The new SparkyLinux 5.5 "Nibiru" Rolling images are now synced with the Debian Testing (soon to become Debian GNU/Linux 10 "Buster") software repositories as of September 17, 2018, which means that they are now shipping the Linux 4.18.6 kernel, the Calamares 3.2.1 installer, as well as the latest GCC 8 system compiler by default aas GCC 7 has been completely removed.

"There are new live/install iso images of SparkyLinux 5.5 “Nibiru” available to download. The live system of MinimalGUI/CLI uses Debian’s Linux kernel 4.18.6 as default. The live system of LXQt, due to a problem with long loading the desktop, features Sparky’s Linux kernel 4.18.8 (32bit pae/64bit amd64) as default; and the Debian’s one as well," reads the release announcement.

• Criticism of Unitary Patent (UPC) Agreement Doomed the UPC and Patent Trolls’ Plan — Along With the Litigation Lobby — for Unified ‘Extortion Vector’
• It Wasn’t Judges With Weapons in Their Office, It Was Benoît Battistelli Who Brought Firearms to the European Patent Office (EPO)
• Links 20/9/2018: 2018 Linux Audio Miniconference and Blackboard’s Openwashing
• Links 19/9/2018: Chromebooks Get More DEBs, LLVM 7.0.0 Released
• Links 18/9/2018: Qt 5.12 Alpha , MAAS 2.5.0 Beta, PostgreSQL CoC

• How to detect and remove a virus from your Android phone

• 2019 Nissan Versa Note adds Apple CarPlay, Android Auto compatibility

• The OnePlus 6 just proved why it's one of the best Android phones of 2018

• Android Q confirmed for the Essential Phone

• Android phones: Dialing 911 now automatically shares your location

• Putting Android in Cars Is a 'Real Threat,' Satnav Boss Says

• This Russian botnet mimics your click to prevent Android device factory resets

• Nokia 7.1 Plus details leaked, includes Snapdragon 710 and dual cameras

With the release of Ubuntu 18.04 LTS (Bionic Beaver) as the first LTS (Long Term Support) Ubuntu release to ship with the GNOME desktop environment by default instead of Canonical's in-house built Unity desktop, hybrid laptop users with Intel and Nvidia GPUs lost the way Nvidia PRIME worked in the Ubuntu 16.04 LTS (Xenial Xerus) series.

But it looks like some Ubuntu developers like Alberto Milone never stopped looking for a fix, and he and his team have successfully released a patch for the bug causing increased power consumption when using the power saving profile with the Nvidia GPU turned off, as well as the inability to switch between power profiles when logging out.

KaOS 2018.08 is August 2018's ISO snapshot for the independently developed GNU/Linux distribution inspired by Arch Linux and built around the latest KDE technologies. It ships with the most recent KDE Applications 18.08.0 open-source software suite, as well aas the KDE Plasma 5.13.4 desktop environment and KDE Frameworks 5.49.0, all built on the Qt 5.11.1 framework.

"It is with great pleasure to present to you the August release of a new stable ISO. With almost 70 % percent of the packages updated since the last ISO and the last release being over two months old, a new ISO is more than due. No major changes this time to announce, as was with last ISO, just the usual large package movement," said the developers in the release announcement.

I think a couple of things. I think in general, in terms of filling technology holes and driving new innovation, open source has no problems and no lack of projects right now. In fact, probably the biggest thing we hear from a lot of companies is it's great that there's so much out there, how do we keep up with all of them?

Right now, I think there's a general sentiment from a lot of enterprise companies, telco companies and so-forth that most of innovation that's happening these days are in open source, moreso than it is coming from many vendors. So on one hand, that's a really good thing, a really positive thing.

The flip side of that is, because there's so much going on and there's so many things happening so fast. Open source has never been known for being the people that sit and finish up projects. They've always sort of gotten it to a good solid point that does 80% of what you want it to do, or it works well enough but there's not great interfaces and things on it.

Continuing the Edubuntu legacy of delivering Linux-based operating systems and Open Source software projects to schools and other educational institutions around the world, Escuelas Linux 6 has been released earlier this month with major improvements and new features. The biggest highlights of this release being the availability of dedicated English language ISO images for non-Spanish users.

"Escuelas Linux 6 as a massive amount of improvements, but one of them is key around Softpedia," said Alejandro Díaz. "And, at this point came your help, that above improvement would not be worth the effort if English language people are not aware of our existence. In fact, we recognize that most downloads from non-Spanish language countries are due to your nice articles about us."

Qt 5.11.2 is released today. As a patch release it does not add any new functionality, but provides important bug fixes, security updates and other improvements.

