• Cyber-Mercenary Groups Shouldn't be Trusted in Your Browser or Anywhere Else

  Browsers rely on this list of authorities, which are trusted to verify and issue the certificates that allow for secure browsing, using technologies like TLS and HTTPS. Certificate Authorities are the basis of HTTPS, but they are also its greatest weakness. Any of the dozens of certificate authorities trusted by your browser could secretly issue a fraudulent certificate for any website (such as google.com or eff.org.) A certificate authority (or other organization, such as a government spy agency,) could then use the fraudulent certificate to spy on your communications with that site, even if it is encrypted with HTTPS. Certificate Transparency can mitigate some of the risk by requiring public logging of all issued certificates, but is not a panacea.

• This is bad: the UAE's favorite sleazeball cybermercenaries have applied for permission to break Mozilla's web encryption

  Now Darkmatter has applied to Mozilla to become a "Certificate Authority," which means they'd get the ability to produce cryptographically signed certificates that were trusted by default by Firefox and its derivatives, giving them the power to produce cyberweapons that could break virtually any encrypted web session (though Certificate Transparency might expose them if they're careless about it).

  And since Moz's root of trust is used to secure Linux updates, this could affect literally billions of operating systems.

• Spectre is here to stay: An analysis of side-channels and speculative execution

  As a result of our work, we now believe that speculative vulnerabilities on today's hardware defeat all language-enforced confidentiality with no known comprehensive software mitigations, as we have discovered that untrusted code can construct a universal read gadget to read all memory in the same address space through side-channels.

• Experts Find Serious Problems With Switzerland's Online Voting System Before Public Penetration Test Even Begins

  The public penetration test doesn’t begin until next week, but experts who examined leaked code for the Swiss internet voting system say it’s poorly designed and makes it difficult to audit the code for security and configure it to operate securely.

• A Decryption Key for Law Firm Emails in Hacked 9/11 Files Has Been Released

  The release of the files was part of an extortion scheme against The Dark Overlord’s hacking victims, and followed the group’s established technique of stealing information and then approaching media outlets with the files in an attempt to exert further pressure on the group’s targets. The Dark Overlord also distributed a set of encrypted folders, ready to be unlocked at a later date, and which they claimed contained more 9/11-linked material.

  Now, around two months after the first data dump, someone has released another encryption key for the third layer of stolen material, which appears to contain thousands of emails, at least some of which are between different law firms.

• Bristows is Still Hoping to ‘Overthrow’ the Courts and Throw Out Ingve Stjerna’s Complaint (About the Likes of Bristows)
• Video: Alexandre Benalla Speaks About His Relationship With Battistelli
• Hallmark of Corruption: Benalla and Fellow Thugs Paid Roughly the Same Salary as Battistelli (Each!) and There’s a New Chinese Contract Worth €7.2 Million
• EPO Insider Video: Nouvel an Architectural Hazard, Not Just a Fire Hazard
• Links 23/2/2019: GNU/Linux Server Domination and GCC 8.3 is Out

• Postgresql major version upgrade (gentoo)

  Just did an upgrade from postgres 10.x to 11.x on a test machine..

  The guide on the Gentoo Wiki is pretty good, but a few things I forgot at first:

  First off when initializing the new cluster with "emerge --config =dev-db/postgresql-11.1" making sure the DB init options are the same as the old cluster. They are stored in /etc/conf.d/postgresql-XX.Y so just make sure PG_INITDB_OPTS collation ,.. match - if not delete the new cluster and re-run emerge --config

• Redis Labs Looks to Grow Database Technology for Next Generation Applications

  Despite some open source licensing issues, Redis is moving forward.

  Database technology provides a foundational role in modern applications, and one of the emerging database technologies of the last few years has been Redis.

• Mozilla Open Innovation Team: Sustainable tech development needs local solutions: Voice tech ideation in Kigali

  Developers, researchers and startups around the globe working on voice-recognition technology face one problem alike: A lack of freely available voice data in their respective language to train AI-powered Speech-to-Text engines.

  Although machine-learning algorithms like Mozilla’s Deep Speech are in the public domain, training data is limited. Most of the voice data used by large corporations is not available to the majority of people, expensive to obtain or simply non-existent for languages not globally spread. The innovative potential of this technology is widely untapped. In providing open datasets, we aim to take away the onerous tasks of collecting and annotating data, which eventually reduces one of the main barriers to voice-based technologies and makes front-runner innovations accessible to more entrepreneurs. This is one of the major drivers behind our project Common Voice.

