Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Thursday, 27 Jun 19 - Tux Machines is a community-driven public service/news site which has been around for over a decade and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Five Linux Server Administration Mistakes And How To Avoid Them Roy Schestowitz 25/06/2019 - 5:54pm
Story Deprecating a.out Binaries Roy Schestowitz 25/06/2019 - 5:34pm
Story An easier way to test Plasma Roy Schestowitz 25/06/2019 - 5:25pm
Story Benchmarking The Experimental Bcachefs File-System Against Btrfs, EXT4, F2FS, XFS & ZFS Roy Schestowitz 25/06/2019 - 5:22pm
Story Games: TheoTown, Prison Architect and More Roy Schestowitz 25/06/2019 - 2:56pm
Story Android Leftovers Rianne Schestowitz 25/06/2019 - 2:53pm
Story KDE Plasma 5.16.2 Desktop Environment Released with More Than 30 Bug Fixes Rianne Schestowitz 25/06/2019 - 2:48pm
Story Stable kernels 5.1.15, 4.19.56, and 4.14.130 Rianne Schestowitz 25/06/2019 - 2:44pm
Story You Can Now Buy Linux Notebooks Powered by Zorin OS from Star Labs Roy Schestowitz 3 25/06/2019 - 2:40pm
Story Introducing people.kernel.org Rianne Schestowitz 25/06/2019 - 2:19pm

Kernel: Rants, PulseAudio 12, Valve-Related Bug and Mesa 19.1.1 RC

Filed under
Graphics/Benchmarks
Linux
  • 'Bulls%^t! Complete bull$h*t!' Reset the clock on the last time woke Linus Torvalds exploded at a Linux kernel dev

    Linux kernel chieftain Linus Torvalds owes the swear jar a few quid this week, although by his standards this most recent rant of his is relatively restrained.

    Over on the kernel development mailing list, in a long and involved thread about the functionality and efficiency of operating system page caches, firebrand-turned-woke Torvalds described Aussie programmer Dave Chinner’s arguments in the debate as "bullshit," "complete bullshit," and "obviously garbage."

    To be fair to the open-source overlord, this is a far less personal attack than previous outbursts, such as the time he slammed "some security people" as "just f#cking morons," or that unforgettable straight-to-the-point detonation: "Mauro, SHUT THE F**K UP."

  • It Looks Like PulseAudio 13.0 Will Be Releasing Soon

    It's been a year since the release of PulseAudio 12 and even eleven months since the last point release but it looks like the next PulseAudio release will be out very soon.

    The next PulseAudio release has been under discussion with the sorting out of when the release will take place and any blocker bugs. As it stands now, there is just one blocker bug remaining and that is addressing a regression.

  • A One Line Kernel Patch Appears To Solve The Recent Linux + Steam Networking Regression

    As a follow-up to the issue reported on Friday regarding the latest Linux kernel releases causing problems for Valve's Steam client, a fix appears pending that with changing around one line of code does appear to address the regression.

    Linus Torvalds got involved and pointed out a brand new kernel patch that may solve the issue. That patch was quickly reaffirmed by Linux gamers as well as prominent Valve Linux developer Pierre-Loup A. Griffais.

  • Mesa 19.1.1 release candidate
    Hello list,
    
    The candidate for the Mesa 19.1.1 is now available. Currently we have:
     - 27 queued
     - 0 nominated (outstanding)
     - and 0 rejected patch
    
    
    The current queue consists mostly in fixes for different drivers (RADV, ANV,
    Nouveau, Virgl, V3D, R300g, ...)
    
    The queue also contains different fixes for different parts (Meson build, GLX,
    etc).
    
    Take a look at section "Mesa stable queue" for more information
    
    
    Testing reports/general approval
    --------------------------------
    Any testing reports (or general approval of the state of the branch) will be
    greatly appreciated.
    
    The plan is to have 19.1.1 this Tuesday (25th June), around or shortly after
    10:00 GMT.
    
    If you have any questions or suggestions - be that about the current patch queue
    or otherwise, please go ahead.
    
    
    Trivial merge conflicts
    -----------------------
    commit 25a34df61439b25645d03510d6354cb1f5e8a185
    Author: Kenneth Graunke 
    
        iris: Fix iris_flush_and_dirty_history to actually dirty history.
    
        (cherry picked from commit 64fb20ed326fa0e524582225faaa4bb28f6e4349)
    
    
    Cheers,
        J.A.
    
  • Mesa 19.1.1 Is Coming Next Week With A Variety Of Fixes

    Debuting two weeks ago was the Mesa 19.1 quarterly feature update while due out early next week is the first bug-fix point release.

    Mesa 19.1 is a huge update over 19.0 and earlier. Mesa 19.1 brought multiple new Gallium3D drivers as well as a new Vulkan driver (TURNIP), performance optimizations, new Vulkan extensions, mature Icelake support, and a variety of other features as listed in the aforelinked article.

