• Linux Patches Surface For Supporting The Creative Sound BlasterX AE-5

  Last year Creative Labs introduced the Sound BlasterX AE-5 PCI Express gaming sound card while finally there are some patches pending for supporting this high-end sound card in Linux.

  Connor McAdams who most recently got the Creative Recon3D support into good shape on Linux has now been working on getting the Sound BlasterX AE-5 working well on Linux.

• Blockchain Training Takes Off

  Meanwhile, job postings related to blockchain and Hyperledger are taking off, and knowledge in these areas is translating into opportunity. Careers website Glassdoor lists thousands of job posts related to blockchain.

• AMD Picasso Support Comes To The RadeonSI OpenGL Driver

  Last week AMD sent out initial support for yet-to-be-released "Picasso" APUs with the Linux AMDGPU kernel graphics driver. Today on the user-space side the support was merged for the OpenGL RadeonSI Gallium3D driver.

  Picasso details are still fairly light but they are expected to be similar to Raven Ridge and for the AM4 processor socket as well as an edition for notebooks. On the same day as publishing the Picasso AMDGPU kernel patches, AMD also went ahead and published the Linux patches for the "Raven 2" APUs too.

• The GeForce RTX 2080 Ti Arrives For Linux Benchmarking

  It looks like NVIDIA has their launch-day Linux support in order for the GeForce RTX 2080 "Turing" graphics cards slated to ship later this week as arriving today at Phoronix was the RTX 2080 Ti.

  The GeForce RTX 2080 Ti is NVIDIA's new flagship desktop GPU with the Turing GPU architecture, 4352 CUDA cores, a 1635MHz boost clock speed rating for this Founder's Edition model, 11GB of GDDR6 video memory yielding a 616 GB/s memory bandwidth rating, and designed to suit real-time ray-tracing workloads with their RTX technology. Pricing on the RTX 2080 Ti Founder's Edition is $1,199 USD. Last week NVIDIA published more details on the Turing architecture for those interested as well as on the new mesh shader capability.

• Windows, Linux Servers Beware: New Malware Encrypts Files Even After Ransom Is Paid

  Ransomware skyrocketed from obscurity to infamy in no time flat. Headline-grabbing campaigns like WannaCry, Petya and NotPetya preceded a substantial increase in the number of small attacks using similar techniques to extort unwary internet users. Now, researchers at Palo Alto Networks have revealed new malware that carries on NotPetya's legacy while combining various types of threats into a single package.

  The researchers, dubbed Unit 42, named this new malware Xbash. It's said to combines a bot net, ransomware and cryptocurrency mining software in a single worm and targets servers running Linux or Windows. The researchers blame an entity called the Iron Group for Xbash's creation, which has been linked to other ransomware attacks. The malware is thought to have first seen use in May 2018.

• Xbash Malware Deletes Databases on Linux, Mines for Coins on Windows

• CCTV Cameras Are Susceptible To Hacks; Hackers Can Modify Video Footage

  A vulnerability has been discovered in video surveillance camera software that could allow hackers to view, delete or modify video footage.

  A research paper published by Tenable, a security firm, has revealed a vulnerability named Peekaboo in the video surveillance systems of NUUO. By exploiting the software flaw, hackers can acquire the admin privileges and can monitor, tamper and disable the footage.

• Tenable Research Discovers “Peekaboo” Zero-Day Vulnerability in Global Video Surveillance Software

  Tenable®, Inc., the Cyber Exposure company, today announced that its research team has discovered a zero-day vulnerability which would allow cybercriminals to view and tamper with video surveillance recordings via a remote code execution vulnerability in NUUO software — one of the leading global video surveillance solution providers. The vulnerability, dubbed Peekaboo by Tenable Research, would allow cybercriminals to remotely view video surveillance feeds and tamper with recordings using administrator privileges. For example, they could replace the live feed with a static image of the surveilled area, allowing criminals to enter the premises undetected by the cameras.

• 5 ways DevSecOps changes security

  There’s been an ongoing kerfuffle over whether we need to expand DevOps to explicitly bring in security. After all, the thinking goes, DevOps has always been something of a shorthand for a broad set of new practices, using new tools (often open source) and built on more collaborative cultures. Why not DevBizOps for better aligning with business needs? Or DevChatOps to emphasize better and faster communications?