  Common Voice is our crowdsourcing initiative and platform to collect and verify voice data and to make it publicly available. But to get more people involved from around the world and to speed up the process of getting to data sets large enough for training purposes, we rely on partners — like-minded commercial and non-commercial organizations with an interest to make technology available and useful to all.

• Mozilla B-Team: happy bmo push day!

• What if everything you know is wrong?

  In interesting intellectual design challenge is to take a working thing (library, architecture, etc) and then see what would happen if you would reimplement it with the exact opposite way. Not because you'd use the end result anywhere, but just to see if you can learn something new.

• Qt Roadmap for 2019

  It’s around this time of the year I sit down to write a blog post about our plans and roadmap for the coming year. Typically, some of the items have already been cooking for a while, but some are still plans in the making. If you want to look into the previous roadmap blog posts, here are the ones I wrote for 2016, 2017 and 2018. There is always more to tell than what would reasonably fit in a blog post, but I’ll try to talk about the most interesting items.

  Before diving any further into the new items planned for 2019, I would like to thank each and every Qt developer for their contribution. We have a great ecosystem with many contributors who have provided multiple extremely valuable contributions throughout the years and continue to shape Qt in the future, too. In addition to those contributing code, we also have many active people in the Qt Project forums, on mailing lists, as well as reviewing code and testing the Qt development releases.

• Qt Publishes A 2019 Public Roadmap: More Work On WebAssembly, Tooling

  The Qt Company has published a 2019 roadmap of sorts for areas they plan on focusing their resources this 2019 calendar year.

  Their 2019 roadmap doesn't come as a big surprise if considering the areas where they have been focusing a lot of attention recently. For instance, they'll work on maturing the Qt WebAssembly support that was recently introduced for offering Qt access within web browsers via this high-performance, sandbox-secured technology.

• What Is the Most Secure VPN Protocol?

• Security researcher finds Bitmain S15 miner exploit

  A developer has discovered vulnerability in Bitmain’s Antminer S15, which has subsequently been turned into an exploit by an anonymous security researcher, according to reports.

• Anonymous Security Researcher Uncovers Exploit in Bitmain’s Bitcoin Miner S15

• Will This Vulnerability Finally Compel Bitmain to Open Source Its Firmware?

  As if Bitmain's year hasn't been rough enough, having posted big losses and laying off entire departments, its flagship product now has a firmware vulnerability.

• Linux Kernel To Better Fend Off Exploits That Disable SMAP / SMEP / UMIP Protections

  A change made courtesy of Google engineers to the Linux kernel will make it so exploits on Linux have a tougher time trying to disable SMAP and SMEP protections as part of their exploit path.

  Supervisor Mode Execution Protection (SMEP) and Supervisor Mode Access Prevention (SMAP) are security features of recent generations of Intel CPUs to prevent the kernel from accessing unintended user-space memory and in turn helping fend off various exploits. But some exploits have been calling the Linux kernel's native_write_cr4 function to disable SMEP/SMAP, since the status of these security options are controlled through bits in the CR4 control register.

• Unexpected Ubuntu 16.04.6 LTS Coming Due To APT Security Issue

  No further point releases to Ubuntu 16.04 LTS had been planned, but in light of the recent APT vulnerability, Canonical has decided to issue an Ubuntu 16.04.6 update that will be hitting the mirrors soon.

  Last month an APT package manage vulnerability was exposed that could make Debian-based distributions open to man-in-the-middle attacks and end up installing rogue packages. Debian and Ubuntu have been quick to address this issue and now Ubuntu 16.04.6 is on the way to help tighten up those running the Xenial Xerus.

• NetBSD Virtual Machine Monitor

  NVMM provides hardware-accelerated virtualization support for NetBSD. It is made of an ~MI frontend, to which MD backends can be plugged. A virtualization API is shipped via libnvmm, that allows to easily create and manage virtual machines via NVMM. Two additional components are shipped as demonstrators, toyvirt and smallkern: the former is a toy virtualizer, that executes in a VM the 64bit ELF binary given as argument, the latter is an example of such binary.

• NetBSD Gains Hardware Accelerated Virtualization

  NetBSD, the highly portable Unix-like Open Source operating system known for its platform diversity, has gained hardware-accelerated virtualization support via an improved NetBSD Virtual Machine Monitor (NVMM).

• mailutils Version 3.6

  Version 3.6 is available for download.