OpenBSD Leftovers

Filed under
BSD
  • OpenBSD Adds Initial User-Space Support For Vulkan

    Somewhat surprisingly, OpenBSD has added the Vulkan library and ICD loader support as their newest port.

    This new graphics/vulkan-loader port provides the generic Vulkan library and ICD support that is the common code for Vulkan implementations on the system. This doesn't enable any Vulkan hardware drivers or provide something new not available elsewhere, but is rare seeing Vulkan work among the BSDs. There is also in ports the related components like the SPIR-V headers and tools, glsllang, and the Vulkan tools and validation layers.

  • SSH gets protection against side channel attacks

    Implementation-wise, keys are encrypted "shielded" when loaded and then automatically and transparently unshielded when used for signatures or when being saved/serialised.

    Hopefully we can remove this in a few years time when computer architecture has become less unsafe.

  • doas environmental security

    Ted Unangst (tedu@) posted to the tech@ mailing list regarding recent changes to environment handling in doas (in -current): [...]

Programming: PNG, AArch64, Python and Tor

Filed under
Development
  • Segfaults and Twitter monkeys: a tale of pointlessness

    For a few years in the 1990s, when PNG was just getting established as a Web image format, I was a developer on the libpng team.

    One reason I got involved is that the compression patent on GIFs was a big deal at the time. I had been the maintainer of GIFLIB since 1989; it was on my watch that Marc Andreesen chose that code for use in the first graphics-capable browser in ’94. But I handed that library off to a hacker in Japan who I thought would be less exposed to the vagaries of U.S. IP law. (Years later, after the century had turned and the LZW patents expired, it came back to me.)

    Then, sometime within a few years of 1996, I happened to read the PNG standard, and thought the design of the format was very elegant. So I started submitting patches to libpng and ended up writing the support for six of the minor chunk types, as well as implementing the high-level interface to the library that’s now in general use.

    As part of my work on PNG, I volunteered to clean up some code that Greg Roelofs had been maintaining and package it for release. This was “gif2png” and it was more or less the project’s official GIF converter.

  • AArch64 support for ELF Dissector

    After having been limited to maintenance for a while I finally got around to some feature work on ELF Dissector again this week, another side-project of mine I haven’t written about here yet. ELF Dissector is an inspection tool for the internals of ELF files, the file format used for executables and shared libraries on Linux and a few other operating systems.

    [...]

    ELF Dissector had its first commit more than six years ago, but it is still lingering around in a playground repository, which doesn’t really do it justice. One major blocker for making it painlessly distributable however are its dependencies on private Binutils/GCC API. Using the Capstone disassembler is therefore also a big step towards addressing that, now only the use of the demangler API remains.

  • Weekly Python StackOverflow Report: (clxxxiii) stackoverflow python report
  • denemo @ Savannah: Release 2.3 is imminent - please test.
  • Arguments | Another way to work with user inputs – Part 7
  • Call for setting up new obfs4 bridges

    BridgeDB is running low on obfs4 bridges and often fails to provide users with three bridges per request. Besides, we recently fixed a BridgeDB issue that could get an obfs4 bridge blocked because of its vanilla bridge descriptor: <https://bugs.torproject.org/28655>

    We therefore want to encourage volunteers to set up new obfs4 bridges to help censored users. Over the last few weeks, we have been improving our obfs4 setup guide which walks you through the process: <https://trac.torproject.org/projects/tor/wiki/doc/PluggableTransports/obfs4proxy>p>

Security: Windows, 'DevSecOps', SSH, Bash and More

Filed under
Security
  • Electronic Health Records at 26 Hospitals Hit by Two-Hour Outage [iophk: "Windows TCO"]

    Universal, which manages more than 350 health-care facilities in the U.S. and U.K., declined to specify the technical issues or say how many patient records were affected. The problem lasted for less than two hours and the affected hospitals have returned to normal operations, said Eric Goodwin, chief information officer of the King of Prussia, Pennsylvania-based company.

  • DevSecOps: 4 key considerations for beginners

    Security used to be the responsibility of a dedicated team in the last development stage, but with development cycles increasing in number and speed, security practices need to be constantly updated.

    This has led to the rise of DevSecOps, which emphasizes security within DevOps. Companies need DevSecOps to make sure their initiatives run safely and securely. Without DevSecOps, DevOps teams need to rebuild and update all their systems when a vulnerability is found, wasting time and effort.

  • OpenSSH to Keep Private Keys Encrypted at Rest in RAM

    A commit for the OpenSSH project adds protection for private keys in memory when they are not in use, making it more difficult for an adversary to extract them through side-channel attacks leveraging hardware vulnerabilities.

