• Spectre/Meltdown/L1TF/MDS Mitigation Costs On An Intel Dual Core + HT Laptop

  Following the recent desktop CPU benchmarks and server CPU benchmarks following the MDS/ZombieLoad mitigations coming to light and looking at the overall performance cost to mitigating these current CPU vulnerabilities, there was some speculation by some in the community that the older dual-core CPUs with Hyper Threading would be particularly hard hit. Here are some benchmarks of a Lenovo ThinkPad with Core i7 Broadwell CPU looking at those mitigation costs.

• Fending off Zombieload attacks will crush your performance

• List of MDS Speculative Execution Vulnerability Advisories & Updates

This is a Linux Gnome 3 Debian “PureOS” based smartphone currently in development. It’s being designed with as much open-source audit-able software and hardware as possible. The intent with this device is to give you full control over your privacy. It’s not available yet, but the company behind it (Purism) also has some laptops and services that are very privacy focused.

Data mining is the process of analyzing large amounts of data for obtaining useful information. It has incredibly diverse applications in fields of academic research and business. Researchers use data mining for inferring new solutions to computational research problems while corporations depend on it for gaining the upper hand in business revenues. Companies like Amazon utilize different data mining techniques for improving on their product recommendation engine while search giants like Google and Microsoft leverage them for effectively ranking their search engine results. Thanks to the increasing demand for Data Science in general, a plethora of robust data mining software for Linux has been shipped in the past decades. Stay with us to know more about the top 20 Linux data mining software.

Adding to the list of positive changes with GNOME 3.34 due out this September is lowering possible output lag when running GNOME's Mutter on X11/X.Org.

GNOME has experienced higher output lag on X.Org-based sessions rather than Wayland in some configurations. In particular, the higher output lag on X11 could be experienced when dragging around windows and seeing possible lag. Fortunately, as of today's latest Mutter 3.33 series development code, that lag has been addressed.

• Python built-ins worth learning

  In every Intro to Python class I teach, there’s always at least one “how can we be expected to know all this” question.

• Append Contents to a File

  In this article, we'll examine how to append content to an existing file using Python.

• The 2019 Python Language Summit

  The Python Language Summit is a small gathering of Python language implementers, both the core developers of CPython and alternative Pythons, held on the first day of PyCon. The summit features short presentations from Python developers and community members, followed by longer discussions. The 2019 summit is the first held since Guido van Rossum stepped down as Benevolent Dictator for Life, replaced by a five-member Steering Council.

• Petr Viktorin: Extension Modules And Subinterpreters

• Episode #131: Python 3 has issues (over on GitHub)

• PyCoder’s Weekly: Issue #369 (May 21, 2019)

• Interactive Data Visualization in Python With Bokeh

• Security updates for Tuesday

• Google Joins The Evidence-Optional Assault On Huawei

  So we've noted several times now how the US efforts to blacklist Huawei from global telecom markets haven't much in the way of, oh, supporting evidence. The Trump administration and FCC have taken all manner of actions to try and blackball the company, from pressuring U.S. carriers to drop plans to sell Huawei phones to the FCC's decision to ban companies from using Huawei gear if they want to receive federal subsidies.

  The underlying justification for these moves has centered on the idea that Huawei operates as a surveillance extension of the Chinese government, something that still hasn't been proven despite a decade's worth of claims to this effect, and an eighteen month investigation by the White House.

  That's not to say the Chinese government is an innocent little daisy. Nor is it meant to suggest that it's impossible that Huawei spies on Americans. But the lack of any actual public evidence of spying remains troubling all the same, given that if the shoe were on the other foot, there'd be no shortage of face-fanning consternation on the part of American politicians and industry.

• Nearly 20% of the 1000 Most Popular Docker Containers Have No Root Password

  Earlier this month, Talos released research showing that the Alpine Linux docker images were shipping with no (or nulled) root passwords. Alpine patched the docker files, and issued their response to the vulnerability here, noting that “an attacker who compromised your system via an unrelated security vulnerability, or a user with shell access, could elevate their privileges to root within the container.”

• Let us subject MDS vulnerability to the glare of truth

  In the last three days, we’ve received a whole bunch of questions like Should I disable Hyper-Threading or not? and How Hyper-Threading disabling can impact performance? So, here we are with some important information about the point.

