation

    This framing of the attack as a calculated atttack to cause damage to Iranian missile C&C assets that’ll be time consuming and costly to repair, is very literally crazy talk. An analogy: a threat actor hacks a company, and on Friday, bust before the end of the work day, they delete MS Office from every computer. The cost to the company is minimal as no one would be working over the weekend. No one except the poor IT staff who have to clean up the mess anyway. For the company the cost they pay is “unpleasant weekend for IT staff, and overtime money.” On the other hand, the company learns a great deal about their vulnerabilities, their risk exposure, and how to deal with a similar attack in future.

    At the cost of some inconvenience for some people, and a bit of money, the company learned a lot of valuable information about their weaknesses. They can now take remedial action to prevent it from happening again, and create processes and procedures to reduce the burden of recovering from such an attack. From any perspective, it’s a great bargain.

    The US used a cyber attack that gained them nothing, and the Iranians pay a small price to learn how to mitigate and respond to such a cyber attack. The US taught Iran a lesson alright, but I very much doubt it was: “if you like your military toys, then leave the US alone.”

  • NASA, Homeland Security receive D- grades on IT issues [iophk: "Windows TCO"]

    The House Oversight government operations subcommittee released version 8.0 of the Federal IT Acquisition Reform Act (FITARA) scorecard in a hearing on Wednesday.

    The scorecard gave IT scores to two dozen agencies, as well as individual scores for each agency in areas such as cybersecurity, the modernization of technology and transparency and risk management.

today's leftovers: FreeBSD, Graphics, Games and KDE

Filed under
Misc
  • FreeBSD on a Thinkpad 230

    From the first-ever conference I attended, I started picking up many tools and habits from other participants, speakers, and friends. It is still the same with many new conferences I go to, by meeting new people and learning about new technologies, or sometimes about technologies which are not so new.

    I use Linux as my primary operating system at home over 15 years now, getting a good Internet connection helped to make it happen. It was the same for my servers too. I do run different distributions, depending on the kind of work that needs to be done. When I go to many language-specific or general technical conferences, I do always find some discussions related to which distribution is good for what. However, whenever I met Trouble aka Philip Paeps, his lines are always amusing, but, also making questions about how FreeBSD differs from Linux in every possible way. I had FreeBSD running in few VMs at home, which is okay to have an understanding of the basics. To know more in details, I decided to move my primary site https://kushaldas.in over FreeBSD around a year ago. Till now it is running fine, and as a simple static website, there is not much to do anyway.

  • AMD Navi Support Makes It Into DRM-Next For Linux 5.3, AMDGPU Hits Two Million Lines

    With the Linux kernel driver support for the upcoming "Navi" graphics cards only having been sent out last week for AMDGPU/AMDKFD, given it was more than 450 patches and more than 400 thousand lines of code (granted much of that automated header files), there was some risk it could be postponed given the imminent cut-off of new material to DRM-Next for Linux 5.3 given the rigid release cycle. Fortunately, that pull request has been honored.

    So assuming Linus Torvalds has no objections to the code, this AMDGPU Navi support will be present in Linux 5.3. The Navi addition did regress earlier support, but fortunately that bug was quickly spotted and resolved. DRM co-maintainer David Airlie was content enough with pulling in the big AMDGPU code update overnight to DRM-Next.

  • Wayland's Weston Now Supports EGL Partial Updates For Better Performance

    Thanks to longtime open-source Linux graphics developer Daniel Stone, Wayland's Weston reference compositor now has support for the EGL_KHR_partial_update extension to provide for potentially better performance.

    The EGL_KHR_partial_update extension was led by Arm years ago to allow for efficient partial updates of surfaces ready to be displayed and for ignoring surfaces that are unchanged between frames.

  • Prison Architect just got a nice update now that Double Eleven are keeping a watchful eye

    Following on from the recent news that Double Eleven are the new developers of Prison Architect, as promised they just released a brand new update.

    "Double Eleven has done an excellent job supporting Prison Architect on console since 2016 and the game’s community loves what they bring to the table," Steacy McIlwham, Product Manager for Prison Architect at Paradox Interactive, said. "We are confident in Double Eleven’s ability to continue improving upon an already great game and they have our full support."