  For the list of changes in this version, please see the NEWS file entry.

• GNU cflow Version 1.6

  Version 1.6 is available for download.

• tar @ Savannah: Version 1.32

  GNU tar version 1.32 is available for download.

• GNU Parallel 20190222 ('Baghuz') released

  GNU Parallel 20190222 ('Baghuz') has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/

• We need Arm64 systems for developers. Again.

  Getting AArch64 hardware for developers is important. When it happen? One day. Maybe even before people forget that such architecture existed.

  We talk about it during each Linaro Connect. So far nothing serious came from it. We had some failed attempts like Cello or Husky. There is Synquacer with own set of issues. Some people use MACCHIATObin. Some still use Applied Micro Mustangs which should get a place in computer museums.

  It is chicken and egg issue. No one makes affordable AArch64 systems because no one buys them. Because no one makes them. Hardware vendors concentrate on server market — no chips to choose for developer systems.

• Siemens PLM Software announces enterprise Mentor Embedded Linux (MEL) solution

  Siemens PLM Software announced an enterprise Mentor Embedded Linux (MEL) solution that provides electronics manufacturers secure, scalable and configurable distributions for industrial, medical, aerospace and defense applications. This MEL technology is a configurable distribution that provides an operating system platform for embedded systems development and is a result of the continued integration of the recently acquired embedded systems design capabilities from Mentor Graphics. The solution is based on Debian, an enterprise class, open source Linux operating system.

• Siemens launches new enterprise class embedded Linux solution for embedded systems development

  With the growth of internet of things (IoT) and other smart devices, it is becoming increasingly complex and expensive for manufacturers to develop embedded distributions and applications for these devices based on the Linux® operating system. Siemens PLM Software today announced a new enterprise Mentor® Embedded Linux® (MEL) solution that provides electronics manufacturers secure, scalable and configurable distributions for industrial, medical, aerospace and defense applications. This new MEL technology is a configurable distribution that provides a robust operating system platform for embedded systems development and is a result of the continued integration of the recently acquired embedded systems design capabilities from Mentor Graphics. The solution is based on Debian, a broadly utilized, enterprise class, open source Linux operating system.

• Raspberry Pi Begins Rolling Out The Linux 4.19 Kernel

  The Raspberry Pi folks have been working the past few months on upgrading their kernel in moving from Linux 4.14 to 4.19. That roll-out has now begun.

  Linux 4.19 has been the target of the Raspberry Pi Foundation due to this newer kernel being a Long-Term Support (LTS) release and thus will be maintained for the long-term. That large jump in the standard kernel version for Raspberry Pi ultimately means less work too for the developers involved: between 4.14 and 4,19, a lot of Raspberry Pi patches and other Broadcom improvements were upstreamed.

• Raspberry Pi Updates Devices to Linux 4.19

• Xiaomi’s 2019 goal is to release kernel source code more quickly for all its devices

  Just before MWC 2019, Xiaomi took to the stage at an event in China to launch the new Xiaomi Mi 9 and Mi 9 SE. Both the devices represent the best of what OEM has to offer, bringing in a high value device at a fraction of the cost of a premium flagship. While this approach lets them appeal to the average consumer, Xiaomi has also been quite developer-friendly, which makes them a good purchase even for those who are looking for a device with a very good third party development community. Xiaomi does not void the warranty of devices (in India at least) if you unlock the bootloader, and they have worked on significantly bringing down the waiting times for bootloader unlock requests too.

• Windows 10 (19H1) Build 18342 Brings Linux Files to File Explorer [Ed: False. These are not "Linux files". It's Windows.]

  Microsoft has just released a new Windows 10 preview build, this time for users enrolled in the Fast ring of the Windows Insider program.

• Linux love hits Windows 10 19H1 amid a second round of zombie slaying [Ed: This is not "Linux love"; there's no Linux in there, it's Windows]

• Windows 10 Preview adds support for Linux files, and Chrome extension for timeline [Ed: Over the past week Microsoft totally spammed or "googlebombed" Linux news with something that has nothing to do with Linux and is all about Vista 10. They promote a confusion and media plays a long in this mislabeled fusion.]

• Latest Windows 10 April 2019 Update Preview Build Brings Linux To File Explorer, Gaming Improvements

• It is finally possible to access Linux files on Windows

• Windows 10 File Explorer will be able to browse Linux Files

• Microsoft releases Windows 10 19H1 Build 18342 with Timeline for Chrome and access to Linux files from File Explorer

• Microsoft releases new Windows 10 preview with Linux files, gaming improvements, and Timeline for Chrome

• Chrome OS 74 brings audio support to Linux apps

  Linux development has continued to expand and the latest information reveals that audio support is coming to Chrome OS starting with version 74.