  However, as John Willis wrote earlier this year on his coming around to the DevSecOps terminology, “Hopefully, someday we will have a world where we no longer have to use the word DevSecOps and security will be an inherent part of all service delivery discussions. Until that day, and at this point, my general conclusion is that it’s just three new characters. More importantly, the name really differentiates the problem statement in a world where we as an industry are not doing a great job on information security.”

Ever since I started blogging about my role in FSFE as Fellowship representative, I've been receiving communications and queries from various people, both in public and in private, about the relationship between FSF and FSFE. I've written this post to try and document my own experiences of the issue, maybe some people will find this helpful. These comments have also been shared on the LibrePlanet mailing list for discussion (subscribe here)

Being the elected Fellowship representative means I am both a member of FSFE e.V. and also possess a mandate to look out for the interests of the community of volunteers and donors (they are not members of FSFE e.V). In both capacities, I feel uncomfortable about the current situation due to the confusion it creates in the community and the risk that volunteers or donors may be confused.

The FSF has a well known name associated with a distinctive philosophy. Whether people agree with that philosophy or not, they usually know what FSF believes in. That is the power of a brand.

When people see the name FSFE, they often believe it is a subsidiary or group working within the FSF. The way that brands work, people associate the philosophy with the name, just as somebody buying a Ferrari in Berlin expects it to do the same things that a Ferrari does in Boston.

To give an example, when I refer to "our president" in any conversation, people not knowledgeable about the politics believe I am referring to RMS. More specifically, if I say to somebody "would you like me to see if our president can speak at your event?", some people think it is a reference to RMS. In fact, FSFE was set up as a completely independent organization with distinct membership and management and therefore a different president. When I try to explain this to people, they sometimes lose interest and the conversation can go cold very quickly.

• Google partners w/ Renault, Nissan, Mitsubishi to offer Assistant, Maps, & Android on 2021 cars

• Renault-Nissan alliance takes Google Android for a drive

• Renault-Nissan-Mitsubishi adopts Android infotainment in coup for Google

• 91 “child friendly” Android apps accused of exploitation

• How to change the quick settings in your notification drawer on Android Pie

• Google Is Testing A Floating Keyboard On Android

• Here's our first look at Android Pie on the Samsung Galaxy S9 Plus

• BlueStacks 4 boasts better Android gaming on PCs than on [UPDATE]

• PDF edit app Flexcil eyes cross-device expansion into iPhone and Android

A smart home is a lot more than just lights, switches and thermostats that you can control remotely from your phone. To truly make a Smart Home, the devices must be reactive and work together. This is generally done with a Rule System: a set of maxims that automate actions based on conditions. It is automation that makes a home smart.

There are a couple options for a rule system with the Things Gateway from Mozilla. First, there is a rule system built into the Web GUI, accessed via the Rules option in the drop down menu. Second, there is the Web Things API that allows programs external to the Things Gateway to automate the devices that make up a smart home. Most people will gravitate to the former built-in system, as it is the most accessible to those without predilection to writing software. This blog post is going to focus on the this rules system native to the Things Gateway.

• Kong 1.0 Debuts Providing Open Source API Platform for Cloud Native Applications

• Kong 1.0 launches: the only open source API platform specifically built for microservices, cloud, and serverless

• Kong 1.0 launches to help meet scalability demands

• Running Ubuntu VMs on Windows just got a whole lot more streamlined

• Hyper-V Quick Create Feature Makes Creating Ubuntu Virtual Machines Easier

• The Humble One Special Day Bundle is live with two nice Linux games

  The Humble One Special Day Bundle just went live and it has two rather nice native Linux games available. Others may work with Valve's Steam Play.

  For the native Linux games, you will be able to grab OlliOlli2: Welcome to Olliwood in the $1 tier which by itself is a pretty great deal. You will also find Surgeon Simulator: Anniversary Edition if you pay more than the average. Not a lot of native titles this time, hopefully their next game bundle will be a step up for us…

• Valve have opened up the code for their VR 'Moondust' tech demos, also a third revision of the Knuckles controller

  What will hopefully help developers work on VR projects using Valve's experimental "Knuckles" controllers, Valve have opened up the source code for their Moondust Knuckles Tech Demos.