    [...]

    Doesn't seem that GOG has the update for Linux just yet, but as mentioned it's live for Linux on Steam.

  • GSoC Update

    Last post I said that I was having some problems pushing my modifications to the git repo. I discovered that the official ROCS repository was recently moved to the KDE Gitlab repo, called KDE Invent, where I am working on a fork of the original ROCS repo.

    It is a model that I have some knowledge, as I already worked with gitlab in a past internship and did some merge requests because of the Hacktoberfest (I like to win t-shirts). So I had to update my remote of the local repo and I sent my update to my remote fork branch, called improved-graph-ide-classes.

    When I was modifying the code, I noticed some problems with the creation of random trees, but I am thinking what is the better way to fix this part. This problem lies in the relation of the algorithm and the edge types available to generate the tree. When using directed edges, the code is sometimes generating directed loops of size 2 in the graph.

  • KDE Applications 19.08 Schedule finalized

    Dependency freeze is two weeks (July 11) and Feature Freeze a week after that, make sure you start finishing your stuff!

Shows: Test and Code, Bad Voltage, Ubuntu Podcast, Choose Linux and BSD Now 304

Filed under
Development
GNU
Linux
BSD
  • Test and Code: 79: Fixing misinformation about software testing

    Some information about software testing is just wrong.
    I'm not talking about opinions. I have lots of opinions and they differ from other peoples opinions. I'm talking about misinformation and old information that is no longer applicable.

    I've ran across a few lateley that I want to address.

  • 2×54: Well Baffled

    [00:27:50] This past weekend has seen a bit of dancing about whether Ubuntu will drop 32-bit libraries from the archive, ending up with a statement from Canonical about it saying they aren’t going to (and Valve have responded saying that they’ll continue to support Steam on Ubuntu, although that was after we recorded the show)

  • Bad Voltage Season 2 Episode 54 Has Been Released:
  • Ubuntu Podcast from the UK LoCo: S12E12 – Nemesis

    This week we’ve been at the Snapcraft Summit in Montreal, we bring you some command line love and go over all your feedback.

    It’s Season 12 Episode 12 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.

  • Regolith, Rosa, and Antsy Alien Attack | Choose Linux 12

    Two new hosts join Joe to talk about a nice i3 implementation and an amazing arcade game written in Bash.

    Plus a new segment called Distrohoppers, and a useful hidden feature of GNOME.

  • Prospering with Vulkan | BSD Now 304

    DragonflyBSD 5.6 is out, OpenBSD Vulkan Support, bad utmp implementations in glibc and FreeBSD, OpenSSH protects itself against Side Channel attacks, ZFS vs OpenZFS, and more.

Servers: CNCF, IBM/Red Hat and More

Filed under
Server
  • Bringing Linux containers to small-footprint industrial-edge applications [Ed: Wind River trying to sell its proprietary stuff]

    Standards-compliant, cloud-native implementations based on open-source projects are possible thanks to the Cloud Native Computing Foundation (CNCF), which serves as the vendor-neutral home for many of the fastest-growing container-related projects. The foundation fosters collaboration between the industry’s top developers, end users and vendors.

    While initially deployed in enterprise IT environments, cloud-native architectures and containers provide benefits that are equally desirable for industrial, energy and medical embedded systems located at a factory, hospital or remote site. Code reusability, efficient maintenance, platform independence and optimized resource utilization are just as important for devices and applications developed by small teams working to meet aggressive schedules, deployed across multiple hardware architectures based on a variety of processor architectures.

  • Kubernetes Ecosystem Grows With Apple Support, New Release

    Organizations of all sizes are increasingly running their enterprise applications on top of cloud native infrastructure and more often than not, that infrastructure is Kubernetes.

    Kubernetes is an open source effort originally started by Google five years ago and now operated as a multi-stakeholder effort under the direction of the Cloud Native Computing Foundation (CNCF).

    The CNCF gained a major new supporter in June, with the addition of Apple as a Platinum End User Member. The platinum tier come swith a $370,000 annual fee that Apple will now fork over to the CNCF.