    OpenSSH is the most popular implementation of the SSH (Secure Shell) protocol, being the default solution in many Linux distributions for encrypting connections to a remote system.

  • OpenSSH adds protection against Spectre, Meltdown, Rowhammer and RAMBleed attacks
  • GNU Bash Unsupported Characters Heap-Based Buffer Overflow Vulnerability [CVE-2012-6711]

    A vulnerability in the lib/sh/strtrans.c:anicstr function of GNU Bash could allow an authenticated, local attacker to execute code on a targeted system.The vulnerability is due buffer errors within the lib/sh/strtrans.c:anicstr function of the affected software. An attacker could exploit this vulnerability by providing print data through the echo built-in function. A successful exploit could allow the attacker to execute code on the targeted system.GNU Bash has confirmed this vulnerability and released a software patch.

  • Daily News Roundup: Malware in Your Pirated Software

    Researchers at ESET and Malwarebytes have discovered crypto mining malware hidden in pirated music production software.

  • A Method for Establishing Liability for Data Breaches

    Last month, the First American Financial Corporation—which provides title insurance for millions of Americans—acknowledged a cybersecurity vulnerability that potentially exposed 885 million private financial records related to mortgage deals to unauthorized viewers. These records might have revealed bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and driver’s license images to such viewers. If history is any guide, not much will happen and companies holding sensitive personal information on individuals will have little incentive to improve their cybersecurity postures. Congress needs to act to provide such incentives.

    The story is all too familiar, as news reports of data breaches involving the release of personal information for tens of millions of, or even a hundred million, Americans have become routine. A company (or a government agency) pays insufficient attention to cybersecurity matters despite warnings that the cybersecurity measures it takes are inadequate and therefore fails to prevent a breach that could be remediated by proper attention to such warnings. In the aftermath of such incidents, errant companies are required by law to report breaches to the individuals whose personal information has been potentially compromised. Frequently, these companies also offer free credit monitoring services to affected individuals for a year or two.

Enso OS, A Desktop Mix between Xubuntu and elementary OS

Filed under
GNU
Linux

Enso OS is a relatively new GNU/Linux distro based on Ubuntu with XFCE desktop coupled with Gala Window Manager. Looking at Enso is like looking at a mix between Xubuntu and elementary OS. It features a Super key start menu called Panther and a global menu on its top panel, making the interface very interesting to try. This overview briefly highlights the user interface for you.

Read more

Stellarium v0.19.1 has been released!

Filed under
Software
Sci/Tech

Thank you very much to community for bug reports, feature requests and contributions!

Read more

Also: Stellarium 0.19.1 Released with A Large List of Changes

Wine-Staging 4.11 Released With Its 800+ Patches On Top Of Wine

Filed under
Software
Gaming

Just hours after releasing Wine 4.11, the team maintaining the experimental/testing version of Wine -- Wine-Staging -- issued their release with more than 800 patches re-based on top.

Wine-Staging 4.11 is at 818 patches on top of upstream Wine, which is lower than previous releases thanks to a number of patches getting upstreamed this month.

Read more

Games: Ascii Patrol Game, Canonical/Valve, and Weekend Picks

Filed under
Gaming
  • Play Ascii Patrol Game in Linux Terminal!

    Typing a command in the Linux terminal is one of the exciting things. We are like a king who is giving orders to his soldiers to do certain things. Terminal on Linux has many benefits when you understand the commands that exist. In addition to executing a command, we can play games at the terminal.

    Playing games on the Linux terminal is one of entertainment. There are many Terminal-based games that you can play on the Linux terminal, one of which is Ascii Patroll. This game is inspired by the classic game "Moon Patrol", and we can run it on the CLI.

  • Valve Will Not Be Officially Supporting Ubuntu 19.10+

    The planned dropping of 32-bit support on Ubuntu saga continues... Well known Valve Linux developer Pierre-Loup Griffais has said they plan to officially stop supporting Ubuntu for Steam on Linux.

  • Valve looking to drop support for Ubuntu 19.10 and up due to Canonical's 32bit decision

    Things are starting to get messy, after Canonical announced the end of 32bit support from Ubuntu 19.10 onwards, Valve have now responded.

    [...]

    I can't say I am surprised by Valve's response here. Canonical pretty clearly didn't think it through enough on how it would affect the desktop. It certainly seems like Canonical also didn't speak to enough developers first.

    Perhaps this will give Valve a renewed focus on SteamOS? Interestingly, Valve are now funding some work on KWin (part of KDE).

  • What are you playing this weekend and what do you think about it? It's mostly Dota Underlords for me

    Let's lighten the mood a bit shall we? It's question time here on GamingOnLinux! Let's have a talk about what you've been playing recently.

