If the 20th century was defined by an explosive growth in technology, then the 21st century is beginning to be defined by personal security, or more pointedly, a lack thereof. Virtual Private Networks (VPNs), once mainly a site-to-site connection tool for IT professionals, have evolved to become personal services that let individual users connect to the internet by using encrypted traffic that prevents third parties from snooping on their web activities.

This VPN evolution occurred because it has become increasingly easy for hackers to exploit constantly changing operating systems (OSes), applications, and networks. This means sophisticated tactics, such as man-in-the-middle attacks, aren't just being aimed at businesses anymore. It's happening to everyday folks who are frequenting their favorite coffee shop. This means these folks need to upgrade their security arsenal.

• Best open source business intelligence and analytics tools

  So what are some open source alternatives to these proprietary tools? And aside from cost what benefits can they bring? Here's our pick of the market.

• SD Times Open-Source Project of the Week: GraphQL Engine from Hasura

  With its open source release this week, GraphQL-as-a-Service company Hasura’s GraphQL Engine is looking to lift the burden on front-end and enterprise application developers who want to begin incorporating GraphQL’s data querying and manipulation capabilities in their preexisting Postgres-based applications without having to dig through the back-end of GraphQL’s code to implement it.

  ”GraphQL and the tooling around it dramatically increases the feature velocity for developer teams by reducing the communication required between them while developing new features,” the company wrote in this week’s announcement. “As a result, GraphQL servers are like self-documenting APIs that enable full API discoverability for the developers. This enables the front-end developers to make API requests, in order to introduce new features or change existing ones, in GraphQL without having to wait for back-end developer teams to deliver APIs and document the changes.”

• FOSS Project Spotlight: Pydio Cells, an Enterprise-Focused File-Sharing Solution

  Pydio Cells is a brand-new product focused on the needs of enterprises and large organizations, brought to you from the people who launched the concept of the open-source file sharing and synchronization solution in 2008. The concept behind Pydio Cells is challenging: to be to file sharing what Slack has been to chats—that is, a revolution in terms of the number of features, power and ease of use.

  In order to reach this objective, Pydio's development team has switched from the old-school development stack (Apache and PHP) to Google's Go language to overcome the bottleneck represented by legacy technologies. Today, Pydio Cells offers a faster, more scalable microservice architecture that is in tune with dynamic modern enterprise environments.

  In fact, Pydio's new "Cells" concept delivers file sharing as a modern collaborative app. Users are free to create flexible group spaces for sharing based on their own ways of working with dedicated in-app messaging for improved collaboration.

  In addition, the enterprise data management functionality gives both companies and administrators reassurance, with controls and reporting that directly answer corporate requirements around the General Data Protection Regulation (GDPR) and other tightening data protection regulations.

• Becoming a senior developer: 9 experiences you'll encounter

  Being a developer—a good one—isn't just about writing code. To be successful, you do a lot of planning, you deal with catastrophes, and you prevent catastrophes. Not to mention you spend plenty of time working with other humans about what your code should do.

• Revealing unknown DWG classes

  I implemented three major buzzwords today in some trivial ways.

      massive parallel processing
      asynchronous processing
      machine-learning: a self-improving program

  The problem is mostly trivial, and the solutions also. I need to
  reverse-engineer a binary closed file-format, but got some hints from
  a related ASCII file-format, DWG vs DXF.

• Python and Its Community Enter a New Phase

  Python is an amazing programming language, there's no doubt about it. >From humble beginnings in 1991, it's now just about everywhere. Whether you're doing web development, system administration, test automation, devops or data science, odds are good that Python is playing a role in your work.

  Even if you're not using Python directly, odds are good that it is being used behind the scenes. Using OpenStack? Python plays an integral role in its development and configuration. Using Dropbox on your computer? Then you've got a copy of Python running on your computer. Using Linux? When I purchased Red Hat Linux back in 1995, the configuration was a breeze—thanks to visual tools developed in Python.

  And, of course, there are numerous schools and educational programs that are now teaching Python. MIT's intro computer science course switched several years ago from Scheme to Python, and thousands of universities all over the world made a similar switch in its wake. My 15-year-old daughter participates in a program for technology and entrepreneurship—and she's learning Python.

