• Lessons from Carpenter – Mozilla panel discussion at ICDPPC

  The US Supreme Court recently released a landmark ruling in Carpenter vs. United States, which held that law enforcement authorities must secure a warrant in order to access citizens’ cell-site location data. At the upcoming 40th Conference of Data Protection and Privacy Commissioners, we’re hosting a panel discussion to unpack what Carpenter means in a globalised world.

• The future of online advertising – Mozilla panel discussion at ICDPPC

  At the upcoming 40th International Conference of Data Protection and Privacy Commissioners, we’re convening a timely high-level panel discussion on the future of advertising in an open and sustainable internet ecosystem.

• Ioquake3-Derived Spearmint 1.0 Engine Coming Next Month, But Ceasing Development

  Spearmint, an enhanced version of the open-source ioquake3 engine in turn derived from the id Tech 3 source code, will see the big "1.0" milestone in October. But that will also coincide with the developer and ioquake3 maintainer ceasing work on this engine now with an eighteen year lineage.

• Village building god sim 'Rise to Ruins' had an absolutely massive update

  Rise to Ruins, a village builder that mixes in some god sim fun just went through a bit of an evolution with the latest patch, which really is absolutely massive. In terms of file-size the patch was relatively small, but good things come in small packages!

• Roguelike RPG 'Depth of Extinction' is nearing release with a launch trailer

  I'm personally very excited about Depth of Extinction, a roguelike RPG with turn-based battles and an interesting setting. The release is closing in for this month and they have a new launch trailer. Note: This was a personal purchase for me.

• Puzlogic combines elements from Sudoku and Kakuro to make an interesting puzzle game

  Puzlogic from developer Eduardo Barreto was released on Steam back in July and it just recently gained Linux support. It combines elements from Sudoku and Kakuro along with some lovely ambient music to create a pretty decent and relaxing experience.

  Currently in Early Access, the developer expects the full release to be available in the first part of 2019.

• Never Split the Party, a free online team-based action-RPG is now on Linux

  Never one to pass up trying out a free game, today I tested out some of Never Split the Party, an "an ultra social rogue-like" and it's not bad. While the game is free to play, you only get given one single character. If you want access to the others, you need to buy the Fellowship DLC which will unlock the Cleric, Rogue, Mage, Ranger and Mercenary.

• Godot Engine 3.1 will have support for simplex noise generation which looks incredibly useful

  Godot Engine 3.1 [Official Site], the big upgrade coming to the open source game engine has gained another exciting feature with simplex noise generation.

• One of the fine folks in the Intel Mesa driver team has written up a post on their work improving games in DXVK

  Writing on their personal blog, Jason Ekstrand from the Intel Mesa team has written up some information on what they've been doing to improve the Intel drivers on Linux. What they're talking about isn't exactly new, since the fixes are already in Mesa but it's nice to get some information about how they came across the issues and what they did to solve them.

  Regardless of your feelings towards Wine, DXVK, Steam Play and so on, no one can ignore the benefits they bring to the people actually working on the drivers. Giving them so many more ways to test and push Linux graphics drivers is a good thing, as it means we can end up with much better drivers for all sorts of workloads (not just gaming!).

• LLVM 7.0.0 released

  The release contains the work on trunk up to SVN revision 338536 plus work on the release branch. It is the result of the community's work over the past six months, including: function multiversioning in Clang with the 'target' attribute for ELF-based x86/x86_64 targets, improved PCH support in clang-cl, preliminary DWARF v5 support, basic support for OpenMP 4.5 offloading to NVPTX, OpenCL C++ support, MSan, X-Ray and libFuzzer support for FreeBSD, early UBSan, X-Ray and libFuzzer support for OpenBSD, UBSan checks for implicit conversions, many long-tail compatibility issues fixed in lld which is now production ready for ELF, COFF and MinGW, new tools llvm-exegesis, llvm-mca and diagtool. And as usual, many optimizations, improved diagnostics, and bug fixes.

• LLVM 7.0 Released: Better CPU Support, AMDGPU Vega 20; Clang 7.0 Gets FMV & OpenCL C++

  As anticipated, LLVM release manager Hans Wennborg announced the official availability today of LLVM 7.0 compiler stack as well as associated sub-projects including the Clang 7.0 C/C++ compiler front-end, Compiler-RT, libc++, libunwind, LLDB, and others.