  But what is the problem? CPU has two execution threads per physical core. Both threads share the same resources inside the CPU. It means sibling cores can see the same data as the primary core can.

• Is Linux Safer Than Windows and macOS?

  Cybersecurity is extremely important – now more than ever. If you start to do research, however, you’ll find a debate going on about which operating system is the safest. These days, more IT professionals and companies are preaching the benefits of Linux systems. There are definitely some security advantages to the platform. But like everything in the computer world, so much comes down to user training. Even if you have a very secure platform, a virus can still be a problem. So let’s take a look at Linux and some of the advanced security measures you need to take.

• mesa 19.0.5

  Hi List,
  
  I'd like to announce the availability of mesa 19.0.5. Just as a reminder the
  plan is to have one more release of the 19.0 series in two weeks, but that is
  subject to change base on the 19.1 release progress.
  
  Things have slowed back down from the last release, which is good for this late
  in the series. No one area has received too much work, with a little bit
  sprinkled in here and there in both core code and drivers.
  
  Dylan
  
  Shortlog
  ========
  
  Caio Marcelo de Oliveira Filho (2):
        nir: Fix nir_opt_idiv_const when negatives are involved
        nir: Fix clone of nir_variable state slots
  
  Charmaine Lee (2):
        st/mesa: purge framebuffers with current context after unbinding winsys buffers
        mesa: unreference current winsys buffers when unbinding winsys buffers
  
  Dylan Baker (5):
        docs: Add SHA256 sums for mesa 19.0.4
        cherry-ignore: add patches for panfrost
        cherry-ignore: Add more 19.1 patches
        bump version to 19.0.5
        docs: Add release notes for 19.0.5
  
  Eric Engestrom (1):
        meson: expose glapi through osmesa
  
  Gert Wollny (2):
        softpipe/buffer: load only as many components as the the buffer resource type provides
        Revert "softpipe/buffer: load only as many components as the the buffer resource type provides"
  
  Ian Romanick (1):
        Revert "nir: add late opt to turn inot/b2f combos back to bcsel"
  
  Jason Ekstrand (3):
        intel/fs/ra: Only add dest interference to sources that exist
        intel/fs/ra: Stop adding RA interference to too many SENDS nodes
        anv: Only consider minSampleShading when sampleShadingEnable is set
  
  Józef Kucia (1):
        radv: clear vertex bindings while resetting command buffer
  
  Kenneth Graunke (1):
        i965: Fix memory leaks in brw_upload_cs_work_groups_surface().
  
  Leo Liu (1):
        winsys/amdgpu: add VCN JPEG to no user fence group
  
  Lionel Landwerlin (1):
        anv: Use corresponding type from the vector allocation
  
  Marek Olšák (1):
        st/mesa: fix 2 crashes in st_tgsi_lower_yuv
  
  Nanley Chery (1):
        anv: Fix some depth buffer sampling cases on ICL+
  
  Samuel Pitoiset (1):
        radv: add a workaround for Monster Hunter World and LLVM 7&8
  
  

• Mesa 19.0.5 Released As The Series Approaches The End

  Mesa 19.0.5 is now available as what is expected to be the second to the last release in the Mesa 19.0 series.

  Mesa 19.0.5 has just around two dozen fixes, mostly all minor items. There are random fixes throughout ranging from NIR and other core components to the Intel ANV / i96t5 / Radeon RADV drivers.

• mesa 19.1.0-rc3

  Hello, list.
  
  The third release candidate for Mesa 19.1.0 is now available.
  
  Remind that right now there are two bugs blocking the final release:
  
  #110302 - [bisected][regression] piglit egl-create-pbuffer-surface and egl-gl-colorspace regressions
  #110357 - [REGRESSION] [BISECTED] [OpenGL CTS] cts-runner --type=gl46 fails in new attempted "41" configuration
  
  
  Caio Marcelo de Oliveira Filho (2):
        nir: Fix nir_opt_idiv_const when negatives are involved
        nir: Fix clone of nir_variable state slots
  
  Charmaine Lee (2):
        st/mesa: purge framebuffers with current context after unbinding winsys buffers
        mesa: unreference current winsys buffers when unbinding winsys buffers
  
  Dave Airlie (1):
        glsl: init packed in more constructors.
  