  There currently is an almost insatiable demand for Python developers. Indeed, Stack Overflow reported last year that Python is not only the most popular language on its site, but it's also the fastest-growing language. I can attest to this popularity in my own job as a freelance Python trainer. Some of the largest computer companies in the world are now using Python on a regular basis, and their use of the language is growing, not shrinking.

• Egosoft have confirmed that X4: Foundations will be on Linux

  Fantastic news for fans of Egosoft space simulation games, as they have now actually confirmed that X4: Foundations [Official Site] will be on Linux.

• We Happy Few has a brand new trailer out

  We Happy Few, the action adventure from Compulsion Games and Gearbox Publishing looks rather promising in the brand new trailer.

• Get your game on, in the browser

  The web is a gamer’s dream. It works on any device, can connect players across the globe, and can run a ton of games—from classic arcade games to old-school computer games. The web could be the best platform for gaming, and Firefox is the the best browser for gaming. Here’s why.

  [...]

  Firefox is the fastest and most efficient browser for gaming. Don’t believe us? Try out some of these games and see for yourself:

  The Internet Archive Mac Software Library – Do you miss those black-and-white games you used to play on your old Macintosh? The Internet Archive has worked to preserve many older, classic computer games so now you can play them in your browser.

  http://slither.io/ – This is a fun, MMO Snake-like game with good graphics, is in-browser, and also happens to have a really good Privacy Policy (we’re into stuff like that).

  Battlestar Galactica Online – Who’s a Cylon? Are you a Cylon? Find out.

  LEGO Online – Playing with LEGO IRL is awesome, but the toy maker has made some of the best console and computer games in the past decade. Now you can play some of them online.

• Wine Lands Support For Vulkan On macOS Via MoltenVK

  CodeWeavers' Andrew Eikum has added support to Wine for using Vulkan on macOS via the open-source MoltenVK.

  As what should mature into a big boost for allowing Vulkan-enabled Windows games to run faster on macOS by mapping it through to Apple's Metal API, and also should ultimately allow the use of DXVK for Direct3D 11 over Vulkan or VKD3D for Direct3D 12 over Vulkan, the "winemac" code now has this initial Vulkan support using the MoltenVK wrapper.

• Raven Ridge Support Posted For AMDKFD Compute Driver

  Felix Kuehling of AMD sent out the remaining six patches for getting the AMD Raven Ridge (Ryzen APUs) working with the AMDKFD kernel compute driver so that the ROCm/OpenCL user-space compute stack can be run on these new APUs.

• Radeon RX Vega Display Regression Fix Heading To Linux 4.18 Git

  If you have been part of the group of Radeon RX Vega Linux users trying out Linux 4.18 and finding your display no longer lights up, heading to Linux 4.18 Git should be a fix for at least some of the users.

  Sent out on Friday was a batch of AMDGPU DRM-Fixes-4.18. It's just three fixes, but two of them are pertaining to display problems and the other a segmentation fault if the GPU does not power up properly when resuming the system.

• How to Enable Dark Mode in Firefox

• How to install Google Chrome web browser on Ubuntu 18.04

• How to Install Nextcloud with Nginx on Ubuntu 18.04 LTS

• How to Use Private Internet Access and Tor: Tor over VPN or VPN over Tor?

  A big question for those who consider internet privacy essential is how to best use Tor in combination with a VPN service provider like Private Internet Access. Should a Tor connection be tunneled inside an already established VPN connection, or should a VPN connection be tunneled inside an already established Tor connection? Before you can answer these questions, however, you must first consider your threat model.
  TL;DR – In most situations, you are going to want to use User > VPN > Tor

  This article assumes that the user is using good operational security that will not out themselves while on the network. Opsec is a set of best practices for remaining private while using anonymity networks. For more information about tor and VPN opsec, see our article next Wednesday.

• How to set up DevPI, a PyPI-compatible Python development server

• How to Setup and Install Oracle Weblogic in CentOS 7

When you want to find or install a Snap app you’re supposed to head to Ubuntu Software, which is part of the default Ubuntu desktop.