  There is a lot of LLVM improvements ranging from CPU improvements for many different architectures, Vega 20 support among many other AMDGPU back-end improvements, the new machine code analyzer utility, and more. The notable Clang C/C++ compiler has picked up support for function multi-versioning (FMV), initial OpenCL C++ support, and many other additions. See my LLVM 7.0 / Clang 7.0 feature overview for more details on the changes with this six-month open-source compiler stack update.

• How To Use Android Without Google: Google Services Alternatives For 2018

• How to update your smartphone to Android 9.0 Pie

• Car deal earns Android serious dashboard real estate

• Google, Automakers to Bring Android to Cars

• TomTom killer? Your next car could come with Google Android

• Look out, iPhone XS: A boatload of powerful Android phones are coming in October

Linux and the open source business model are far different today than many of the early developers might have hoped. Neither can claim a rags-to-riches story. Rather, their growth cycles have been a series of hit-or-miss milestones.

The Linux desktop has yet to find a home on the majority of consumer and enterprise computers. However, Linux-powered technology has long ruled the Internet and conquered the cloud and Internet of Things deployments. Both Linux and free open source licensing have dominated in other ways.

Microsoft Windows 10 has experienced similar deployment struggles as proprietary developers have searched for better solutions to support consumers and enterprise users.

• What is the Function of Shebang in Linux?

• How to list repositories on Linux

• My summary of the OpenStack Stein PTG in Denver

• Identity Management for Systems in a DMZ

  In this post we will be talking about managing Linux systems that are located in a demilitarized zone (DMZ) also referred to as a perimeter network. From the identity management and authentication perspective, DMZ installations create a particular challenge: How can we provide identity and authentication services without jeopardizing the integrity of our perimeter security?

• This Week in Rust 252

  Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed. This is a weekly summary of its progress and community. Want something mentioned?

• Everything old is new again

  Just because KDE4-era software has been deprecated by the KDE-FreeBSD team in the official ports-repository, doesn’t mean we don’t care for it while we still need to. KDE4 was released on January 11th, 2008 — I still have the T-shirt — which was a very different C++ world than what we now live in. Much of the code pre-dates the availability of C++11 — certainly the availability of compilers with C++11 support. The language has changed a great deal in those ten years since the original release.

  The platforms we run KDE code on have, too — FreeBSD 12 is a long way from the FreeBSD 6 or 7 that were current at release (although at the time, I was more into OpenSolaris). In particular, since then the FreeBSD world has switched over to Clang, and FreeBSD current is experimenting with Clang 7. So we’re seeing KDE4-era code being built, and running, on FreeBSD 12 with Clang 7. That’s a platform with a very different idea of what constitutes correct code, than what the code was originally written for. (Not quite as big a difference as Helio’s KDE1 efforts, though)

• Let’s take this bug, for example…

  Krita’s 2018 fund raiser is all about fixing bugs! And we’re fixing bugs already. So, let’s take a non-technical look at a bug Dmitry fixed yesterday. This is the bug: “key sequence ctrl+w ambiguous with photoshop compatible bindings set” And this is the fix.

• GNOME.Asia 2018

  GNOME.Asia 2018 was co-hosted with COSCUP and openSUSE Asia this year in Taipei, Taiwan. It was a good success and I enjoyed it a lot. Besides, meeting old friends and making new ones are always great.

Businesses seeking to improve their data integration know that today's data integration software perform complex tasks. They enable applications to access data associated with other applications, and also to migrate data from one platform to another, transforming it as necessary. Given this sophistication, selecting the best data integration tool is far from easy.

Adding to the complexity of the selection process: early data integration tools focused on ETL – extract, transform, and load processes. However, most of today's data integration products have much more advanced capabilities and can generally connect both on-premises and cloud-based data. Many also integrate with other data management products, such as business intelligence (BI), analytics, master data management (MDM), data governance and data quality solutions.

To help sort through the complex options, the list below highlights five of the best open source data integration tools, based on vendor profile and completeness of their data integration tool set.

Ubuntu Budgie 18.04 LTS is the latest release of Ubuntu budgie. As part of Ubuntu 18.04 flavor this release ships with latest Budgie desktop 10.4 as default desktop environment. Powered by Linux 4.15 kernel and shipping with the same internals as Ubuntu 18.04 LTS (Bionic Beaver), the Ubuntu Budgie 18.04 LTS official flavor will be supported for 3 years, until April 2021.

Prominent new features include support for adding OpenVNC connections through the NetworkManager applet, better font handling for Chinese and Korean languages, improved keyboard shortcuts, color emoji support for GNOME Characters and other GNOME apps, as well as window-shuffler capability.

