• Electronic Health Records at 26 Hospitals Hit by Two-Hour Outage [iophk: "Windows TCO"]

  Universal, which manages more than 350 health-care facilities in the U.S. and U.K., declined to specify the technical issues or say how many patient records were affected. The problem lasted for less than two hours and the affected hospitals have returned to normal operations, said Eric Goodwin, chief information officer of the King of Prussia, Pennsylvania-based company.

• DevSecOps: 4 key considerations for beginners

  Security used to be the responsibility of a dedicated team in the last development stage, but with development cycles increasing in number and speed, security practices need to be constantly updated.

  This has led to the rise of DevSecOps, which emphasizes security within DevOps. Companies need DevSecOps to make sure their initiatives run safely and securely. Without DevSecOps, DevOps teams need to rebuild and update all their systems when a vulnerability is found, wasting time and effort.

• OpenSSH to Keep Private Keys Encrypted at Rest in RAM

  A commit for the OpenSSH project adds protection for private keys in memory when they are not in use, making it more difficult for an adversary to extract them through side-channel attacks leveraging hardware vulnerabilities.

  OpenSSH is the most popular implementation of the SSH (Secure Shell) protocol, being the default solution in many Linux distributions for encrypting connections to a remote system.

• OpenSSH adds protection against Spectre, Meltdown, Rowhammer and RAMBleed attacks

• GNU Bash Unsupported Characters Heap-Based Buffer Overflow Vulnerability [CVE-2012-6711]

  A vulnerability in the lib/sh/strtrans.c:anicstr function of GNU Bash could allow an authenticated, local attacker to execute code on a targeted system.The vulnerability is due buffer errors within the lib/sh/strtrans.c:anicstr function of the affected software. An attacker could exploit this vulnerability by providing print data through the echo built-in function. A successful exploit could allow the attacker to execute code on the targeted system.GNU Bash has confirmed this vulnerability and released a software patch.

• Daily News Roundup: Malware in Your Pirated Software

  Researchers at ESET and Malwarebytes have discovered crypto mining malware hidden in pirated music production software.

• A Method for Establishing Liability for Data Breaches

  Last month, the First American Financial Corporation—which provides title insurance for millions of Americans—acknowledged a cybersecurity vulnerability that potentially exposed 885 million private financial records related to mortgage deals to unauthorized viewers. These records might have revealed bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and driver’s license images to such viewers. If history is any guide, not much will happen and companies holding sensitive personal information on individuals will have little incentive to improve their cybersecurity postures. Congress needs to act to provide such incentives.

  The story is all too familiar, as news reports of data breaches involving the release of personal information for tens of millions of, or even a hundred million, Americans have become routine. A company (or a government agency) pays insufficient attention to cybersecurity matters despite warnings that the cybersecurity measures it takes are inadequate and therefore fails to prevent a breach that could be remediated by proper attention to such warnings. In the aftermath of such incidents, errant companies are required by law to report breaches to the individuals whose personal information has been potentially compromised. Frequently, these companies also offer free credit monitoring services to affected individuals for a year or two.

Enso OS is a relatively new GNU/Linux distro based on Ubuntu with XFCE desktop coupled with Gala Window Manager. Looking at Enso is like looking at a mix between Xubuntu and elementary OS. It features a Super key start menu called Panther and a global menu on its top panel, making the interface very interesting to try. This overview briefly highlights the user interface for you.

Thank you very much to community for bug reports, feature requests and contributions!

Also: Stellarium 0.19.1 Released with A Large List of Changes

Just hours after releasing Wine 4.11, the team maintaining the experimental/testing version of Wine -- Wine-Staging -- issued their release with more than 800 patches re-based on top.

Wine-Staging 4.11 is at 818 patches on top of upstream Wine, which is lower than previous releases thanks to a number of patches getting upstreamed this month.

• Play Ascii Patrol Game in Linux Terminal!