But if I’m being honest Ubuntu Software sucks. It’s slow. The layout isn’t great for discovery. And Ubuntu’s instance on listing (often irrelevant) Snap apps at the top of any and all search results muddies its use as a competent cross-format app hub.

• More Konsole Updates: Tabs

  One of the things that every old application suffers is from old code. It’s easier to keep something that works than to move to something new, even if the final result is better. Take a look at the current Tabbar + Buttons of Konsole.

• [Okular] GSoC 2018 - Second month status

  I am working on the GSoC project Verifying signatures of pdf files and since the last blog post I have made number of improvements. They are listed below.

  [...]

  This is a dialog similar to print preview dialog but instead of previewing what is about to be printed it loads the data covered by a signature in a read-only KPart. In its current state this dialog is pdf specific. This is problematic since okular is a universal document viewer. So I plan to make it a bit more generic.

• Going to Akademy 2018

• Chrome Browser Launching Mitigation for Spectre Attacks, The Linux Foundation Announces LF Energy Coalition, Kube 0.7.0 Now Available, New Android Apps for Nativ Vita Hi-Res Music Server and More

  Version 0.7.0 of Kube, the "modern communication and collaboration client", is now available. Improvements include "a conversation view that allows you to read through conversations in chronological order"; "a conversation list that bundles all messages of a conversation (thread) together"; "automatic attachment of own public key"; "the account setup can be fully scripted through the sinksh commandline interface"; and more. See kube.kde.org for more info.

• Mozilla B-Team: happy bmo push day!

• Mozilla VR Blog: This week in Mixed Reality: Issue 12

  This week we landed a bunch of core features: in the browsers space, we landed WebVR support and immersive controllers; in the social area, added media tools to Hubs; and in the content ecosystem, we now have WebGL2 support on the WebGLRenderer in three.js.

• Robert Kaiser: VR Map - A-Frame Demo using OpenStreetMap Data

  The prime driver for writing my first such demo was that I wanted to do something meaningful with A-Frame. Previously, I had only played around with the Hello WebVR example and some small alterations around the basic elements seen in that one, which is also pretty much what I taught to others in the WebVR workshops I held in Vienna last year. Now, it was time to go beyond that, and as I had recently bought a HTC Vive, I wanted something where the controllers could be used - but still something that would fall back nicely and be usable in 2D mode on a desktop browser or even mobile screens.

• Firefox Test Pilot: The Evolution of Side View

  Side View is a new Firefox Test Pilot experiment which allows you to send any webpage to the Firefox sidebar, giving you an easy way to view two webpages side-by-side. It was released June 5 through the Test Pilot program, and we thought we would share with you some of the different approaches we tried while implementing this idea.

• Browsh – A Modern Text Browser That Supports Graphics And Video

  Browsh is a modern, text-based browser that supports graphics including video. Yes, you read that right! It supports HTML5, CSS3, JavaScript, photos, WebGL content and of course video as well. Technically speaking, it is not much of a browser, but some kind of terminal front-end of browser. It uses headless Firefox to render the web page and then converts it to ASCII art. According to the developer, Browsh significantly reduces the bandwidth and increases the browsing speed. Another cool feature of browsh is you can ssh from, for example an old laptop, to a regular computer where you have Browsh installed, and browse HTML5 webpages without much lag. Browsh is free, open source and cross-platform.

• The most ambitious browser mitigation yet for Spectre attacks comes to Chrome

  Google’s Chrome browser is undergoing a major architectural change to enable a protection designed to blunt the threat of attacks related to the Spectre vulnerability in computer processors. If left unchecked by browsers or operating systems, such attacks may allow hackers to pluck passwords or other sensitive data out of computer memory when targets visit malicious sites.

• Libinput Gets Reworked Trackpoint Acceleration

  Peter Hutterer at Red Hat is trying again to get trackpoint acceleration performing nicely under the libinput library so trackpoints behave nicely across Wayland, X.Org, and Mir systems.

  Hutterer believes now that libinput's previous trackpoint acceleration code was "simply broken", but he believes this new code is on the right track and supports a wider configuration range.

• libinput has a new trackpoint acceleration

  Just a heads-up, I just merged a branch that fixes trackpoint acceleration
  in libinput. The previous approach was simply broken, the new one is quite
  similar to what we had before anyway - calculating speed from the deltas and
  applying the acceleration curve from that. The curve is adjusted for
  trackpoints with a relatively wide configurable range.

