• What is the Function of Shebang in Linux?

• How to list repositories on Linux

• My summary of the OpenStack Stein PTG in Denver

• Identity Management for Systems in a DMZ

  In this post we will be talking about managing Linux systems that are located in a demilitarized zone (DMZ) also referred to as a perimeter network. From the identity management and authentication perspective, DMZ installations create a particular challenge: How can we provide identity and authentication services without jeopardizing the integrity of our perimeter security?

• This Week in Rust 252

  Hello and welcome to another issue of This Week in Rust! Rust is a systems language pursuing the trifecta: safety, concurrency, and speed. This is a weekly summary of its progress and community. Want something mentioned?

• Everything old is new again

  Just because KDE4-era software has been deprecated by the KDE-FreeBSD team in the official ports-repository, doesn’t mean we don’t care for it while we still need to. KDE4 was released on January 11th, 2008 — I still have the T-shirt — which was a very different C++ world than what we now live in. Much of the code pre-dates the availability of C++11 — certainly the availability of compilers with C++11 support. The language has changed a great deal in those ten years since the original release.

  The platforms we run KDE code on have, too — FreeBSD 12 is a long way from the FreeBSD 6 or 7 that were current at release (although at the time, I was more into OpenSolaris). In particular, since then the FreeBSD world has switched over to Clang, and FreeBSD current is experimenting with Clang 7. So we’re seeing KDE4-era code being built, and running, on FreeBSD 12 with Clang 7. That’s a platform with a very different idea of what constitutes correct code, than what the code was originally written for. (Not quite as big a difference as Helio’s KDE1 efforts, though)

• Let’s take this bug, for example…

  Krita’s 2018 fund raiser is all about fixing bugs! And we’re fixing bugs already. So, let’s take a non-technical look at a bug Dmitry fixed yesterday. This is the bug: “key sequence ctrl+w ambiguous with photoshop compatible bindings set” And this is the fix.

• GNOME.Asia 2018

  GNOME.Asia 2018 was co-hosted with COSCUP and openSUSE Asia this year in Taipei, Taiwan. It was a good success and I enjoyed it a lot. Besides, meeting old friends and making new ones are always great.

Businesses seeking to improve their data integration know that today's data integration software perform complex tasks. They enable applications to access data associated with other applications, and also to migrate data from one platform to another, transforming it as necessary. Given this sophistication, selecting the best data integration tool is far from easy.

Adding to the complexity of the selection process: early data integration tools focused on ETL – extract, transform, and load processes. However, most of today's data integration products have much more advanced capabilities and can generally connect both on-premises and cloud-based data. Many also integrate with other data management products, such as business intelligence (BI), analytics, master data management (MDM), data governance and data quality solutions.

To help sort through the complex options, the list below highlights five of the best open source data integration tools, based on vendor profile and completeness of their data integration tool set.

Ubuntu Budgie 18.04 LTS is the latest release of Ubuntu budgie. As part of Ubuntu 18.04 flavor this release ships with latest Budgie desktop 10.4 as default desktop environment. Powered by Linux 4.15 kernel and shipping with the same internals as Ubuntu 18.04 LTS (Bionic Beaver), the Ubuntu Budgie 18.04 LTS official flavor will be supported for 3 years, until April 2021.

Prominent new features include support for adding OpenVNC connections through the NetworkManager applet, better font handling for Chinese and Korean languages, improved keyboard shortcuts, color emoji support for GNOME Characters and other GNOME apps, as well as window-shuffler capability.

Ubuntu Budgie 18.04 LTS also ships with a new exciting GTK+ theme by default called Pocillo, support for dynamic workspaces, as well as a “minimal installation” option in the graphical installer that lets users install Ubuntu Budgie with only the Chromium web browser and a handful of basic system utilities.

• BU Spark! teams up with Red Hat, hosts software design workshop

  Students traveled across Boston to its Fort Point neighborhood to attend a BU Spark! workshop about interaction design Friday. There they delved into interaction design and explored how to develop user-friendly software.

  BU Spark! and Red Hat Inc. hosted the Interaction Design Bootcamp jointly at Red Hat’s Boston office. BU students and Spark! Interaction design fellows attended.

  Red Hat is a software company that specializes in information technology and has a research relationship with Boston University that includes educational elements. The programs taught by Red Hat focus on user experience design, one of Red Hat’s specializations, according to their website.

• Open source can spark innovative business transformation in government, Red Hat leaders say

  The federal government, largely hamstrung by legacy systems, is in need of a major digital transformation. Open source technology can be the spark that sets off that revolution, leaders from open-source software company Red Hat said Tuesday.