• Fix For A Glaring Linux Audio Issue Coming In Chrome OS 74

  Googlers will be fixing an obvious but under-reported issue in Linux on Chrome OS by finally adding audio support for associated applications, based on a recently spotted commit in the Chromium Gerrit. The commit adjusts code and documentation to enable support for audio for containers and VMs in Chrome OS 74, which are specifically used to run or access Linux applications.

• Linux users are unable to manage their Apple ID on apple․com [U]

  For some reason, Apple’s website where you can manage your Apple ID (appleid.apple.com) is blocking users of Linux browsers from accessing it. Having access to the website is important to manage things such as payment information, two-factor authentication, and other account details. Even though the number of Linux users accessing the website must be relatively small compared to other operating systems, some iPhone users who use Linux on the desktop noticed the issue.

• Linux Users Are Unable To Manage Their Apple ID on Applecom

  For some reason, Apple's website where you can manage your Apple ID (appleid.apple.com) is blocking users of Linux browsers from accessing it.

• Fedora Community Blog: FPgM report: 2019-08

  Here’s your report of what has happened in Fedora Program Management this week.

  I’ve set up weekly office hours in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else.

• Webinar: Accelerate and Modernize Container Application Delivery with SUSE

  Do you want to learn about building applications with containers on AWS? Or, would you rather learn more about SUSE Cloud Application Platform? How about learning how Wipro modernizes application delivery for the retail industry? Or how about all three?

• Is a Services Partner the Key to a Successful IT Transformation?

  Why are Services Partners key to a digital transformation? Recently, SUSE had the chance to catch up with Katy Ring, Research Director, at 451 Research.

• Leap 15.1 Beta Pizza Party

  The release manager for openSUSE Leap announced that Leap 15.1 entered its Beta phase this week and that means it’s time for a Beta Pizza Party. Yeah!.

  Leap’s Beta phase is a rolling beta until it’s official release. Once released, it will begin its maintenance phase.

  To celebrate the Beta phase, why not have a Pizza Party and test the openSUSE Leap 15.1 Beta.

• How to Install MySQL on Ubuntu 18.04

• Docker WordPress Development on Google Cloud with Cloud SQL

• Yuan Yijun: Installed nvidia driver

• How to Automate FFmpeg and Bento4 With Bash Scripts

• How to set the AppArmor mode for a service in Ubuntu Server

• Oracle Virtualbox FAQ- Frequently Asked Questions

• Perl: warning: Setting locale failed in Debian and Ubuntu

• Replacement of tree command (ignore node_modules)

• How to install Matomo Web Analytics on Ubuntu 18.04

Don’t get what I am talking about? Let me give you some context.

There is a ‘blueprint’ on Ubuntu’s launchpad website, titled ‘Replace APT with snap as default package manager’. It talks about replacing Apt (package manager at the heart of Debian) with Snap ( a new packaging system by Ubuntu).

Also: Full Circle Magazine #142

• Android Q will add Google Chrome integration into Digital Wellbeing

• Android Q update: No going back now!

• No Intel 5G modems until 2020, so iPhone might be a year behind Android

• Nokia shares stunning presumptive Nokia 9 PureView photo sample

• Oppo's 10x optical zoom camera is ready for smartphones, and we used it

• Paranoid Android gets new features on the Xiaomi Redmi Note 5 Pro, Essential Phone, and several Sony phones

• These two Vivo smartphones will reportedly get Android Pie next month

• Here are some leaked Alcatel devices, one of which ships with Android Oreo

• 10 Best Android Phone Deals This Weekend (2019)

• The One Trick Every Snapchat User on Android Needs to Know

• Someone's Trying To Run Android On The Nintendo Switch

With openSUSE Leap 15.1 reaching beta this week I decided to take it for a quick spin of this Linux distribution derived from the same sources as SUSE Linux Enterprise 15 SP1. Here are some quick benchmarks compared to Leap 15.0 as well as the latest rolling-release openSUSE Tumbleweed.