  Eric Engestrom (2):
        util/os_file: always use the 'grow' mechanism
        meson: expose glapi through osmesa
  
  Gert Wollny (1):
        Revert "softpipe/buffer: load only as many components as the the buffer resource type provides"
  
  Ian Romanick (1):
        Revert "nir: add late opt to turn inot/b2f combos back to bcsel"
  
  Jason Ekstrand (5):
        intel/fs/ra: Only add dest interference to sources that exist
        intel/fs/ra: Stop adding RA interference to too many SENDS nodes
        anv: Emulate texture swizzle in the shader when needed
        anv: Stop forcing bindless for images
        anv: Only consider minSampleShading when sampleShadingEnable is set
  
  Juan A. Suarez Romero (2):
        cherry-ignore: radeonsi: update buffer descriptors in all contexts after buffer invalidation
        Update version to 19.1.0-rc3
  
  Lionel Landwerlin (4):
        nir: fix lower_non_uniform_access pass
        vulkan/overlay-layer: fix cast errors
        vulkan/overlay: fix truncating error on 32bit platforms
        nir: lower_non_uniform_access: iterate over instructions safely
  
  Marek Olšák (1):
        radeonsi: remove old_va parameter from si_rebind_buffer by remembering offsets
  
  Nanley Chery (1):
        anv: Fix some depth buffer sampling cases on ICL+
  
  Neha Bhende (1):
        draw: fix memory leak introduced 7720ce32a
  
  Samuel Pitoiset (1):
        radv: add a workaround for Monster Hunter World and LLVM 7&8
  

• Mesa 19.1-RC3 Brings NIR, Vulkan Driver Fixes & Other Changes

  If all goes well the Mesa 19.1 release will be happening in the next week or two. But for those wanting to help test this open-source graphics driver stack, Mesa 19.1-RC3 was released today as the newest weekly release candidate.

  Mesa 19.1-RC3 isn't particularly exciting but brings a handful of changes throughout. Most of the changes this week pertain to fix-ups with the NIR code, the Intel ANV and Radeon RADV Vulkan drivers, a few core Mesa/GLSL changes, a lone RadeonSI code change, and some other minor work. The changes aren't too noticeable for end-users but at least on the RADV front is a workaround for the Monster Hunter World game when using LLVM 7/8 AMDGPU code.

Everyone who is associated with technology and core programming must have heard of names like Ubuntu, Arch Linux, Debian, and Mint. While many of you have years of experience working on various kernels, switching platforms and developing software; there’s a fair amount of individuals, who don’t have enough knowledge regarding the smaller and currently emerging distributions. One such distro of Linux is Manjaro.

Welcome to our second release of 2019, Kali Linux 2019.2, which is available for immediate download. This release brings our kernel up to version 4.19.28, fixes numerous bugs, includes many updated packages, and most excitingly, features a new release of Kali Linux NetHunter!

• Save and update passwords in Private Browsing with Firefox

  Private browsing was invented 14 years ago, making it possible for users to close a browser window and erase traces of their online activity from their computers. Since then, we’ve bundled in various levels of tracking protection and privacy control. While that’s great, some basic browser functionality pieces were missing from the Private Browsing Mode experience, namely giving you the option to save logins and passwords and giving you the power to choose which extensions you wanted enabled.

• No-Judgement Digital Definitions: What is Cryptocurrency?

  Cryptocurrency, cryptomining. We hear these terms thrown around a lot these days. It’s a new way to invest. It’s a new way to pay. It’s a new way to be deeply confused. To many of us, crypto-things sound like technobabble from sci fi movie. If you’re used to thinking about money as something that is issued by your government, kept in a bank and then traded for goods and services, then wrapping your head around cryptocurrency might be a bit of work, but we can do it!

• Let Firefox help you block cryptominers from your computer

  Is your computer fan spinning up for no apparent reason? Your electricity bill inexplicably high? Your laptop battery draining much faster than usual? It may not be all the Netflix you’re binging or a computer virus. Cryptocurrency miners may be using your computer’s resources to generate cryptocurrency without your consent. We know it sounds like something out of a video game or one of those movies that barely gets technology right, but as much as cryptomining may sound like fiction, the impact on your life can be very real.

• How to block fingerprinting with Firefox

  If you wonder why you keep seeing the same ad, over and over, the answer could be fingerprinting.