Ubuntu Budgie 18.04 LTS also ships with a new exciting GTK+ theme by default called Pocillo, support for dynamic workspaces, as well as a “minimal installation” option in the graphical installer that lets users install Ubuntu Budgie with only the Chromium web browser and a handful of basic system utilities.

• BU Spark! teams up with Red Hat, hosts software design workshop

  Students traveled across Boston to its Fort Point neighborhood to attend a BU Spark! workshop about interaction design Friday. There they delved into interaction design and explored how to develop user-friendly software.

  BU Spark! and Red Hat Inc. hosted the Interaction Design Bootcamp jointly at Red Hat’s Boston office. BU students and Spark! Interaction design fellows attended.

  Red Hat is a software company that specializes in information technology and has a research relationship with Boston University that includes educational elements. The programs taught by Red Hat focus on user experience design, one of Red Hat’s specializations, according to their website.

• Open source can spark innovative business transformation in government, Red Hat leaders say

  The federal government, largely hamstrung by legacy systems, is in need of a major digital transformation. Open source technology can be the spark that sets off that revolution, leaders from open-source software company Red Hat said Tuesday.

  “The types of technologies that you choose matter,” said Mike Walker, global director of Open Innovation Labs at Red Hat. “It will influence the way your business operates and open new doors to new business process, and ultimately allow you to become a software company that can achieve some of those innovations and reductions in cost and time.”

• Kubernetes Ingress vs OpenShift Route

  Although pods and services have their own IP addresses on Kubernetes, these IP addresses are only reachable within the Kubernetes cluster and not accessible to the outside clients. The Ingress object in Kubernetes, although still in beta, is designed to signal the Kubernetes platform that a certain service needs to be accessible to the outside world and it contains the configuration needed such as an externally-reachable URL, SSL, and more.

  Creating an ingress object should not have any effects on its own and requires an ingress controller on the Kubernetes platform in order to fulfill the configurations defined by the ingress object.

  Here at Red Hat, we saw the need for enabling external access to services before the introduction of ingress objects in Kubernetes, and created a concept called Route for the same purpose (with additional capabilities such as splitting traffic between multiple backends, sticky sessions, etc). Red Hat is one of the top contributors to the Kubernetes community and contributed the design principles behind Routes to the community which heavily influenced the Ingress design.

• VirtualBox DRM/KMS Driver Proceeding With Atomic Mode-Setting Support

  The "vboxvideo" DRM/KMS driver for use by VirtualBox guest virtual machines that has been part of the mainline Linux kernel the past several cycles will soon see atomic mode-setting support.

  Hans de Goede of Red Hat, who has been stewarding this driver into the Linux kernel after Oracle has failed to do so, is tackling the atomic mode-setting as his latest advancement to this driver important for a VirtualBox desktop VM experience. Published today were initial patches preparing the move to atomic mode-setting but not yet the full migration to this modern display API that offers numerous benefits.

• A Roadblock Ahead? – Red Hat, Inc. (RHT), Ingersoll-Rand Plc (IR)

• Red Hat Shares Have Even Upside-Downside Profile, JPMorgan Says In Downgrade

• Earnings Preview: Red Hat poised to deliver earnings growth for Q2

• J.P. Morgan Securities Slams Red Hat Stock With Downgrade Before Earnings

• Red Hat Inc. (RHT) Moves Lower on Volume Spike for September 18

• IBM launches tool aimed at detecting AI bias

  The Fairness 360 Kit will also scan for signs of bias and recommend adjustments.

  There is increasing concern that algorithms used by both tech giants and other firms are not always fair in their decision-making.

• IBM launches tools to detect AI fairness, bias and open sources some code

  IBM said it will launch cloud software designed to manage artificial intelligence deployments, detect bias in models and mitigate its impact and monitor decision across multiple frameworks.

  The move by IBM highlights how AI management is becoming more of an issue as companies deploy machine learning and various models to make decisions. Executives are likely to have trouble understanding models and the data science under the hood.

• IBM Debuts Tools to Help Prevent Bias In Artificial Intelligence

• Linux Patches Surface For Supporting The Creative Sound BlasterX AE-5

  Last year Creative Labs introduced the Sound BlasterX AE-5 PCI Express gaming sound card while finally there are some patches pending for supporting this high-end sound card in Linux.

  Connor McAdams who most recently got the Creative Recon3D support into good shape on Linux has now been working on getting the Sound BlasterX AE-5 working well on Linux.