OpenSUSE Leap 15.1 remains under active development and is expected to be officially released in May. But given reaching the beta state and being curious how the performance has evolved compared to openSUSE Tumbleweed, I ran some initial benchmarks of this beta snapshot this week. This preliminary round of tests was done using an AMD EPYC 7351P workstation with ASRockRack EPYCD8-2T, 8 x 4GB DDR4-2666 memory, and 800GB Intel DC P3600 (SSDPE2ME800G4) NVMe solid-state drive. Tests on more hardware will come as the openSUSE Leap 15.1 stable release approaches.

• Taking System Monitoring to the Next Level: an Interview with Scalyr CEO Steve Newman [Ed: Linux Journal back to the pre-PIA days of promoting proprietary software?]

• Time zone data (tzdata): 2018 data format changes and Red Hat Enterprise Linux

  Red Hat Enterprise Linux (RHEL) needs time zone information in order for all applications in the operating system to correctly print local time. The GNU C Library (glibc) makes use of the tzdata package in order to make APIs such as strftime() work correctly, while applications such as /usr/bin/date make use of this information to print the local date.

  The tzdata package contains the data files documenting both current and historic transitions for various time zones around the world. This data represents changes required by local government bodies or by time zone boundary changes, as well as changes to UTC offsets and daylight saving time (DST).

• Upcoming Silicon Valley OpenShift Commons Gathering, March 11 on Operating at Scale with Speakers Google, Facebook, Uber, Red Hat and Rook

  The OpenShift Commons Gathering brings together experts from all over the world to discuss the container technologies, operators, the operator framework, best practices for cloud-native application developers and the open source software projects that underpin the OpenShift ecosystem to help take us all to the next level in cloud-native computing. This next gathering will feature 400+ developers, project leads, cloud architects, DevOps professionals, sysadmins, and cloud-native practitioners coming together to explore the next steps in making container technologies successful and secure at scale.

• 7 Key Considerations for Kubernetes in Production

  Today Enterprise IT does not question the value of containerized applications anymore. Given the move to adopting DevOps and cloud native architectures, it is critical to leverage container capabilities in order to enable digital transformation. Google’s Kubernetes (K8s), an open source container orchestration system, has become the de facto standard — and the key enabler — for cloud native applications, and the way they are architected, composed, deployed, and managed. Enterprises are using Kubernetes to create modern architectures composed of microservices and serverless functions which scale seamlessly.

  However, two years of working with Kubernetes for enterprise applications, and large-scale production deployments have taught us valuable real-world lessons about the challenges of Kubernetes in the enterprise, and what it REALLY takes in order to make it ready for prime time and enable organizations to safely bet on Kubernetes to power mission-critical enterprise application. Large and complex enterprises that have invested in container-based applications often struggle to realize the value of Kubernetes and container technology, due to operational or Day-two management challenges. In this post, we share seven fundamental capabilities large enterprises need to instrument around their Kubernetes investments in order to be able to effectively implement it and utilize it to drive their business.

• Kubernetes job interview questions: How to prepare

  As Kubernetes adoption grows, so does the need for IT pros with the skills and experience needed to run it in production.

  “There’s a strong correlation between the popularity of Kubernetes and the demand for engineers who have in-depth knowledge of the system,” says Leo Shemesh, CTO at Jackpocket.

  Signs suggest that demand for Kubernetes skills is pointing skyward. That creates a tricky proposition for IT executives and hiring managers. Don’t worry, we’re not here to moan and groan about another skills shortage. Actually, Shemesh notes that it’s relatively easy for IT pros to begin learning about Kubernetes, thanks to a wealth of articles and other resources available online, a vibrant open source community, and the commercial platforms and services that sit on top of the Kubernetes project. It’s also relatively simple to start running a single-node cluster on a local machine with Minikube, a good option for getting your hands messy.

• OpenShift platform seen as biggest IBM gain from Red Hat acquisition

  IBM's acquisition of open source company Red Hat means that Big Blue is betting that the future of cloud computing is hybrid and it has made the purchase to cover its flanks in this area, the technology analyst firm Gartner says.

• Four Startup Engineering Killers

  Startup engineering is different from any other type of software engineering. It demands short- and medium-term productivity, relative to the “right way” of building systems. It values people who are able to iterate quickly and are comfortable with hacky code. It rewards pragmatism in technology choices versus picking the most hyped — or most stable — technology.

• Phoronix Test Suite 8.6.1 Released For Open-Source, Cross-Platform Benchmarking

  Phoronix Test Suite 8.6.1 is now available as a minor update over Phoronix Test Suite 8.6-Spydeberg that shipped at the start of February.