  “The types of technologies that you choose matter,” said Mike Walker, global director of Open Innovation Labs at Red Hat. “It will influence the way your business operates and open new doors to new business process, and ultimately allow you to become a software company that can achieve some of those innovations and reductions in cost and time.”

• Kubernetes Ingress vs OpenShift Route

  Although pods and services have their own IP addresses on Kubernetes, these IP addresses are only reachable within the Kubernetes cluster and not accessible to the outside clients. The Ingress object in Kubernetes, although still in beta, is designed to signal the Kubernetes platform that a certain service needs to be accessible to the outside world and it contains the configuration needed such as an externally-reachable URL, SSL, and more.

  Creating an ingress object should not have any effects on its own and requires an ingress controller on the Kubernetes platform in order to fulfill the configurations defined by the ingress object.

  Here at Red Hat, we saw the need for enabling external access to services before the introduction of ingress objects in Kubernetes, and created a concept called Route for the same purpose (with additional capabilities such as splitting traffic between multiple backends, sticky sessions, etc). Red Hat is one of the top contributors to the Kubernetes community and contributed the design principles behind Routes to the community which heavily influenced the Ingress design.

• VirtualBox DRM/KMS Driver Proceeding With Atomic Mode-Setting Support

  The "vboxvideo" DRM/KMS driver for use by VirtualBox guest virtual machines that has been part of the mainline Linux kernel the past several cycles will soon see atomic mode-setting support.

  Hans de Goede of Red Hat, who has been stewarding this driver into the Linux kernel after Oracle has failed to do so, is tackling the atomic mode-setting as his latest advancement to this driver important for a VirtualBox desktop VM experience. Published today were initial patches preparing the move to atomic mode-setting but not yet the full migration to this modern display API that offers numerous benefits.

• A Roadblock Ahead? – Red Hat, Inc. (RHT), Ingersoll-Rand Plc (IR)

• Red Hat Shares Have Even Upside-Downside Profile, JPMorgan Says In Downgrade

• Earnings Preview: Red Hat poised to deliver earnings growth for Q2

• J.P. Morgan Securities Slams Red Hat Stock With Downgrade Before Earnings

• Red Hat Inc. (RHT) Moves Lower on Volume Spike for September 18

• IBM launches tool aimed at detecting AI bias

  The Fairness 360 Kit will also scan for signs of bias and recommend adjustments.

  There is increasing concern that algorithms used by both tech giants and other firms are not always fair in their decision-making.

• IBM launches tools to detect AI fairness, bias and open sources some code

  IBM said it will launch cloud software designed to manage artificial intelligence deployments, detect bias in models and mitigate its impact and monitor decision across multiple frameworks.

  The move by IBM highlights how AI management is becoming more of an issue as companies deploy machine learning and various models to make decisions. Executives are likely to have trouble understanding models and the data science under the hood.

• IBM Debuts Tools to Help Prevent Bias In Artificial Intelligence

• Linux Patches Surface For Supporting The Creative Sound BlasterX AE-5

  Last year Creative Labs introduced the Sound BlasterX AE-5 PCI Express gaming sound card while finally there are some patches pending for supporting this high-end sound card in Linux.

  Connor McAdams who most recently got the Creative Recon3D support into good shape on Linux has now been working on getting the Sound BlasterX AE-5 working well on Linux.

• Blockchain Training Takes Off

  Meanwhile, job postings related to blockchain and Hyperledger are taking off, and knowledge in these areas is translating into opportunity. Careers website Glassdoor lists thousands of job posts related to blockchain.

• AMD Picasso Support Comes To The RadeonSI OpenGL Driver

  Last week AMD sent out initial support for yet-to-be-released "Picasso" APUs with the Linux AMDGPU kernel graphics driver. Today on the user-space side the support was merged for the OpenGL RadeonSI Gallium3D driver.

  Picasso details are still fairly light but they are expected to be similar to Raven Ridge and for the AM4 processor socket as well as an edition for notebooks. On the same day as publishing the Picasso AMDGPU kernel patches, AMD also went ahead and published the Linux patches for the "Raven 2" APUs too.

• The GeForce RTX 2080 Ti Arrives For Linux Benchmarking

  It looks like NVIDIA has their launch-day Linux support in order for the GeForce RTX 2080 "Turing" graphics cards slated to ship later this week as arriving today at Phoronix was the RTX 2080 Ti.

