Last month, we took a closer look at how UBports’ Ubuntu Touch mobile OS progressed on the PinePhone, thanks to a video shared by developer Marius Gripsgård. Now, we have a sneak peek at another great system for the PinePhone, KDE’s Plasma Mobile.

Unlike Ubuntu Touch, which is a full-fledged mobile operating system, Plasma Mobile is actually a user interface (UI) for mobile devices running on top of a GNU/Linux distribution, such as KDE neon or the Alpine Linux-based postmarketOS.

Since I’ve seen plenty of misconceptions flying around, let’s go through a quick sum up of what is included in PureOS, the default GNU/Linux distribution installed on the Librem 5.

tl;dr: it’s pretty much Debian Stable with GNOME with Purism’s phosh, phoc, libhandy, Calls, and Chats, with some amount of adaptive apps, backports, and cosmetic patches

The new kernel live patch comes two and a half weeks after the last kernel live patch and just a day after the major kernel security updates released for all supported Ubuntu released on February 18th. It addresses a total of five security flaws affecting Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 16.04 LTS (Xenial Xerus) systems.

Among the fixes, there’s the well-known vulnerability affecting systems with Intel Graphics Processing Units (CVE-2019-14615), which could allow a local attacker to expose sensitive information, as well as a race condition (CVE-2020-7053) in the i915 driver that could let a local attacker to crash the system or execute arbitrary code.

Last week I looked at the Windows vs. Linux scaling performance on the Threadripper 3990X at varying core/thread counts followed by looking at the Windows 10 performance against eight Linux distributions for this $3990 USD processor running within the System76 Thelio Major workstation. Now the tables have turned for our first look at this 64-core / 128-thread processor running on the BSDs, FreeBSD 12.1 in particular. With this article is looking at the FreeBSD 12.1 performance and seeing how the performance scales compared to Ubuntu 20.04 Linux and the Red Hat Enterprise Linux 8 based CentOS Stream.

It was a long time overdue but we now have bootable VM images for GNOME again. These VMs are good for testing and documenting new features before they reach distros.

To provide the best experience in terms of performance and host-guest integration, we landed in BoxesDevel (Nightly GNOME Boxes) an option to create GNOME VMs with the correct device drivers and configurations assigned to it. You know…the Boxes way™.

• Peter Hutterer: A tale of missing touches

  libinput 1.15.1 had a new feature: it matched the expected touch count with the one actually seen as opposed to the one advertised by the kernel. That is good news for ALPS devices whose kernel driver lies about their capabilities because these days who doesn't. However, in some cases that feature had the side-effect of reducing the touch count to zero - meaning libinput would ignore any touch. This caused a slight UX degradation.

  After a bit of debugging and/or cursing, the issue was identified as a libevdev issue, specifically - the way libevdev replays events after a SYN_DROPPED event. And after several days of fixing things, adding stuff to the CI and adding meson support for libevdev so the CI can actually run a few useful things, it's time for a blog post to brain-dump and possibly entertain the occasional reader such as you are. Congratulations, I guess.

  The Linux kernel's evdev protocol is a serial protocol where all events have a type, a code and a value. Events are grouped by EV_SYN.SYN_REPORT events, so the event type is EV_SYN (0), the event code is SYN_REPORT (also 0). The value is usually (but not always), you guessed it, zero. A SYN_REPORT signals that the current event sequence (also called a "frame") is to be interpreted as one hardware event [0].

• What is backporting, and how does it apply to RHEL and other Red Hat products?

  Version numbers are important, but aren't always what they seem at first glance. Red Hat, for example, often backports updates to the software we ship in Red Hat Enterprise Linux (RHEL) to maintain the version that we shipped.

  This is a post to follow to Jean-Sébastien Tougne’s post on finding the latest available kernel. Jean-Sébastien’s article was responding to a question on the Red Hat Learning Community, where the poster was seeking the latest version of the kernel for Red Hat Enterprise Linux. That prompted me to write an article that went deeper into the nuance and strategy the Red Hat Enterprise Linux team employs for this to be magically delicious for administrators.

