• Some Early Tests Of The Eclipse OpenJ9 Java Virtual Machine

  With IBM's newly open-sourced J9 Java Virtual Machine as the Eclipse OpenJ9, I've run some quick benchmarks to get an idea how its performance is comparing to the de facto Java Virtual Machine, Hotspot.

• SCons 3.0 Released

  For those that haven't jumped fully on the Meson build system bandwagon, the SCons 3.0 software construction utility is now available.

• Small Glowing Thing

  Quite a while ago I obtained an Adafruit NeoPixel Stick. It was cheap enough to be an impulse buy but it took me some time to get around to actually doing something with it.

  I’ve been wanting to play a little more with the ATtiny range of microcontrollers so these things seemed to go together nicely. It turns out that getting an ATtiny programmed is actually rather simple using an Arduino as an ISP programmer. I’ve written up some notes on the procedure at the 57North Hacklab wiki.

• Linus Torvalds Kicks Off Development of Linux Kernel 4.14, the Next LTS Release

  A day early than expected, Linux creator Linus Torvalds cautiously kicked off the development of the Linux 4.14 kernel series, which looks to be the next LTS (Long Term Support) branch, with the first Release Candidate (RC) milestone.

  That's right, two weeks after the release of Linux kernel 4.13, which is currently the most stable and advanced kernel series, being adopted by more and more GNU/Linux distributions each day, the first RC development snapshot of Linux kernel 4.14 is ready for public testing, officially closing the merge window. And it looks like some core new functionality will be implemented in this release.

• Linux Foundation wants to promote sustainable open source development with new initiatives

  During last week’s Open Source Summit North America in Los Angeles, the Linux Foundation announced a series of projects designed to promote sustainability and growth in open source development.

  We wrote last week about their “Open Source Guides for the Enterprise,” which will see a series of guides by professionals from many different organizations released over the next few months.

  Following that, the foundation announced the Community Health Analytics for Open Source Software, or CHAOSS, project. With CHAOSS, the Linux Foundation wants to provide a platform for measuring and analyzing open source projects.

  The foundation also announced that it has granted a CII security badge to 100 projects through a voluntary process for open source projects to prove their security measures stack up professionally.

• Intel ANV Lands New Vulkan 1.0.61 Extensions, Android Prep Support

• AMDGPU Increasing Fragment Size For Performance

  Christian König of AMD yesterday sent out an AMDGPU kernel patch for boosting the default fragment size for GCN graphics cards pre-Vega.

  The patch is quite trivial and is for boosting the default fragment size from 64KB to 2MB, similar to the move made with the latest Vega GPUs. This change is for GFX6/GFX7/GFX8 graphics processors or basically all the GCN cards prior to Vega "GFX9".

• Tails 3.2 release candidate has been released for testing

  The LiveUSB Linux distribution, Tails (the amnesic incognito live system), has received a new release candidate for the upcoming 3.2 update that’s due out on the 26th of this month. The update comes with some big under-the-hood changes to the system which should improve hardware support and the email experience.

  If you’ve ever decided to try Tails on newer hardware, you may have had some driver issues; with this release, Tails ships with the Linux 4.12.12 kernel which is one of the latest. With it, users will get a better hardware experience; for example, the NVIDIA Maxwell series of graphics cards are now supported.

• Debian Policy call for participation -- September 2017

• Mini-DebConf 2017 Debian Conference to Take Place November 23-26 in Cambridge UK

  Debian developer and leader of the debian-cd project Steve McIntyre announced the official dates and schedule of this year's Mini-DebConf conference for Debian developers and users.

  The Mini-DebConf 2017 conference will take place for four days, from Thursday, November 23 until Sunday, November 26, and it will be hosted at Arm's office in Cambridge, United Kingdom. Arm is Steve McIntyre's employer and the industry's leading supplier of microprocessors for embedded and IoT devices.

