Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Sunday, 20 Jan 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Security: Amadeus, Kubernetes, WordPress and More

Filed under
Security
  • Major Security Breach Discovered Affecting Nearly Half of All Airline Travelers Worldwide

    According to ELAL, the bug stems from their supplier Amadeus’ (https://amadeus.com/en/industries/airlines) online booking system, which controls a staggering 44% market share of airlines operating worldwide, including United Airlines, Lufthansa, Air Canada, and many more. While booking a flight with ELAL, we received the following link to check our PNR: https://fly.elal.co.il/LOTS-OF-NUMBERS-HERE.

    By simply changing the RULE_SOURCE_1_ID, we were able to view any PNR and access the customer name and associated flight details.

  • Kubernetes flaw shows API security is no ‘set & forget’ deal

    When a report surfaced last month detailing a ‘severe vulnerability’ in Kubernetes, the popular, open-source software for managing Linux applications deployed within containers, many of us will have wondered what the deeper implications of this alleged flaw could mean.

    Although the flaw was quickly patched, it allowed any user to escalate their privileges to access administrative controls through the Kubernetes API server.

  • WordPress to show warnings on servers running outdated PHP versions
  • Top 10 app vulnerabilities: Unpatched plugins and extensions dominate
  • This Clever New Ransomware Attempts To Steal Your PayPal Credentials

    Meanwhile, PayPal offers two factor authentication which, when turned on, can offer a vital extra layer of security should your password and username be compromised, Moore says.

  • A deep dive into the technical feasibility of Bloomberg's controversial "Chinese backdoored servers" story

    These denials also don't add up: Bloomberg says it sourced its story from multiple (anonymous) sources who had direct knowledge of the incidents and who had been employed in the named organizations while they were unfolding. Bloomberg stood by its reporting, and implied that the idea that all these sources from different organizations would collude to pull off a hoax like this.

    Faced with the seemingly impossible task of sorting truth from hoax in the presence of contradictory statements from Big Tech and Bloomberg, technical experts began trying to evaluate whether the hacks attributed to the Chinese spy agencies were even possible: at first, these analyses were cautiously skeptical, but then they grew more unequivocal.

    Last month, Trammell Hudson -- who has developed well-regarded proof-of-concept firmware attacks -- gave a detailed talk giving his take on the story at the Chaos Communications Congress in Leipzig.

Get started with CryptPad, an open source collaborative document editor

Filed under
OSS

There seems to be a mad rush at the beginning of every year to find ways to be more productive. New Year's resolutions, the itch to start the year off right, and of course, an "out with the old, in with the new" attitude all contribute to this. And the usual round of recommendations is heavily biased towards closed source and proprietary software. It doesn't have to be that way.

Here's the fifth of my picks for 19 new (or new-to-you) open source tools to help you be more productive in 2019.

Read more

Programming: Python 'Standard', sr.ht and Wing Python IDE 6.1.4

Filed under
Development
  • What should be in the Python standard library?

    Python has always touted itself as a "batteries included" language; its standard library contains lots of useful modules, often more than enough to solve many types of problems quickly. From time to time, though, some have started to rethink that philosophy, to reduce or restructure the standard library, for a variety of reasons. A discussion at the end of November on the python-dev mailing list revived that debate to some extent.

    Jonathan Underwood raised the issue, likely unknowingly, when he asked about possibly adding some LZ4 compression library bindings to the standard library. As the project page indicates, it fits in well with the other compression modules already in the standard library. Responses were generally favorable or neutral, though some, like Brett Cannon, wondered if it made sense to broaden the scope a bit to create something similar to hashlib but for compression algorithms.

  • A new free-software forge: sr.ht

    Many projects have adopted the "GitHub style" of development over the last few years, though, of course, there are some high-profile exceptions that still use patches and mailing lists. Many projects are leery of putting all of their project metadata into a proprietary service, with limited means of usefully retrieving it should that be necessary, which is why GitLab (which is at least "open core") has been gaining some traction. A recently announced effort looks to kind of bridge the gap; Drew DeVault's sr.ht ("the hacker's forge") combines elements of both styles of development in a "100% free and open source software forge". It looks to be an ambitious project, but it may also suffer from a lack of "social network" effects, which is part of what sustains GitHub as the forge of choice today, it seems.