Compared to Qt 5.11.1, the Qt 5.11.2 release provides fixes for more than 250 bugs and it contains around 800 changes in total. For details of the most important changes, please check the Change files of Qt 5.11.2.

The recommended way for getting Qt 5.11.2 is using the maintenance tool of the online installer. For new installations, please download latest online installer from Qt Account portal (commercial license holders) or from qt.io Download page (open source).

• NVIDIA 410.57 Linux Beta Released With RTX 2080 Support, OptiX/Vulkan Ray-Tracing

  The Linux driver I've been using today for the just-posted GeForce RTX 2080 Ti Linux benchmarks is now publicly available. This NVIDIA 410 Linux driver is most exciting for Volta and Turing GPU owners, but there are also some EGL and Vulkan updates along with other changes.

• Multiboot Pinebook KDE neon

  Here’s a picture of my Pinebook running KDE neon — watching Panic! At the Disco’s High Hopes — sitting in front of my monitor that’s hooked up to one of my openSUSE systems. There are still some errata, and watching video sucks up battery, but for hacking on documentation from my hammock in the garden, or doing IRC meetings it’s a really nice machine.

  But one of the neat things about running KDE neon off of an SD card on the Pinebook is that it’s portable — that SD card can move around. So let’s talk about multiboot in the sense of “booting the same OS storage medium in different hardware units” rather than “booting different OS from a medium in a single hardware unit”. On these little ARM boards, u-boot does all the heavy lifting early in the boot process. So to re-use the KDE neon Pinebook image on another ARM board, the u-boot blocks need to be replaced.

• Glade in Libre Application Summit

  As usual, it was a great opportunity to catch up with old friends and make new ones specially outside the GNOME community.

  This opportunity I talked about the plans I have to integrate Glade with Gnome Builder and other IDEs

• Linux-ready Apollo Lake mini-PC offers optional Movidius AI

  Aaeon’s rugged “Boxer-6405” mini-PC features an Apollo Lake SoC plus 2x GbE, 4x USB 3.0, 3x or 4x serial, and an HDMI port. Options including SATA, wireless, and an UP AI Core card with Movidius technology.

  Aaeon announced a Boxer-6405 mini-PC that will be unveiled at the 20th China International Industry Fair, held Sep. 19-23 at the Shanghai National Exhibition Center. The compact embedded system will be demonstrated along with the UP AI Vision Kit at Aaeon’s Smart Factory Artificial Intelligence Edge Computing display.

 

• Video: Hackers To The Rescue – Defining Good Hacking

  Noci, the fictional city attacked by malevolent hackers during ICON2018, was saved and the challenge was won by a Swiss team. What is a hacker, how do they define themselves? Two members of ICON, a young non-governmental organisation in Geneva, answered that question for Intellectual Property Watch, with the same affirmation: a hacker is first and foremost a curious mind. View the IP-Watch video interviews below.

  ICON 2018, “The journey to digital trust”  co-organised by ICON, the Geneva Centre for Security Policy (GCSP,) and the MCI group, took place on 13-14 September. The event held what the organisers qualified as the “World premiere cyber-attack simulation.”

  Participants came from France, Italy, Norway and Switzerland, selected after a qualifying competition at the global level, according to an ICON press release. In the end, the challenge was won by Swiss participants Team Sw1ss, it said.

• Who will push back the most on a move to DevOps?

  You're moving to a DevOps model for all or part of your organisation: well done! Somebody, somewhere has made the leap. Let's assume, for the sake of this article, that you have management buy-in: whatever hurdles needed to be jumped, whatever mountains needed to be climbed to get that momentous "Yes." You've got tooling agreed, you've worked out your processes, and now all you need to do is convince people to get involved. Should be easy, right? If only.

  It turns out that not all people are as enlightened as you, the reader of this article. Not everybody likes change, and if there's one thing you can be sure of, it's that DevOps will bring change to your organisation—how you work, what you do, how you interact with other people within the team and beyond.

• Red Hat Stock Falls As Revenue, Guidance Miss Analyst Estimates

• Red Hat reports mixed second quarter results

• Red Hat Inc. (RHT) Moves Higher on Volume Spike for September 19

• Dow Jones Futures: Tilray, Marijuana Stocks Still Buzzing; Red Hat, Crispr Move On News

• Red Hat, Inc. (RHT) CEO Jim Whitehurst on Q2 2019 Results - Earnings Call Transcript

• Deutsche Telekom and Aricent Create Open Source Edge Software Framework

  Deutsche Telekom and Aricent today announced the creation of an Open Source, Low Latency Edge Compute Platform available to operators, to enable them to develop and launch 5G mobile applications and services faster. The cost-effective Edge platform is built for software-defined data centers (SDDC) and is decentralized, to accelerate the deployment of ultra-low latency applications. The joint solution will include a software framework with key capabilities for developers, delivered as a platform-as-a-service (PaaS) and will incorporate cloud-native Multi-access edge computing (MEC) technologies.