• WriteFreely: Start a blog, build a community

  As more of our lives move online, we become dependent on large services with millions (or billions) of users to communicate with each other. Although we tend to notice problems only when these platforms change a policy, erect a paywall, or suffer a data breach, we can often feel how these mass-broadcast platforms don't always have our best interests in mind and often don't "connect" us in the ways they purport to.

  However, over the past few years, we've also seen a renaissance of small, close-knit online communities. New protocols for building federated social networks, like ActivityPub, are seeing more use, popularized by open source platforms like Mastodon. People still gather on forums to discuss their interests with like-minded people. And even on the large, centralized services, many people use "group" features to have more intimate conversations than they would by sending their latest status update to a wide swath of unrelated people.

  In the blogging world, we've also seen platforms like Medium and Tumblr become more popular, partially because of the networks they offer. With these large platforms, each blog is no longer an "island," but part of a huge community. Yet, like any other closed-source, centralized service, if they make a change that doesn't benefit their users, we're forced to find another platform. That's why I built WriteFreely.

• WordPress 5.1 Improves Security With Site Health Mechanism

  WordPress 5.1 became generally available on Feb. 21, providing users of the popular open-source blogging and content management system (CMS) with updates to improve site operations and site health.

  WordPress is one of the most widely deployed CMS technologies, powering over 30 percent of all websites on the internet. The new WordPress release follows the open-source project's tradition of naming releases after famous Jazz musicians by code-naming the 5.1 release Betty, after jazz vocalist Betty Carter. Among the key new features in the release is a check to warn users if they are running older, unsupported versions of the PHP programming language that is needed to operate WordPress.

  "Following WordPress 5.0 — a major release which introduced the new block editor — 5.1 focuses on polish, in particular by improving the overall performance of the editor," WordPress founder Matt Mullenweg wrote in a blog post. "In addition, this release paves the way for a better, faster, and more secure WordPress with some essential tools for site administrators and developers."

• Linus Torvalds pulls pin, tosses in grenade: x86 won, forget about Arm in server CPUs, says Linux kernel supremo

  Linux kernel king Linus Torvalds this week dismissed cross-platform efforts to support his contention that Arm-compatible processors will never dominate the server market.

  Responding to interest in Arm's announcement of its data center-oriented Neoverse N1 and E1 CPU cores on Wednesday, and a jibe about his affinity for native x86 development, Torvalds almost abandoned his commitment to civil discourse while doing his best to dampen enthusiasm for a world of heterogeneous hardware harmony.

  "Some people think that 'the cloud' means that the instruction set doesn't matter," Torvalds said in a forum post. "Develop at home, deploy in the cloud. That's bullshit. If you develop on x86, then you're going to want to deploy on x86, because you'll be able to run what you test 'at home' (and by 'at home' I don't mean literally in your home, but in your work environment)."

• Linus on why x86 won for servers

  Responding to a forum post on upcoming ARM server offerings, Linus Torvalds makes a compelling case for why Linux and x86 completely overwhelmed commercial Unix and RISC...

• ARM announces Ares

  I can pretty much guarantee that as long as everybody does cross-development, the platform won't be all that stable.

  Or successful.

  Some people think that "the cloud" means that the instruction set doesn't matter. Develop at home, deploy in the cloud.

  That's bullshit. If you develop on x86, then you're going to want to deploy on x86, because you'll be able to run what you test "at home" (and by "at home" I don't mean literally in your home, but in your work environment).

  Which means that you'll happily pay a bit more for x86 cloud hosting, simply because it matches what you can test on your own local setup, and the errors you get will translate better.

  This is true even if what you mostly do is something ostensibly cross-platform like just run perl scripts or whatever. Simply because you'll want to have as similar an environment as possible,

  Which in turn means that cloud providers will end up making more money from their x86 side, which means that they'll prioritize it, and any ARM offerings will be secondary and probably relegated to the mindless dregs (maybe front-end, maybe just static html, that kind of stuff).

  Guys, do you really not understand why x86 took over the server market?

• Redis Labs drops Commons Clause for a new license

  Redis Labs is dropping its Commons Clause license in favor of its new "available-source" license: Redis Source Available License (RSAL). This is not an open-source license.

  Redis Labs had used Commons Clause on top of the open-source Apache License to protect its rights to modules added to its 3-Clause-BSD-licensed Redis, the popular open-source in-memory data structure store. But, as Manish Gupta, Redis Labs' CMO, explained, "It didn't work. Confusion reigned over whether or not the modules were open source. They're not open-source."