• Blockchain Training Takes Off

  Meanwhile, job postings related to blockchain and Hyperledger are taking off, and knowledge in these areas is translating into opportunity. Careers website Glassdoor lists thousands of job posts related to blockchain.

• AMD Picasso Support Comes To The RadeonSI OpenGL Driver

  Last week AMD sent out initial support for yet-to-be-released "Picasso" APUs with the Linux AMDGPU kernel graphics driver. Today on the user-space side the support was merged for the OpenGL RadeonSI Gallium3D driver.

  Picasso details are still fairly light but they are expected to be similar to Raven Ridge and for the AM4 processor socket as well as an edition for notebooks. On the same day as publishing the Picasso AMDGPU kernel patches, AMD also went ahead and published the Linux patches for the "Raven 2" APUs too.

• The GeForce RTX 2080 Ti Arrives For Linux Benchmarking

  It looks like NVIDIA has their launch-day Linux support in order for the GeForce RTX 2080 "Turing" graphics cards slated to ship later this week as arriving today at Phoronix was the RTX 2080 Ti.

  The GeForce RTX 2080 Ti is NVIDIA's new flagship desktop GPU with the Turing GPU architecture, 4352 CUDA cores, a 1635MHz boost clock speed rating for this Founder's Edition model, 11GB of GDDR6 video memory yielding a 616 GB/s memory bandwidth rating, and designed to suit real-time ray-tracing workloads with their RTX technology. Pricing on the RTX 2080 Ti Founder's Edition is $1,199 USD. Last week NVIDIA published more details on the Turing architecture for those interested as well as on the new mesh shader capability.

• Windows, Linux Servers Beware: New Malware Encrypts Files Even After Ransom Is Paid

  Ransomware skyrocketed from obscurity to infamy in no time flat. Headline-grabbing campaigns like WannaCry, Petya and NotPetya preceded a substantial increase in the number of small attacks using similar techniques to extort unwary internet users. Now, researchers at Palo Alto Networks have revealed new malware that carries on NotPetya's legacy while combining various types of threats into a single package.

  The researchers, dubbed Unit 42, named this new malware Xbash. It's said to combines a bot net, ransomware and cryptocurrency mining software in a single worm and targets servers running Linux or Windows. The researchers blame an entity called the Iron Group for Xbash's creation, which has been linked to other ransomware attacks. The malware is thought to have first seen use in May 2018.

• Xbash Malware Deletes Databases on Linux, Mines for Coins on Windows

• CCTV Cameras Are Susceptible To Hacks; Hackers Can Modify Video Footage

  A vulnerability has been discovered in video surveillance camera software that could allow hackers to view, delete or modify video footage.

  A research paper published by Tenable, a security firm, has revealed a vulnerability named Peekaboo in the video surveillance systems of NUUO. By exploiting the software flaw, hackers can acquire the admin privileges and can monitor, tamper and disable the footage.

• Tenable Research Discovers “Peekaboo” Zero-Day Vulnerability in Global Video Surveillance Software

  Tenable®, Inc., the Cyber Exposure company, today announced that its research team has discovered a zero-day vulnerability which would allow cybercriminals to view and tamper with video surveillance recordings via a remote code execution vulnerability in NUUO software — one of the leading global video surveillance solution providers. The vulnerability, dubbed Peekaboo by Tenable Research, would allow cybercriminals to remotely view video surveillance feeds and tamper with recordings using administrator privileges. For example, they could replace the live feed with a static image of the surveilled area, allowing criminals to enter the premises undetected by the cameras.

• 5 ways DevSecOps changes security

  There’s been an ongoing kerfuffle over whether we need to expand DevOps to explicitly bring in security. After all, the thinking goes, DevOps has always been something of a shorthand for a broad set of new practices, using new tools (often open source) and built on more collaborative cultures. Why not DevBizOps for better aligning with business needs? Or DevChatOps to emphasize better and faster communications?

  However, as John Willis wrote earlier this year on his coming around to the DevSecOps terminology, “Hopefully, someday we will have a world where we no longer have to use the word DevSecOps and security will be an inherent part of all service delivery discussions. Until that day, and at this point, my general conclusion is that it’s just three new characters. More importantly, the name really differentiates the problem statement in a world where we as an industry are not doing a great job on information security.”