• A Deeper Look at Sigma Prime's Lighthouse: An Open-Source Ethereum 2.0 Client

• Notable moments in Firefox for Android UA string history

• Dweb: Creating Decentralized Organizations with Aragon

  With Aragon, developers can create new apps, such as voting mechanisms, that use smart contracts to leverage decentralized governance and allow peers to control resources like funds, membership, and code repos.

  Aragon is built on Ethereum, which is a blockchain for smart contracts. Smart contracts are software that is executed in a trust-less and transparent way, without having to rely on a third-party server or any single point of failure.

  Aragon is at the intersection of social, app platform, and blockchain.

• LLVM 7.0.0 released

• Parabola GNU/Linux-libre: Boot problems with Linux-libre 4.18 on older CPUs

  Due to a known bug in upstream Linux 4.18, users with older multi-core x86 CPUs (Core 2 Duo and earlier?) may not correctly boot up with linux-libre 4.18 when using the default clocksource.

• Visual Schematic Diffs in KiCAD Help Find Changes

  In the high(er)-end world of EDA tools like OrCAD and Altium there is a tight integration between the version control system and the design tools, with the VCS is sold as a product to improve the design workflow. But KiCAD doesn’t try to force a version control system on the user so it doesn’t really make sense to bake VCS related tools in directly. You can manage changes in KiCAD projects with git but as [jean-noël] notes reading Git’s textual description of changed X/Y coordinates and paths to library files is much more useful for a computer than for a human. It basically sucks to use. What you really need is a diff tool that can show the user what changed between two versions instead of describe it. And that’s what plotgitsch provides.

• Toward better handling of hardware vulnerabilities

  From the kernel development community's point of view, hardware vulnerabilities are not much different from the software variety: either way, there is a bug that must be fixed in software. But hardware vendors tend to take a different view of things. This divergence has been reflected in the response to vulnerabilities like Meltdown and Spectre which was seen by many as being severely mismanaged. A recent discussion on the Kernel Summit discussion list has shed some more light on how things went wrong, and what the development community would like to see happen when the next hardware vulnerability comes around.

  The definitive story of the response to Meltdown and Spectre has not yet been written, but a fair amount of information has shown up in bits and pieces. Intel was first notified of the problem in July 2017, but didn't get around to telling anybody in the the Linux community about it until the end of October. When that disclosure happened, Intel did not allow the community to work together to fix it; instead each distributor (or other vendor) was mostly left on its own and not allowed to talk to the others. Only at the end of December, right before the disclosure (and the year-end holidays), were members of the community allowed to talk to each other.

  The results of this approach were many, and few were good. The developers charged with responding to these problems were isolated and under heavy stress for two months; they still have not been adequately thanked for the effort they put in. Many important stakeholders, including distributions like Debian and the "tier-two" cloud providers, were not informed at all prior to the general disclosure and found themselves scrambling. Different distributors shipped different fixes, many of which had to be massively revised before entry into the mainline kernel. When the dust settled, there was a lot of anger left simmering in its wake.

• Writing network flow dissectors in BPF

  Network packet headers contain a great deal of information, but the kernel often only needs a subset of that information to be able to perform filtering or associate any given packet with a flow. The piece of code that follows the different layers of packet encapsulation to find the important data is called a flow dissector. In current Linux kernels, the flow dissector is written in C. A patch set has been proposed recently to implement it in BPF with the clear goal of improving security, flexibility, and maybe even performance.

• Coscheduling: simultaneous scheduling in control groups

  The kernel's CPU scheduler must, as its primary task, determine which process should be executing in each of a system's processors at any given time. Making an optimal decision involves juggling a number of factors, including the priority (and scheduling classes) of the runnable processes, NUMA locality, cache locality, latency minimization, control-group policies, power management, overall fairness, and more. One might think that throwing another variable into the mix — and a complex one at that — would not be something anybody would want to attempt. The recent coscheduling patch set from Jan Schönherr does exactly that, though, by introducing the concept of processes that should be run simultaneously.

  The core idea behind coscheduling is the marking of one or more control groups as containing processes that should be run together. If one process in a coscheduled group is running on a specific set of CPUs (more on that below), only processes from that group will be allowed to run on those CPUs. This rule holds even to the point of forcing some of the CPUs to go idle if the given control group lacks runnable processes, regardless of whether processes outside the group are runnable.

