Language Selection

English French German Italian Portuguese Spanish

today's leftovers

Filed under
Misc
  • [OpenMandriva] Additional desktop environments updated once again!

    I am pleased to announce that all currently the most popular desktops are available in the OpenMandriva repository and have been updated to the latest releases.

    So, if you don’t like the default Plasma 5, then you have option to use a different environment like Gnome, Cinnamon, Mate, Xfce, IceWM or i3. In addition @fedya has prepared Sway, and in the repository we can also find under the tutelage of @bero the LXQT and Lumina - both QT based environments. All desktop you can find in Cooker, Rolling* and in upcoming stable release Rock 4.1.

    [...]

    GNOME environment was updated to latest stable 3.34.3 along with most components that fall into this gtk stack.

  • Ubuntu Weekly Newsletter Issue 613

    Welcome to the Ubuntu Weekly Newsletter, Issue 613 for the week of January 5 – 11, 2020. The full version of this issue is available here.

  • UVM gets $1 million from Google for open source research

    The school says the aim of the project is to broaden understanding of how people, teams and organizations thrive in technology-rich settings, particularly in open-source projects and communities.

  • Creative Commons and USAID Collaborate on Guide to Open Licensing

    Over the past two years, we’ve been working with USAID, the Global Book Alliance, the Global Digital Library, and the Global Reading Network on early childhood reading programs, with a focus on helping these programs to recognize the potential of open licensing to increase the reach and efficacy of resources that promote youth literacy. In the course of doing that work, we all realized that additional materials needed to be created for grantees of the programs to not only understand the open license grant requirements, but to undertake the practical steps of implementing open licenses. To respond to that need, we collaborated with USAID and the Global Reading Network to write and co-publish Open Licensing of Primary Grade Reading Materials: Considerations and Recommendations, a guide to open licenses that includes an introduction to the basics of copyright, an overview of the benefits of open licensing, and suggestions for choosing and implementing open licenses.

  • German Lawyer Niklas Plutte shares OSS tips

    Under the title « Open Source Software Recht: Große FAQ mit vielen Praxistipps” (in German language) the German lawyer Niklas Plutte (Rechtsanwalt) summarises the main questions related to open source licensing.

    In particular, the paper analyse how far open licences will produce a reciprocal (or copyleft) effect, meaning that in case or re-distribution of the program (as is, modified or in combination with other software) the copy, the modified or derivative work must be provided under the same licence and made available to the public in source code form, which could be shared and reused by anyone.

  • Cryptic Rumblings Ahead of First 2020 Patch Tuesday [iophk: why is Canonical not utilizing this already? Do they have too many microsofters inside the perimeter now?]

    According to sources, the vulnerability in question resides in a Windows component known as crypt32.dll, a Windows module that Microsoft says handles “certificate and cryptographic messaging functions in the CryptoAPI.” The Microsoft CryptoAPI provides services that enable developers to secure Windows-based applications using cryptography, and includes functionality for encrypting and decrypting data using digital certificates.

    A critical vulnerability in this Windows component could have wide-ranging security implications for a number of important Windows functions, including authentication on Windows desktops and servers, the protection of sensitive data handled by Microsoft’s Internet Explorer/Edge browsers, as well as a number of third-party applications and tools.

    Equally concerning, a flaw in crypt32.dll might also be abused to spoof the digital signature tied to a specific piece of software. Such a weakness could be exploited by attackers to make malware appear to be a benign program that was produced and signed by a legitimate software company.

  • Facebook Shares Its 2019 Year in Review for Open Source

    Facebook said it released 170 new open-source projects in 2019, bringing its total portfolio to 579 active repositories.

    Open-source developer advocate Dmitry Vinnik said in a blog post that the social network’s internal engineers contributed more than 82,000 commits in 2019, while some 2,500 external contributors committed over 32,000 changes.

    He added that almost 93,000 new people starred Facebook’s open-source projects last year.

  • Amazon accused of 'strip mining' open source software

    ust before the start of the festive season shut-down in mid-December, the New York Times published a long article accusing one of the world’s largest technology companies – Amazon – of nefarious business practices.

    Amazon reacted strongly, with Andi Gutmans, VP of Analytics and ElastiCache at Amazon Web Services (AWS) calling the NY Times article “skewed and misleading” as well as “silly and off-base”.