    Apple isn't just a consumer and user of CNCF projects including Kubernetes, it's also an active contributor. Apple has made code contribution to the Kubernetes container orchestration project, Envoy proxy, Helm and the gRPC project as well. Apple joining the CNCF and being an active participant is a big deal not just for the brand recognition that they bring, but also because Apple was previously a very visible user of the rival Mesos orchestration system.

  • IBM: What Red Hat Brings To The Table

    I have been bearish on IBM (NYSE:IBM) for several years. As more information is being disseminated and stored over the Internet, cloud computing has become all the rage. The company has been transitioning from mainframe computing to cloud computing. That transformation has been a long, arduous process. The company has stagnant to declining revenue growth, making it difficult to recommend the stock. Its acquisition of Red Hat (RHT) for $34 billion was expensive, but it could pay dividends down the line.

  • Red Hat Reports First Quarter Results for Fiscal Year 2020
  • How Red Hat Enterprise Linux 8 can help agencies accelerate innovation in the hybrid cloud

    Almost 10 years after the Office of Management and Budget first directed agencies to begin moving to the cloud, those agencies no longer need to be told. They’ve seen the benefits, and cloud-first policies and the need to reduce datacenters are no longer the primary drivers. Experts say flexibility in application development and deployment, a better place to innovate in digital services, and enhanced security rank among the most common reasons.

    But it can be a slow process, partly due to strict government requirements. Agencies need to meet requirements for security, uptime, disaster recovery, and workload portability with their hybrid cloud infrastructures..

  • Awards roll call: Red Hat awards, March 2019 - June 2019

    As we kick off summer, we wanted to share some of the latest awards and recognition that Red Hat has received over the last few months. Since our last award roundup, Red Hat has been honored with more than 17 new accolades across our organization.

    Since our founding 26 years ago, Red Hat has grown from a single product company to the world’s leading provider of enterprise open source software solutions and the first public open source company to generate more than $3 billion in revenue. Open source has revolutionized the software industry and it continues to be the driving force behind much of the technology innovation happening today. We see the following awards as a recognition of that journey.

  • Outcome of the CPE’s team’s face-to-face

    You may remember that we recently spoke about the Community Platform Engineering (CPE) team and the problem it is facing — our workload is growing faster than the team can scale to meet it. From June 10th to June 14th most of the CPE team members met face to face in the Red Hat office in Waterford (Ireland)

  • RPM packages explained

    Perhaps the best known way the Fedora community pursues its mission of promoting free and open source software and content is by developing the Fedora software distribution. So it’s not a surprise at all that a very large proportion of our community resources are spent on this task. This post summarizes how this software is “packaged” and the underlying tools such as rpm that make it all possible.

    [...]

    From a quick look, dnfdragora appears to provide all of dnf‘s main functions.

    There are other tools in Fedora that also manage packages. GNOME Software, and Discover are two examples. GNOME Software is focused on graphical applications only. You can’t use the graphical front end to install command line or terminal tools such as htop or weechat. However, GNOME Software does support the installation of Flatpaks and Snap applications which dnf does not. So, they are different tools with different target audiences, and so provide different functions.

    This post only touches the tip of the iceberg that is the life cycle of software in Fedora. This article explained what RPM packages are, and the main differences between using rpm and using dnf.

  • An Introduction to Docker and Why It’s Useful in IoT

    But that is not the complete story. Netflix did not just seek the help of AWS because they have unlimited servers and data centers to provide. In fact, the huge costs of renting actual data centers can make it rather expensive to keep their monthly plans affordable for 150 million end users worldwide.

  • What +1's taught us about organizational pain at Red Hat Summit

    Open tools work best in the hands of open people. At Red Hat, we understand that tackling bold challenges—like digital transformation or application modernization—requires more than technology alone. It requires new ways of thinking, working, and problem-solving. That's why we're committed to helping organizations understand how they can embrace open principles to reshape their organizational cultures in productive and innovative ways.

    So for Red Hat Summit in Boston, MA this year, members of the Open Organization community wanted to craft a unique experience that would help attendees understand the power of working openly. We wanted to create opportunities for visitors to share their culture- and process-focused challenges with us—not only so we could learn more about what's keeping people from being as innovative, agile and engaged as they'd like to be, but also so we could connect them with resources they could use to begin tackling those challenges.

    This is the story of what we did, how we did it, and what we learned.