  Why might one want to do such a thing? Schönherr lists four motivations for this work, the first of which is virtualization. That may indeed be the primary motivation, given that Schönherr is posting from an Amazon address, and Amazon is rumored to be running a virtualized workload or two. A virtual machine usually contains multiple processes that interact with each other; these machines will run more efficiently (and with lower latencies) if those processes can run simultaneously. Coscheduling would ensure that all of a virtual machine's processes are run together, maximizing locality and minimizing the latencies of the interactions between them.

• Machine learning and stable kernels

  There are ways to get fixes into the stable kernel trees, but they require humans to identify which patches should go there. Sasha Levin and Julia Lawall have taken a different approach: use machine learning to distinguish patches that fix bugs from others. That way, all bug-fix patches could potentially make their way into the stable kernels. Levin and Lawall gave a talk describing their work at the 2018 Open Source Summit North America in Vancouver, Canada.

  Levin began with a quick introduction to the stable tree and how patches get into it. When a developer fixes a bug in a patch they can add a "stable tag" to the commit or send a mail to the stable mailing list; Greg Kroah-Hartman will then pick up the fix, evaluate it, and add it to the stable tree. But that means that the stable tree is only getting the fixes that are pointed out to the stable maintainers. No one has time to check all of the commits to the kernel for bug fixes but, in an ideal world, all of the bug fixes would go into the stable kernels. Missing out on some fixes means that the stable trees will have more security vulnerabilities because the fixes often close those holes—even if the fixer doesn't realize it.

• Trying to get STACKLEAK into the kernel

  The STACKLEAK kernel security feature has been in the works for quite some time now, but has not, as yet, made its way into the mainline. That is not for lack of trying, as Alexander Popov has posted 15 separate versions of the patch set since May 2017. He described STACKLEAK and its tortuous path toward the mainline in a talk [YouTube video] at the 2018 Linux Security Summit.

  STACKLEAK is "an awesome security feature" that was originally developed by The PaX Team as part of the PaX/grsecurity patches. The last public version of the patch set was released in April 2017 for the 4.9 kernel. Popov set himself on the goal of getting STACKLEAK into the kernel shortly after that; he thanked both his employer (Positive Technologies) and his family for giving him working and free time to push STACKLEAK.

  The first step was to extract STACKLEAK from the more than 200K lines of code in the grsecurity/PaX patch set. He then "carefully learned" about the patch and what it does "bit by bit". He followed the usual path: post the patch, get feedback, update the patch based on the feedback, and then post it again. He has posted 15 versions and "it is still in progress", he said.

PostgreSQL 11 had its third beta release on August 9; a fourth beta (or possibly a release candidate) is scheduled for mid-September. While the final release of the relational database-management system (currently slated for late September) will have something new for many users, its development cycle was notable for being a period when the community hit its stride in two strategic areas: partitioning and parallelism.

Partitioning and parallelism are touchstones for major relational database systems. Proprietary database vendors manage to extract a premium from a minority of users by upselling features in these areas. While PostgreSQL has had some of these "high-tier" items for many years (e.g., CREATE INDEX CONCURRENTLY, advanced replication functionality), the upcoming release expands the number considerably. I may be biased as a PostgreSQL major contributor and committer, but it seems to me that the belief that community-run database system projects are not competitive with their proprietary cousins when it comes to scaling enterprise workloads has become just about untenable.

• Samsung Galaxy S9 owners waiting for Android 9 Pie may have just received some good news

• Apple Music update brings support for Android Auto

• Essential talks Android Q, notch settings, and more in latest Reddit AMA

• Google launches final preview of Flutter, its Android and iOS mobile app SDK

• Google Keep quietly renamed to 'Keep Notes' on Android

• These Android phones have security defects out of the box

• Huawei P20 Pro too expensive? Say hello to Samsung's new triple camera phone

• What is Project Treble? The Android upgrade fix explained

• Running a Python3 script in the right place every time

• [Older] Kubernetes 101: How to get started with container orchestration

• Ubuntu Enable & Setup Automatic Unattended Security Updates

• Record Screen in Ubuntu Linux With Kazam [Beginner’s Guide]

• How to Use SCP Command to Securely Transfer Files

• CloudBerry Backup for Linux: Review and Installation

  When it comes to backups, experience says it’s better to be safe than sorry. Better to have much than not enough – you get the point. In this article, we will present CloudBerry Backup for Linux, a cross-platform cloud backup and disaster recovery software.