  Typing a command in the Linux terminal is one of the exciting things. We are like a king who is giving orders to his soldiers to do certain things. Terminal on Linux has many benefits when you understand the commands that exist. In addition to executing a command, we can play games at the terminal.

  Playing games on the Linux terminal is one of entertainment. There are many Terminal-based games that you can play on the Linux terminal, one of which is Ascii Patroll. This game is inspired by the classic game "Moon Patrol", and we can run it on the CLI.

• Valve Will Not Be Officially Supporting Ubuntu 19.10+

  The planned dropping of 32-bit support on Ubuntu saga continues... Well known Valve Linux developer Pierre-Loup Griffais has said they plan to officially stop supporting Ubuntu for Steam on Linux.

• Valve looking to drop support for Ubuntu 19.10 and up due to Canonical's 32bit decision

  Things are starting to get messy, after Canonical announced the end of 32bit support from Ubuntu 19.10 onwards, Valve have now responded.

  [...]

  I can't say I am surprised by Valve's response here. Canonical pretty clearly didn't think it through enough on how it would affect the desktop. It certainly seems like Canonical also didn't speak to enough developers first.

  Perhaps this will give Valve a renewed focus on SteamOS? Interestingly, Valve are now funding some work on KWin (part of KDE).

• What are you playing this weekend and what do you think about it? It's mostly Dota Underlords for me

  Let's lighten the mood a bit shall we? It's question time here on GamingOnLinux! Let's have a talk about what you've been playing recently.

  I will of course go first: Dota Underlords. I have quite the sweet spot for it already, even though I'm absolutely terrible at it. This might be the game to finally get me to kick my unhealthy Rocket League obsession, which is amazing considering how radically different they are. I adore strategy games though and unlike normal Dota, I don't need to think ridiculously quickly. Since you don't need any kind of reflexes for it, sitting back and relaxing with the Steam Controller is another reason I quite like Dota Underlords. In the evenings on weekends especially, I can be quite the lazy-gamer, so anything that allows me to kick back with it is likely to get my vote.

  After only being out for a few days, it's already annihilated the player record for Artifact. Artifact's all-time high was only just over 60K whereas Underlords has sailed past 190K, although that shouldn't be too surprising since Underlords is free and isn't rammed full of micro-transactions (yet?) and it helps being on mobile as well of course (According to one of the SteamDB folk, the mobile players are being counted too).

• T-Mobile LG V40 ThinQ now receiving its Android Pie update

• Oppo F9/F9 Pro & Oppo F7 ColorOS 6 (Android Pie 9.0) updates are in the works

• Happy Birthday Andy Rubin: The Man Who Sold Android For $50 Million To Google

• Motorola has no plans to update the Moto Z4 with Android R

• Android: 5 New Games - Dota Underlords, ROME: Total War Barbarian Invasion and More!

• 13 new and notable Android apps from the last two weeks including DoodleLens, Marvel Hero Tales, and Scrypted Home Automation (6/8/19 - 6/22/19)

• 5 Android apps you shouldn’t miss this week! – Android Apps Weekly

• Linux 5.1.13

  I'm announcing the release of the 5.1.13 kernel.

  All users of the 5.1 kernel series must upgrade.

  The updated 5.1.y git tree can be found at:
  git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.1.y
  and can be browsed at the normal kernel.org git web browser:
  https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...

• Linux 5.1.14

• Linux 4.19.54

• Linux 4.19.55

• Linux 4.14.129

• Linux 4.9.183

• Linux 4.4.183

• EPO Directors Would be Wise to Rebel Against Team Campinos While They Still Have the Job
• American Front Group Open Invention Network (Riding the Linux Brand) is a Proponent of Software Patents in Europe
• Say ‘Hey Hi’ to Software Patents
• A Personal Note From Ted MacReilly (How Microsoft Works Against GNU/Linux)
• The Linux Foundation’s New Vice Chair, Wim Coekaerts, Worked for Microsoft
• Leaked: Harassment of EPO Directors by Team Campinos
• Links 21/6/2019: GNOME 3.33.3, 32-Bit Support Further Neglected, DragonFlyBSD 5.6.1 Released

There will be no 32-bit support at all in Ubuntu 19.10. This is problematic for developers of Wine and Steam and gaming on Ubuntu might be in trouble.