  • Cloudflare blames widespread internet borkage on Verizon and Noction

    Noction provides a service which it claims can increase BGP efficiency by 30-50 per cent by splitting IP addresses into smaller chunks (overly simplified, but that'll get you through the explanation).

    When that went wrong, it started misdirecting traffic. A lot of it was caught by failsafes from carriers, but Verizon, it appears, didn't have the necessary safeguards (a system called RPKI) and let the erroneous traffic go all over the internet.

Software: Opera 62, GNU Projects and Nextcloud Text

Filed under
Software
  • Opera 62 Released with Dark Mode, HD Displays Improvements

    Opera web browser 62 was released today with improved dark mode, design updates. Here’s how to install it in Ubuntu.

  • Opera 62 comes with design updates to Reborn 3

    With the newest release of Opera 62, we have some interesting design updates on top of the changes we introduced in Reborn 3.  We’d also like to show you a feature that will help you plan your holidays more easily.

  • Opera 62 Web Browser Launches with New Task Completer, Design Improvements

    Opera Software announced today the release Opera 62 web browser for all supported platforms, including GNU/Linux, macOS, and Microsoft Windows, a release that adds various design updates and some new features.
    Opera 62 is now available as the latest and most advanced version of the Chromium-based, cross-platform web browser that runs on desktops and mobile devices. This release introduces a new tool called Task Completer, which helps you easily plan your next vacation by allowing you to revisit the hotels you searched for on booking.com locally on the Opera Speed Dial. The Task Completer features is experimental and will be improved in future releases.

    "We wanted to experiment with Task Completer in a context where retrieving previous search results is most important, such as travel. When we look for flights and book hotels we don’t always make instant decisions. Oftentimes, we want to go back to a specific hotel and show it to friends or loved ones traveling with us before we book," said Opera's Joanna Czajka.

  • How do Spritely's actor and storage layers tie together?

    I've been hacking away at Spritely (see previously). Recently I've been making progress on both the actor model (goblins and its rewrite goblinoid) as well as the storage layers (currently called Magenc and Crystal, but we are talking about probably renaming the both of them into a suite called "datashards"... yeah, everything is moving and changing fast right now.)

    In the #spritely channel on freenode a friend asked, what is the big picture idea here? Both the actor model layer and the storage layer describe themselves as using "capabilities" (or more precisely "object capabilities" or "ocaps") but they seem to be implemented differently. How does it all tie together?

    A great question! I think the first point of confusion is that while both follow the ocap paradigm (which is to say, reference/possession-based authority... possessing the capability gives you access, and it does not matter what your identity is for the most part for access control), they are implemented very differently because they are solving different problems. The storage system is based on encrypted, persistent data, with its ideas drawn from Tahoe-LAFS and Freenet, and the way that capabilities work is based on possession of cryptographic keys (which are themselves embedded/referenced in the URIs). The actor model, on the other hand, is based on holding onto a reference to a unique, unguessable URL (well, that's a bit of an intentional oversimplification for the sake of this explaination but we'll run with it) where the actor at that URL is "live" and communicated with via message passing. (Most of the ideas from this come from E and Waterken.) Actors are connected to each other over secure channels to prevent eavesdropping or leakage of the capabilities.

  • GNU Spotlight with Mike Gerwitz: 17 new GNU releases in June!

    apl-1.8
    artanis-0.3.2
    dr-geo-19.06a
    gawk-5.0.1
    gengetopt-2.23
    gnunet-0.11.5
    guile-2.2.5
    icecat-60.7.0-gnu1
    libmicrohttpd-0.9.64
    libredwg-0.8
    mailutils-3.7
    mit-scheme-10.1.9
    nano-4.3
    nettle-3.5
    parallel-20190622
    unifont-12.1.02
    units-2.19

  • Bzip2 1.0.7 is released

    Distros and embedded users should start using bzip2-1.0.7 immediately. The patches they already have for the bzip2's traditional build system should still apply. The release includes bug fixes and security fixes that have accumulated over the years, including the new CVE-2019-12900.

    Once 1.1.0 is released, distributions should be able to remove their patches to the build system and just start using Meson or CMake. You may want to monitor the 1.1.0 milestone — help is appreciated fixing the issues there so we can make the first release with the new build systems!