• Mir 0.32.1 Released With Launcher For Internal Wayland Clients, Fixes

  Canonical developers working on Mir have prepared the release of Mir 0.32.1 with a few fixes and improvements off the recent release of Mir 0.32.

  The Mir abstraction library (libmiral) now has a launcher for internal Wayland clients and the MirAL shell has reinstated the "spinner" in Wayland for when starting the shell. There are also several bug fixes pertaining to Mir's Wayland and Mesa support in this point release.

• Wayland 1.16 & Weston 5.0 Reach Alpha

  Samsung's Derek Foreman has announced the alpha release of Wayland 1.16 as well as the Weston 5.0 reference compositor.

  As is often the case with recent Wayland releases, they are not all that large. Wayland 1.16 Alpha does away with the deprecated wl_global definition, fixes various oddities, the Wayland code generator now supports foreign enums, and updated contribution documentation.

• mesa 18.1.4

  Hi list,

  Mesa 18.1.4 is now available for download.

  In this release we have:
  - Several fixes for i965
  - Several fixes for anv
  - A few fixes each for radeonsi, glx, the glsl compiler, the autotools build,
  nir, st/dri, and r600

  Dylan

• Mesa 18.1.4 Released With Fixes For Intel & Radeon Drivers

  For those abiding by Mesa stable releases, Mesa 18.1.4 is now available -- in time for updating prior to any weekend Linux gaming or other activities -- for these open-source OpenGL/Vulkan driver components.

  Mesa 18.1.4 truth be told isn't all that of an exciting release, unless you happened to be affected by any of the just over two dozen fixes incorporated into this timed point release.

• Carlos Soriano: Gtk4 Flatpak example

  As part of Ernestas Kulik work on porting Nautilus to gtk4 he has created a tagged entry widget to replace libgd tagged entry and eventually upstream to gtk proper. To give easy testing he created a Flatpak file for building a simple app with this widget, which serves as an example of how to create a simple app with gtk4 too.

• Philip Withnall: GUADEC 2018 thoughts

  GUADEC this year was another good one; thank you to the organisers for putting on a great and welcoming conference, and to Endless for sending me.

  Unfortunately I couldn’t make the first two days due to a prior commitment, but I arrived on the Sunday in time to give my talks. I’ve got a lot of catching up to do with the talks on Friday and Saturday — looking forward to seeing the recordings online!

  The slides for my talk on the state of GLib are here and the notes are here (source for them is here). I think the talk went fairly well, although I imagine it was quite boring for most involved — I’m not sure how to make new APIs particularly interesting to listen to!

• Georges Basile Stavracas Neto: My Perspective on This Year’s GUADEC

  This year, I had the pleasure to attend GUADEC at Almeria, Spain. Lots of things happened, and I believe some of them are important to be shared with the greater community.

  [...]

  A big cleanup was merged during GUADEC. This probably will mean small adaptations in extensions, but I don’t particularly think it’s groundbreaking.

  At the second BoF day, me and Jonas Ådahl dived into the Remote Desktop on Wayland work to figure out a few bugs we were having. Fortunately, Pipewire devs were present and we figured out some deadlocks into the code. Jonas also gave a small lecture on how the KMS-based renderer of Wayland’s code path works (thanks!), and I feel I’m more educated in that somewhat complex part of the code.

  As of today, Carlos Garnacho’s paint volume rework was merged too, after extensive months of testing. It was a high-impact work, and certainly reduces Mutter’s CPU usage on certain situations.

  At the very last day, we talked about various ideas for further performance improvements and cleanups on Mutter and GNOME Shell. I myself am on the last steps of working on one of these ideas, and will write about it later.

  [...]

  Even though I was reluctant to go, this GUADEC turned out to be an excellent and productive event.

• Daniel García Moreno: GUADEC 2018

  GUADEC is the GNOME Users And Developers European Conference, is an annual conference that take place in Europe, and this year was in Spain, so I should go. I've became a foundation member this year and I've two Google Summer of Code students from GNOME organization working on Fractal, so this year GUADEC was an important one for me.