  The GeForce RTX 2080 Ti is NVIDIA's new flagship desktop GPU with the Turing GPU architecture, 4352 CUDA cores, a 1635MHz boost clock speed rating for this Founder's Edition model, 11GB of GDDR6 video memory yielding a 616 GB/s memory bandwidth rating, and designed to suit real-time ray-tracing workloads with their RTX technology. Pricing on the RTX 2080 Ti Founder's Edition is $1,199 USD. Last week NVIDIA published more details on the Turing architecture for those interested as well as on the new mesh shader capability.

• Windows, Linux Servers Beware: New Malware Encrypts Files Even After Ransom Is Paid

  Ransomware skyrocketed from obscurity to infamy in no time flat. Headline-grabbing campaigns like WannaCry, Petya and NotPetya preceded a substantial increase in the number of small attacks using similar techniques to extort unwary internet users. Now, researchers at Palo Alto Networks have revealed new malware that carries on NotPetya's legacy while combining various types of threats into a single package.

  The researchers, dubbed Unit 42, named this new malware Xbash. It's said to combines a bot net, ransomware and cryptocurrency mining software in a single worm and targets servers running Linux or Windows. The researchers blame an entity called the Iron Group for Xbash's creation, which has been linked to other ransomware attacks. The malware is thought to have first seen use in May 2018.

• Xbash Malware Deletes Databases on Linux, Mines for Coins on Windows

• CCTV Cameras Are Susceptible To Hacks; Hackers Can Modify Video Footage

  A vulnerability has been discovered in video surveillance camera software that could allow hackers to view, delete or modify video footage.

  A research paper published by Tenable, a security firm, has revealed a vulnerability named Peekaboo in the video surveillance systems of NUUO. By exploiting the software flaw, hackers can acquire the admin privileges and can monitor, tamper and disable the footage.

• Tenable Research Discovers “Peekaboo” Zero-Day Vulnerability in Global Video Surveillance Software

  Tenable®, Inc., the Cyber Exposure company, today announced that its research team has discovered a zero-day vulnerability which would allow cybercriminals to view and tamper with video surveillance recordings via a remote code execution vulnerability in NUUO software — one of the leading global video surveillance solution providers. The vulnerability, dubbed Peekaboo by Tenable Research, would allow cybercriminals to remotely view video surveillance feeds and tamper with recordings using administrator privileges. For example, they could replace the live feed with a static image of the surveilled area, allowing criminals to enter the premises undetected by the cameras.

• 5 ways DevSecOps changes security

  There’s been an ongoing kerfuffle over whether we need to expand DevOps to explicitly bring in security. After all, the thinking goes, DevOps has always been something of a shorthand for a broad set of new practices, using new tools (often open source) and built on more collaborative cultures. Why not DevBizOps for better aligning with business needs? Or DevChatOps to emphasize better and faster communications?

  However, as John Willis wrote earlier this year on his coming around to the DevSecOps terminology, “Hopefully, someday we will have a world where we no longer have to use the word DevSecOps and security will be an inherent part of all service delivery discussions. Until that day, and at this point, my general conclusion is that it’s just three new characters. More importantly, the name really differentiates the problem statement in a world where we as an industry are not doing a great job on information security.”

Ever since I started blogging about my role in FSFE as Fellowship representative, I've been receiving communications and queries from various people, both in public and in private, about the relationship between FSF and FSFE. I've written this post to try and document my own experiences of the issue, maybe some people will find this helpful. These comments have also been shared on the LibrePlanet mailing list for discussion (subscribe here)

Being the elected Fellowship representative means I am both a member of FSFE e.V. and also possess a mandate to look out for the interests of the community of volunteers and donors (they are not members of FSFE e.V). In both capacities, I feel uncomfortable about the current situation due to the confusion it creates in the community and the risk that volunteers or donors may be confused.

The FSF has a well known name associated with a distinctive philosophy. Whether people agree with that philosophy or not, they usually know what FSF believes in. That is the power of a brand.

When people see the name FSFE, they often believe it is a subsidiary or group working within the FSF. The way that brands work, people associate the philosophy with the name, just as somebody buying a Ferrari in Berlin expects it to do the same things that a Ferrari does in Boston.

To give an example, when I refer to "our president" in any conversation, people not knowledgeable about the politics believe I am referring to RMS. More specifically, if I say to somebody "would you like me to see if our president can speak at your event?", some people think it is a reference to RMS. In fact, FSFE was set up as a completely independent organization with distinct membership and management and therefore a different president. When I try to explain this to people, they sometimes lose interest and the conversation can go cold very quickly.