  Their Moondust GitHub repository appeared on the 12th of this month, although until today it remained mostly empty. They've now updated it and put it out for the public to take a look.

• Aspyr Media have announced a Layers of Fear and Observer bundle making them cheaper together

  Aspyr Media along with Bloober Team have announced that they've bundled up Layers of Fear and Observer, two great horror titles and getting them together makes them cost less.

Earlier this year, Tidelift conducted a survey of over 1,200 professional software developers and open source maintainers. We found that 83% of professional software development teams would be willing to pay for better maintenance, security, and licensing assurances around the open source projects they use. Meanwhile, the same survey found that the majority of open source maintainers receive no external funding for their work, and thus struggle to find the time to maintain their open source projects.

We couldn't be more excited about what's happening today on the Web and around the world. Organizations, nonprofits, and companies have stepped up to take action, sharing their work to make the world DRM-free.

• Renault-Nissan-Mitsubishi lets Google's Android into its dashboards

• Google wins major Android deal with auto partnership Renault-Nissan-Mitsubishi

• Bluestacks 4 released: Your Android apps on PC could run faster than your flagship phone

• 5 handy hidden features in the Gmail Android app

• Android Security Bulletin September 2018: What you need to know

• Google Family Link adds much-needed teen Android management

• Forget the iPhone XS – here are all the Android phones coming in October 2018

• BlueStacks, an Android emulator for PC, gets update with major performance upgrade

• Android Confidential: Why these 3 upcoming Android phones could put the iPhone XS to shame

• Exclusive: This is Android Pie with Samsung Experience 10 on the Samsung Galaxy S9+

• Google Is Testing A Floating Keyboard On Android

• Big Dolby donation to UCSF; Android cars are coming; OPEC supports Iran

Chrome OS 69 is the first release of the Linux-based operating system that enables support for running Linux apps on Chromebooks. However, the Linux app support is still in development and it's presented to users in a beta form, available only on select devices due to hardware restrains. A complete list with the Chromebooks supporting Linux apps is available here.

"While we would like to be able to bring this work to all Chromebooks, the required kernel and hardware features limit where we can deploy this," says Google in the blog announcement. "A lot of features we use had to be backported, and the further back we go, the more difficult & risky it is to do so. We don't want to compromise system stability and security here."

Upsilon is Kickstartering a “BioControle” I/O add-on board for the RPi 3 designed for aquaponics and hydroponics. The $89, open-spec add-on offers power-protected 12-bit ADC and DAC, 4x relays, servo outputs, and sensor and logical I/O.

We knew it was only a matter of time before we covered a board from Luxembourg, and that time has come. Rodange, Luxembourg based Upsilon Engineering, which is led by embedded engineer Yann Leidwanger, has gone to Kickstarter to launch its BioControle add-on board for the Raspberry Pi 3. The board can be used as a general purpose I/O and DAQ add-on but is specifically designed as a control board for aquaponics and hydroponics gardening.

• First results of the ROSIN project: Robotics Open-Source Software for Industry

  Open-Source Software for robots is a de-facto standard in academia, and its advantages can benefit industrial applications as well. The worldwide ROS-Industrial initiative has been using ROS, the Robot Operating System, to this end.

  In order to consolidate Europe’s expertise in advanced manufacturing, the H2020 project ROSIN supports EU’s strong role within ROS-Industrial. It will achieve this goal through three main actions on ROS: ensuring industrial-grade software quality; promoting new business-relevant applications through so-called Focused Technical Projects (FTPs); supporting educational activities for students and industry professionals on the one side conducting ROS-I trainings as well as and MOOCs and on the other hand by supporting education at third parties via Education Projects (EPs).

• Baidu To Launch World’s First Intelligent Vehicle Infrastructure Cooperative Systems Open Source Solution By End Of 2018

  Baidu Inc. has announced it will launch the Apollo Intelligent Vehicle Infrastructure Cooperative Systems (IVICS) open-source solution by the end of 2018, leveraging its capabilities in autonomous driving to bring together intelligent vehicles and infrastructure to form a “human-vehicle-roadway” interplay – an important step toward developing future intelligent transportation.

• Versity Open Sources Next Generation Archiving Filesystem

  The ScoutFS project was started in 2016 to address the rapidly growing demand for larger POSIX namespaces and faster metadata processing. The design goal for ScoutFS includes the ability to store up to one trillion files in a single namespace by efficiently distributing metadata handling across a scale out cluster of commodity compute nodes.