• The edge is open: Why scale-out computing doesn’t exist without open hybrid cloud

  The past year has seen the rise of applications that push enterprise IT to the (literal) edge, from using autonomous vehicles guided by artificial intelligence (AI) to vast sensor networks that rely on 5G for instant connectivity and emergency reaction times. Whether it's the Internet-of-Things (IoT), fog computing or edge computing, the intent is to bring computing resources like processing power and storage closer to the end user or data source to improve the ability to scale, responsiveness and the overall service experience.

  We can look at the edge as the newest IT footprint, becoming an extension of the data center just like bare-metal, virtual environments, private cloud and public cloud. In a sense, edge computing is a summation of the other four footprints, blending pieces from each to create infrastructure aimed at tackling specific customer demands that traditional IT models cannot address.

• Enterprise open source software is growing within innovative companies

  Red Hat has been at the forefront of the global open source discussion, fighting for software freedom in the U.S Supreme Court, and offering free tech products for cloud infrastructure, automation, AI, and much more. After conducting research and interviewing IT leaders from around the world, Red Hat released a report examining the state of enterprise open source in 2020.

  950 IT leaders, unaware that Red Hat was the research sponsor, were surveyed about their practices and opinions on enterprise open source software.

• Multicluster Management and GitOps Workshop

  There’s so much more to come. In the next few weeks, we’ll dive deeper into customer ideas and finish the design thinking process by producing designs, prototyping them, and finally testing their validity.

  We also want you to join us. To help influence the future of OpenShift, sign up to be notified about research participation opportunities or provide feedback on your experience by filling out this brief survey. If you’d like to attend the next workshop, keep an eye on the OpenShift Commons calendar for upcoming events. Feel free to reach out by email if you have any questions.

Unpopular opinion time: dual-booting Windows and Linux on your PC is actually great. I do it and I encourage it. Now, if you’ve read my articles here for the last 18 months or so, this statement may seem shocking. To some Linux users, it may come off as downright sacrilegious. I get it. “Prominent Forbes tech writer ditches Windows (1, 2), starts covering Linux full-time while touting all the benefits Linux has over Windows 10, produces a Linux podcast and YouTube channel, then says using Windows is fine?”

• Introducing our Jinja2 cheat sheet

  Jinja2 is a templating language for Python. While it got its start on the web for use with the Flask framework, it is popular in many other places. Both Flask and Pelican use it to template HTML pages, allowing seperation between style and content. Configuration management frameworks, like Ansible and SaltStack, use it to parametrize their configurations (Ansible playbooks or Salt state files, respectively). This allows the configuration files to take into consideration local machine parameters, for example. The Cookiecutter framework uses it to define its input templates, so that files that need the name of the project or the name of the maintainer can be parametrized.

  Jinja2 is used in many Python projects because it is both web-framework-agnostic and language-agnostic. This means that, for many Python projects in need of a template language, Jinja2's easy API and accessible template-designer documentation is an easy choice. Additionally, its popularity is its own advantage: for a project that needs a tempate language, using Jinja2 means being able to point to the wealth of documentation on writing templates. This makes Jinja2 a great choice for home-grown, internal project.

• Forks and Threats

  What is a threat? From a game-theoretical perspective, a threat is an attempt to get a better result by saying: "if you do not give me this result, I will do something that is bad for both of us". Note that it has to be bad for both sides: if it is good for the threatening side, they would do it anyway. While if it is good for the threatened side, it is not a threat.

  Threats rely on credibility and reputation: the threatening side has to be believed for the threat to be useful. One way to gain that reputation is to follow up on threats, and have that be a matter of public record. This means that the threatening side needs to take into account that they might have to act on the threat, thereby doing something against their own interests. This leads to the concept of a "credible" or "proportionate" threat.

  For most of our analysis, we will use the example of a teacher union striking. Similar analysis can be applied to nuclear war, or other cases. People mostly have positive feelings for teachers, and when teacher unions negotiate, they want to take advantage of those feelings. However, the one thing that leads people to be annoyed with teachers is a strike: this causes large amounts of unplanned scheduling crisis in people's lives.

  In our example, a teacher union striking over, say, a minor salary raise disagreement is not credible: the potential harm is small, while the strike will significantly harm the teachers' image.

• Python 101 2nd Edition Fully Funded + Stretch Goals

  The second edition of my book, Python 101, has been successfully funded on Kickstarter. As is tradition, I have added a couple of stretch goals for adding more content to this already hefty book.