  Fingerprinting is a type of online tracking that’s different from cookies or ordinary trackers. This digital fingerprint is created when a company makes a unique profile of your computer, software, add-ons, and even preferences. Your settings like the screen you use, the fonts installed on your computer, and even your choice of a web browser can all be used to create a fingerprint.

• Firefox 67: Dark Mode CSS, WebRender, and more

  Firefox 67 is available today, bringing a faster and better JavaScript debugger, support for CSS prefers-color-scheme media queries, and the initial debut of WebRender in stable Firefox.

• The Cost of Fragmented Communication

  Mozilla recently announced that we are planning to de-commission irc.mozilla.org in favour of a yet to be determined solution. As a long time user and supporter of IRC, this decision causes me some melancholy, but I 100% believe that it is the right call. Moreover, having had an inside glimpse at the process to replace it, I’m supremely confident whatever is chosen will be the best option for Mozilla’s needs.

  I’m not here to explain why deprecating IRC is a good idea. Other people have already done so much more eloquently than I ever could have. I’m also not here to push for a specific replacement. Arguing over chat applications is like arguing over editors or version control. Yes, there are real and important differences from one application to the next, but if there’s one thing we’re spoiled for in 2019 it’s chat applications. Besides, so much time has been spent thinking about the requirements, there’s little anyone could say on the matter that hasn’t already been considered for hours.

• Version 67.0, first offered to Release channel users on May 21, 2019

• Latest Firefox Release is Faster than Ever

  With the introduction of the new Firefox Quantum browser in 2017 we changed the look, feel, and performance of our core product. Since then we have launched new products to complement your experience when you’re using Firefox and serve you beyond the browser. This includes Facebook Container, Firefox Monitor and Firefox Send. Collectively, they work to protect your privacy and keep you safe so you can do the things you love online with ease and peace of mind. We’ve been delivering on that promise to you for more than twenty years by putting your security and privacy first in the building of products that are open and accessible to all.

  Today’s new Firefox release continues to bring fast and private together right at the crossroads of performance and security. It includes improvements that continue to keep Firefox fast while giving you more control and assurance through new features that your personal information is safe while you’re online with us.

• Firefox 67.0 Released, ownCloud Announces New Server Version 10.2, Google Launches "Glass Enterprise Edition 2" Headset, Ubuntu Expands Its Kernel Uploader Team and Kenna Security Reports Almost 20% of Popular Docker Containers Have No Root Password

  Firefox 67.0 was released today. From the Mozilla blog: "Today's new Firefox release continues to bring fast and private together right at the crossroads of performance and security. It includes improvements that continue to keep Firefox fast while giving you more control and assurance through new features that your personal information is safe while you're online with us." You can download it from here, and see the release notes for details.

• Firefox 67.0 Released, Upgrading to Dav1d AV1 Decoder

  Mozilla Firefox 67.0 was released today with performance improvements and some new features.

• Firefox 67.0 Released With Better Performance, Switches To Dav1d AV1 Decoder

  Mozilla set sail Firefox 67.0 this morning as the newest version of this web browser and the update is heavy on the feature front.

  Firefox 67.0 brings a number of performance improvements, the ability to block known cryptominers/fingerprinters, better keyboard accessibility, usability/security enhancements to Private Browsing, various ease-of-use improvements, switching to DAV1D as its AV1 video decoder, FIDO U2F API support, security fixes, and various JavaScript API additions.

• Firefox 67 released

  The Mozilla blog takes a look at the Firefox 67 release.

• Getting started with the Satellite 6.5 reporting engine

• How to Build Docker Images with Dockerfile

• How To Install Apache Cassandra on Ubuntu 18.04 LTS

• How to Get IP Address in Linux

• How to Get Size of Directory in Linux

• How to Install Bludit CMS with NGINX on CentOS 7

• How to Install DataGrip on Ubuntu 18.04

• How to Install Notepad++ Editor on Ubuntu

• How to add podcasts to Vocal on Linux

• How to use iCloud on Linux

• Install RHEL8 on Virtual Box

This release fixes many security vulnerabilities. You should upgrade as soon as possible.

Audeme has released a $6.50 “Raspberry Pi MOVI Adapter” board and API to enable a Raspberry Pi pairing with its MOVI Arduino Shield for offline speech recognition and synthesis.