    I will of course go first: Dota Underlords. I have quite the sweet spot for it already, even though I'm absolutely terrible at it. This might be the game to finally get me to kick my unhealthy Rocket League obsession, which is amazing considering how radically different they are. I adore strategy games though and unlike normal Dota, I don't need to think ridiculously quickly. Since you don't need any kind of reflexes for it, sitting back and relaxing with the Steam Controller is another reason I quite like Dota Underlords. In the evenings on weekends especially, I can be quite the lazy-gamer, so anything that allows me to kick back with it is likely to get my vote.

    After only being out for a few days, it's already annihilated the player record for Artifact. Artifact's all-time high was only just over 60K whereas Underlords has sailed past 190K, although that shouldn't be too surprising since Underlords is free and isn't rammed full of micro-transactions (yet?) and it helps being on mobile as well of course (According to one of the SteamDB folk, the mobile players are being counted too).

Stable kernels 5.1.13, 5.1.14, 4.19.54, 4.19.55, 4.14.129, 4.9.183, and 4.4.183

Filed under
Linux

Ubuntu 19.10 Dropping 32-bit Support Leaves Developers Fuming

Filed under
News

There will be no 32-bit support at all in Ubuntu 19.10. This is problematic for developers of Wine and Steam and gaming on Ubuntu might be in trouble.
Read more

Open Source Slack Alternative Mattermost Gets $50M Funding

Filed under
OSS

Mattermost, which presents itself as an open source alternative to Slack raised $50M in series B funding. This is definitely something to get excited for.

Slack is a cloud-based team collaboration software that is mainly used for internal team communication. Enterprises, startups and even open source projects worldwide use it interact with colleagues and project members. Slack is free with limited features while the paid enterprise version has premium features.

Slack is valued at $20 billion in June, 2019. You can guess the kind of impact it has made in the tech industry and certainly more products are trying to compete with Slack.

Read more

today's leftovers

Filed under
Misc
  • Important, but obscure, sysadmin tool osquery gets a foundation of its own

    But users think osquery's founder, Facebook, has been neglecting osquery. Going forward, Facebook has turned osquery over to The Linux Foundation. There, engineers and developers from Dactiv, Facebook, Google, Kolide, Trail of Bits, Uptycs, and other companies invested in osquery, will support it under the new foundation: The osquery Foundation.

    That's a good thing because while you may not have heard of osquery, many major companies, such as Airbnb, Dropbox, Netflix, Palantir, Etsy, and Uber, rely on it. This project needed a new lease on life.

    How does it work? Osquery exposes server operating system as a high-performance relational database. This allows you to write SQL-based queries to explore operating system data and low level system information. In osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.These are kept in a SQLite DBMS.

  • Running Ubuntu on the One Mix Yoga 3 mini laptop (video)

    The One Mix Yoga 3 is a small laptop that features an 8.4 inch touchscreen display and a convertible tablet-style design. It ships with Windows 10, but one of the first things I tried doing with the tablet was to boot a GNU/Linux distribution.

    I posted some notes about what happened when I took Ubuntu 19.04 for a spin on the One Mix 3 Yoga in my first-look article, but plenty of folks who watched my first look video on YouTube asked for a video… so I made one of those too.

  • Cockroach and the Source Available Future [Ed: The proprietary software giants-funded pundits like PedMonk on the openwashing agenda ("Source Available"... like "Shared Source" or "Inner Source"). What a crock.]

    Earlier this month, the database company Cockroach Labs relicensed its flagship database product. This is notable for two reasons. Most obviously, the company is following in the footsteps of several of its commercial open source database peers such as Confluent, Elastic, MongoDB, Redis Labs and TimescaleDB that have felt compelled to apply licenses that are neither open source nor, in most cases, traditionally proprietary.

    But the relicensing of CockroachDB is also interesting because this isn’t the first time the company has applied such a license.

    In January of 2017, Cockroach Labs announced the introduction of what it called the CockroachDB Community License (CCL). To the company’s credit, in the post announcing this new license, it took pains to make it clear that the CCL, while making source code available, was not in fact an open source license because it restricted redistribution. The CCL essentially enforced a two tier, open core-type business model, in which a base version of the database was made available under a permissive open source license (Apache) while certain enterprise features were made available under the CCL, which essentially requires users of these premium, enterprise-oriented features to pay for them.

    With its recent relicensing, the original dual core model has been deprecated. Moving forward, CockroachDB will be made available under two non-open source licenses – which, as an aside to Cockroach, presumably means that section 1B of the CCL probably needs to be updated. The CCL will continue to govern the premium featureset, but the original open source codebase will moving forward be governed by the Business Source License (BSL). Originally released by MariaDB, the BSL is a source available license; a license that makes source code for a project available, but places more restrictions upon its usage than is permitted by open source licenses.

  • Welcoming the newest Collaborans!

    For many, June 21, day of the Solstice, is a day of celebrations. At Collabora, we're also celebrating, as we take a moment to welcome all the newest members of our engineering and administration teams who've joined over the last year!