• List Comprehensions in Python

  List comprehensions are often used in Python to write single line statements that create a new list or dictionary by looping over an iterable object. This article will explain how to use list comprehensions in Python, starting with a basic explanation of how for loops work in Python.

  For Loop in Python

  A for loop statement in Python sequentially iterates over members of any object, list, string etc. Compared with other programming languages, its syntax is much cleaner and doesn’t require manually defining iteration steps and starting iteration. Though there are ways to make its behavior the same as other programming languages (won’t be covered in this article). You can also exercise some control over for loops by using statements like continue, break, pass etc.

• Getting Started Testing with pytest

  This talk has been through a few iterations. In 2011, I gave a presentation at Boston Python about Getting Started Testing, based on the standard library unittest module. In 2014, I updated it and presented it at PyCon. Now I’ve updated it again, and will be presenting it at Boston Python.

  The latest edition, Getting Started Testing: pytest edition, uses pytest throughout. It’s a little long for one evening of talking, but I really wanted to cover the material in it. I wanted to touch on not just the mechanics of testing, but the philosophy and central challenges as well.

• Learn To Code By Playing These Games

  Apart from an ambition to become a programmer and have an interesting well-paid job, there are plenty of reasons to learn coding even for those who see themselves in other professions.

  Programming can be helpful in many areas. It develops a structured and creative approach to problem-solving. If you know how to code, you also know how to break a problem down to smaller tasks with specific actions and measurable results.

  Your way of thinking becomes more logical and organized. Coding broadens your mind, so you start to see problems in the light of solutions. And of course, it teaches to be patient. Logic, problem-solving, persistence: sounds like a great set of skills for almost any professional.

• The Best Android Apps for Learning How to Code

  As a senior software developer, I’m often asked for advice on learning programming. Since I believe that the tech market always benefits from having more high-quality developers, I’m happy to share tips and hacks that helped me become a better software engineer.

  However, as soon as I say: “Read this and that book, check out this reference guide. Taking these courses is a must, and don’t forget to be scanning through community forums all the time,” I see people’s enthusiasm fade away until they hit me with “I don’t have time to do all that.” Then they leave.

  Here’s the thing I’d love to state for the record — learning programming is not about making time. It’s about consistency. Since the market constantly changes and evolves, a developer who devotes 30 minutes a day to education is more flexible and has a better chance of adapting to new trends than a CS graduate who hasn’t learn a new program since getting out of college.

Linux is superior to Windows in a lot of ways. It gives you the freedom to shape your system according to your desire. You can customise almost everything to your taste. Don’t like the way your login screen looks, well change it according to your liking. You can change your Linux UI (User Interface) so that it looks like Windows if you are more comfortable that way. Linux is way less resource-hungry than Windows, meaning it runs a lot smoother. You can even customise how much cache and ram should Linux use. But despite all these good things switching from Windows to Linux can be a lot of hassle as there are a lot of distros or types of Linux to choose from and most people get confused. Different Linux distros are for different people. Here I’ll be comparing the two biggest distro releases, i.e., Ubuntu and Fedora

Most of the virtual world is powered by Linux today. Admins and network owners like to take control of their web presence by utilizing Linux to its fullest extent. If you are a starting Linux user looking to hone your system administration skills to the next level, learn these 40 Linux server commands mentioned below. Our team of veteran sysadmins has curated this guide for facilitating your learning experience. Most of these commands are pretty basic, but if used carefully, they will help you manage and monitor your Linux servers much more effectively.

• How to install ScreenCloud on Linux Ubuntu 18.04/19.10?

• Cleaning and Speeding Up Linux

• How to find CPU Temperature on Linux Ubuntu 19.10/ 18.04 LTS[Top Apps]

• Managing swap in the modern Linux system

• How to Install Visual Studio Code IDE on Fedora 31?

• Install Visual Studio Code on Linux Mint 19.3 Tricia

• Emulating large disks in Linux with VDO

• How to Install Android Studio on Linux Mint 19.3 Tricia?