  • bzip2 1.0.7

    We are happy to announce the release of bzip2 1.0.7.

    This is an emergency release because the old bzip2 website is gone and there were outstanding security issues. The original bzip2 home, downloads and documentation can now be found at: https://sourceware.org/bzip2/

  • Nextcloud Has a New Collaborative Rich Text Editor Called Nextcloud Text, GNOME Announces GNOME Usage, Linus Torvalds Warns of Future Hardware Issues, Red Hat Introduces Red Hat Insights and Offensive Security Launches OffSec Flex

    Nextcloud announces a new collaborative rich text editor called Nextcloud Text. Nextcloud Text is described as not "a replacement to a full office suite, but rather a distraction-free, focused way of writing rich-text documents alone or together with others." See the Nextcloud blog post for more details.

Security: Updates, Purism’s Librem Key, Silex 'Malware' (Brute-Forcing Bad/Unchanged Passwords), Arch Linux Reproducible Builds

Filed under
Security
  • Security updates for Thursday
  • Made in USA Librem Key

    We would never use the words “Made in USA” lightly. We had to meet very strict requirements before being allowed to use that label. It’s well-known that other firms have been fined for mislabeling their Made in China products as Made in USA, for instance because “screwdriver assembly” only (getting electronics made elsewhere and doing final case-assembly in the USA) is not enough to qualify for “Made in USA”. A company can source specific, individual electronics components from around the world (we source chips like the OpenPGP smart card from a European supplier, for example) but must actually make–as in fabricate–the product here, in the US, to be able to label it as “Made in USA.”

  • Purism’s Librem Key is Now the First and Only USB Security Token to be Made in the USA

    Purism, the social purpose corporation which designs and produces popular hardware and software that protects users’ digital lives, today announced its Librem Key product will be the first device of its category to be made in the USA.

    Librem Key, the first and only OpenPGP smart card closely integrated with the Heads-firmware offering a tamper-evident boot process, launched in September 2018. Initially manufactured in-part by partner Nitrokey, Purism is now manufacturing Librem Keys entirely from Purism’s Carlsbad, California headquarters – the same U.S. facility used to manufacture its Librem 5 smartphone devkits in 2018. Version 2 also stores up to 4096-bit RSA keys and up to 512-bit ECC keys and securely generates keys directly on the device.

    Supply chain security is a rising concern due to the lack of control hardware companies have over manufacturing links. Threats include security hacks, malware concerns, cyber-espionage, and even copyright theft. Purism sees protection of its supply chain as an existentially important issue, and has invested in supply chain improvements including the launch of Librem Key V2.

  • The Curious Case of Silexbot

    A new piece of malware that is using default credentials to log into IoT devices and then erase their file systems and shut them down is on the move, but it may not end up having the reach that it’s alleged creator intended.

  • Thousands of IoT Devices Bricked By Silex Malware
  • Jelle Van der Waa: Reproducing Arch [core] repository packages

    As Arch Linux we are working on reproducible builds for a while and have a continuous test framework rebuilding package updated in our repositories. This test does an asp checkout of a package and builds it twice in a schroot, we do not try to reproduce actual repository packages yet. In the end this is however what we want to achieve, giving users the ability to verify a repository package by rebuilding it on their own hardware.

  • mariadb 10.4.x update requires manual intervention

    The update to mariadb 10.4.6-1 and later changes configuration layout as recommended by upstream.

Microsoft Entryism and Openwashing

Filed under
Microsoft
OSS
  • 2001: Linux is cancer, says Microsoft. 2019: Hey friends, ah, can we join the official linux-distros mailing list, plz? [Ed: Just more infiltration, entryism. They try to sell Windows and Azure. See comments on this article, e.g.: "You're assuming #Microsoft has good intentions. Instead, they've decided it's easier to suck the marrow from the bones if they can sneak inside the host under a flag of truce, like many other common parasites."]

    Sasha Levin, who describes himself as a "Linux kernel hacker" at the beast of Redmond, made the application for his employer to join the list, which if approved would allow Microsoft to tap into private behind-the-scenes chatter about vulnerabilities, patches, and ongoing security issues with the open-source kernel and related code. These discussions are crucial for getting an early heads up, and coordinating the handling and deployment of fixes before they are made public.