    The announcement blog post is replete with superlatives about sr.ht, which is "pronounced 'sir hat', or any other way you want", but it is a bit unclear whether the project quite lives up to all of that. It combines many of the features seen at sites like GitHub and GitLab—Git hosting, bug tracking, continuous integration (CI), mailing list management, wikis—but does so in a way that "embraces and improves upon the email-based workflow favored by git itself, along with many of the more hacker-oriented projects around the net". The intent is that each of the separate services integrate well with both sr.ht and with the external ecosystem so that projects can use it piecemeal.

    There are two sides to the sr.ht coin at this point; interested users can either host their own instance or use the hosted version. For now, the hosted version is free to use, since it is still "alpha", but eventually one will need to sign up for a plan, which range from $2 to $10 per month, to stay on the hosted service. There are instructions for getting sr.ht to run on other servers; it uses nginx, PostgreSQL, Redis, and Python 3 along with a mail server and a cron daemon.

  • Wing Python IDE 6.1.4

    This minor release fixes using typing.IO and similar classes as type hints, improves handling of editor splits in goto-definition, fixes failure to install the remote agent, and fixes failure to convert EOLs in the editor. See the change log for details.

LWN's Latest Linux Kernel Articles (Paywall Has Expired)

Filed under
Linux
  • The rest of the 5.0 merge window

    Linus Torvalds released 5.0-rc1 on January 6, closing the merge window for this development cycle and confirming that the next release will indeed be called "5.0". At that point, 10,843 non-merge change sets had been pulled into the mainline, about 2,100 since last week's summary was written. Those 2,100 patches included a number of significant changes, though, including some new system-call semantics that may yet prove to create problems for existing user-space code.

  • A setback for fs-verity

    The fs-verity mechanism, created to protect files on Android devices from hostile modification by attackers, seemed to be on track for inclusion into the mainline kernel during the current merge window when the patch set was posted at the beginning of November. Indeed, it wasn't until mid-December that some other developers started to raise objections. The resulting conversation has revealed a deep difference of opinion regarding what makes a good filesystem-related API and may have implications for how similar features are implemented in the future.
    The core idea behind fs-verity is the use of a Merkle tree to record a hash value associated with every block in a file. Whenever data from a protected file is read, the kernel first verifies the relevant block(s) against the hashes, and only allows the operation to proceed if there is a match. An attacker may find a way to change a critical file, but there is no way to change the Merkle tree after its creation, so any changes made would be immediately detected. In this way, it is hoped, Android systems can be protected against certain kinds of persistent malware attacks.

    There is no opposition to the idea of adding functionality to the kernel to detect hostile modifications to files. It turns out, though, there there is indeed some opposition to how this functionality has been implemented in the current patch set. See the above-linked article and this documentation patch for details of how fs-verity is meant to work. In short, user space is responsible for the creation of the Merkle tree, which must be surrounded by header structures and carefully placed at the beginning of a block after the end of the file data. An ioctl() call tells the kernel that fs-verity is to be invoked on the file; after that, the location of the end of the file (from a user-space point of view) is changed to hide the Merkle tree from user space, and the file itself becomes read-only.

  • Pressure stall monitors

    One of the useful features added during the 4.20 development cycle was the availability of pressure-stall information, which provides visibility into how resource-constrained the system is. Interest in using this information has spread beyond the data-center environment where it was first implemented, but it turns out that there some shortcomings in the current interface that affect other use cases. Suren Baghdasaryan has posted a patch set aimed at making pressure-stall information more useful for the Android use case — and, most likely, for many other use cases as well.

GNOME Software Package Manager to Feature Better Flatpak Support for GNOME 3.32

Filed under
GNOME

GNOME Software, the app used for installing, updating, and removing software from your GNOME-based GNU/Linux operating system, will get a major revamp in functionality for the upcoming GNOME 3.32 desktop environment.
A new development snapshot of GNOME Software 3.32 landed this week with lots of improvements for the Flatpak universal package format, allowing new permissions for Flatpak updates and displaying permissions for installed Flatpak apps. GNOME Software also now shows correct version numbers for installed Flatpaks.