The Elisa team is happy to announce our new bugfix release, version 0.2.1.

Elisa is a music player developed by the KDE community that strives to be simple and nice to use. We also recognize that we need a flexible product to account for the different workflows and use-cases of our users.

We focus on a very good integration with the Plasma desktop of the KDE community without compromising the support for other platforms (other Linux desktop environments, Windows and Android).

We are creating a reliable product that is a joy to use and respects our users privacy. As such, we will prefer to support online services where users are in control of their data.

• Blancco: Refurbished Android phones lack performance, iPhones miss connectivity

• What makes a Chromebook so secure?

• Twitter Android app is being updated with a bottom navigation bar

• Android Studio 3.2 Beta 3 Brings Navigation Editor, Android App Bundle and More

• Nokia 6.1 Review—The best answer to “What Android phone should I buy?”

• YouTube widely rolling out full bleed video thumbnails on Android [Gallery]

• BlackBerry announces an Android Oreo beta for the KEYone

• 9to5Toys Lunch Break: Kenwood Android Auto Receiver $450, BOGO FREE Samsung Galaxy, Aukey Car Mount $5 ...

Libre Computer has launched its promised “Renegade Elite” SBC on Indiegogo for $99. The RK3399-based board features GbE with PoE, HDMI 2.0, 2x USB Type-C with DP, and PCIe.

In partnership with Firefly, Libre Computer has launched its previously announced Renegade Elite (ROC-RK3399) SBC on Indiegogo. There’s only one funding package with 4GB LPDDR4 and an empty eMMC socket, priced at $99, with shipments due in September. Libre Computer has released a few new details on the open-spec board, including the implementation of its promised Power-over-Ethernet (PoE) support. The 120 x 72 x 11.9mm SBC is touted for its thin profile, which could pay off in space-constrained applications such as robotics.

• Greens 'bewildered' by kerfuffle over Microsoft's Protected cloud status

  The Australian Greens say they are "bewildered" at the way the Australian Signals Directorate has handled Microsoft's application for Protected cloud certification and the subsequent departure of a top female officer from the agency's ranks.

  Protected cloud is the highest security classification for vendors and allows a company to apply for contracts to store top-secret Australian Government data.

  In response to queries from iTWire, Greens' digital communications spokesperson Senator Jordon Steele-John said: "A staffer within the Australian Signals Directorate dared to refuse an application from foreign multinational company, Microsoft.

  "This application ensured secure cloud services receiving protected certification. Approving this certification meant that Microsoft overseas employees could access secure information for government departments.

  [...]

  Microsoft has been allowed to have staff based abroad handle systems on which top-secret data is stored. For the other four Australian companies, only staff vetted by the ASD can administer these systems.

  "It seems that there is one rule for multinational corporations, and another rule for Australian businesses, who are yet to get a look in to providing Protected cloud services to the Australian Public Service," Senator Steele-John said.

  "Australians have a right to know that the corporate interest is not being put ahead of the the security of our data."

• Container Adoption Starts to Outpace DevOps

  A new survey finds the number of organizations using containers is poised to pass the number of organizations employing DevOps processes in the months ahead. Less clear, however, is the degree to which adoption of containers will force organizations to embrace DevOps.

  The survey of 601 IT decision-makers conducted by ClearPath Strategies on behalf of the Cloud Foundry Foundation (CFF) finds that 32 percent of respondents have adopted containers and are employing DevOps processes. But the number of respondents who plan to adopt or evaluate containers in the next 12 months is 25 percent, while 17 percent are planning to adopt or evaluate DevOps processes. Overall, the survey finds that within the next two years, 72 percent of respondents either already are or expect to be using containers. That compares to 66 percent who say the same for DevOps.

• MKVToolNix 25.0.0 Released, Linux AppImage Now Available

  MKVToolNix, the free and open source set of tools used for creating, editing, and inspecting Matroska files (MKV, MK3D, MKA, and MKS), was updated to version 25.0.0, bringing quite a few bug fixes along with a few enhancements. With this release, a Linux AppImage is available "which should run on any Linux distribution released around the time of CentOS 7/Ubuntu 14.04 or later".