  • SUSE Linux Enterprise Server 15 SP1 is now available on the Microsoft Store [Ed: To Microsoft it seems like GNU/Linux is just something you run under Windows, with Microsoft's permission]
  • Microsoft launches Windows Terminal app in Preview and it's ruddy open source

    The change is certainly overdue. The most recent attempt to update from the original version was in 2006 with the launch of Powershell. Since then, Microsoft has attempted to patch up both, with CMD getting copy/paste support a couple of years ago (about 20 years late, in our humble opinion) and an aborted attempt to make Powershell the default for Windows 10, which nobody asked for and few wanted.

  • MongoDB’s CEO on Open Source, Taking on Oracle, and Scaling Up

    “MongoDB was built by MongoDB. There was no prior art. We didn’t open source it for help; we open sourced it as a freemium strategy”

Programming Leftovers (Mostly Python)

Filed under
Development
  • Top 7 Reasons Why Python Should Be Your Next Programming Language
  • OpenAssessIt Toolkit helps improve website accessibility

    Unfortunately, because of poor website design decisions, a lot of content on the web (such as PDFs) is not accessible to people with hearing, sight, mobility, neurological, and other disabilities, and as the population rapidly ages, accessibility-related problems will increase.

    Fortunately, many businesses, governments, and other organizations are taking strides to remedy inaccessible websites. There are two paths to achieving accessibility: fixing existing websites and doing the right things when sites are created. Fixing a website that has been in use for many years—with hundreds of pages, posts, images, and PDFs—can be a daunting task. Every element must be scrutinized for problems, and sometimes the fix is not obvious nor easy to accomplish.

    There are many tools available to check and fix website accessibility issues, including OpenAssessIt Toolkit, a new open source tool developed by Joel Crawford-Smith, a self-described "relentless web accessibility fanatic" and "cat aficionado."

    OpenAssessIt converts Chrome Lighthouse files into visual, human-readable web accessibility assessments. Lighthouse audits websites for accessibility issues and reports its findings as text that can be viewed in the browser or exported as a JSON file with valuable hidden data.

    OpenAssessIt consumes Lighthouse's data-rich JSON files and outputs them in Markdown, which is easy for people to read and edit. It also takes screenshots of each failing element and provides suggestions on how to fix each issue. Automated tools help detect accessibility issues, but a human must evaluate the validity and seriousness of each problem. "Seeing the issues visually [is] a good tool for training and development," Joel says.

  • PyCharm 2019.2 EAP 5

    Despite the very sunny weather in Europe tempting us to go outside, we’ve succeeded in getting a build out for you this week. We’d appreciate it if you were to download it from our website.

  • Have you tried out Thonny?

    Today I have just installed a new Python IDE on my computer, it really looks simple but there are a lot of goodies. First of all, if you have not yet installed Thonny, you can download it from this link.

    As you can see from above, this IDE is super easy to use, you write the code on the editor, then after you have run the program, you can view the value and the address of the variable as well as a function under the heap panel. You can also step through each line of code of the program while debugging your program. If this is your first time learning Python then this IDE will get you started.

  • Little Trouble in Big Data – Part 2

    In the first blog in this series, I showed how we solved the original problem of how to use mmap() to load a large set of data into RAM all at once, in response to a request for help from a bioinformatics group dealing with massive data sets on a regular basis. The catch in our solution, however, was that the process still took too long. In this blog, I describe how we solve this, starting with Step 3 of the Process I introduced in Blog 1:

  • Building Standalone Python Applications with PyOxidizer

    Python application distribution is generally considered an unsolved problem. At their PyCon 2019 keynote talk, Russel Keith-Magee identified code distribution as a potential black swan - an existential threat for longevity - for Python. In their words, Python hasn't ever had a consistent story for how I give my code to someone else, especially if that someone else isn't a developer and just wants to use my application. I completely agree. And I want to add my opinion that unless your target user is a Python developer, they shouldn't need to know anything about Python packaging, Python itself, or even the existence of Python in order to use your application. (And you can replace Python in the previous sentence with any programming language or software technology: most end-users don't care about the technical implementation, they just want to get stuff done.)