We’re used to seeing Arduino compatible, MCU-driven HATs and other add-ons for the Raspberry Pi, but in 2015 Audeme flipped that combo on its head with a Linux-driven voice shield for the Arduino called the MOVI Arduino Shield Speech Recognizer and Speech Synthesizer. At last weekend’s at Maker Faire Bay Area 2019, the company released a $6.50 adapter board that lets the MOVI Arduino Shield work with a Raspberry Pi.

• Google plans to add scrolling screenshots in Android R

• Google suspends Huawei's Android license

• Huawei suffers major Android setback as Google pulls access to core apps and services

• Is Huawei Really Worried about the Loss of Google's Android OS?

• Honor 20: Huawei Android phone launch defies Donald Trump

• Google Calendar and Keep Get Dark Mode on Android

• Android 9 Pie is rolling out now to the Asus Zenfone Max M2

• Android automation: Set the “Rules” and Pixel phones will do incredible things automatically

• Your Phone for Android Supports Cellular Data Sync Now

• Android Q features you'll love: Better support for foldables

• How To Set An Emergency Contact On Your Android Or iPhone's Lock Screen

The HP Linux Imaging and Printing 3.19.5 software release is now available with support for a plethora of new HP printers, among which we can mention HP LaserJet Enterprise M507n, HP LaserJet Enterprise M507dn, HP LaserJet Enterprise M507x, HP LaserJet Enterprise M507dng, HP LaserJet Managed E50145dn, HP LaserJet Managed E50145x, and HP LaserJet Enterprise MFP M528dn.

The HP LaserJet Enterprise MFP M528f, HP LaserJet Enterprise Flow MFP M528c, HP LaserJet Enterprise Flow MFP M528z, HP LaserJet Managed MFP E52645dn, HP LaserJet Managed Flow MFP E52645c, HP Color LaserJet Managed E75245dn, HP Color LaserJet Enterprise M751n, HP Color LaserJet Enterprise M751dn, and HP PageWide XL 3900PS MFP printers are also now supported by HPLIP.

What started as a summertime hobby seven years ago quickly grew into an awesome Linux distribution with an even more awesome community around it. Our goal was to make Arch Linux available to a wider audience of users by providing a streamlined, user friendly experience including a safe place for users to communicate, learn, and help one another. There have been 931,439 unique downloads of Antergos since 2014 (when we began keeping track). We think it’s safe to say we’ve accomplished our goal.

Today, we are announcing the end of this project. As many of you probably noticed over the past several months, we no longer have enough free time to properly maintain Antergos. We came to this decision because we believe that continuing to neglect the project would be a huge disservice to the community. Taking this action now, while the project’s code still works, provides an opportunity for interested developers to take what they find useful and start their own projects.

For existing Antergos users: there is no need to worry about your installed systems as they will continue to receive updates directly from Arch. Soon, we will release an update that will remove the Antergos repos from your system along with any Antergos-specific packages that no longer serve a purpose due to the project ending. Once that is completed, any packages installed from the Antergos repo that are in the AUR will begin to receive updates from there.

Also: Arch-Based Antergos Linux Distribution Calls It Quits

We are devastated by the tragic death of Martin Schwidefsky who died
in an accident last Saturday.

Martin was the most significant contributor to the initial s390 port
of the Linux Kernel and later the maintainer of the s390 architecture
backend. His technical expertise as well as his mentoring skills were
outstanding. Martin was well known for his positive mindset and his
willingness to help.

He will be greatly missed.

• This Week Twitter Taught Me: Thunderbird is Go, But Windows Text Editors are Not!

  Although it’s proving difficult to stay on (Linux related) topic, this series has proven a great success in only 3 weeks — so much so that I’m planning to launch three separate spin-offs!

  I mean, I might as well milk the franchise for all I can while the udders drip with goodwill, right?

  Keep an eye out for “This Week My Spam Folder Taught Me“, “This Fortnight a Disqus Bot Taught Me” (spoiler: bit repetitive that one) and, to serve the overlooked people-who-read-this-site-whilst-diving niche, “This Month Diving Taught Me”.