    Referring to open source companies that it said had complained about Amazon’s business practices, which included benefiting by integrating open source software pioneered by others into its own products, the NYTimes wrote: “Some of the companies have a phrase for what Amazon is doing: strip-mining software. By lifting other people’s innovations, trying to poach their engineers and profiting off what they made, Amazon is choking off the growth of would-be competitors and forcing them to reorient how they do business.”

  • Financial Services Firms Must Contribute More Software Repos, to Retain Staff and Stay Relevant [Ed: This article promotes the fiction that only code Microsoft controls counts as FOSS. It is a hostile and malicious takeover.]

    Does this tell us anything ? Overall, I was quite encouraged, but felt financial services firms in particular have more to do.

    My first observation regards firms not featuring on the list. Many Financial Services companies - banks, asset managers and other open source-consuming tier 1 hedge funds - are notable by their absence on Github, though in fairness some host repos elsewhere. While Goldman Sachs, for a long time active with Java, and JP Morgan are readily findable, many of their rivals sadly barely register. Kudos to those that have contributed, particularly the likes of Two Sigma and Man AHL, who have truly put money, time and effort where their mouths are.

    Vendors like Bloomberg and Thomson Reuters have found repos to be useful for promoting APIs to their databases, not unlike some internet services firm submissions represented in the list. They're doing well.

    Particularly pleasing for me were two "proprietary" software firms active in Financial Services, MathWorks and SAS, both releasing significant numbers of high calibre code repos, not least because I worked many years for one of them. Predictably, most repos from my former company are in their own proprietary though openly-viewable and editable language, MATLAB. For SAS, somewhat less predictably to my mind at least, more code submissions were in Python and JavaScript than SAS code itself. Kudos therefore to my former competitors at SAS ! It seems they understand the programming languages preferred by their staff's children and grandchildren, a bit like my using DuckDuckGo, chatting with gamers on Discord and shouting "boomer" at anyone over the age of 33.

  • Spotify Accidentally Leaks Details on Its Home Thing Smart Speaker

    A leak may have revealed Spotify’s upcoming foray into smart home speakers. New setup images for something called ‘Spotify Home Thing’ have appeared online.

  • Bay Staters Continue to Lead in Right to Repair, and EFF Is There to Help

    Massachusetts has long been a leader in the Right to Repair movement, thanks to a combination of principled lawmakers and a motivated citizenry that refuses to back down when well-heeled lobbyists subvert the legislative process.

    In 2012, Massachusetts became the first US state to enact Right to Repair legislation, with an automotive law that protected the right of drivers to get their cars repaired by independent mechanics if they preferred them to the manufacturers' service depots. Though wildly popular, it took the threat of a ballot initiative to get the legislature to act, an initiative that ultimately garnered 86% of the vote. The initiative led to strong protections for independent repair in Massachusetts and set the stage for a compromise agreement leading to better access to repair information for most of the country.

  • Enjoy this peaceful 4 hour long trailer for THE LONGING, a game that takes 400 days to beat

    A curious one this, a game that has a clock that counts down from 400 days as soon as you start it and you don't even need to play it to get to the ending, as time continues when you're not playing. I've played some slow games before but this is an all new kind of sloth.

    It's called THE LONGING and you play as Shade, the last lonely servant of a King who once ruled an underground kingdom. The King's powers have faded and he sleeps for 400 days to regain strength and you're supposed to stick around until he awakens. Announced today, Studio Seufz have now given it a release date of March 5 and you can see the wonderful four hour long trailer below. The trailer is obviously a joke, at how you can just sit around and do nothing.

  • Feral Interactive are asking what you want ported to Linux again

    Feral Interactive, the porting studio behind a lot of great games available on Linux are asking for some feedback again on where they should go next.

    In the past, they've teased how they feed port requests into "THE REQUESTINATOR". Looks like my number three from when they asked in November 2018 turned out okay with Shadow of the Tomb Raider. As always though, we want additional ports to buy and more varied titles to play through.