    Today, I'm excited to announce the first release of PyOxidizer (project, documentation), an open source utility that aims to solve the Python application distribution problem! (The installation instructions are in the docs.)

  • PyOxidizer Can Turn Python Code Into .Exe File For Windows, MacOS, Linux

    Szorc says that an average computer user will be able to run the application without having to download the correct software libraries. This is because PyOxidizer produces binaries that embed Python. Hence users don’t need to install or know the language.

  • Stack Abuse: Text Generation with Python and TensorFlow/Keras

    Are you interested in using a neural network to generate text? TensorFlow and Keras can be used for some amazing applications of natural language processing techniques, including the generation of text.

    In this tutorial, we'll cover the theory behind text generation using a Recurrent Neural Networks, specifically a Long Short-Term Memory Network, implement this network in Python, and use it to generate some text.

More in Tux Machines

Release of PyPy 7.2

  • PyPy v7.2 released

    As always, this release is 100% compatible with the previous one and fixed several issues and bugs raised by the growing community of PyPy users. We strongly recommend updating. Many of the fixes are the direct result of end-user bug reports, so please continue reporting issues as they crop up.

  • PyPy 7.2 released

    Version 7.2 of PyPy, an implementation of the Python language, is out.

  • PyPy 7.2 Released With Full 64-bit AArch64 Support, PyPy 3.6 Beyond Beta

    PyPy 7.2 is out today as a big update for this alternative Python implementation that currently provides interpreters for compatibility with Python 2.7 and Python 3.6. In cooperation with Arm and Crossbar.io, PyPy developers have been working on complete 64-bit ARM (AArch64) support and this summer they achieved getting the PyPy JIT running on 64-bit ARM. PyPy 7.2 is the first release with this 64-bit ARM support now in good standing.

today's leftovers

  • Intel Firmware Binaries Land For AX200/AX201 Bluetooth Linux Support

    With devices beginning to hit store shelves using the new Intel WiFi 6 AX200 series chipsets, the firmware binaries have landed in linux-firmware.git for rounding out support for these latest WiFi/Bluetooth adapters. For a few kernel releases now since earlier this year these new Intel wireless chipsets have been supported by the mainline kernel but the firmware hasn't been part of the de facto linux-firmware.git tree that houses the various firmware binaries for different hardware component support under Linux.

  • Improving distfile mirror structure

    The Gentoo distfile mirror network is essential in distributing sources to our users. It offloads upstream download locations, improves throughput and reliability, guarantees distfile persistency. The current structure of distfile mirrors dates back to 2002. It might have worked well back when we mirrored around 2500 files but it proved not to scale well. Today, mirrors hold almost 70 000 files, and this number has been causing problems for mirror admins.

  • LibreOffice 6.2.7 packages available for Slackware 14.2

    There was a recent update in my repository of LibreOffice packages, but that libreoffice-6.3.2 was just for slackware-current. There’s a recent release in the LibreOffice 6.2 stable series as well (ok… five weeks ago, not that recent…), and so I decided to use my build box’s free weekend to come up with packages for LibreOffice 6.2.7. This release has a security improvement over previous versions, in that it will popup a warning to the user if a document tries to run an embedded script (similar to existing warning mechanism for embedded macros).

Graphics and Standards

  • SHADERed 1.2.3 Released With Support For 3D Textures & Audio Shaders

    SHADERed is the open-source, cross-platform project for creating and testing HLSL/GLSL shaders. While a version number of 1.2.3 may not seem like a big update, some notable additions can be found within this new SHADERed release.

  • Vulkan 1.1.125 Released With SPIR-V 1.4 Support

    Succeeding Vulkan 1.1.124 one week later is now Vulkan 1.1.125 with a lone new extension. Vulkan 1.1.125 has its usual clarifications and corrections to this graphics API specification. Meanwhile the new extension introduced in the overnight v1.1.125 release is VK_KHR_spirv_1_4.

  • Making Movies Accessible for Everyone

    For the first time, people who are deaf or hard of hearing will be able to enjoy the Nairobi leg of the Human Rights Watch Film Festival, opening on October 15.

New Videos: A Look at Xubuntu 19.10 and Crunchbang++ 10