• Parallel installs for classic snaps

• Designing an event-driven process at scale: Part 2

• THE most important GNU Linux softlink – umount unmount

• Understanding the Differences Between Soft and Hard Links in Linux

There’s a division of opinion when it comes to the question; does Linux need antivirus? Well, the short answer is no. Some say viruses for Linux are rare; others say Linux’s security system is secure and much safer than other operating Windows.

So, is Linux really secure?

While no single operating system is entirely secure, Linux is known to be much more reliable than Windows or any operating system. The reason behind this is not the security of Linux itself but the minority of viruses and malware that exist for the operating system.

Viruses and malware are incredibly rare in Linux. They do exist though the likelihood of getting a virus on your Linux OS is very low. Linux based operating systems also have additional security patches that are updated regularly to keep it safer.

The userbase of Linux is tiny when compared to Windows. While Operating systems like Windows and Mac house all kinds of users, Linux is inclined more towards advanced users. In the end, It all comes down to the caution taken by the user.

Can you get viruses on Linux?

Yes, before you assume anything, viruses and malware can affect any operating system.

No operating system is 100% safe, and it’s a fool errand to look for one. Like Windows and Mac OS, you can get viruses on Linux. However rare they are, they still exist.

On the official page of Ubuntu, a Linux based OS, it is said that Ubuntu is highly secure. A lot of people installed Ubuntu for the sole purpose of having a dependable OS when it comes to the security of their data and sensitive details.

• Matthew Garrett: What usage restrictions can we place in a free software license?

  Growing awareness of the wider social and political impact of software development has led to efforts to write licenses that prevent software being used to engage in acts that are seen as socially harmful, with the Hippocratic License being perhaps the most discussed example (although the JSON license's requirement that the software be used for good, not evil, is arguably an earlier version of the theme). The problem with these licenses is that they're pretty much universally considered to fall outside the definition of free software or open source licenses due to their restrictions on use, and there's a whole bunch of people who have very strong feelings that this is a very important thing. There's also the more fundamental underlying point that it's hard to write a license like this where everyone agrees on whether a specific thing is bad or not (eg, while many people working on a project may feel that it's reasonable to prohibit the software being used to support drone strikes, others may feel that the project shouldn't have a position on the use of the software to support drone strikes and some may even feel that some people should be the victims of drone strikes). This is, it turns out, all quite complicated.

  But there is something that many (but not all) people in the free software community agree on - certain restrictions are legitimate if they ultimately provide more freedom. Traditionally this was limited to restrictions on distribution (eg, the GPL requires that your recipient be able to obtain corresponding source code, and for GPLv3 must also be able to obtain the necessary signing keys to be able to replace it in covered devices), but more recently there's been some restrictions that don't require distribution. The best known is probably the clause in the Affero GPL (or AGPL) that requires that users interacting with covered code over a network be able to download the source code, but the Cryptographic Autonomy License (recently approved as an Open Source license) goes further and requires that users be able to obtain their data in order to self-host an equivalent instance.

• Install Metabase on Ubuntu 18.04 with Nginx and SSL – Google Cloud

• OpenBSD Foundation 2019 campaign wrapup

  Our target for 2019 was CDN$300K. Our community's continued generosity combined with our corporate donors exceeded that nicely. In addition we received the largest single donation in our history, CDN$380K from Smartisan. The return of Google was another welcome event. Altogether 2019 was our most successful campaign to date, yielding CDN$692K in total.

• have fun with free software – truly Open Source Karaoke „SingStar“ style Performous on GNU Linux

  An open-source karaoke, band and dancing game where one or more players perform a song and the game scores their performances.

  Supports songs in UltraStar, Frets on Fire and StepMania formats.

  Microphones and instruments from SingStar, Guitar Hero and Rock Band as well as some dance pads are autodetected.

• Reintroducing Telegram: privately funded private chat with open source apps

  I started to write an article about the latest update for Telegram, when I realized I might only be speaking to a select few in-the-know users. Far fewer than I think should be interested, anyway. Telegram is a private chat system with end-to-end encryption support and cross-platform functionality. It’s privately funded by a guy named Pavel Durov, whose only goal seems to be “fast and secure messaging that is also 100% free.”

• Daniel Silverstone: Subplot volunteers? (Acceptance testing tool)

  Subplot is a tool for capturing and automatically verifying the acceptance criteria for a software project or a system, in a way that's understood by all stakeholders.