• Moving from Wordpress

• Epic Clock Clocks The Unix Epoch

  Admit it: when you first heard of the concept of the Unix Epoch, you sat down with a calculator to see when exactly 2³¹-1 seconds would be from midnight UTC on January 1, 1970. Personally, I did that math right around the time my company hired contractors to put “Y2K Suspect” stickers on every piece of equipment that looked like it might have a computer in it, so the fact that the big day would come sometime in 2038 was both comforting and terrifying.

  [Forklift] is similarly entranced by the idea of the Unix Epoch and built a clock to display it, at least for the next 20 years or so. Accommodating the eventual maximum value of 2,147,483,647, plus the more practical ISO-8601 format, required a few more digits than the usual clock – sixteen to be exact. The blue seven-segment displays make an impression in the sleek wooden case, about which there is sadly no detail in the build log. But the internals are well documented, and include a GPS module and an RTC. The clock parses the NMEA time string from the satellites and syncs the RTC. There’s a brief video below of the clock in action.

• 3 top Python libraries for data science

  Python's many attractions—such as efficiency, code readability, and speed—have made it the go-to programming language for data science enthusiasts. Python is usually the preferred choice for data scientists and machine learning experts who want to escalate the functionalities of their applications. (For example, Andrey Bulezyuk used the Python programming language to create an amazing machine learning application.)

  Because of its extensive usage, Python has a huge number of libraries that make it easier for data scientists to complete complicated tasks without many coding hassles. Here are the top 3 Python libraries for data science; check them out if you want to kickstart your career in the field.

• PortableCL 1.2 Still Coming While POCL 1.3 Will Further Improve Open-Source OpenCL

  It's been a number of months since last having any major news to report on POCL, the "PortableCL" project providing a portable OpenCL/compute implementation that can run on CPUs, select GPUs, and other accelerators.

  POCL 1.1 from March remains the current stable release while POCL 1.2 has been in the release candidate stage. The POCL 1.2 release candidates began last month with a few highlights like LLVM 7.0 support, device-side printf support, and HWLOC 2.0 library support.

CloudBees is bringing a set of products into a new CloudBees Suite that it said will help companies of all sizes streamline the software development process. The new software is set to be announced Sept. 18 at the company’s DevOps World / Jenkins World conference in San Francisco. Jenkins is the open-source version of CloudBees, which is a commercial offering.

A central piece of the CloudBees Suite is the CloudBees Core for unified governance of continuous delivery operations and processes used in DevOps. Software pipelines can also use Core to run software pipelines more efficiently in a self-managed way in the cloud or on-premises.

Also: CloudBees Announces Availability of Support for Jenkins Open Source

• Google releases Chrome OS 69 with new Material Theme design and Linux support

  Google’s big Chrome overhaul that arrived on desktop and mobile earlier this month is coming to Chromebooks today with the release of Chrome OS version 69. The really noticeable change is the new Material Theme redesign of Chrome itself, which brings tabs with rounded corners and some softer aesthetic elements, like a blank white new tab page, to the overall look and feel of the browser.

• Chrome OS revamp delivers a new look and Linux app support

• Chrome OS 69 Brings New Look, Linux App Support

• Chrome OS 69 rolling out w/ Google Material Theme, Night Light, Linux, dictation, more

  Chrome OS 69 is rolling out today following the Android and desktop release last week. Version 69 includes the Google Material Theme to coincide with the browser’s 10th anniversary. Meanwhile, Linux apps are launching on the stable channel for select devices, while Chrome OS adds Night Light and easier to access system-level voice dictation.

• Microsoft Windows U-turn removes warning about installing Chrome, Firefox [Ed: Microsoft showed us its true colours though]

  The feature raised some hackles and brought back memories of Microsoft's strong-arm tactics promoting its old Internet Explorer browser in the first browser wars two decades ago. But Microsoft isn't alone in such tactics: Google promotes its Chrome browser as faster and safer to people who visit its own websites with other browsers.

  Microsoft didn't immediately respond to a request for comment about the change of direction.