  So, although it hadn't wanted to create a new license, that's what Redis Labs ended up doing.

  RSAL covers some Redis Modules, which run on top of open-source Redis. The current modules covered by RSAL are: RedisSearch, RedisGraph, RedisJSON, RedisML, and RedisBloom. Redis remains under the BSD license.

• Redis Labs changes its open-source license — again

  Redis Labs, fresh off its latest funding round, today announced a change to how it licenses its Redis Modules. This may not sound like a big deal, but in the world of open-source projects, licensing is currently a big issue. That’s because organizations like Redis, MongoDB, Confluent and others have recently introduced new licenses that make it harder for their competitors to take their products and sell them as rebranded services without contributing back to the community (and most of these companies point directly at AWS as the main offender here).

  “Some cloud providers have repeatedly taken advantage of successful opensource projects, without significant contributions to their communities,” the Redis Labs team writes today. “They repackage software that was not developed by them into competitive, proprietary service offerings and use their business leverage to reap substantial revenues from these open source projects.”

• Redis Labs Changing Its Licensing for Redis Modules Again, Raspberry Pi Rolling Out the Linux 4.19 Kernel, Windows Subsystem for Linux Updates Coming, Facebook Removing Its Spyware Onavo VPN from the Google Store and openSUSE Leap 15.1 Beta Pizza Party

  Redis Labs has changed its licensing for Redis Modules again. According to TechCrunch, the new license is called the Redis Source Available license, and as with the previous Commons Clause license, applies only to certain Redis Modules created by Redis Labs. With this license, "Users can still get the code, modify it and integrate it into their applications—but that application can't be a database product, caching engine, stream processing engine, search engine, indexing engine or ML/DL/AI serving engine." The TechCrunch post notes that by definition, an open-source license can't enforce limitations, so this new license technically isn't open source. It is, however, similar to other "permissive open-source licenses", which "shouldn't really affect most developers who use the company's modules".

• Swim Open Sources Its Machine Learning Platform for Edge Computing [Ed: "Taking the "open core" route" means proprietary software or 'free' bait, so this headline is a tad misleading to say the least]

  Taking the "open core" route, the startup wants the open source community to take its platform in more directions than it's been able to so far.

• Major 9.8 vulnerability affects multiple Linux kernels— CVE-2019-8912 (af_alg_release())

  Our assessment is that the cause is this commit, the introduction of a "sockfs_setattr()" function. This function neglects to null-out values in a structure, making their values usable after exiting from the function (a so-called ‘use-after-free’ error).

• Linux use-after-free vulnerability found in Linux 2.6 through 4.20.11

  Last week, a Huawei engineer reported a vulnerability present in the early Linux 2.6 kernels through version 4.20.11. The Kernel Address Sanitizer (KASAN) that detects dynamic memory errors within the Linux kernel code was used to uncover the use-after-free vulnerability which was present since early Linux versions.

  The use-after-free issue was found in the networking subsystem’s sockfs code and could lead to arbitrary code execution as a result.

• Taking Care of Your Personal Online Security (For Paranoids)

  So, use Linux, and preferably coreboot or Libreboot (open source BIOS). You can buy hardware based on the recommendations of well-known and respected (still a bit paranoid) cypherpunk Richard Stallman.

• Why do PAM projects fail? Tales from the trenches

  Privileged accounts hold the keys to highly sensitive company information and once these credentials are targeted, they can easily lead to a breach of a company’s most valuable assets; from databases to social media and unstructured data. Most enterprises have implemented some form of Privileged Access Management (PAM), but many find these initiatives fail to live up to expectations. Below are some common reasons why a PAM project might fail to meet the initial expectations; coupled with practical insights on how to prevent it from becoming a dud.

• Sailfish OS: Security and Data Privacy

  Mobile World Congress is back again! Like every single year during the Jolla journey, we are excited to take part in this event. We have had great experiences in the past MWC’s, our main drivers for attending are the current and relevant topics discussed during the congress. One of this year’s core themes is Digital Trust; “Digital trust analyses the growing responsibilities required to create the right balance with consumers, governments and regulators.” It makes us happy that these topics are being discussed, especially since several scandals have recently affected trust in digital solutions.
  At Jolla we work constantly towards providing a secure and transparent solution. Our value towards our customer’s privacy is reflected in our values and actions. Back in May of 2018 our CEO Sami Pienimäki wrote a blog post on the GDPR laws passed within the European Union and stated the cornerstones on how Jolla views data privacy. This stand on privacy is not rocket science – the core idea is to respect our customers’ privacy and allow them to be in control of their data.