The update mechanism for Flatpak apps was switched to use a single transaction, allowing the GNOME developers to share more code with the flatpak command-line utility, and it looks like GNOME Software 3.32 will offer better support for installing Flatpak repository files, also known as flatpakref, and for Flatpak plugins.

Read more

Fedora Still Needs Help Testing The New Zchunk Metadata Support

Filed under
Red Hat

Fedora has been working on transitioning to Zchunk for its DNF metadata due to its good compression ratio while being delta-friendly and leveraging the existing work of Zstandard and Zsync/casync. The metadata has been offered in Zchunk for some weeks while more client testing is needed before landing that support in Rawhide and in turn for Fedora 30.

The goal of this Zchunk metadata for Fedora is to speed-up DNF operations by needing to download less metadata. While the server bits are in place, additional client testing is desired before landing the updated packages in Fedora Rawhide where it will affect all users on this development build of Fedora ahead of the Fedora 30 release due out in the spring.

Read more

Also: NOTICE: Epylog has been retired for Fedora Rawhide/30

Systemd 241 Paired With Linux 4.19+ To Enable New Regular File & FIFO Protection

Filed under
Linux
Red Hat

The Linux 4.19 kernel brought the ability to disallow the opening of FIFOs and regular files not owned by the user in world-writable sticky directories in the name of security. Had this ability been around previously it could have prevented a number of CVEs going back a long time. In helping ensure this functionality gets utilized, Systemd 241 will now set these sysctl options to enable the behavior by default.

The restricted O_CREAT of FIFOs and regular files is not enforced by the kernel by default as it could be considered a breaking change but with systemd 241+ it sets the fs.protected_regular and fs.protected_fifos sysctls to enabled for having said functionality, similar to systemd's enforcing of hardlink/symlink protection. This protection is for avoiding unintentional writes to an attacker-controlled FIFO or regular file. That Linux 4.19 kernel commit notes at least a handful of security vulnerabilities that could have been prevented by this functionality with those CVEs going back to at least the year 2000.

Read more

Audiocasts: mintCast, The Linux Link Tech Show, and FLOSS Weekly on Tari

Filed under
Interviews

Builder 3.32 Sightings

Filed under
Development
GNOME

We just landed the largest refactor to Builder since it’s inception. Somewhere around 100,000 lines of code where touched which is substantial for a single development cycle. I wrote a few tools to help us do that work, because that’s really the only way to do such a large refactor.

Not only does the refactor make things easier for us to maintain but it will make things easier for contributors to write new plugins. In a future blog post I’ll cover some of the new design that makes it possible.

Let’s take a look at some of the changes in Builder for 3.32 as users will see them.

Read more

Android-x86 8.1 Officially Released, Lets You Run Android 8.1 Oreo on Your PC

Filed under
Android
GNU
Linux
Google

The Android-x86 Project announced the general availability of the Android-x86 8.1-r1 stable release, a GNU/Linux distribution that lets you run Google's Android mobile operating system on your PC.
After entering development last year in June, the Android-x86 8.1 release, which is based on the latest Android 8.1 Oreo mobile operating system, saw two RC (Release Candidate) builds that allowed testers to try the upcoming OS on their PCs. Three months after the last RC build, the Android-x86 8.1 release is now finally stable and ready for mass adoption.

Software rendering is also possible on unsupported GPU devices with OpenGL ES 2.0 support via SwiftShader, and Android-x86 8.1 also comes with support for hardware accelerated codecs on devices powered by Intel HD and Intel G45 graphics cards series. For newer Intel and AMD GPUs, this release adds experimental Vulkan support available via Advanced options on the boot menu.

Read more

Also: The 15-minute Chromebook tune-up

Some More Attacks on the GPL and Latest Compliance Story

Filed under
GNU
Legal
  • GPL Cooperation Commitment: Promise of Collaborative Interpretation [Ed: IP Kat perpetuates the Microsoft-connected (and funded) lie that GPL "popularity has dropped dramatically during the past decade," citing Jono Bacon and Microsoft-funded 'analysts', proxies like Black Duck. To this date, in light of the GitHub takeover, Microsoft managers are badmouthing the GPL and many anti-GPL 'studies' are based on this Microsoft site alone.]