 

• Fixing issues with the “New Messages” divider

  Fractal is a Matrix client for GNOME and is written in Rust. Matrix is an open network for secure, decentralized communication.

• Hartwell J M Limited Partnership Increased Red Hat (RHT) Stake By $682,420; Suburban Propane Partners LP (SPH)’s Sentiment Is 0.85

• Returning to Growth and Value Creating: Stitch Fix, Inc. (SFIX), Red Hat, Inc. (RHT)

• Offering Potential To Outperform Peers? – Delta Air Lines, Inc. (DAL), Red Hat, Inc. (RHT)

• Hacknet is currently doing a free giveaway on Steam

  Just a quick tip: If you missed the previous Hacknet giveaway, act fast as it's free to grab and keep on Steam right now.

• The excellent Streets of Rogue has another update adding lots of little things and improved performance

  Easily one of my favourite games for being absolutely nuts, Streets of Rogue has been updated yet again.

  Not as big as some of the other updates, it's still a rather good one as it adds in lots of smaller fun features, improves performances and fixes the usual bugs.

• 2D team-based building and raiding game 'Scrunk' is out and free to try this weekend

  Scrunk is a 2D online team-based building and raiding game that's actually surprisingly fun, it's out now and free to try this weekend.

• Fanatical has a big strategy game sale on with some good Linux games cheap

  What's that? That's the refreshing smell of yet another big sale going on and this time it's at Fanatical.

• What's the difference between a fork and a distribution?

  If you've been around open source software for any length of time, you'll hear the terms fork and distribution thrown around casually in conversation. For many people, the distinction between the two isn't clear, so here I'll try to clear up the confusion.

• Stordis and Barefoot Lead Open Source Networking in Europe

  The German company Stordis distributes telecom equipment in Europe. But Stordis is in the process of repositioning itself as the champion of open source networking hardware and software for European service providers. And it’s working closely with Barefoot Networks as part of its strategy.

  It plans to provide hardware from bare metal suppliers such as Edgecore and Delta. It will offer consultancy and support services to help European service providers adopt open source networking software. And the company is in the process of ramping the manufacturing of a 100 Gig switch that is based on Barefoot’s Tofino programmable chip.

  [...]

  But Stordis’ strategy of targeting broadcasters first will hopefully lead to a willingness for other service providers to try open source. And the company is involved with the Open Networking Foundation (ONF).

• Talking mobile edge computing and open source software with Kontron Canada Inc.

  A crucial facilitator of Kontron Canada’s hardware-software evolution has been open source software.

  Integration of OpenStack in particular has proven a differentiator for the company, not least because it can tap into the expertise of a community of experts at an economical price. Open source software also enables flexibility for clients to build networks and data centres in their own way.

  However, while the perks of cloud adoption for organisations in industries such as telecoms are well-documented, deterrents such as higher than anticipated costs, start-up delays and being locked into a vendor’s specific approach do exist.

  Kontron’s OpenStack turnkey platform solution, fully integrated with the Canonical distribution of Ubuntu OpenStack, alleviates these concerns.

  Robert explains how Kontron’s hardware must keep aligned with updates from Canonical and the OpenStack community: “Canonical have their own releases of their distribution of OpenStack and our software team does all the work behind the scenes to make sure that it will be fully validated and integrated on our hardware.

• Perspecta to Sponsor 7th Annual OSEHRA Open Source Summit; Mac Curtis Comments

• Rethinking our approach to open-source data

  Open-source data is built on the foundation of long-term useability, authenticity and reliability. Its public nature means that it can be accessible anywhere with an internet connection.

  Yet when we talk about the government data that needs to be protected for national security reasons, classified information—related to defence and intelligence services—often takes precedence. But what about the protection of unclassified, open-source government data?

  Websites like data.gov.au, Trove and Parl Info Search host a broad range of data that collectively documents the political, social and cultural history of Australia. Over time, this data accumulates to paint a detailed picture of our country. It’s a high-value dataset given the trends big data analytics can reveal.