  In a software project there are always more than one stakeholder. Even in a project one writes for oneself, there are two stakeholders: oneself, and that malicious cretin oneself-in-the-future. More importantly, though, there are typically stakeholders such as end users, sysadmins, clients, software architects, developers, and testers. They all need to understand what the software should do, and when it's in an acceptable state to be put into use: in other words, what the acceptance criteria are.

  Crucially, all stakeholders should understand the acceptance criteria the same way, and also how to verify they are met. In an ideal situation, all verification is automated, and happens very frequently.

  There are various tools for this, from generic documentation tooling (word processors, text editors, markup languages, etc) to test automation (Cucumber, Selenium, etc). On the one hand, documenting acceptance criteria in a way that all stakeholders understand is crucial: otherwise the end users are at risk of getting something that's not useful to help them, and the project is a waste of everyone's time and money. On the other hand, automating the verification of how acceptance criteria is met is also crucial: otherwise it's done manually, which is slow, costly, and error prone, which increases the risk of project failure.

  Subplot aims to solve this by an approach that combines documentation tooling with automated verification.

• Ulrike Uhlig: Reasons for job burnout and what motivates people in their job

  Often, burnout is conceived as a weakness of the person experiencing it: "they can't work under stress", "they lack organizational skills", "they are currently going through grief or a break up, that's why they can't keep up" — you've heard it all before, right?

• Hard disk reliability study - 2005-2020

  In other words, practically, if I keep two copies of any which data, the likelihood of data loss is 2.5% over a decade, or 0.06% for three disks. So this kind of confirms my backup strategy from a while back, and also shows that it is important for you to keep multiple copies of important files, if you want them to outlast your hardware.

  Conclusion

  There you go. I hope you find this 15-year-long study valuable. Of course, any techie like me could do it. All techies hoard hardware like mad, and I'm sure most of Dedoimedo readers have a bunch of computers and tons of hard disks strewn about, so it's just the matter of compiling the right data. And I'm sure every such compilation would be compelling. A compelling compiling, hi hi.

  If you have any comments or suggestions about my findings, I'd love to hear them. Again, I don't have a massive data center, so I can't do an accurate comparative study between vendors, disks sizes and alike, so do take my results with a pinch of cardamom. But I believe my numbers are quite indicative for home usage scenarios, so if you're mulling how to handle your data down the long trouser leg of time, you have some indication of where to start, and how to hedge your odds. Take care.

• How 1500 bytes became the MTU of the internet

  On the face of it 1500 is a weird number, we would normally expect a lot of constants in computing to be based around mathematical constants, like powers of 2. 1500, however fits none of those.

  So where did 1500 come from, and why are we still using it?

• Is it Possible to Identify DNS over HTTPs Without Decrypting TLS?

  Whenever I talk about DNS over HTTPS (DoH), the question comes up if it is possible to fingerprint DoH traffic without decrypting it. The idea is that something about DoH packets is different enough to identify them.

  [...]

  At this point, I would call the experiment a "proof of concept." It is not a conclusive experiment. I only collected a few minutes of traffic and went maybe to a dozen different sites. All tests were performed on a Mac using Firefox 71 and Cloudflare as a resolver. I may get around to do more testing during the day and will update this post accordingly.

• More DNS over HTTPS: Become One With the Packet. Be the Query. See the Query

  Two days ago, I wrote about how to profile traffic to recognize DNS over HTTPS. This is kind of a problem for DNS over HTTPS. If you can see it, you may be able to block it. On Twitter, a few chimed in to provide feedback about recognizing DNS over HTTPS. I checked a couple of other clients, and well, didn't have a ton of time so this is still very preliminary:

  [..]

  But to come back to the initial observation: The DoH traffic had specific packet sizes it preferred. So I was looking at this since it didn't seem random, meaning it leaked information.