    Comprised of some of the most motivated and active Open Source contributors and maintainers around the world, Collaborans share an enduring passion for technology and Open Source, and these new joiners are no different.

Security FUD and Distraction From NSA Back Doors

Filed under
Security
  • Linux Cryptominer Uses Virtual Machines to Attack Windows, macOS [Ed: This is simply malware that people download and install on their machines, but hey, let's blame something else on "Linux"]

    A new cryptocurrency mining malware dubbed LoudMiner uses virtualization software to deploy a Linux XMRig coinminer variant on Windows and macOS systems via a Tiny Core Linux virtual machine.

  • Report confirms shift of botnet attack focus to Linux, IoT [Ed: A 'report' shifts focus from Microsoft Windows back doors (which are causing huge damage at the moment) to "Linux" (usually just machine with default password unchanged)]
  • Botnets shift from Windows towards Linux and IoT platforms [Ed: Microsoft money has poisoned and polluted corporate media (advertising money) to the point each time it covers "Linux" it's either a story about Linux being dangerous or a story about Vista 10 (WeaSeL)]
  • Free proxy service found running on top of 2,600+ hacked WordPress sites [Ed: Considering there are many millions of WordPress sites, many of which aren't patching properly, this is only expected and it's the fault of their administrators]
  • Four CVEs Describe SACKs of Linux and FreeBSD Vulnerabilities [Ed: When searching news for "Linux" these days almost half the results are about security because corporate media chooses to focus on nothing else, even obsessing over the same story for weeks]

    Four new CVEs present issues that have a potential DoS impact on almost every Linux user.

  • Remote Desktop Protocol

    As with any piece of software, bugs arise sooner or later. A critical security exploit allowing a man-in-the-middle- style attack was discovered in RDP version 5.2. In 2012, another critical vulnerability was discovered to allow a Windows computer to be compromised by unauthenticated clients. Version 6.1, found in Windows Server 2008, revealed a critical exploit that harvested user credentials. More recently, an exploit discovered in March 2018 allowed remote code execution attack and another credential- harvesting scenario.

Linux Hardware: Intel and Qualcomm

Filed under
Linux
Hardware
  • Intel Drops 2 Exciting Clues About The Future Of Clear Linux OS For 'Normal' Desktop Users [Ed: Intel is still trying, more desperately over time, to generate interest in its flailing GNU/Linux distro while putting back doors in every chip and doing other profoundly dubious things]

    I'm not a developer, a server administrator or anyone with advanced programming skills. I'm just a normal desktop Linux user who appreciates speed, stability, great aesthetics and ease of use. As such I've been keeping a close eye on Intel's Clear Linux, and have been insisting it's worth paying attention to. Intel's recent community efforts around Clear Linux -- and even certain touches they've implemented to the installer -- have given me the strong belief that the company is looking to serve people just like me in the near future. So I asked the burning question directly, and Intel just answered it.

  • Touch panel PCs offer a choice of 64 models mixing different sizes and Intel chips

    Taicenn’s Linux-friendly, IP65 protected “TPC-DCM” industrial panel PCs let you choose between 6th or 7th Gen U-series Core, Apollo Lake, or Bay Trail CPUs with 2x GbE, SATA, optional wireless, and capacitive touchscreens between 15 and 24 inches.

    Taicenn, which last year introduced an Intel Bay Trail based, in-vehicle TPC-DCXXXC1E panel PC has now returned with an industrial series of TPC-DCM panel PCs. You can choose between 64 configurations, with 8x Intel processor choices and 8x screen sizes: 15.0, 2x 15.6, 17.0, 18.5, 19.0, 21.5 and 24.0-inch models ranging from 1024 x 768 to 1920 x 1080 pixels.

  • Three Linux router boards showcase Qualcomm IPQ4019

    Three router SBCs that run Linux on Qualcomm’s quad -A7 IPQ4019 have reached market: The Dakota DR4019 with 2x GbE, optional SFP and Wave2 WiFi, MikroTik’s RB450Gx4 with 5x GbE and PoE, and a $200 Kefu DB11 dev kit.

KDE: Latte, Plasma Vision and GSoC

Filed under
KDE
  • Latte and "Flexible" settings...

    Following Latte and a "Shared Layouts" dream, today I am going to present you all the new settings pages for upcoming v0.9 and the approach used for them. In following screenshots you can find Basic and Advanced pages for docks and panels.

  • Plasma Vision

    The Plasma Vision got written a couple years ago, a short text saying what Plasma is and hopes to create and defines our approach to making a useful and productive work environment for your computer. Because of creative differences it was never promoted or used properly but in my quest to make KDE look as up to date in its presence on the web as it does on the desktop I’ve got the Plasma sprinters who are meeting in Valencia this week to agree to adding it to the KDE Plasma webpage.