Divided into 2 parts, in this first part I will introduce the concept that everything is file and present the special devices / dev / null, / dev / zero, / dev / random and / dev / full. Part 2 will be to present didactically interesting features about this, for example, how to turn a file into a partition!

• AutoFill your passwords with Firefox Lockbox in iOS

  Today Firefox Lockbox 1.3 gives you the ability to automatically fill your username and password into apps and websites. This is available to anyone running the latest iOS 12 operating system.

• Streaming RNNs in TensorFlow

  The Machine Learning team at Mozilla Research continues to work on an automatic speech recognition engine as part of Project DeepSpeech, which aims to make speech technologies and trained models openly available to developers. We’re hard at work improving performance and ease-of-use for our open source speech-to-text engine. The upcoming 0.2 release will include a much-requested feature: the ability to do speech recognition live, as the audio is being recorded. This blog post describes how we changed the STT engine’s architecture to allow for this, achieving real-time transcription performance. Soon, you’ll be able to transcribe audio at least as fast as it’s coming in.

• Explore the immersive web with Firefox Reality. Now available for Viveport, Oculus, and Daydream

  Earlier this year, we shared that we are building a completely new browser called Firefox Reality. The mixed reality team at Mozilla set out to build a web browser that has been designed from the ground up to work on stand-alone virtual and augmented reality (or mixed reality) headsets. Today, we are pleased to announce that the first release of Firefox Reality is available in the Viveport, Oculus, and Daydream app stores.

  At a time when people are questioning the impact of technology on their lives and looking for leadership from independent organizations like Mozilla, Firefox Reality brings to the 3D web and immersive content experiences the level of ease of use, choice, control and privacy they’ve come to expect from Firefox.

  But for us, the ability to enjoy the 2D web is just table stakes for a VR browser. We built Firefox Reality to move seamlessly between the 2D web and the immersive web.

• These Months In Servo 113

  In the past 1.5 months, we merged 439 PRs in the Servo organization’s repositories.

Linux has been around for almost 30 years. Yes, it’s that old, and it did make history. If you are interested in the history of some of the major Linux distros, here it is in a nutshell – the history of various Linux distros, like Ubuntu, Fedora, REHL, Linux Mint, Slackware, etc. The reasons for their creation and their philosophy will be briefly discussed.

• Security updates for Tuesday

• Reproducible Builds: Weekly report #177

• Microsoft: Like the Borg, we want to absorb all the world's biz computers [Ed: Microsoft wants to spy on and control every single thing. It (kick)started PRISM, so it was never serious about real security.]

  The technology allows Redmond to scan and monitor enrolled devices, and push out security patches, operating system upgrades, and software updates to the kit as necessary. It will also use machine-learning code and analytics to, in its own words, "manage the global MMD device population."

• Unit 42 Researchers Discover Xbash – Malware Which Destroys Linux and Windows Based Databases [Ed: See below; so basically it targets already-screwed systems...]

  Xbash mainly spreads by targeting any unpatched vulnerabilities and weak password

• Distance, the amazing atmospheric racing platformer is now officially out

  I've been waiting on this for what feels like forever, after a great run in Early Access the atmospheric racing platformer Distance is now out. A game I've gone back to many times during Early Access! Everything about Distance hits the mark for me.

• FPS game Ballistic Overkill's Bloodlust update is out

  Ballistic Overkill, a cheap and quite decent online FPS game has released a new update named Bloodlust full of tweaks for their newer Rounds game mode.

• The Count Lucanor, a 2D mystery and horror adventure is now on GOG

  For you GOG fans, they've added another quality Linux game! The Count Lucanor, a 2D mystery and horror adventure is now up with Linux support.

• Valve have been fined 147 thousand euros in France

  Thanks to a tip in our Discord, we've found out today that Valve have been fined 147 thousand euros in France. Probably a drop in the ocean compared to Valve's revenue, but enough to turn their heads and pay attention.

• Wolfenstein: The Old Blood Should Now Be In Good Shape With RadeonSI On Mesa 18.3

  Earlier this month Valve developers began working on Mesa/RadeonSI fixes for Wolfenstein: The Old Blood to run nicely with the open-source Linux drivers while the game is running under Steam Play / Proton. The last batch of these fixes for The Old Blood are now in Git for Mesa 18.3.

  First up is a revert to fix menu hangs in id Tech games like RAGE and Wolfenstein: The New Order.