• YouTube may soon hide comments on videos by default on Android devices

• Google gives up on making its own Android-based tablets

• Google's Hardware Chief Calls It Quits On Android And ChromeOS Tablets

• Motorola will only release the Android Q update for Moto Z4

• Pocketnow Daily: Huawei CONFIRMS Android Q for Certain Devices (video)

• Huawei exec: the foldable Mate X with Android intact to launch by September

• [Updated] Realme CEO reveals when devices running ColorOS 6 (Android Pie) beta will get stable update

• T-Mobile's LG V40 ThinQ is latest in line to get Android 9 Pie

• Top 10 Best Android Smartphones - June 2019

• Lenovo Smart Tab P10 review: Part Android tablet and part Alexa smart screen

• Motorola says Android R isn’t currently ‘planned’ for Moto Z4

• Around 40% of Android and iOS apps have high-risk vulnerabilities

• The Free Streaming Service XUMO is Now Available on Some Android TV

Mattermost, which presents itself as an open source alternative to Slack raised $50M in series B funding. This is definitely something to get excited for.

Slack is a cloud-based team collaboration software that is mainly used for internal team communication. Enterprises, startups and even open source projects worldwide use it interact with colleagues and project members. Slack is free with limited features while the paid enterprise version has premium features.

Slack is valued at $20 billion in June, 2019. You can guess the kind of impact it has made in the tech industry and certainly more products are trying to compete with Slack.

• Important, but obscure, sysadmin tool osquery gets a foundation of its own

  But users think osquery's founder, Facebook, has been neglecting osquery. Going forward, Facebook has turned osquery over to The Linux Foundation. There, engineers and developers from Dactiv, Facebook, Google, Kolide, Trail of Bits, Uptycs, and other companies invested in osquery, will support it under the new foundation: The osquery Foundation.

  That's a good thing because while you may not have heard of osquery, many major companies, such as Airbnb, Dropbox, Netflix, Palantir, Etsy, and Uber, rely on it. This project needed a new lease on life.

  How does it work? Osquery exposes server operating system as a high-performance relational database. This allows you to write SQL-based queries to explore operating system data and low level system information. In osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.These are kept in a SQLite DBMS.

• Running Ubuntu on the One Mix Yoga 3 mini laptop (video)

  The One Mix Yoga 3 is a small laptop that features an 8.4 inch touchscreen display and a convertible tablet-style design. It ships with Windows 10, but one of the first things I tried doing with the tablet was to boot a GNU/Linux distribution.

  I posted some notes about what happened when I took Ubuntu 19.04 for a spin on the One Mix 3 Yoga in my first-look article, but plenty of folks who watched my first look video on YouTube asked for a video… so I made one of those too.

• Cockroach and the Source Available Future [Ed: The proprietary software giants-funded pundits like PedMonk on the openwashing agenda ("Source Available"... like "Shared Source" or "Inner Source"). What a crock.]

  Earlier this month, the database company Cockroach Labs relicensed its flagship database product. This is notable for two reasons. Most obviously, the company is following in the footsteps of several of its commercial open source database peers such as Confluent, Elastic, MongoDB, Redis Labs and TimescaleDB that have felt compelled to apply licenses that are neither open source nor, in most cases, traditionally proprietary.

  But the relicensing of CockroachDB is also interesting because this isn’t the first time the company has applied such a license.

  In January of 2017, Cockroach Labs announced the introduction of what it called the CockroachDB Community License (CCL). To the company’s credit, in the post announcing this new license, it took pains to make it clear that the CCL, while making source code available, was not in fact an open source license because it restricted redistribution. The CCL essentially enforced a two tier, open core-type business model, in which a base version of the database was made available under a permissive open source license (Apache) while certain enterprise features were made available under the CCL, which essentially requires users of these premium, enterprise-oriented features to pay for them.