• ‘This Is Disastrous’: How the Vinyl Industry Is Responding to the Apollo Masters Fire

  The day that everyone in the vinyl-manufacturing world has been worried about for years finally arrived. Earlier this month, Apollo Masters Corp., one of the two places in the world that produce the lacquer discs needed to assemble master plates for pressing records, burned down. The blaze reportedly took 82 firefighters and three hours to extinguish. No one was harmed, but the fire obliterated the Banning, California, facility responsible for, by most estimates, 70 to 85 percent of the lacquer plates used in vinyl production. There is now just one such factory in the world capable of producing that crucial item, MDC in Japan, leaving the global supply of vinyl in peril.

  “We’ve all been worried about this, we’ve had meetings about it within the industry,” says Cash Carter, chief operating officer at Kindercore Vinyl Pressing in Athens, Georgia. “We’ve gotten together with all the other pressing plants, lacquer cutters, everybody, and been like, ‘What happens if MDC or Apollo goes away? We’re all fucked.’ We were dreading that day, but not thinking it would actually happen — that before anything disastrous happened, someone would come in and fix what needed to be fixed.… Now, is the sky falling? No. But this is disastrous. I think there are going to be pressing plants that close because of this.… We’ve been saying we need to fix this for years. Now, we actually need to fix this.”

• How Kubernetes Became The Standard For Compute Resources

• Linux Console + Boutique Distros | Choose Linux 29

  A confusing experience in Distrohoppers which raises deeper questions about the value and viability of smaller distros.

• iocage in Jail | BSD Now 338

  Distrowatch reviews FuryBSD, LLDB on i386 for NetBSD, wpa_supplicant as lower-class citizen, KDE on FreeBSD updates, Travel Grant for BSDCan open, ZFS dataset for testing iocage within a jail, and more.

• The Linux Link Tech Show Episode 845

  service now woes, raspberry pi 4, power strips, and more

• Point and click your way through the cyberpunk adventure 'VirtuaVerse' this May

  Theta Division have announced today with a very stylish video that VirtuaVerse will be launching with Linux support on May 12.

  In a quite unusual way to announce something, they made their protagonist give a little speech with some awesome pixel-art cyberpunk backdrops that made it really hard to focus on what they were saying because it just looks so good! After that though, it gives a small slice of what to expect.

• Steam Play Proton is correctly tracking Linux sales, a statement from Valve

  Recently we put up an article highlighting a possible issue with how Valve were counting Steam Play Proton sales, here's a full correction and more information.

  In the previous article, it referenced a Reddit post and Valve's quick statement at the time that Steam Play Proton might not have listed Linux as the platform for a game sale. We also added an update to that article today, after speaking to a developer whose Windows-only title was purchased by myself (and others) as they had told us they saw no Linux sales which seemingly confirmed there was an issue.

  As it turns out, the system is working correctly but there was a filtering issue.

• GamePad: A New Open Source And 100% Linux-Dedicated Game Platform

  Do you also believe that “Linux is not a gaming platform”? Well, it may not be the first priority of gamers. Still, if you look at the recent contribution by Linux community developers, Linux has improved a lot with support for graphics drivers and new games to provide a better gaming experience.

  On that account, GamePad, a new entrant in the open game platform, launched a crowdfunding campaign on Kickstarter for its latest Linux gaming platform.

• LLVM Adds MLIR-Vulkan-Runner To Run MLIR On Vulkan-Enabled GPUs

  For those out of the loop, MLIR is a new intermediate representation (IR) in the LLVM ecosystem that has grown immensely in popularity since Google developers announced it last year. MLIR was designed as a machine learning IR for the likes of TensorFlow and has seen significant adoption by the LLVM ecosystem in working out well for heterogeneous hardware among other advantages over the traditional LLVM IR.

  The mlir-vulkan-runner added to the LLVM source tree today is an execution driver for executing MLIR files on Vulkan by translating MLIR modules into SPIR-V for execution on GPUs while the host portion is converted to LLVM IR and JIT'ed on the system. This is similar to the MLIR CUDA runner that has already existed for NVIDIA platforms.

• LLVM Clang 11 Adds -std=c++20 Support

  With C++20 now being deemed complete from the recent ISO C++ meeting in Prague, the GNU Compiler Collection went ahead and added the -std=c++20 flag where as up until that change this weekend relied upon the -std=c++2a switch. LLVM's Clang compiler now has similar treatment on its codebase.