Given the recent releases of FreeBSD 11.2, Scientific Linux 6.10, openSUSE Leap 15, and other distribution updates in the past quarter, here are some fresh benchmarks of eight different Linux distributions compared to FreeBSD 11.2 and Microsoft Windows Server 2016. The tested Linux platforms for this go-around were CentOS 7.5, Clear Linux 23610, Debian 9.4, Fedora Server 28, openSUSE leap 15.0, Scientific Linux 6.10, Scientific Linux 7.5, and Ubuntu 18.04 LTS.

• Chrome Web Browser Will Now Use 10% More RAM With Spectre Fix

• Chrome 67 protects against Spectre hacks but gobbles more RAM

  The new feature basically splits the render process into separate tasks using out-of-process iframes, which makes it difficult for speculative execution exploits like Spectre to snoop on data.

• Linux, malware and data breaches – what can we learn? [VIDEO] [Ed: The insecurity industry, which profits from selling snake oil for Windows, relishes in the idea that GNU/Linux is not secure]

  We thought we’d dig into the recent malware infestation at Gentoo Linux – how it happened, how Gentoo responded, and how to avoid this sort of crisis in your own network.

  We think Gentoo did a good job in a bad situation, and we can all learn something from that.

• Speculative Load Hardening Lands In LLVM For Spectre V1 Mitigation

  The Speculative Load Hardening (SLH) effort that has been in development for months as a compiler-based automated Spectre Variant One mitigation technique has landed within LLVM trunk.

  Happening in time for LLVM 7.0 is this initial Speculative Load Hardening for x86/x86_64 while ARM developers are also working on leveraging SLH within LLVM for AArch64 (64-bit ARM) as well.

• Senators press federal election officials on state cybersecurity

  “Many elections across the nation do not have auditable elections. They are done completely electronically,” Sen. James Lankford (R-Okla.) told the panel of witnesses at a hearing on election security preparedness convened by the Senate Rules and Administration Committee.

  Thomas Hicks, the head of the EAC, indicated that states decide whether they want to have auditable elections.

• Mozilla Addons Blog: Upcoming changes for themes

  Theming capabilities on addons.mozilla.org (AMO) will undergo significant changes in the coming weeks. We will be switching to a new theme technology that will give designers more flexibility to create their themes. It includes support for multiple background images, and styling of toolbars and tabs. We will migrate all existing themes to this new format, and their users should not notice any changes.

  [...]

  It’s only a matter of weeks before we release the new theme format on AMO. Keep following this blog for that announcement.

• OverbiteNX is now available from Mozilla Add-Ons for beta testing

  OverbiteNX, a successor to OverbiteFF which allows Firefox to continue to access legacy resources in Gopher in the brave courageous new world of WebExtensions, is now in public beta. Unlike the alpha test, which required you to download the repo and install the extension using add-on debugging, OverbiteNX is now hosted on Mozilla Add-Ons.

  Because WebExtensions still doesn't have a TCP sockets API, nor a spec, OverbiteNX uses its bespoke Onyx native component to do network operations. Onyx is written in open-source portable C with no dependencies and is available in pre-built binaries for macOS 10.12+ and Windows (or get the repo and build it yourself on almost any POSIX system).

• India advances globally leading net neutrality regulations

  India is now one step away from having some of the strongest net neutrality regulations in the world. This week, the Indian Telecom Commission’s approved the Telecom Regulatory Authority of India’s (TRAI) recommendations to introduce net neutrality conditions into all Telecom Service Provider (TSP) licenses. This means that any net neutrality violation could cause a TSP to lose its license, a uniquely powerful deterrent. Mozilla commends this vital action by the Telecom Commission, and we urge the Government of India to move swiftly to implement these additions to the license terms.

• India sets the bar for net neutrality with 'world's strictest' rules

   

  Whilst the US is still fumbling after FCC head Ajit ‘Pumpkin' Pie deregulated the internet to please his cable pals, India has just past a whole chunk of recommendations from the Telecom Regulatory Association of India (TRAI) to ensure it will never go the same way.

• India implements strong net neutrality rules

   

  The government has taken an "unambiguous stand" in making sure that certain types of content are not prioritized over others and that broadband providers will be unable to slow down or block websites at their choosing, India's telecom regulatory body declared Thursday.
   

  Around two-thirds of the country’s 1.3 billion people still don't have [I]nternet access, but the country is moving forward with its net neutrality plans as more and more people begin to use smartphones.