  "I'm organizing another mini-DebConf in Cambridge this year. Again, my employer Arm is going to host the conference for four days in November," said Steve McIntyre in the mailing list announcement. "I'm also hoping to find sponsors again to cover some other costs for the conference for things like food - please contact me if you can help!"

• VirtualBox 5.2 to Let Users Enable or Disable Audio Input and Output On-the-Fly

  Oracle announced new updates for its popular, cross-platform and open-source virtualization software, the third Beta of the upcoming VirtualBox 5.2 major release and VirtualBox 5.1.28 stable maintenance update.

  We'll start with the stable update, VirtualBox 5.1.28, as it's more important for our readers using Oracle VM VirtualBox for all of their virtualization needs. The VirtualBox 5.1 maintenance release 28 is here to improve audio support by fixing various issues with both the ALSA and OSS backends, as well as an accidental crash with AC'97.

• SPARC M8 Processors Launched

  While Oracle recently let go of some of their SPARC team, today marks the launch of the SPARC M8.

  The initial SPARC M8 line-up includes the T8-1, T8-2, T8-4. M8-8, and SuperCluster M8-8 servers.

• Spy Files Russia

  This publication continues WikiLeaks' Spy Files series with releases about surveillance contractors in Russia.

  While the surveillance of communication traffic is a global phenomena, the legal and technological framework of its operation is different for each country. Russia's laws - especially the new Yarovaya Law - make literally no distinction between Lawful Interception and mass surveillance by state intelligence authorities (SIAs) without court orders. Russian communication providers are required by Russian law to install the so-called SORM ( Система Оперативно-Розыскных Мероприятий) components for surveillance provided by the FSB at their own expense. The SORM infrastructure is developed and deployed in Russia with close cooperation between the FSB, the Interior Ministry of Russia and Russian surveillance contractors.

• Malware-Infected CCleaner Installer Distributed to Users Via Official Servers for a Month

  Hackers have managed to embed malware into the installer of CCleaner, a popular Windows system optimization tool with over 2 billion downloads to date. The rogue package was distributed through official channels for almost a month.

  CCleaner is a utilities program that is used to delete temporary internet files such as cookies, empty the Recycling Bin, correct problems with the Windows Registry, among other tasks. First released in 2003, it has become hugely popular; up to 20 million people download it per month.

  Users who downloaded and installed CCleaner or CCleaner Cloud between Aug. 15 and Sept. 12 should scan their computers for malware and update their apps. The 32-bit versions of CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 were affected.

• Equifax Suffered a Hack [sic] Almost Five Months Earlier Than the Date It Disclosed

• This is why you shouldn’t use texts for two-factor authentication

  For a long time, security experts have warned that text messages are vulnerable to hijacking — and this morning, they showed what it looks like in practice.

• AWS to switch to per-second billing for Linux instances

• AWS announces per-second billing for EC2 instances

• Amazon Web Services To Bill By The Second For Virtual Linux Servers

• AWS can now bill us if you read this far. This bit will cost us, too

• Linux friendly IoT gateway runs on 3.5-inch Bay Trail SBC

  While the MB-80580 SBC lists SATA II, the gateway indicates SATA III. Also, the gateway datasheet notes that the RS232 ports can all be redirected to RS232/422/485. Software includes Windows IoT Core and Server, as well as Yocto, Ubuntu Snappy Core, and CentOS Linux distributions.

• Rugged panel PC scales up to a 19-inch touchscreen

  The fanless, IP65-rated WinSystems “PPC65B-1x” panel PC runs Linux or Win 10 on a quad-core Atom E3845, and offers 10.4 to 19-inch resistive touchscreens.

• CODESYS announces CODESYS-compatible SoftPLC for open Linux device platforms

• EPYC Linux performance from AMD

  Phoronix have been hard at work testing out AMD's new server chip, specifically the 2.2/2.7/3.2GHz EPYC 7601 with 32 physical cores.  The frequency numbers now have a third member which is the top frequency all 32 cores can hit simultaneously, for this processor that would be 2.7GHz.  Benchmarking server processors is somewhat different from testing consumer CPUs, gaming performance is not as important as dealing with specific productivity applications.   Phoronix started their testing of EPYC, in both NUMA and non-NUMA configurations, comparing against several Xeon models and the performance delta is quite impressive, sometimes leaving even a system with dual Xeon Gold 6138's in the dust.  They also followed up with a look at how EPYC compares to Opteron, AMD's last server offerings.  The evolution is something to behold.