  Like GCC, the LLVM Clang C++20 support isn't yet complete but it's working towards that milestone. But with C++20 now deemed complete and set to formally be out in the coming months during the 2020 year, the developers are comfortable exposing it now as -std=c++20 as the target. Additionally, LLVM Clang has shifted its C++2A references in their code-base to C++20. The old C++2A switch will still be an accepted argument for compatibility purposes.

• Daily life with the offline laptop

  I will go fast on this. My set up is an old Apple Powerbook G4 with a 1024x768 screen (I love that 4:3 ratio) running OpenBSD.

  The system firewall pf is configured to prevent any incoming connections, and only allow TCP on the network to port 22, because when I need to copy files, I use ssh / sftp. The /home partition is encrypted using the softraid crypto device, full disk encryption is not supported on powerpc.

  The experience is even more enjoyable with a warm cup of tea on hand.

• The Computer Scientist Responsible for Cut, Copy, and Paste, Has Passed Away

  Born in 1945 in New York, Tesler went on to study computer science at Stanford University, and after graduation he dabbled in artificial intelligence research (long before it became a deeply concerning tool) and became involved in the anti-war and anti-corporate monopoly movements, with companies like IBM as one of his deserving targets. In 1973 Tesler took a job at the Xerox Palo Alto Research Center (PARC) where he worked until 1980. Xerox PARC is famously known for developing the mouse-driven graphical user interface we now all take for granted, and during his time at the lab Tesler worked with Tim Mott to create a word processor called Gypsy that is best known for coining the terms “cut,” “copy,” and “paste” when it comes to commands for removing, duplicating, or repositioning chunks of text.

• This Week In Rust: This Week in Rust 326

• Using Python and GNU Octave to plot data

  Data science is a domain of knowledge that spans programming languages. Some are well-known for solving problems in this space, while others are lesser-known. This article will help you become familiar with doing data science with some popular languages.

• Python while Loop

  Loops are one of the fundamental concepts of programming languages. Loops are handy when you want to repeat a specific block of code a number of times until a given condition is met. There are two basic loop constructs in Python, for and while loops. This tutorial covers the basics of while loops in Python. We’ll also show you how to use the else clause and the break and continue statements.

• Stop Installing Python Packages Globally — Use Virtual Environments

  Python virtual environments allow you to install Python packages in an isolated location for a particular application, instead of installing them globally.
  Let’s explore what the advantages are and how you can quickly get started.

• GOWIN Semiconductor Adds Ubuntu Support to their GOWIN EDA FPGA Software for Improved Artificial Intelligence and IoT Development Toolchain Integration

  Traditional FPGAs have had a long history of development tool support for Windows and Red Hat, but in many cases lacked universal Linux support for other distributions such as Ubuntu. This has caused development burdens as Ubuntu has matured and become the most commonly supported operating system for Artificial Intelligence solution development. Neural network model development software such as Caffe, Tensorflow and Keras have found Ubuntu as the preferred operating system due to its open source support and scripting capabilities. As a result, having GOWIN’s FPGA EDA in the same operating system allows developers to seamlessly integrate FPGA synthesis, place and route and bitstream generation into their AI design and script work flows.

• Kentucky official: Foreign actors, including Russians, North Koreans, target election system

  Previous attacks on election systems by foreign actors in the 2016 election focused on state-level systems, which have since beefed up security, though Dearing told legislators that "we’re now seeing those bad actors target the county level.”

• New Workload Automation Platform Available on Linux and Windows Servers

• War With Netflix and Disney Looms for India’s Top Local Streamer

  As global streaming giants Netflix Inc. and Walt Disney Co. spend millions of dollars to grab viewers in India, a country that could become their biggest overseas market, a homegrown rival is preparing to defend its turf.

  Zee5, the top domestic streaming platform set up by India’s biggest television broadcaster, is betting on local content to fend off big-spending rivals, Chief Executive Officer Tarun Katial said in an interview. The over-the-top, or OTT, service is playing to its advantage by adding more local-language shows and lower-price options to gain market share, he said.

• DHS’s cyber wing responds to ransomware attack on pipeline operator [iophk: Windows TCO]

  The Department of Homeland Security’s cybersecurity agency recently responded to a ransomware attack on a natural gas compression facility that led the organization to shut down its operations for two days, the agency said Tuesday.