  • Day 26

    I’m in the end of my semester at college, so I need to split my time with GSoC and my college tasks, so now I’m going slowly but on the next month I have my vacation and I’ll have all of my time dedicated to it.
    My menthors have helped me a lot so far, and I would like to say thanks for the patience, and say sorry for KDE for my initial project and for waste the first weeks on a thing that didn’t produce anything.

  • LabPlot getting prettier and also support for online datasets

    Hello everyone! I'm participating in Google Summer of Code for the second time. I'm working on KDE's LabPlot, just like last year. I'm very happy that I can work again with my former and current mentor Kristóf Fábián, and with Alexander Semke, an invaluable member of the LabPlot team, who is like a second mentor to me.

    [...]

    We had to create metadata files in order to record additional information about datasets, and also to divide them into categories and subcategories. We use a metadata data file which contains every category and subcategory and a list of datasets for every subcategory. Additionally there is a metadata file for every dataset containing various data about the dataset itself.

    In the "Datasets" section we highlight every dataset the metadata of which is locally available (in the labplot directory located in the user's home directory). When the user clicks on the "Clear cache" button every file is deleted from the above mentioned directory. The "Refresh" button provides the possibility to refresh the locally available metadata file, which contains the categories and subcategories.
    In order to make possible the import of datasets into LabPlot, and saving them into Spreadsheets I had to implement a helper class: DatasetHandler. This class processes a dataset's metadata file, configures the Spreadsheet into which the data will be loaded, downloads the dataset, processes it (based on the preferences present in the metadata file) then loads its content into the spreadsheet.

Video and Events: foss-north, KubeCon+CloudNativeCon, Fedora and Python

Filed under
OSS
  • More foss in the north

    This year, midsummer is on June 21, which marks four months from the first foss-north event outside of Gothenburg. That’s right – foss-north is going to Stockholm on October 21 and the theme will be IoT and Security. Make sure to save the date!

    We have a venue and three great speakers lined up. There will be a CFP during July and the final speakers will be announced towards September. We’re also looking for sponsors (hint hint nudge nudge).

    Now I’m off to enjoy the last hour of midsummer and enjoy the shortest night of the year. Take care and I’ll see you in Stockholm this autumn!

  • Open Source, Digital Transformation And Grape Up: Roman Swoszowski

    We sat down with Roman Swoszowski, co-founder and VP of Cloud R&D at Grape Up to get a better grip of the problems companies face and how Grape Up help these companies using Open Source technologies.

  • Pooja Yadav: Fedora Pune Meetup

    Last Saturday(June,15) , we had Fedora Pune Meetup with Fedora-30 release celebration. When I reached the venue, people were already present there and were ready to start the event. We started according to the agenda with our first talk from Pravin Satpute on Fedora-30 features which was great, as people were really interested in knowing the new features added.

  • Talk Python to Me: #217 Notebooks vs data science-enabled scripts

    On this episode, I meet up with Rong Lu and Katherine Kampf from Microsoft while I was at BUILD this year. We cover a bunch of topics around data science and talk about two opposing styles of data science development and related tooling: Notebooks vs Python code files and editors.

  • Montreal Python User Group: Montréal-Python 75: Funky Urgency

    The summer has started and it's time for our last edition before the seasonal break. We are inviting you for the occasion at our friends Anomaly, a co-working space in the Mile-End.

    As usual, it's gonna be an opportunity to discover how people are pushing our favourite language farther, to understand how to identify bad habit of most programmers and to have fun with data!

    Join us on Wednesday, there's gonna be pizza and we're probably gonna continue the evening to share more about our latest discoveries.

Syndicate content

More in Tux Machines

Fedora Workstation 31, AAC Support

  • Fedora Workstation 31 to come with Wayland support, improved core features of PipeWire, and more

    On Monday, Christian F.K. Schaller, Senior Manager for Desktop at Red Hat, shared a blog post that outlined the various improvements and features coming in Fedora Workstation 31. These include Wayland improvements, more PipeWire functionality, continued improvements around Flatpak, Fleet Commander, and more.

  • Fedora's AAC Support Finally Seeing Audio Quality Improvements

    Fedora's version of the FDK-AAC library that they began shipping in 2017 to finally provide AAC audio support strips out what was patented encumbered functionality. But that gutting of the code did cause some problems like audio playback glitches that are now being addressed. Fortunately, better AAC support is on the way to Fedora. There is this F30 update pending to provide an updated AAC implementation with quality enhancements.