  With its recent relicensing, the original dual core model has been deprecated. Moving forward, CockroachDB will be made available under two non-open source licenses – which, as an aside to Cockroach, presumably means that section 1B of the CCL probably needs to be updated. The CCL will continue to govern the premium featureset, but the original open source codebase will moving forward be governed by the Business Source License (BSL). Originally released by MariaDB, the BSL is a source available license; a license that makes source code for a project available, but places more restrictions upon its usage than is permitted by open source licenses.

• Welcoming the newest Collaborans!

  For many, June 21, day of the Solstice, is a day of celebrations. At Collabora, we're also celebrating, as we take a moment to welcome all the newest members of our engineering and administration teams who've joined over the last year!

  Comprised of some of the most motivated and active Open Source contributors and maintainers around the world, Collaborans share an enduring passion for technology and Open Source, and these new joiners are no different.

• Linux Cryptominer Uses Virtual Machines to Attack Windows, macOS [Ed: This is simply malware that people download and install on their machines, but hey, let's blame something else on "Linux"]

  A new cryptocurrency mining malware dubbed LoudMiner uses virtualization software to deploy a Linux XMRig coinminer variant on Windows and macOS systems via a Tiny Core Linux virtual machine.

• Report confirms shift of botnet attack focus to Linux, IoT [Ed: A 'report' shifts focus from Microsoft Windows back doors (which are causing huge damage at the moment) to "Linux" (usually just machine with default password unchanged)]

• Botnets shift from Windows towards Linux and IoT platforms [Ed: Microsoft money has poisoned and polluted corporate media (advertising money) to the point each time it covers "Linux" it's either a story about Linux being dangerous or a story about Vista 10 (WeaSeL)]

• Free proxy service found running on top of 2,600+ hacked WordPress sites [Ed: Considering there are many millions of WordPress sites, many of which aren't patching properly, this is only expected and it's the fault of their administrators]

• Four CVEs Describe SACKs of Linux and FreeBSD Vulnerabilities [Ed: When searching news for "Linux" these days almost half the results are about security because corporate media chooses to focus on nothing else, even obsessing over the same story for weeks]

  

  Four new CVEs present issues that have a potential DoS impact on almost every Linux user.

• Remote Desktop Protocol

  As with any piece of software, bugs arise sooner or later. A critical security exploit allowing a man-in-the-middle- style attack was discovered in RDP version 5.2. In 2012, another critical vulnerability was discovered to allow a Windows computer to be compromised by unauthenticated clients. Version 6.1, found in Windows Server 2008, revealed a critical exploit that harvested user credentials. More recently, an exploit discovered in March 2018 allowed remote code execution attack and another credential- harvesting scenario.

• Intel Drops 2 Exciting Clues About The Future Of Clear Linux OS For 'Normal' Desktop Users [Ed: Intel is still trying, more desperately over time, to generate interest in its flailing GNU/Linux distro while putting back doors in every chip and doing other profoundly dubious things]

  I'm not a developer, a server administrator or anyone with advanced programming skills. I'm just a normal desktop Linux user who appreciates speed, stability, great aesthetics and ease of use. As such I've been keeping a close eye on Intel's Clear Linux, and have been insisting it's worth paying attention to. Intel's recent community efforts around Clear Linux -- and even certain touches they've implemented to the installer -- have given me the strong belief that the company is looking to serve people just like me in the near future. So I asked the burning question directly, and Intel just answered it.

• Touch panel PCs offer a choice of 64 models mixing different sizes and Intel chips

  Taicenn’s Linux-friendly, IP65 protected “TPC-DCM” industrial panel PCs let you choose between 6th or 7th Gen U-series Core, Apollo Lake, or Bay Trail CPUs with 2x GbE, SATA, optional wireless, and capacitive touchscreens between 15 and 24 inches.