• Opteron vs. EPYC Benchmarks & Performance-Per-Watt: How AMD Server Performance Evolved Over 10 Years

  By now you have likely seen our initial AMD EPYC 7601 Linux benchmarks. If you haven't, check them out, EPYC does really deliver on being competitive with current Intel hardware in the highly threaded space. If you have been curious to see some power numbers on EPYC, here they are from the Tyan Transport SX TN70A-B8026 2U server. Making things more interesting are some comparison benchmarks showing how the AMD EPYC performance compares to AMD Opteron processors from about ten years ago.

• Google Will Delete Your Backup If You Haven't Used Your Android Phone in 60 Days

• Android malware bypassed Google Play store security, could have infected 4.2 million devices

• Moto G4 Plus will get Android 8.0 Oreo update after all

• Essential Phone will get Android Oreo update 'soon'

• The Moto G4 Plus will get Android Oreo after all

• New Nokia 9 Leaks Reveal Powerful Android Flagship

The upcoming Artful Aardvark release marks Ubuntu's return to GNOME as its desktop environment. After seven years, Unity will be abandoned, along with plans for a single desktop for all devices and the replacement of the X window system with Mir.

According to Mark Shuttleworth, Ubuntu's founder, these changes are being made in the hopes of making profitable Canonical, Ubuntu's governing company, and to allow Canonical to focus on its server and OpenStack business. However, to desktop users, the more pressing issue is whether these changes can help Ubuntu regain its domination of the desktop.

Parrot Security OS, the security-oriented GNU/Linux distribution designed with IoT (Internet of Things) security, ethical hacking, and cloud-based penetration testing in mind, has been updated recently to version 3.8.

Open source is changing the world, and it is important that children get educated on the subject as early as possible. Its a competitive workforce out there, and students need to be prepared. Of course, learning about open source doesn't have to be a chore -- gaining knowledge can sometimes be fun too.

Google does a lot for the open source community -- far more than just contributing code. Actually, the search giant hosts two very important education-focused open source events -- "Google Code-in" for younger teen students and "Google Summer of Code" for University-level learners. Today, the company announces the 8th annual edition of the former -- Google Code-in 2017. Not only can these teens gain experience by working on an open source project, but they can also win prizes!

The internationally renowned ski resort village of Megève, France, uses open source to manage increasing volumes of data while also making it more easily accessible. Located in the French Alps, Megève welcomes more than 80,000 visitors annually as the host of multiple concerts, cultural, and sporting events, including the Tour de France. With more than 300 employees, the city’s IT department manages more than 220 workstations, 40 virtual servers, and 60 switches connected to its network.

Sharing and collaborating on digital files is vital to all aspects of daily work in Megève. Many city departments must share files securely with external partners, particularly the communication department, which produces a great amount of content for tourists. This material includes large files such as models, final proofs, and photo libraries, which must be exchanged with designers, printers, and other partners. Similarly, architect firms working on calls for town planning projects routinely transfer files such as 3D plans, which can exceed 40+GB in size.

One of the key strengths of Linux-based operating systems is their ability to run on a variety of hardware, ranging from a decade old computers to the latest generation Intel chips. The kernel developers work day and night to keep our devices breathing running. In the past, we have also prepared a list of Linux distributions that are best suited for older computers with limited hardware requirements.

This brings us to the question — Why aren’t tons of Linux operating system options available for mobile devices? The mobile ecosystem is chiefly dominated by Android and iOS, with Android enjoying a presence on a wide range of devices. But, on the fronts of updates, even Android fails to deliver. Very often the top-of-the-line flagship devices are deprived of the latest updates just after 2-3 years. To solve this question, postmarketOS has appeared on the horizon.