Mozilla: Firefox's Gecko Media Plugin & EME Architecture, Accessibility, Firefox 68 Beta 10 Testday Results

  • Chris Pearce: Firefox's Gecko Media Plugin & EME Architecture

    For rendering audio and video Firefox typically uses either the operating system's audio/video codecs or bundled software codec libraries, but for DRM video playback (like Netflix, Amazon Prime Video, and the like) and WebRTC video calls using baseline H.264 video, Firefox relies on Gecko Media Plugins, or GMPs for short. This blog post describes the architecture of the Gecko Media Plugin system in Firefox, and the major class/objects involved, as it looked in June 2019. For DRM video Firefox relies upon Google's Widevine Content Decryption Module, a dynamic shared library downloaded at runtime. Although this plugin doesn't conform to the GMP ABI, we provide an adapter to allow it to be run through the GMP system. We use the same Widevine CDM plugin that Chrome uses. For decode and encode of H.264 streams for WebRTC, Firefox uses OpenH264, which is provided by Cisco. This plugin implements the GMP ABI.

  • Hacks.Mozilla.Org: How accessibility trees inform assistive tech

    The web is accessible by default. It was designed with features to make accessibility possible, and these have been part of the platform pretty much from the beginning. In recent times, inspectable accessibility trees have made it easier to see how things work in practice. In this post we’ll look at how “good” client-side code (HTML, CSS and JavaScript) improves the experience of users of assistive technologies, and how we can use accessibility trees to help verify our work on the user experience.

  • QMO: Firefox 68 Beta 10 Testday Results

    As you may already know, Friday June 14th – we held a new Testday event, for Firefox 68 Beta 10.

Security Leftovers/FUD

  • New Linux Worm Attacks IoT Devices [Ed: How to blame "Linux" for default passwords in devices (and some now also blame "Iran", citing a CIA 'proxy' Recorded Future in relation to this because they want war)]

    Silex has 'bricked' more than 2000 Linux-based IoT devices so far.

  • Your server remote login isn't root:password, right? Cool. You can keep your data. Oh sh... your IoT gear, though? [Ed: All this "Silex" 'news' tries to blame Iran for cracking by guessing default passwords; but this is attempted every day by dozens of nations, every minute in a lot of cases. Any political motivation behind this Iran angle?]

    Earlier this week, infosec outfit Recorded Future claimed a Tehran-backed group known as Elfin, or APT33, has been increasingly active in recent months, largely targeting industrial facilities and companies within Saudi Arabia that do business with the US and other Western countries.
  • 'Silex' Malware Renders Internet-of-Things Devices Useless. Here's How to Prevent It [Ed: War lovers' media, e.g. Fortune (see parent) and CBS (through ZDNet) push this whole "Iran" angle, manufactured in part by Recorded Future, which works with the CIA. This is the source of all these "Iran is cracking your gear" stories (every large nation does it all the time, so why the focus on Iran all of a sudden?)]
  • Silex malware targeting IoT devices spotted by security researchers
  • Daily News Roundup: Hackers Broke into Ten Telecom Networks [Ed: Definitely sounds like they used Windows, which executes malware without obstructing the users (who might just open an E-mail or click on a link)]

    Security researchers have revealed hackers spent years burrowing into ten different telecoms. Using a common method of an email with a link leading to malware, the hackers then used sophisticated techniques to target specific individuals. Security researchers at Cybereason revealed details of years-long attempts to break into telecom services (cell phone carriers). Starting in 2017, and possibly before, hackers sent emails to unsuspecting telecom employees with malicious links. The initial payload gave the hackers access to the telecom networks. Once in, the hackers ultimately compromised the network, gaining administrative privileges, and even creating a VPN on the system that let hackers access large amounts of data and empowered them even to shut down the telecom network entirely. The hackers had so much power that Amit Serper, Principal Security Researcher at Cybereason, described them as essentially a “de facto shadow IT department of the company.”

Kernel: LWN's Latest (SACK etc.) and Phoronix on Saitek R440 Force Racing Wheel Support Coming to Linux

  • The TCP SACK panic

    Selective acknowledgment (SACK) is a technique used by TCP to help alleviate congestion that can arise due to the retransmission of dropped packets. It allows the endpoints to describe which pieces of the data they have received, so that only the missing pieces need to be retransmitted. However, a bug was recently found in the Linux implementation of SACK that allows remote attackers to panic the system by sending crafted SACK information. Data sent via TCP is broken up into multiple segments based on the maximum segment size (MSS) specified by the other endpoint—or some other network hardware in the path it traversed. Those segments are transmitted to that endpoint, which acknowledges that it has received them. Originally, those acknowledgments (ACKs) could only indicate that it had received segments up to the first gap; so if one early segment was lost (e.g. dropped due to congestion), the endpoint could only ACK those up to the lost one. The originating endpoint would have to retransmit many segments that had actually been received in order to ensure the data gets there; the status of the later segments is unknown, so they have to be resent. In simplified form, sender A might send segments 20-50, with segments 23 and 37 getting dropped along the way. Receiver B can only ACK segments 20-22, so A must send 23-50 again. As might be guessed, if the link is congested such that segments are being dropped, sending a bunch of potentially redundant traffic is not going to help things.