  Taicenn, which last year introduced an Intel Bay Trail based, in-vehicle TPC-DCXXXC1E panel PC has now returned with an industrial series of TPC-DCM panel PCs. You can choose between 64 configurations, with 8x Intel processor choices and 8x screen sizes: 15.0, 2x 15.6, 17.0, 18.5, 19.0, 21.5 and 24.0-inch models ranging from 1024 x 768 to 1920 x 1080 pixels.

• Three Linux router boards showcase Qualcomm IPQ4019

  Three router SBCs that run Linux on Qualcomm’s quad -A7 IPQ4019 have reached market: The Dakota DR4019 with 2x GbE, optional SFP and Wave2 WiFi, MikroTik’s RB450Gx4 with 5x GbE and PoE, and a $200 Kefu DB11 dev kit.

• Latte and "Flexible" settings...

  Following Latte and a "Shared Layouts" dream, today I am going to present you all the new settings pages for upcoming v0.9 and the approach used for them. In following screenshots you can find Basic and Advanced pages for docks and panels.

• Plasma Vision

  The Plasma Vision got written a couple years ago, a short text saying what Plasma is and hopes to create and defines our approach to making a useful and productive work environment for your computer. Because of creative differences it was never promoted or used properly but in my quest to make KDE look as up to date in its presence on the web as it does on the desktop I’ve got the Plasma sprinters who are meeting in Valencia this week to agree to adding it to the KDE Plasma webpage.

• Day 26

  I’m in the end of my semester at college, so I need to split my time with GSoC and my college tasks, so now I’m going slowly but on the next month I have my vacation and I’ll have all of my time dedicated to it.
  My menthors have helped me a lot so far, and I would like to say thanks for the patience, and say sorry for KDE for my initial project and for waste the first weeks on a thing that didn’t produce anything.

• LabPlot getting prettier and also support for online datasets

  Hello everyone! I'm participating in Google Summer of Code for the second time. I'm working on KDE's LabPlot, just like last year. I'm very happy that I can work again with my former and current mentor Kristóf Fábián, and with Alexander Semke, an invaluable member of the LabPlot team, who is like a second mentor to me.

  [...]

  We had to create metadata files in order to record additional information about datasets, and also to divide them into categories and subcategories. We use a metadata data file which contains every category and subcategory and a list of datasets for every subcategory. Additionally there is a metadata file for every dataset containing various data about the dataset itself.

  In the "Datasets" section we highlight every dataset the metadata of which is locally available (in the labplot directory located in the user's home directory). When the user clicks on the "Clear cache" button every file is deleted from the above mentioned directory. The "Refresh" button provides the possibility to refresh the locally available metadata file, which contains the categories and subcategories.
  In order to make possible the import of datasets into LabPlot, and saving them into Spreadsheets I had to implement a helper class: DatasetHandler. This class processes a dataset's metadata file, configures the Spreadsheet into which the data will be loaded, downloads the dataset, processes it (based on the preferences present in the metadata file) then loads its content into the spreadsheet.

• More foss in the north

  This year, midsummer is on June 21, which marks four months from the first foss-north event outside of Gothenburg. That’s right – foss-north is going to Stockholm on October 21 and the theme will be IoT and Security. Make sure to save the date!

  We have a venue and three great speakers lined up. There will be a CFP during July and the final speakers will be announced towards September. We’re also looking for sponsors (hint hint nudge nudge).

  Now I’m off to enjoy the last hour of midsummer and enjoy the shortest night of the year. Take care and I’ll see you in Stockholm this autumn!

• Open Source, Digital Transformation And Grape Up: Roman Swoszowski

  We sat down with Roman Swoszowski, co-founder and VP of Cloud R&D at Grape Up to get a better grip of the problems companies face and how Grape Up help these companies using Open Source technologies.