• Security updates for Friday

• Which is More Secure: Windows, Linux, or macOS? [Ed: security is not an OS feature but a separate product, insists company that sells "security" as a proprietar ysoftware product]

• BATTLETECH is having a free weekend on Steam, plus a look at other good Linux game deals

  The weekend is about to crash into our lives once again, you're sat staring at your screen wondering what to play and we're here to help.

  First up, BATTLETECH is having a free weekend so you have around 1 day and 22 hours to download it on Steam and try it out for free. If you decide you like it, there's 40% off the price right now too.

  Steam also has a Square Enix sale going on, where you can grab a number of interesting titles for super cheap including Life is Strange, Life is Strange: Before the Storm, Rise of the Tomb Raider and more.

• Tesla vs Lovecraft, another good top-down shooter from 10tons is now available on GOG

  GOG have another good Linux game now available, with Tesla vs Lovecraft from 10tons now up on their DRM-Free digital shelves.

• Planetary Annihilation: TITANS has a new test build out, improved AI and Coherent UI update

  Planetary Annihilation Inc continue to make big improvements to Planetary Annihilation: TITANS, the massive-scale RTS that has Linux support.

• Rise of Industry has another huge update, full release date announced

  I was very impressed with Rise of Industry last time I took a look at this strategic tycoon game from Dapper Penguin Studios. They have another big update out along with an announcement about leaving Early Access.

  First, to get the biggest news out of the way, it's going to leave Early Access on May 2nd. Just before that, there's going to be another huge update which will add in AI competition.

• Space Rabbits in Space, a 2d skill-based parkour platformer will be coming to Linux

  Ventilator Shark's great looking parkour platformer, Space Rabbits in Space will be coming to Linux.

  I spoke directly to the developer, who (slightly amusingly) said "There will be a Linux version, we just don't have ETA on that yet (2 people, 1 dog, exhausted to heck [we are, the dog is fine])".

• The Talos Principle has a new beta with an upgraded Serious Engine, removes OpenGL in favour of Vulkan

  The Talos Principle, Croteam's fantastic first-person puzzle game has a fresh beta available to test with some major changes.

  It includes massive changes under the hood, including a much more up to date version of their Serious Engine. This brings with it 64bit by default, OpenGL removed in favour of Vulkan along with "various other optimizations, fixes, and tweaks that will make your gameplay experience better without you knowing why that is".

  I did a few benchmarks this morning just to see how it's working now and unsurprisingly the Linux version remains incredibly smooth. With the performance options cranked to Ultra, rendering at 1080p and MSAA x4 on it was hitting an average of 112 FPS.

• Undead Horde, the latest action game from 10tons is to enter Early Access next month

  10tons, who are well known for their top-down shooters are unleashing their latest title 'Undead Horde' in Early Access on March 6th.

• Certified danger

  I suspected Linux Foundation went to the dark side when they started strange deals with Microsoft. But I'm pretty sure they went to dark side now.

• The Most Interesting Highlights To The Linux 5.0 Kernel

  With the Linux 5.0 kernel due out within the next week or two, here's a look back at the biggest end-user facing changes for this kernel release that started out as Linux 4.21.

• AMDGPU Squeezes In Revised Context Priority Handling For Linux 5.1

  With the Linux 5.1 kernel cycle soon to kick-off, an early batch of fixes for the AMDGPU DRM driver and other fixes were sent in on Thursday to queue along with all of the new functionality being staged in DRM-Next.

  There's a lot of DRM improvements and throughout all the kernel subsystems of new material queuing up for Linux 5.1. On the AMDGPU side there is AMDGPU DC seamless boot bits, PCI Express bandwidth utilization is now exported to user-space, Vega power management updates, DCC support for scanout surfaces, better page-flipping in DC, and various Vega 20 fixes.

• Manjaro 18.0.3 Cinnamon Run Through

  In this video, we look at Manjaro 18.0.3 Cinnamon.

• JC’s Favorite BASH Commands

  We chill and look at some cool commands for the BASH terminal and scripts.

• FLOSS Weekly 518: Clearly Defined

  Carol Smith is the program manager for ClearlyDefined, a project under the Open Source Initiative. ClearlyDefined is an open source project to crowd-source the gathering, curation, and upstreaming of licensing and security (and more) data about free and open source projects.