  As a leading solution in the industry, CloudBerry stands out for its flexibility, reliability, and its wide set of out-of-the-box features. You not only get to choose where to store your data (locally or using a cloud storage service), but also can encrypt it using AES-128 or AES-256.

  With the recent release of version 2.5.1, which introduces support for block-level backups, this tool stands out among its crowd of competitors more than ever. This new feature is particularly important if you need to back up large files with relatively minor changes over time.

  With both a GUI and a command-line interface, optional compression to save up on bandwidth and decrease storage costs, and no hidden fees for data restore, CloudBerry is hard to beat!

• binb 0.0.1: binb is not Beamer

  Following a teaser tweet two days ago, we are thrilled to announce that binb version 0.0.1 arrived on CRAN earlier this evening.

• MineTime: Desktop Calendar App With Google Calendar, Outlook.com, Microsoft Exchange, iCloud And CalDAV Support

  MineTime is a smart calendar application for Windows, macOS and Linux desktops. The application supports calendars from Google Calendar, Outlook.com, Microsoft Exchange, iCloud and any service using CalDAV, allowing you to organize all your calendars in one place.

  MineTime is an Electron application started as part of a research project by ETH Zurich students (a science, technology, engineering and mathematics university in the city of Zurich, Switzerland), in which it's investigated "how to bring new technologies, like Artificial Intelligence, into the daily routine in order to help people get more out of their time".

Business IT is facing storage growth that’s exceeding even the highest estimates, and there’s no sign of it slowing down anytime soon. Unstructured data in the form of audio, video, digital images and sensor data now makes up an increasingly large majority of business data and presents a new set of challenges that calls for a different approach to storage.

For CIOs, storage systems that are able to provide greater flexibility and choice, as well as the capability to better identify unstructured data in order to categorise, utilise and automate the management of it throughout its lifecycle are seen as the ideal solution.

One answer to solving the storage issue is software defined storage (SDS) which separates the physical storage hardware (data plane) from the data storage management logic or ‘intelligence’ (control plane). Needing no proprietary hardware components, SDS is the perfect cost-effective solution for enterprises as IT can use off-the-shelf, low-cost commodity hardware which is robust and flexible.

Also: New Open Source Library Nyoka Aids AI, Data Science

WireGuard lead developer Jason Donenfeld sent out the fifth revision of the WireGuard and Zinc crypto library patches this week. They've been coming in frequently with a lot of changes with it looking like this "secure VPN tunnel" could reach the Linux 4.20~5.0 kernel.

With the WireGuard v5 patches there are various low-level code improvements, a "saner" and simpler Kconfig build-time configuration options, a performance regression for tcrypt within the Zinc crypto code has been fixed and is now even faster than before, and there is also now a nosimd module parameter to disable the use of SIMD instructions.

• This Windows file may be secretly hoarding your passwords and emails

  If you're one of the people who own a stylus or touchscreen-capable Windows PC, then there's a high chance there's a file on your computer that has slowly collected sensitive data for the past months or even years.

  [...]

  The handwriting feature is there since Windows 8 which means the vulnerability has been there for many years. However, if you don’t store valuable information like passwords or email on your PC, you aren’t much likely to get affected much.

• This Windows File Might Be Secretly Collecting Sensitive Data Since Windows 8

  There is a Windows file named WaitList.dat that covertly collects your passwords and email information, with the help of Windows Search Indexer service.

  Digital Forensics and Incident Response (DFIR) expert Barnaby Skeggs first discovered the information about the file back in 2016 but wasn’t paid much attention. However, in after a new and exclusive interview with ZDNet – it appears that the file, in fact, is reasonably dangerous.

Every programmer knows that coding is fun! Don't you agree with me? However, to be an absolutely professional PHP developer, we have to know a lot about all the specific details of coding.

Selecting the editor you are going to use to happily code is not an easy decision and must be taken unhurriedly.

If you are a beginner, you may try a great code editor with a rich functionality and very flexible customization which is known as Atom Editor, the editor of the XXI century. You may say that we have many pretty alternatives available. Read the explanation below, and the introduced information will knock you off!

• Google's New Automobile Deal to Boost Android Deployment Base

• Android Versions and Applications

• Early look at Android 9 Pie on Samsung Galaxy S9+ reveals a huge redesign [Gallery]

• Moto Z2 Play and Moto X4 get LineageOS 15.1 based on Android 8.1 Oreo

• Android phones in the US will now automatically share your location during 911 calls

• Apple Music now works with Android Auto

• Essential Phone Q&A: Notch settings return in Oct, Android Q support confirmed, DAC adapter coming soon

• New technology can tell 911 dispatchers your location with iPhone and Android