  • Short waits with umwait

    If a user-space process needs to wait for some event to happen, there is a whole range of mechanisms provided by the kernel to make that easy. But calling into the kernel tends not to work well for the shortest of waits — those measured in small numbers of microseconds. For delays of this magnitude, developers often resort to busy loops, which have a much smaller potential for turning a small delay into a larger one. Needless to say, busy waiting has its own disadvantages, so Intel has come up with a set of instructions to support short delays. A patch set from Fenghua Yu to support these instructions is currently working its way through the review process. The problem with busy waiting, of course, is that it occupies the processor with work that is even more useless than cryptocoin mining. It generates heat and uses power to no useful end. On hyperthreaded CPUs, a busy-waiting process could prevent the sibling thread from running and doing something of actual value. For all of these reasons, it would be a lot nicer to ask the CPU to simply wait for a brief period until something interesting happens. To that end, Intel is providing three new instructions. umonitor provides an address and a size to the CPU, informing it that the currently running application is interested in any writes to that range of memory. A umwait instruction tells the processor to stop executing until such a write occurs; the CPU is free to go into a low-power state or switch to a hyperthreaded sibling during that time. This instruction provides a timeout value in a pair of registers; the CPU will only wait until the timestamp counter (TSC) value exceeds the given timeout value. For code that is only interested in the timeout aspect, the tpause instruction will stop execution without monitoring any addresses.

  • Dueling memory-management performance regressions

    The 2019 Linux Storage, Filesystem, and Memory-Management Summit included a detailed discussion about a memory-management fix that addressed one performance regression while causing another. That fix, which was promptly reverted, is still believed by most memory-management developers to implement the correct behavior, so a patch posted by Andrea Arcangeli in early May has relatively broad support. That patch remains unapplied as of this writing, but the discussion surrounding it has continued at a slow pace over the last month. Memory-management subsystem maintainer Andrew Morton is faced with a choice: which performance regression is more important? The behavior in question relates to the intersection of transparent huge pages and NUMA policy. Ever since this commit from Aneesh Kumar in 2015, the kernel will, for memory areas where madvise(MADV_HUGEPAGE) has been called, attempt to allocate huge pages exclusively on the current NUMA node. It turns out that the kernel will try so hard that it will go into aggressive reclaim and compaction on that node, forcing out other pages, even if free memory exists on other nodes in the system. In essence, enabling transparent huge pages for a range of memory has become an equivalent to binding that memory to a single NUMA node. The result, as observed by many, can be severe swap storms and a dramatic loss of performance. In an attempt to fix this problem, Arcangeli applied a patch in November 2018 that loosened the tight binding to the current node. But, it turned out, some workloads want that binding behavior. Local huge pages will perform better than huge pages on a remote node; even local small pages tend to be better than remote huge pages. For some tasks, the performance penalty for using remote pages is high enough that it is worth going to great lengths — even enduring a swap storm at application startup — to avoid it. No such workload has been publicly posted, but the patch was reverted by David Rientjes in December after a huge discussion.

  • Rebasing and merging in kernel repositories

    What follows is a kernel document I have been working on for the last month in the hope of reducing the number of subsystem maintainers who run into trouble during the merge window. If all goes according to plan, this text will show up in 5.3 as Documentation/maintainer/rebasing-and-merging.txt. On the off chance that some potentially interested readers might not be monitoring additions to the nascent kernel maintainer's handbook, I'm publishing the text here as well. Maintaining a subsystem, as a general rule, requires a familiarity with the Git source-code management system. Git is a powerful tool with a lot of features; as is often the case with such tools, there are right and wrong ways to use those features. This document looks in particular at the use of rebasing and merging. Maintainers often get in trouble when they use those tools incorrectly, but avoiding problems is not actually all that hard. One thing to be aware of in general is that, unlike many other projects, the kernel community is not scared by seeing merge commits in its development history. Indeed, given the scale of the project, avoiding merges would be nearly impossible. Some problems encountered by maintainers result from a desire to avoid merges, while others come from merging a little too often.

  • Years Late But Saitek R440 Force Racing Wheel Support Is On The Way For Linux

    If you happen to have a Saitek R440 Force Wheel or looking to purchase a cheap and used racing wheel for enjoying the various Linux racing game ports or even the number of games working under Steam Play like F1 2018 and DiRT Rally 2.0, Linux support is on the way. The Saitek R440 Force Wheel can still be found from the likes of eBay for those wanting a cheap/used PC game racing wheel. Now coming soon to the Linux kernel is support for this once popular gaming wheel -- which was originally released back in 2004. The Linux kernel patch originally adding the Saitek R440 was sent last year only to be resent out recently in an attempt for mainline acceptance.