    GNU General Public Licence version 2 (GPLv2) was written in the early nineties to ensure compliant distribution of copyleft-licensed software. Even though its popularity has dropped dramatically during the past decade, it nevertheless continues to be one of the most widely used and important open source licences.

    Notedly, GPLv2 was drafted by non-legal free (as in “free speech,” not as in “free beer”) software enthusiasts and yet it has necessitated legal interpretation and application in accordance with IP and contract law principles. For nearly two decades, compliance and enforceability of the licence by its users has had to deal with ambiguity and uncertainty with respect to its terms.

  • HMD releases source code for Nokia 8 Sirocco

    HMD has released the source code for Nokia 8 Sirocco and it is now available for download on the official Nokia website.

Events: SUSECON, Richard Stallman in Montana, ELC Shows in San Diego and Lyon

Filed under
GNU
OSS
  • SUSECON: The Best Open Source Conference Value in the World!
  • Richard Stallman to speak at MSU-Bozeman
  • 2019 Linux Foundation events include ELC shows in San Diego and Lyon

    The Linux Foundation announced its 2019 schedule of events, including new events about Ceph and gRPC. The Embedded Linux Conference will co-locate with the Open Source Summit in San Diego on Aug. 21-23.

    Now’s the time to schedule your plans for Linux events, most of which occur under the umbrella of the Linux Foundation. The LF has revealed its 2019 calendar for conferences, including two new events: Cephalocon, which will explore the world of the Ceph storage standard and gRPC Conf, which covers gPRC Remote Procedure Call technology. In 2018, Linux Foundation events attracted more than 32,000 attendees from more than 11,000 organizations across 113 countries. The LF expects 35,000 participants in 2019.

Security: Oracle Blobs, Microsoft Fragmentation and Ripple

Filed under
Security
  • Oracle Patches 284 Vulnerabilities in January Critical Patch Update

    Oracle released its first Critical Patch Update for 2019 on Jan. 15, providing patches for 284 vulnerabilities.

    The January 2019 CPU addresses security vulnerabilities found across the Oracle software portfolio, including ones affecting database, middleware, Java, PeopleSoft, Siebel and E-Business Suite applications. Thirty-three of the vulnerabilities are identified as being critical with a Common Vulnerabilities Scoring System (CVSS) score of 9.0 or higher. CVSS is a standardized method for helping organizations understand the impact and severity of software vulnerabilities.

  • Microsoft Rolls Out New Updates for Different Versions of Windows 10, Includes Small Bug Fixes

    Just a week ago, Microsoft released its Patch Tuesday updates for all the supported versions of Windows 10. And now, the company has come up with new updates for Windows 10 versions 1709, 1803, and 1703. The cumulative updates released by the company do not include any security patches but has quite a few changes that have been rolled out. Here are the updates that Microsoft has rolled for the three versions of Windows 10.

  • Only XRP Private Keys That Used Software From Before August 2015 Are Vulnerable

    Ripple (XRP) software libraries published before August 2015 potentially rendered private keys which signed multiple transactions vulnerable, Ripple announced in a statement released on Jan 16.

    Recent research jointly conducted by the DFINITY Foundation and the University of California revealed that a portion of Bitcoin (BTC), Ethereum (ETH) and Ripple addresses are vulnerable.

    As is known among cryptographers, the security of Elliptic Curve Digital Signature Algorithms (ECDAs) employed by the aforementioned cryptocurrencies is highly dependent on random data, which are known as nonces. The research further explains:

Steam Play and More From Valve for GNU/Linux

Filed under
GNU
Linux
Gaming
  • Valve put out a new Steam beta client, plenty of Linux fixes and no more Steam Play zero-byte downloads

    Valve have put out their second beta update to the Steam client this year and this is actually a rather nice one.

    Firstly, the big annoyance of Steam Play titles always having a zero-byte download when you first load the Steam client has been solved. It will still do it once but when you update them again now, it won't happen again (confirmed that myself). While in reality it was a really minor issue, it was damn annoying so it's great to see it fixed.

    On top of that, Steam now supports ipv6 for "connections to download servers", DPI and screen size changes bugs were fixed, a new force quit option in the normal Steam Overlay if a game is frozen but the overlay still works that will be handy.