  • OpenStack’s Complicated Kubernetes Relationship

    2020 may be the year the OpenStack community comes to terms with Kubernetes

    As the open source community heads into 2020, loyalties between OpenStack and Kubernetes are likely to become increasingly divided. Contributors to open source projects are trying to determine where to prioritize their efforts, while IT organizations are wondering to what degree they will need a framework such as OpenStack to deploy Kubernetes.

    Most Kubernetes deployments thus far have been on top of open source virtual machines or commercial platforms from VMware. Most of those decisions have been driven by the need to isolate Kubernetes environments sharing the same infrastructure. In addition, many IT organizations lacked the tools or expertise required to manage Kubernetes natively, so it became easier to simply extend existing tools to manage Kubernetes as an extension of a virtual machine-based platform.

    The debate now is to what degree that approach will continue as organizations become first more familiar with native Kubernetes toolsets and alternative approaches to isolating workloads using lighter-weight virtual machines emerge.

    Lighter-weight alternatives to OpenStack and VMware for deploying Kubernetes clusters already exist, notes Rob Hirschfeld, CEO of RackN, a provider of an infrastructure automation platform based on open source Digital Rebar software.

    At the same time, managed service providers such as Mirantis have begun rolling out highly distributed services based on Kubernetes that make no use of OpenStack at all.

More in Tux Machines

Security Leftovers: BlueTooth, Spectre/Meltdown and Huawei Disputes

  • BlueTooth Security Risks

    Security risks involving bluetooth vulnerabilities include techniques known as: bluebugging, bluesnarfing, bluejacking, denial of service and exploits for different holes. When a device is configured in discoverable an attacker may try to apply these techniques. Today mobile security was strongly increased and most attacks fail, yet sometimes security holes are discovered and new exploits emerge. As mobile devices prevent the user from installing unmonitored software freely most of attacks are difficult to carry out. This tutorial describes the most common Bluetooth attacks, the tools used to carry out these attacks and the security measures users can take to prevent them. [...] While bluetooth attacks aren’t widely used (when compared with other types of attacks like phishing or DDOS) almost every person carrying a mobile device is a potential victim, therefore in our countries most people are exposed, also through bluetooth, to sensitive data leak. On the other hand most manufacturers already patched devices to protect them from almost all attacks described above, but they only can issue a fix after the vulnerability was discovered and published (like with any vulnerability). While there is not defensive software the best solution is to keep the device turned off in public spaces, since most attacks require a short range you can use the device safely in private places. I hope you found this tutorial on Bluetooth Security Risks useful. Keep following LinuxHint for more tips and updates on Linux and networking.

  • Arm Has Many Changes On Tap For Linux 5.6 From Spectre/Meltdown Bits To New RNG

    While the Linux 5.5 kernel isn't even released yet, it's ideally coming out on Sunday should there not be a one week delay. But in any event Arm's Will Deacon has already sent in the pull request of the ARM architecture changes for Linux 5.6.

  • The Pentagon pushes back on Huawei ban in bid for ‘balance’

    Huawei may have just found itself an ally in the most unexpected of places. According to a new report out of The Wall Street Journal, both the Defense and Treasury Departments are pushing back on a Commerce Department-led ban on sales from the embattled Chinese hardware giant. That move, in turn, has reportedly led Commerce Department officials to withdraw a proposal set to make it even more difficult for U.S.-based companies to work with Huawei. Defense Secretary Mark Esper struck a fittingly pragmatic tone while speaking with the paper, noting, “We have to be conscious of sustaining those [technology] companies’ supply chains and those innovators. That’s the balance we have to strike.”

today's howtos

Devices/Embedded With GNU/Linux

Easy Librem 5 App Development: Flashlight

In my first post on easy application development on the Librem 5 I discussed how to turn a simple shell script that takes a screenshot into a full graphical app with only a few extra lines of code. In this post I will follow up with an even simpler application that took about twenty minutes to write with much of that time involved in reading documentation. My Bright Idea The interesting thing about smart phones is how many other devices they have replaced beyond a regular phone. For instance, there used to be a market for small, pocket-sized digital cameras, but now many people just use the cameras on their smart phones. While some people still do keep a pocket flashlight with them, many people just use the light on their smart phone. I realized that a flashlight app would be another great way to showcase just how easy it is to develop applications for the Librem 5. As applications go the requirements are pretty simple: you need a button to turn on the light, a button to turn off the light, and a button to close the app. Read more