• HTML5 DRM finally makes it as an official W3C Recommendation

  The World Wide Web Consortium (W3C), the industry body that oversees development of HTML and related Web standards, has today published the Encrypted Media Extensions (EME) specification as a Recommendation, marking its final blessing as an official Web standard. Final approval came after the W3C's members voted 58.4 percent to approve the spec, 30.8 percent to oppose, with 10.8 percent abstaining.

• Electronic Frontier Foundation Resigns From W3C Over Encrypted Media Extensions DRM

  [...] The W3C is a body that ostensibly operates on consensus. Nevertheless, as the coalition in support of a DRM compromise grew and grew — and the large corporate members continued to reject any meaningful compromise — the W3C leadership persisted in treating EME as topic that could be decided by one side of the debate. In essence, a core of EME proponents was able to impose its will on the Consortium, over the wishes of a sizeable group of objectors — and every person who uses the web. The Director decided to personally override every single objection raised by the members, articulating several benefits that EME offered over the DRM that HTML5 had made impossible.

• An open letter to the W3C Director, CEO, team and membership

  Despite the support of W3C members from many sectors, the leadership of the W3C rejected this compromise. The W3C leadership countered with proposals — like the chartering of a nonbinding discussion group on the policy questions that was not scheduled to report in until long after the EME ship had sailed — that would have still left researchers, governments, archives, security experts unprotected.

  The W3C is a body that ostensibly operates on consensus. Nevertheless, as the coalition in support of a DRM compromise grew and grew — and the large corporate members continued to reject any meaningful compromise — the W3C leadership persisted in treating EME as topic that could be decided by one side of the debate. In essence, a core of EME proponents was able to impose its will on the Consortium, over the wishes of a sizeable group of objectors — and every person who uses the web. The Director decided to personally override every single objection raised by the members, articulating several benefits that EME offered over the DRM that HTML5 had made impossible.

  But those very benefits (such as improvements to accessibility and privacy) depend on the public being able to exercise rights they lose under DRM law — which meant that without the compromise the Director was overriding, none of those benefits could be realized, either. That rejection prompted the first appeal against the Director in W3C history.

  [...]

  We will renew our work to battle the media companies that fail to adapt videos for accessibility purposes, even though the W3C squandered the perfect moment to exact a promise to protect those who are doing that work for them.

• World Wide Web Consortium abandons consensus, standardizes DRM with 58.4% support, EFF resigns

  In July, the Director of the World Wide Web Consortium overruled dozens of members' objections to publishing a DRM standard without a compromise to protect accessibility, security research, archiving, and competition.

• EFF quits W3C over decision to accept EME as Web standard

  The Electronic Frontier Foundation has resigned from the World Wide Web Consortium after the latter announced it was accepting the published Encrypted Media Extensions as a Web standard.

• Christopher Allan Webber: DRM will unravel the Web

  I'm a web standards author and I participate in the W3C. I am co-editor of the ActivityPub protocol, participate in a few other community groups and working groups, and I consider it an honor to have been able to participate in the W3C process. What I am going to write here though represents me and my feelings alone. In a sense though, that makes this even more painful. This is a blogpost I don't have time to write, but here I am writing it; I am emotionally forced to push forward on this topic. The W3C has allowed DRM to move forward on the web through the EME specification (which is, to paraphrase Danny O'Brien from the EFF, a "DRM shaped hole where nothing else but DRM fits"). This threatens to unravel the web as we know it. How could this happen? How did we get here?