• Google partners w/ Renault, Nissan, Mitsubishi to offer Assistant, Maps, & Android on 2021 cars

• Renault-Nissan alliance takes Google Android for a drive

• Renault-Nissan-Mitsubishi adopts Android infotainment in coup for Google

• 91 “child friendly” Android apps accused of exploitation

• How to change the quick settings in your notification drawer on Android Pie

• Google Is Testing A Floating Keyboard On Android

• Here's our first look at Android Pie on the Samsung Galaxy S9 Plus

• BlueStacks 4 boasts better Android gaming on PCs than on [UPDATE]

• PDF edit app Flexcil eyes cross-device expansion into iPhone and Android

A smart home is a lot more than just lights, switches and thermostats that you can control remotely from your phone. To truly make a Smart Home, the devices must be reactive and work together. This is generally done with a Rule System: a set of maxims that automate actions based on conditions. It is automation that makes a home smart.

There are a couple options for a rule system with the Things Gateway from Mozilla. First, there is a rule system built into the Web GUI, accessed via the Rules option in the drop down menu. Second, there is the Web Things API that allows programs external to the Things Gateway to automate the devices that make up a smart home. Most people will gravitate to the former built-in system, as it is the most accessible to those without predilection to writing software. This blog post is going to focus on the this rules system native to the Things Gateway.

• Kong 1.0 Debuts Providing Open Source API Platform for Cloud Native Applications

• Kong 1.0 launches: the only open source API platform specifically built for microservices, cloud, and serverless

• Kong 1.0 launches to help meet scalability demands

• Running Ubuntu VMs on Windows just got a whole lot more streamlined

• Hyper-V Quick Create Feature Makes Creating Ubuntu Virtual Machines Easier

• The Humble One Special Day Bundle is live with two nice Linux games

  The Humble One Special Day Bundle just went live and it has two rather nice native Linux games available. Others may work with Valve's Steam Play.

  For the native Linux games, you will be able to grab OlliOlli2: Welcome to Olliwood in the $1 tier which by itself is a pretty great deal. You will also find Surgeon Simulator: Anniversary Edition if you pay more than the average. Not a lot of native titles this time, hopefully their next game bundle will be a step up for us…

• Valve have opened up the code for their VR 'Moondust' tech demos, also a third revision of the Knuckles controller

  What will hopefully help developers work on VR projects using Valve's experimental "Knuckles" controllers, Valve have opened up the source code for their Moondust Knuckles Tech Demos.

  Their Moondust GitHub repository appeared on the 12th of this month, although until today it remained mostly empty. They've now updated it and put it out for the public to take a look.

• Aspyr Media have announced a Layers of Fear and Observer bundle making them cheaper together

  Aspyr Media along with Bloober Team have announced that they've bundled up Layers of Fear and Observer, two great horror titles and getting them together makes them cost less.

Earlier this year, Tidelift conducted a survey of over 1,200 professional software developers and open source maintainers. We found that 83% of professional software development teams would be willing to pay for better maintenance, security, and licensing assurances around the open source projects they use. Meanwhile, the same survey found that the majority of open source maintainers receive no external funding for their work, and thus struggle to find the time to maintain their open source projects.

We couldn't be more excited about what's happening today on the Web and around the world. Organizations, nonprofits, and companies have stepped up to take action, sharing their work to make the world DRM-free.

• Renault-Nissan-Mitsubishi lets Google's Android into its dashboards

• Google wins major Android deal with auto partnership Renault-Nissan-Mitsubishi

• Bluestacks 4 released: Your Android apps on PC could run faster than your flagship phone

• 5 handy hidden features in the Gmail Android app

• Android Security Bulletin September 2018: What you need to know

• Google Family Link adds much-needed teen Android management

• Forget the iPhone XS – here are all the Android phones coming in October 2018

• BlueStacks, an Android emulator for PC, gets update with major performance upgrade

• Android Confidential: Why these 3 upcoming Android phones could put the iPhone XS to shame

• Exclusive: This is Android Pie with Samsung Experience 10 on the Samsung Galaxy S9+

• Google Is Testing A Floating Keyboard On Android

• Big Dolby donation to UCSF; Android cars are coming; OPEC supports Iran

Chrome OS 69 is the first release of the Linux-based operating system that enables support for running Linux apps on Chromebooks. However, the Linux app support is still in development and it's presented to users in a beta form, available only on select devices due to hardware restrains. A complete list with the Chromebooks supporting Linux apps is available here.

"While we would like to be able to bring this work to all Chromebooks, the required kernel and hardware features limit where we can deploy this," says Google in the blog announcement. "A lot of features we use had to be backported, and the further back we go, the more difficult & risky it is to do so. We don't want to compromise system stability and security here."

Upsilon is Kickstartering a “BioControle” I/O add-on board for the RPi 3 designed for aquaponics and hydroponics. The $89, open-spec add-on offers power-protected 12-bit ADC and DAC, 4x relays, servo outputs, and sensor and logical I/O.