Ever since I started blogging about my role in FSFE as Fellowship representative, I've been receiving communications and queries from various people, both in public and in private, about the relationship between FSF and FSFE. I've written this post to try and document my own experiences of the issue, maybe some people will find this helpful. These comments have also been shared on the LibrePlanet mailing list for discussion (subscribe here)

Being the elected Fellowship representative means I am both a member of FSFE e.V. and also possess a mandate to look out for the interests of the community of volunteers and donors (they are not members of FSFE e.V). In both capacities, I feel uncomfortable about the current situation due to the confusion it creates in the community and the risk that volunteers or donors may be confused.

The FSF has a well known name associated with a distinctive philosophy. Whether people agree with that philosophy or not, they usually know what FSF believes in. That is the power of a brand.

When people see the name FSFE, they often believe it is a subsidiary or group working within the FSF. The way that brands work, people associate the philosophy with the name, just as somebody buying a Ferrari in Berlin expects it to do the same things that a Ferrari does in Boston.

To give an example, when I refer to "our president" in any conversation, people not knowledgeable about the politics believe I am referring to RMS. More specifically, if I say to somebody "would you like me to see if our president can speak at your event?", some people think it is a reference to RMS. In fact, FSFE was set up as a completely independent organization with distinct membership and management and therefore a different president. When I try to explain this to people, they sometimes lose interest and the conversation can go cold very quickly.

• Google partners w/ Renault, Nissan, Mitsubishi to offer Assistant, Maps, & Android on 2021 cars

• Renault-Nissan alliance takes Google Android for a drive

• Renault-Nissan-Mitsubishi adopts Android infotainment in coup for Google

• 91 “child friendly” Android apps accused of exploitation

• How to change the quick settings in your notification drawer on Android Pie

• Google Is Testing A Floating Keyboard On Android

• Here's our first look at Android Pie on the Samsung Galaxy S9 Plus

• BlueStacks 4 boasts better Android gaming on PCs than on [UPDATE]

• PDF edit app Flexcil eyes cross-device expansion into iPhone and Android

A smart home is a lot more than just lights, switches and thermostats that you can control remotely from your phone. To truly make a Smart Home, the devices must be reactive and work together. This is generally done with a Rule System: a set of maxims that automate actions based on conditions. It is automation that makes a home smart.

There are a couple options for a rule system with the Things Gateway from Mozilla. First, there is a rule system built into the Web GUI, accessed via the Rules option in the drop down menu. Second, there is the Web Things API that allows programs external to the Things Gateway to automate the devices that make up a smart home. Most people will gravitate to the former built-in system, as it is the most accessible to those without predilection to writing software. This blog post is going to focus on the this rules system native to the Things Gateway.

• Kong 1.0 Debuts Providing Open Source API Platform for Cloud Native Applications

• Kong 1.0 launches: the only open source API platform specifically built for microservices, cloud, and serverless

• Kong 1.0 launches to help meet scalability demands

• Running Ubuntu VMs on Windows just got a whole lot more streamlined

• Hyper-V Quick Create Feature Makes Creating Ubuntu Virtual Machines Easier

• The Humble One Special Day Bundle is live with two nice Linux games

  The Humble One Special Day Bundle just went live and it has two rather nice native Linux games available. Others may work with Valve's Steam Play.

  For the native Linux games, you will be able to grab OlliOlli2: Welcome to Olliwood in the $1 tier which by itself is a pretty great deal. You will also find Surgeon Simulator: Anniversary Edition if you pay more than the average. Not a lot of native titles this time, hopefully their next game bundle will be a step up for us…

• Valve have opened up the code for their VR 'Moondust' tech demos, also a third revision of the Knuckles controller

  What will hopefully help developers work on VR projects using Valve's experimental "Knuckles" controllers, Valve have opened up the source code for their Moondust Knuckles Tech Demos.

  Their Moondust GitHub repository appeared on the 12th of this month, although until today it remained mostly empty. They've now updated it and put it out for the public to take a look.

• Aspyr Media have announced a Layers of Fear and Observer bundle making them cheaper together

  Aspyr Media along with Bloober Team have announced that they've bundled up Layers of Fear and Observer, two great horror titles and getting them together makes them cost less.

Earlier this year, Tidelift conducted a survey of over 1,200 professional software developers and open source maintainers. We found that 83% of professional software development teams would be willing to pay for better maintenance, security, and licensing assurances around the open source projects they use. Meanwhile, the same survey found that the majority of open source maintainers receive no external funding for their work, and thus struggle to find the time to maintain their open source projects.

We couldn't be more excited about what's happening today on the Web and around the world. Organizations, nonprofits, and companies have stepped up to take action, sharing their work to make the world DRM-free.