  Like many of my generation, I grew up on the web, both as a citizen of this world and as a developer. "Web development", in one way or another, has principally been my work for my adult life, and how I have learned to be a programmer. The web is an enormous, astounding effort of many, many participants. Of course, Tim Berners-Lee is credited for much of it, and deserves much of this credit. I've had the pleasure of meeting Tim on a couple of occasions; when you meet Tim it's clear how deeply he cares about the web. Tim speaks quickly, as though he can't wait to get out the ideas that are so important to him, to try to help you understand how wonderful and exciting this system it is that we can build together. Then, as soon as he's done talking, he returns to his computer and gets to hacking on whatever software he's building to advance the web. You don't see this dedication to "keep your hands dirty" in the gears of the system very often, and it's a trait I admire. So it's very hard to reconcile that vision of Tim with someone who would intentionally unravel their own work... yet by allowing the W3C to approve DRM/EME, I believe that's what has happened.

• MAAS 2.3.0 Alpha 3 release!

  MAAS has now introduced an improved hardware testing framework. This new framework allows MAAS to test individual components of a single machine, as well as providing better feedback to the user for each of those tests.

• Microsoft's AI is so good it steered Renault into bottom of the F1 league

  Microsoft on Sunday bragged its artificial intelligence technology is behind the, er, success of a massively underperforming Renault Formula One team.

  In a poorly timed bit of marketing, the Redmond software giant talked up its partnership with the racing team just as the latter finds itself sitting 433 points behind leader Mercedes.

  Microsoft says the Renault team – running 7th out of 10 in the 2017 Formula One Constructor Standings – uses everything from Azure Machine Learning, to Stream Analytics, to Dynamics 365, to help it not win.

• Outlook and Hotmail DOWN: Webmail users furious as Microsoft admits problems could 'last another 24 hours' - Mirror Online

• Microservices and containers: 6 things to know at start time

 

• This Week in Numbers: New Monitoring Methods for Kubernetes

  Our new report, The State of the Kubernetes Ecosystem reports on a survey of 470 container users, 62 percent of which were at least in the initial production phase for the Kubernetes open source container orchestration engine. After further screening, we were able to get detailed information from 208 people about the storage and monitoring technologies they use with Kubernetes.

  Prometheus is by far the most cited tool among our survey respondents for monitoring Kubernetes clusters. Heapster, however, has also gained significant adoption among our group. Traditional monitoring vendors are not faring as well, although usage levels for their tools appear to increase when they are being integrated into a larger, custom monitoring platform.

• How to avoid a GDPR compliance audit: Best practices

  How can CIOs prepare for the impending GDPR privacy regulations? Here are four strategies for Linux environments

• Facebook's HHVM To Focus More On Hack, No Longer Focusing On PHP7 Compatibility

  Some interesting remarks today by Facebook's HHVM/Hack language team as they plot their future agenda.

  First up, the HHVM 3.24 release due out in early 2018 will be their last release to commit to supporting PHP5. PHP5-specific features after that release may end up being dropped.

  Along with dropping PHP5 support, HHVM developers will no longer be focusing on PHP7 compatibility.

• IBM's Eclipse OpenJ9 Is A Promising Open-Source JVM

  For those that missed the news over the weekend, IBM has open-sourced its in-house JVM and contributed it to the Eclipse Foundation. Eclipse OpenJ9 is this new, full-featured, enterprise-ready open-source Java Virtual Machine.

• RcppClassic 0.9.7

  A rather boring and otherwise uneventful release 0.9.7 of RcppClassic is now at CRAN. This package provides a maintained version of the otherwise deprecated first Rcpp API; no new projects should use it.

• Open source – we need better pathways so inclusion can flourish

  Running a conference with a really strong cohort of diversity scholars this week, with a broad range of skills and backgrounds, really made me think. We had Ian Skerrett, VP of marketing at the Eclipse Foundation, and Abby Kearns, executive director of the Cloud Foundry Foundation at the event. Both are keen to improve diversity in their communities. But how are we going to create better and more welcoming pathways for a more diverse range of entrants?

  I asked both Ian and Abby what other roles there were outside writing code. They both gave solid answers about different roles and opportunities. One stock answer in open source is of course Write Documentation!

• Cloudera Joins Eclipse Foundation Open Source IoT Community

• Keybase launches fully encrypted Slack-like communications tool — and it’s free

  Keybase added to its encrypted tool kit today when it launched Keybase Teams, an open source, Slack-like communications tool with end-to-end encryption. Desktop and mobile versions are available for download now.