We knew it was only a matter of time before we covered a board from Luxembourg, and that time has come. Rodange, Luxembourg based Upsilon Engineering, which is led by embedded engineer Yann Leidwanger, has gone to Kickstarter to launch its BioControle add-on board for the Raspberry Pi 3. The board can be used as a general purpose I/O and DAQ add-on but is specifically designed as a control board for aquaponics and hydroponics gardening.

• First results of the ROSIN project: Robotics Open-Source Software for Industry

  Open-Source Software for robots is a de-facto standard in academia, and its advantages can benefit industrial applications as well. The worldwide ROS-Industrial initiative has been using ROS, the Robot Operating System, to this end.

  In order to consolidate Europe’s expertise in advanced manufacturing, the H2020 project ROSIN supports EU’s strong role within ROS-Industrial. It will achieve this goal through three main actions on ROS: ensuring industrial-grade software quality; promoting new business-relevant applications through so-called Focused Technical Projects (FTPs); supporting educational activities for students and industry professionals on the one side conducting ROS-I trainings as well as and MOOCs and on the other hand by supporting education at third parties via Education Projects (EPs).

• Baidu To Launch World’s First Intelligent Vehicle Infrastructure Cooperative Systems Open Source Solution By End Of 2018

  Baidu Inc. has announced it will launch the Apollo Intelligent Vehicle Infrastructure Cooperative Systems (IVICS) open-source solution by the end of 2018, leveraging its capabilities in autonomous driving to bring together intelligent vehicles and infrastructure to form a “human-vehicle-roadway” interplay – an important step toward developing future intelligent transportation.

• Versity Open Sources Next Generation Archiving Filesystem

  The ScoutFS project was started in 2016 to address the rapidly growing demand for larger POSIX namespaces and faster metadata processing. The design goal for ScoutFS includes the ability to store up to one trillion files in a single namespace by efficiently distributing metadata handling across a scale out cluster of commodity compute nodes.

• Moving from Wordpress

• Epic Clock Clocks The Unix Epoch

  Admit it: when you first heard of the concept of the Unix Epoch, you sat down with a calculator to see when exactly 2³¹-1 seconds would be from midnight UTC on January 1, 1970. Personally, I did that math right around the time my company hired contractors to put “Y2K Suspect” stickers on every piece of equipment that looked like it might have a computer in it, so the fact that the big day would come sometime in 2038 was both comforting and terrifying.

  [Forklift] is similarly entranced by the idea of the Unix Epoch and built a clock to display it, at least for the next 20 years or so. Accommodating the eventual maximum value of 2,147,483,647, plus the more practical ISO-8601 format, required a few more digits than the usual clock – sixteen to be exact. The blue seven-segment displays make an impression in the sleek wooden case, about which there is sadly no detail in the build log. But the internals are well documented, and include a GPS module and an RTC. The clock parses the NMEA time string from the satellites and syncs the RTC. There’s a brief video below of the clock in action.

• 3 top Python libraries for data science

  Python's many attractions—such as efficiency, code readability, and speed—have made it the go-to programming language for data science enthusiasts. Python is usually the preferred choice for data scientists and machine learning experts who want to escalate the functionalities of their applications. (For example, Andrey Bulezyuk used the Python programming language to create an amazing machine learning application.)

  Because of its extensive usage, Python has a huge number of libraries that make it easier for data scientists to complete complicated tasks without many coding hassles. Here are the top 3 Python libraries for data science; check them out if you want to kickstart your career in the field.

• PortableCL 1.2 Still Coming While POCL 1.3 Will Further Improve Open-Source OpenCL

  It's been a number of months since last having any major news to report on POCL, the "PortableCL" project providing a portable OpenCL/compute implementation that can run on CPUs, select GPUs, and other accelerators.

  POCL 1.1 from March remains the current stable release while POCL 1.2 has been in the release candidate stage. The POCL 1.2 release candidates began last month with a few highlights like LLVM 7.0 support, device-side printf support, and HWLOC 2.0 library support.

CloudBees is bringing a set of products into a new CloudBees Suite that it said will help companies of all sizes streamline the software development process. The new software is set to be announced Sept. 18 at the company’s DevOps World / Jenkins World conference in San Francisco. Jenkins is the open-source version of CloudBees, which is a commercial offering.

A central piece of the CloudBees Suite is the CloudBees Core for unified governance of continuous delivery operations and processes used in DevOps. Software pipelines can also use Core to run software pipelines more efficiently in a self-managed way in the cloud or on-premises.

Also: CloudBees Announces Availability of Support for Jenkins Open Source