  • Steam Client Beta Updated With Many Linux Fixes, Vulkan Caching Updates

    Valve has just released their biggest Steam client beta update of the year so far for Linux gamers.

Programming: gVisor/Go, Rust, and Python

Filed under
Development
  • gVisor: Building and Battle Testing a Userspace OS in Go

    Adin Scannell talks about gVisor - a container runtime that implements the Linux kernel API in userspace using Go. He talks about the architectural challenges associated with userspace kernels, the positive and negative experiences with Go as an implementation language, and finally, how to ensure API coverage and compatibility.

  • Rust bindings for GStreamerGL: Memoirs

    Rust is a great programming language but the community around it’s just amazing. Those are the ingredients for the craft of useful software tools, just like Servo, an experimental browser engine designed for tasks isolation and high parallelization.

    Both projects, Rust and Servo, are funded by ">">Mozilla.

    Thanks to Mozilla and Igalia I have the opportunity to work on Servo, adding it HTML5 multimedia features.

    First, with the help of Fernando Jiménez, we finished what my colleague Philippe Normand and Sebastian Dröge (one of my programming heroes) started: a media player in Rust designed to be integrated in Servo. This media player lives in its own crate: servo/media along with the WebAudio engine. A crate, in Rust jargon, is like a library. This crate is (very ad-hocly) designed to be multimedia framework agnostic, but the only backend right now is for GStreamer. Later we integrated it into Servo adding an initial support for audio and video tags.

    Currently, servo/media passes, through a IPC channel, the array with the whole frame to render in Servo. This implies, at least, one copy of the frame in memory, and we would like to avoid it.

    For painting and compositing the web content, Servo uses WebRender, a crate designed to use the GPU intensively. Thus, if instead of raw frame data we pass OpenGL textures to WebRender the performance could be enhanced notoriously.

  • proc-macro-rules
  • Analyzing Robinhood trade history

Server: OpenShift or Kubernetes, Ansible or Puppet, ML PaaS and SUSE Linux Enterprise Server

Filed under
Server
  • Leveraging OpenShift or Kubernetes for automated performance tests (part 3)

    This is the third of a series of three articles based on a session I held at EMEA Red Hat Tech Exchange. In the first article, I presented the rationale and approach for leveraging Red Hat OpenShift or Kubernetes for automated performance testing, and I gave an overview of the setup. In the second article, we looked at building an observability stack. In this third part, we will see how the execution of the performance tests can be automated and related metrics gathered.

  • Ansible vs. Puppet: Declarative DevOps tools square off

    DevOps aims to drive collaboration between development and operations teams, but software quality drives DevOps adoption more than any other factor. As this comparison of Ansible vs. Puppet shows, software quality dramatically influences DevOps tools.

    Software quality tends to be an organizational goal or a staff function, not the dominion of a dedicated group with broad responsibility to implement its decisions. Effective software quality efforts involve everyone from development to production users to ensure real value.

  • An Introduction to the Machine Learning Platform as a Service

    Machine-Learning-Platform-as-a-Service (ML PaaS) is one of the fastest growing services in the public cloud. It delivers efficient lifecycle management of machine learning models.

    At a high level, there are three phases involved in training and deploying a machine learning model. These phases remain the same from classic ML models to advanced models built using sophisticated neural network architecture.

  • SUSE Partners with Intel and SAP to Accelerate IT Transformation with Persistent Memory in the Data Center

    SUSE Linux Enterprise Server for SAP Applications is the FIRST enterprise Linux optimized for Intel® Optane™ DC persistent memory with SAP HANA® workloads.

Graphics: GeForce GPUs in Ubuntu, Intel Control Panel For Linux Systems, Mesa 19.0 Deprecates GNU Autotools Build System In Favor Of Meson

Filed under
Graphics/Benchmarks
  • Generations of GeForce GPUs in Ubuntu

    If you are running an Ubuntu system with an older GPU and are curious about upgrading but unsure if it is worth it, Phoronix has a great review for you. Whether you are gaming with OpenGL and Vulkan, or curious about the changes in OpenCL/CUDA compute performance they have you covered. They even delve into the power efficiency numbers so you can spec out the operating costs of a large deployment, if you happen to have the budget to consider buying RTX 2060's in bulk.