  The [attackers] were able to encrypt data on the organization’s IT and “operational technology” network, a broad term for a network that oversees industrial processes. No longer able to read data coming from across its enterprise, the facility shut down its various assets, including its pipelines, for two days.

• Alert (AA20-049A): Ransomware Impacting Pipeline Operations [iophk: Windows TCO]

  CISA responded to a cyberattack affecting control and communication assets on the operational technology (OT) network of a natural gas compression facility. A cyber threat actor used a Spearphishing Link [T1192] to obtain initial access to the organization’s information technology (IT) network before pivoting to its OT network. The threat actor then deployed commodity ransomware to Encrypt Data for Impact [T1486] on both networks. Specific assets experiencing a Loss of Availability [T826] on the OT network included human machine interfaces (HMIs), data historians, and polling servers. Impacted assets were no longer able to read and aggregate real-time operational data reported from low-level OT devices, resulting in a partial Loss of View [T829] for human operators. The attack did not impact any programmable logic controllers (PLCs) and at no point did the victim lose control of operations. Although the victim’s emergency response plan did not specifically consider cyberattacks, the decision was made to implement a deliberate and controlled shutdown to operations. This lasted approximately two days, resulting in a Loss of Productivity and Revenue [T828], after which normal operations resumed. CISA is providing this Alert to help administrators and network defenders protect their organizations against this and similar ransomware attacks.

• Chinese-linked [cracking] group using Windows backdoors to go after gambling industry targets

  A nation-state actor that has links with Chinese [attackers] is exploiting two new backdoors to run a cyber-espionage campaign against gambling entities in Southeast Asia, according to Trend Micro research.

  The new activity, which is also reportedly occurring in Europe and the Middle East, was first unearthed last year when cybersecurity consultancy Talent-Jump Technologies found a Microsoft Windows backdoor and contacted Trend Micro while conducting incident response for a company based in the Philippines.

I have uploaded a set of fresh Slackware Live Edition ISO images. They are based on the liveslak scripts version 1.3.5. The ISOs are variants of Slackware-current “Tue Feb 18 05:20:50 UTC 2020” with the 5.4.20 kernel but without PAM.
The PLASMA5 variant is my february release of ‘ktown‘ aka KDE-5_20.02 .

Download these ISO files preferably via rsync://slackware.nl/mirrors/slackware-live/ (or its mirror rsync://slackware.uk/people/alien-slacklive/ but allow that 24 to sync up) because that allows easy resume if you cannot download the file in one go.

• LibreOffice 6.3.5 available for download

  The Document Foundation announces LibreOffice 6.3.5, the 5th minor release of the LibreOffice 6.3 family, targeted at individuals using the software for production purposes, who are invited to update their current version. The new release provides bug and regression fixes, and improvements to document compatibility.

• LibreOffice 6.3.5 Is Now Available for Download with 84 Bug Fixes

  LibreOffice 6.3.5 comes more than two months after the LibreOffice 6.3.4 update and it’s here to improve the overall stability, security and compatibility of the open-source and cross-platform office suite.

  A total of 84 bug and regression fixes are included in this maintenance update, which is still recommended to power users and technology enthusiasts, improving LibreOffice’s core components. The full changelogs are available for tech-savvy users here and here.

• LibreOffice 7 Continues Plumbing Its Vulkan Rendering Support

  Landing last November in the LibreOffice development code was Skia drawing support to replace Cairo and in turn that opens up for Vulkan rendering of this cross-platform, open-source office suite.

  Skia+Vulkan is working out for LibreOffice and in fact the debut version that was going to be LibreOffice 6.5 was renamed to LibreOffice 7.0 as the current version now under development following the recent LibreOffice 6.4 release.

• Open Source Did Not Win, It Was Assimilated to and by Proprietary Software
• Former Microsoft Employees Don’t Like Talking About Past and Present Microsoft Back Doors (Designed for Spy Agencies)
• Techrights Warns Against Impending Extradition Efforts (Passage of Julian Assange to His Death in the United States)
• Team UPC: Many Mouths and No Ears
• Team UPC Insults Judges Because the UPC is Dead and UPC Lobbyists Have Nothing Left to Lose
• IRC Proceedings: Wednesday, February 19, 2020