• Pooja Yadav: Fedora Pune Meetup

  Last Saturday(June,15) , we had Fedora Pune Meetup with Fedora-30 release celebration. When I reached the venue, people were already present there and were ready to start the event. We started according to the agenda with our first talk from Pravin Satpute on Fedora-30 features which was great, as people were really interested in knowing the new features added.

• Talk Python to Me: #217 Notebooks vs data science-enabled scripts

  On this episode, I meet up with Rong Lu and Katherine Kampf from Microsoft while I was at BUILD this year. We cover a bunch of topics around data science and talk about two opposing styles of data science development and related tooling: Notebooks vs Python code files and editors.

• Montreal Python User Group: Montréal-Python 75: Funky Urgency

  The summer has started and it's time for our last edition before the seasonal break. We are inviting you for the occasion at our friends Anomaly, a co-working space in the Mile-End.

  As usual, it's gonna be an opportunity to discover how people are pushing our favourite language farther, to understand how to identify bad habit of most programmers and to have fun with data!

  Join us on Wednesday, there's gonna be pizza and we're probably gonna continue the evening to share more about our latest discoveries.

• Using SSH and Tmux for screen sharing

• How to Show a List of All Databases in MySQL

• Flameshot Linux: An open source screenshot tool for Linux

• Install Handbrake on Linux to reduce video file sizes

• Setting up dev environment for SciPy

  I got an email from someone pretty recently who wanted to setup a dev environment for SciPy. He had made changes to the source code of SciPy and now wanted to test if his changes were working or not. He had gotten so far without actually testing the code. In this post I will share details on how to setup a dev environment the right way. I will focus mainly on Mac OS.

  Firstly, go to the GitHub repo and try to figure out the dependencies for the project. Normally they are listed in the readme file. If they are not listed there then you just try installing the package/libary and the errors in the terminal will give you a clue as to what you are missing. I did that and figured out that I needed Fortran compiler, Cython and NumPy.

• Peter Czanik: Insider 2019-06: Python; Google Stackdriver; elasticsearch-http(); a year of syslog-ng; Red Hat Summit;

  Sometimes getting log messages into the desired format can be a problem, but with syslog-ng you can use Python to get the exact format you need. The syslog-ng Python template function allows you to write custom templates for syslog-ng in Python. In this blog post, I will show you a simple use of the Python parser: resolving IP addresses to host names. I will also show you the logger method, a nice new feature that enables you to log to syslog-ng’s internal() log source instead of writing logs from Python to stdout. This way you can follow what your Python code is doing even if syslog-ng is running as a daemon in the background.

• Creating a new Flask project with pipenv

• Building Restful API with Flask, Postman & PyTest - Part 2

There is a seemingly endless list of distributions to choose from if you’re interested in Linux. That said, one of the most popular distributions is Ubuntu. If you’ve heard of Linux, chances are you’ve heard of Ubuntu.

You may have heard that Ubuntu is based on another distribution, Debian. Which one should you choose? Is it a matter of preference, or is easy distribution better suited to different use cases?

• More AMD Navi GPUs show up in a Linux driver

  A since-deleted commit for a Linux driver update hints at 4 new AMD Navi GPUs.

• Libdrm Picks Up Support For AMD Navi

  As another one of the prerequisites for landing the AMD Radeon RX 5000 series "Navi" support in Mesa, the libdrm bits have just been merged.

  Libdrm is the Mesa DRM library that is needed for sitting between the Linux kernel Direct Rendering Manager (DRM) interfaces and the user-space components (depending upon the driver, as is required by like RadeonSI). Libdrm also ends up being used by the DDX drivers like xf86-video-amdgpu and other components as well depending upon the driver. As of a short time ago, the Navi bits landed in libdrm Git.

  The Navi support here isn't all that exciting and mostly boilerplate code for a new generation for a new family ID, a new member for a tile steering override for GFX10, GDDR6 as a new video memory type, and the largest addition is simply the new tests for VCN 2.0 video decode support.

The Fedora 30 election cycle has concluded. Here are the results for each election. Congratulations to the winning candidates, and thank you all candidates for running in this election!