  • Intel To Eventually Explore Offering A Graphics Control Panel For Linux Systems

    Intel's Linux graphics driver stack has never offered its own vendor-specific driver control panel GUI like is common among all major graphics vendors on Windows, but instead they've opted for the command-line experience and making use of common interfaces with what's offered by the different desktop environments for resolution handling, multi-monitor setup, etc. But moving forward they may end up bringing a new graphics driver control panel to Linux.

  • Mesa 19.0 Deprecates GNU Autotools Build System In Favor Of Meson

    Last month was a proposed patch that would have killed the Autotools build system within Mesa. Developers have decided for the upcoming Mesa 19.0 release not to eliminate this GNU Autotools support but rather to mark it as deprecated and require an extra flag in order to make use of it.

    Hitting Mesa Git master today was the patch deprecating Autotools support within Mesa in favor of the Meson build system. It hasn't been determined when the Autotools scripts will be removed themselves, but for now if wanting to enable the support you need to pass --enable-autotools to acknowledge the fact that it's been deprecated.

Syndicate content

More in Tux Machines

Security: Bo Weaver, New Scares, Clones With Malware

  • Bo Weaver on Cloud security, skills gap, and software development in 2019
    Bo Weaver, a Kali Linux expert shares his thoughts on the security landscape in the cloud. He also talks about the skills gap in the current industry and why hiring is a tedious process. He explains the pitfalls in software development and where the tech is heading currently. Bo, along with another Kali Linux expert Wolf Halton were also interviewed on why Kali Linux is the premier platform for testing and maintaining Windows security. They talked about advantages and disadvantages for using Kali Linux for pentesting. We also asked them about what they think about pentesting in cybersecurity, in general. They have also talked about their stance about the role of pentesting in cybersecurity in their interview titled, “Security experts, Wolf Halton and Bo Weaver, discuss pentesting and cybersecurity” [...] I laugh and cry at this term. I have a sticker on my laptop that says “There is no Cloud…. Only other people’s computers.” Your data is sitting on someone else’s system along with other people’s data. These other people also have access to this system. Sure security controls are in place but the security of “physical access” has been bypassed. You’re “in the box”. One layer of security is now gone. Also, your vendor has “FULL ACCESS” to your data in some cases. How can you be sure what is going on with your data when it is in an unknown box in an unknown data center? The first rule of security is “Trust No One”. Do you really trust Microsoft, Amazon, or Google? I sure don’t!!! Having your data physically out of your company’s control is not a good idea. Yes, it is cheaper but what are your company and its digital property worth? [...] In software development, I see a dumbing down of user interfaces. This may be good for my 6-year-old grandson, but someone like me may want more access to the system. I see developers change things just for the reason of “change”. Take Microsoft’s Ribbon in Office. Even after all these years, I find the ribbon confusing and hard to use. At least, with Libre Office, they give you a choice between a ribbon and an old school menu bar. The changes in Gnome 3 from Gnome 2. This dumbing down and attempting to make a desktop usable for a tablet and a mouse totally destroyed the usability of their desktop. What used to take 1 click now takes 4 clicks to do.
  • Security experts, Wolf Halton and Bo Weaver, discuss pentesting and cybersecurity [Interview]
  • Cloud security products uninstalled by mutating malware [Ed: Affects already-compromised servers]
    Linux is more prevalent than one might think, Microsoft Azure is now predominantly run on Linux servers - it's not just the Chinese cloud environments being hosted via Linux, it's likely that your business is running at least one cloud service on a Linux server too.
  • Google Play still has a clone problem in 2019 with no end in sight
    A fake app tries to clone another app in name, looks, and functionality, often also adding something like malware. Despite Google’s best efforts, both types of apps were fairly common in 2018.