  I wouldn’t get your hopes up for the latter, though. I can’t swim, let alone dive…

• Timetable Scheduler App For Linux

  Timetable is a scheduling app available on flathub repositories. The app is maintained by the Elementary OS team and thus it’s User Interface looks like its own native OS. Might look a bit out of place on GNOME, KDE, Cinnamon, etc but still yet the app works like a charm. Read on below to get more done with Timetable.

• Juan Luis Baptiste : New docker images for upcoming mageia 7

  I have added new docker images for the upcoming mageia 7 release. Thanks to the latest work on our image build tools, the images are available in all architectures mageia 7 supports:
  x86_64
  armv7hl
  aarch64

• Manas and Marek: Improving Fedora release process

  Manas Mangaonkar (pac23) is working on the Change Management Tool, a tool for the Fedora Program Managers and contributors to propose, edit, and approve changes per Fedora’s change process. He was selected for Google Summer of Code 2019.

  We asked Manas a few questions as he prepares for his next three months working with Ben Cotton, his mentor for the summer.

• Candy Tsai: Outreachy 2019 March-August Internship – The Application Process

  Really excited to be accepted for the project “Debian Continuous Integration: user experience improvements” (referred to as debci in this post) of the 2019 March-August round of the Outreachy internship! A huge thanks to my company and my manager Frank for letting me do this since I mentioned it out of the blue. Thanks to the Women Techmakers community for letting me know this program exists.

• Ubuntu Weekly Newsletter Issue 579

• Sony's Deal With Microsoft Blindsided Its Own PlayStation Team [iophk: "RIP Playstation"]

  Last week, the companies announced a strategic partnership to co-develop game streaming technology and host some of PlayStation’s online services on the Redmond-based company’s Azure cloud platform. It comes after PlayStation spent seven years developing its own cloud gaming offering, with limited success.

  Negotiations with Microsoft began last year and were handled directly by Sony’s senior management in Tokyo, largely without the involvement of the PlayStation unit, according to people familiar with the matter. Staff at the gaming division were caught off-guard by the news. Managers had to calm workers and assure them that plans for the company’s next-generation console weren’t affected, said the people, asking not to be identified discussing private matters.

• Creating and using a custom Linux kernel on Guix System

  Guix is, at its core, a source based distribution with substitutes, and as such building packages from their source code is an expected part of regular package installations and upgrades. Given this starting point, it makes sense that efforts are made to reduce the amount of time spent compiling packages, and recent changes and upgrades to the building and distribution of substitutes continues to be a topic of discussion within Guix.

  One of the packages which I prefer to not build myself is the Linux-Libre kernel. The kernel, while not requiring an overabundance of RAM to build, does take a very long time on my build machine (which my children argue is actually their Kodi computer), and I will often delay reconfiguring my laptop while I want for a substitute to be prepared by the official build farm. The official kernel configuration, as is the case with many GNU/Linux distributions, errs on the side of inclusiveness, and this is really what causes the build to take such a long time when I build the package for myself.

  The Linux kernel, however, can also just be described as a package installed on my machine, and as such can be customized just like any other package. The procedure is a little bit different, although this is primarily due to the nature of how the package definition is written.

• Improved Logitech wireless device support in kernel 5.2

  The just released 5.2-rc1 kernel includes improved support for Logitech wireless keyboards and mice. Until now we were relying on the generic HID keyboard and mouse emulation for 27 MHz and non-unifying 2.4 GHz wireless receivers.

  Starting with the 5.2 kernel instead we actually look at the devices behind the receiver. This allows us to provide battery monitoring support and to have per device quirks, like device specific HID-code to evdev-code mappings where necessary. Until now device specific quirks where not possible because the receivers have a generic product-id which is the same independent of the device behind the receiver.

  The per device key-mapping is especially important for 27MHz wireless devices, these use the same HID-code for Fn + F1 to Fn + F12 for all devices, but the markings on the keys differ per model. Sofar it was impossible for Linux to get the mapping for this right, but now that we have per device product-ids for the devices behind the receiver we can finally fix this. As is the case with other devices with vendor specific mappings, the actual mapping is done in userspace through hwdb.

• The Better Logitech Wireless Device Support In The Linux 5.2 Kernel

  Red Hat's Hans de Goede who was involved in this latest Logitech support improvement work for the Linux 5.2 kernel has now blogged to share additional background information on the effort.