  It may seem like competing with Slack, the enormously popular enterprise communications tool would be a fool’s errand for Keybase. But by making it fully encrypted, open source and free, even for teams as large as 500 people, it could be attractive to cost- and security-conscious teams who are at all worried about anyone snooping on their communications.

• Future Proof Your SysAdmin Career: Communication and Collaboration

  Today’s system administrators are wise to arm themselves with specialized technical skillsets, but sysadmins interact with people at least as much as they deal with systems, software, and security. Strong communication capabilities, problem solving, teamwork, and leadership skills are therefore not to be underestimated.

• Demand for Open Source Skills on the Rise

  Hiring managers from 280 global businesses, along with 1,800 open source professionals participated in the July study by The Linux Foundation and tech career firm Dice.

  That’s good news if you have open source skills; indeed, 86 percent of professionals say open source has advanced their careers. The not-so-good news is 89 percent of hiring managers are finding it difficult to find this type of talent, which is in line with last year’s finding of 87 percent. The specific areas hiring managers say open source talent is in short supply are developers (73 percent), DevOps (60 percent) and SysAdmins (53 percent).

• Linux Foundation President uses Apple OS

  Jim Zemlin, President of the Linux Foundation, appears to have hit levels of fail unprecedented in the open saucy world.

  At the Open Source Summit 2017 not only did Zemlin do the usual comedy “this is the year of the Linux desktop” speech he did it using a comedy laptop with a joke operating system designed for those who know nothing about computers.

• Linux 4.14 'getting very core new functionality' says Linus Torvalds

  Linus Torvalds has unsentimentally loosed release candidate one of Linux 4.14 a day before the 26th anniversary of the Linux-0.01 release, and told penguinistas to expect a few big changes this time around.

  “This has been an 'interesting' merge window,” Torvalds wrote on the Linux Kernel Mailing List. “It's not actually all that unusual in size - I think it's shaping to be a pretty regular release after 4.13 that was smallish. But unlike 4.13 it also wasn't a completely smooth merge window, and honestly, I _really_ didn't want to wait for any possible straggling pull requests.”

  Hence the Saturday release, instead of his usual Sunday.

  Torvalds also says this merge window included “some unusual activity.”

• First Linux 4.14 release adds "very core" features, arrives in time for kernel's 26th birthday

  Linus Torvalds has announced the first release candidate (rc) for Linux 4.14, the next long term stable release of the Linux kernel.

  This release introduces several new core memory management features, a host of device driver updates, and changes to documentation, architecture, filesystems, networking and tooling.

  It's the first of a likely seven release candidates before the new kernel reaches stable release around November.

• Linux fmt command - usage and examples

• 14 find command examples for Linux

• How to configure and use PDO for database access on Linux

• Running the Fedora kernel regression tests

• IPv6 in my home network

• Introducing the Fedora Red Team

  Last week my colleagues and I started a new Special Interest Group under the Fedora Project: the Fedora Red Team.

  The Fedora Red Team’s goal is to become Red Hat’s upstream cybersecurity community. But what does that actually mea

• Fedora Launches The "Red Team" For Dealing With Cybersecurity

  The Fedora Red Team is a new special interest group (SIG) within the Fedora ecosystem for dealing with cybersecurity.

  The new team's Wiki page explains, "The goal of the Fedora Red Team (FRT) is to become Red Hat's upstream cybersecurity community. This SIG is the community focal point for offensive tooling, exploit curation, standards, and reference architectures."

• Flock to Fedora: Fedora Contributor Conference

• Red Hat Inc (RHT) A Look Inside the Technicals

• Red Hat, Inc. (RHT) Stake Lifted by Alliancebernstein L.P.

• $0.47 EPS Expected for Red Hat Inc (RHT)

• Red Hat, Inc. (RHT) Shares Sold by Aberdeen Asset Management PLC UK

• Barclays raises Red Hat price target