Programming: GNU Binutils, Qt, Python, GStreamer, C++ and GTK+

  • GNU Binutils 2.32 Branched Ahead Of Release With New Features
    A new release of the GNU Binutils programming tools will soon be available. The upcoming Binutils 2.32 release is primarily made up of new CPU ports.  GNU Binutils 2.32 is bringing a MIPS port to the Loongson 2K1000 processor and the Loongson 3A1000/3A2000/3A3000 processors, all of which are based on the MIPS64r2 ISA but with different instruction set extensions. These new GPUs are exposed via -march=gs264e, -march=gs464, and -march=gs464e flags. With Binutils 2.32, the utilities like objdump and c++filt now have a maximum amount of recursion that is allowed while demangling strings with the current default being 2048. There is also a --no-recurse-limit for bypassing that limit. Objdump meanwhile allows --disassemble to specify a starting symbol for disassembly.
  • Building Qt apps with Travis CI and Docker
    I recently configured Travis CI to build Nanonote, my minimalist note-taking application. We use Jenkins a lot at work, and despite the fact that I dislike the tool itself, it has proven invaluable in helping us catch errors early. So I strongly believe in the values of Continuous Integration. When it comes to CI setup, I believe it is important to keep your distances with the tool you are using by keeping as much setup as possible in tool-agnostic scripts, versioned in your repository, and making the CI server use these scripts.
  • PyPI Security and Accessibility Q1 2019 Request for Proposals Update
    Earlier this year we launched a Request for Information (RFI) followed by the launch of a Request for Proposals (RFP) in November to fulfill a contract for the Open Technology Fund (OTF) Core Infrastructure Fund.  The initial deadline for our RFP was December 14th. We had hoped to begin work with the selected proposers in January 2019, but ultimately fell short of the ability to do so.
  • GStreamer 1.15.1 Released With Work On AV1, V4L HEVC Encode/Decode
    GStreamer 1.15.1 was announced on Friday as the first development release in the trek towards GStreamer 1.16 for this powerful open-source multimedia framework.
  • GStreamer 1.15.1 development release
    The GStreamer team is pleased to announce the first development release in the unstable 1.15 release series. The unstable 1.15 release series adds new features on top of the current stable 1.14 series and is part of the API and ABI-stable 1.x release series of the GStreamer multimedia framework. The unstable 1.15 release series is for testing and development purposes in the lead-up to the stable 1.16 series which is scheduled for release in a few weeks time. Any newly-added API can still change until that point, although it is rare for that to happen.
  • Is C++ fast?
    A library that I work on often these days, meshoptimizer, has changed over time to use fewer and fewer C++ library features, up until the current state where the code closely resembles C even though it uses some C++ features. There have been many reasons behind the changes - dropping C++11 requirement allowed me to make sure anybody can compile the library on any platform, removing std::vector substantially improved performance of unoptimized builds, removing algorithm includes sped up compilation. However, I’ve never quite taken the leap all the way to C with this codebase. Today we’ll explore the gamut of possible C++ implementations for one specific algorithm, mesh simplifier, henceforth known as simplifier.cpp, and see if going all the way to C is worthwhile.
  • Python Counters @PyDiff
  • Report: (clxi) stackoverflow python report
  • Regular Expressions in Python
  • Starting on a new map rendering library
    Currently in Maps, we use the libchamplain library to display the bitmap map titles (based on OpenStreetMap data and aerial photography) that we get from our tile provider, currently MapBox. This library is based on Clutter and used via the GTK+ embed support within libchamplain, which in turn makes use of the Clutter GTK embed support. Since this will not be supported when moving along to GTK+ 4.x and the Clutter library is not maintained anymore (besides the copy of it that is included in the GNOME Shell window manager/Wayland compositor, Mutter) eventually Maps will have to find a replacement. There's also some wonky bugs especially with regards to the mixing of event handling on the Clutter side vs. the GTK+ side. So to at least get the ball rolling a bit, I recently decided to see how hard it would be to take the code from libchamplain and keep the grotty deep-down internals dealing with tile downloading and caching and such and refocus the top-level parts onto new GTK+ 4 technologies such as the Snapshot, GSK (scene graph), and render node APIs.

today's howtos

LibreELEC (Leia) v8.95.3 BETA

LibreELEC 9.0 (Leia) Beta 3 has finally arrived after a long gestation period. Based upon Kodi v18 RC5.2, the 9.0 Beta 3 release contains many changes and refinements to user experience and a complete overhaul of the underlying OS core to improve stability and extend hardware support. Kodi v18 also brings new features like Kodi Retroplayer and DRM support that (equipped with an appropriate add-on) allows Kodi to unofficially stream content from services like Netflix and Amazon. Read more