Language Selection

English French German Italian Portuguese Spanish

Advertisement

Programming/Development: Minicoin, GNU Gengetop and Python

Filed under
Advertisement
  • Building and testing on multiple platforms – introducing minicoin

    While working with large-scale (thousands of hosts), distributed (globally) systems, one of my favourite, albeit somewhat gruesome, metaphors was that of “servers as cattle” vs “servers as pets”. Pet-servers are those we groom manually, we keep them alive, and we give them nice names by which to remember and call (ie ssh into) them. However, once you are dealing with hundreds of machines, manually managing their configuration is no longer an option. And once you have thousands of machines, something will break all the time, and you need to be able to provision new machines quickly, and automatically, without having to manually follow a list of complicated instructions.

    When working with such systems, we use configuration management systems such as CFEngine, Chef, Puppet, or Ansible, to automate the provisioning and configuration of machines. When working in the cloud, the entire machine definition becomes “infrastructure as code”. With these tools, servers become cattle which – so the rather unvegetarian idea – is simply “taken behind the barn and shot” when it doesn’t behave like it should. We can simply bring a new machine, or an entire environment, up by running the code that defines it. We can use the same code to bring production, development, and testing environments up, and we can look at the code to see exactly what the differences between those environments are. The tooling in this space is fairly complex, but even so there is little focus on developers writing native code targeting multiple platforms.

    For us as developers, the machine we write our code on is most likely a pet. Our primary workstation dying is the stuff for nightmares, and setting up a new machine will probably keep us busy for many days. But this amount of love and care is perhaps not required for those machines that we only need for checking whether our code builds and runs correctly. We don’t need our test machines to be around for a long time, and we want to know exactly how they are set up so that we can compare things. Applying the concepts from cloud computing and systems engineering to this problem lead me (back) to Vagrant, which is a popular tool to manage virtual machines locally and to share development environments.

  • GNU Gengetopt - News: 2.23 released

    New version (2.23) was released. Main changes were in build system, so please report any issues you notice.

  • Abolishing SyntaxError: invalid syntax ...

    Do you remember when you first started programming (possibly with Python) and encountered an error message that completely baffled you? For some reason, perhaps because you were required to complete a formal course or because you were naturally persistent, you didn't let such messages discourage you entirely and you persevered. And now, whenever you see such cryptic error messages, you can almost immediately decipher them and figure out what causes them and fix the problem.

  • Sending email with EZGmail and Python
  • Creating and Importing Modules in Python

Programming/Development: GNU Releases, Bash, Python and JavaScript

Filed under
Advertisement
GNU

Programming: VIM, Python, Knative, Glibc and GCC

Filed under
Advertisement

Learn Linux Kernel Device Drivers With Linux Foundation Instructor Bill Kerr

Filed under
Advertisement
Linux

Bill Kerr has taught Linux Foundation courses in Linux Kernel internals, debugging, device drivers and application development for many years. He helped write the original Linux Foundation Training course materials and has been working with UNIX kernels for 35 years.

Read more

8 Ways to Write a Better Linux SysAdmin Job Posting

Filed under
Advertisement
GNU
Linux

Linux system administrators are in high demand these days and many hiring managers say they're having a hard time finding talent to fill their open positions. It's critical, then, for companies seeking skilled admins to hone their recruiting process in order to stay competitive – and this starts with writing an effective job posting.

Unfortunately, many companies aren't hitting the mark. Job postings for sysadmin positions are largely similar; they’re boring and generic, according to New York City-based recruiter Steve Levy.

Read more

Sourceforge Hijacks the Nmap Sourceforge Account

Filed under
Advertisement
Development

Hi Folks! You may have already read the recent news about Sourceforge.net
hijacking the GIMP project account to distribute adware/malware.
Previously GIMP used this Sourceforge account to distribute their Windows
installer, but they quit after Sourceforge started tricking users with fake
download buttons which lead to malware rather than GIMP. Then Sourceforge
took over GIMP's account and began distributing a trojan installer which
tries to trick users into installing various malware and adware before
actually installing GIMP.

Read more

Slashdot Burying Stories About Slashdot Media Owned SourceForge

Filed under
Advertisement
Development

If you’ve followed any tech news aggregator in the past week, you’ve probably seen the story about how SourceForge is taking over admin accounts for existing projects and injecting adware in installers for packages like GIMP. For anyone not following the story, SourceForge has a long history of adware laden installers, but they used to be opt-in. It appears that the process is now mandatory for many projects.

People have been wary of SourceForge ever since they added a feature to allow projects to opt-in to adware bundling, but you could at least claim that projects are doing it by choice. But now that SourceForge is clearly being malicious, they’ve wiped out all of the user trust that was built up over sixteen years of operating. No clueful person is going to ever download something from SourceForge again. If search engines start penalizing SourceForge for distributing adware, they won’t even get traffic from people who haven’t seen this story, wiping out basically all of their value.

Read more

SourceForge commits reputational suicide

Filed under
Advertisement
Development

Despite seeming reformed last year, SourceForge has been caught red-handed abusing the reputations of open source projects

Read more

SourceForge locked in projects of fleeing users, cashed in on malvertising [Updated]

Filed under
Advertisement
Development

The takeover of the SourceForge account for the Windows version of the open-source GIMP image editing tool reported by Ars last week is hardly the first case of the once-pioneering software repository attempting to cash in on open-source projects that have gone inactive or have actually attempted to shut down their SourceForge accounts. Over the past few years, SourceForge (launched by VA Linux Systems in 1999 and now owned by the tech job site company previously known as Dice) has made it a business practice to turn abandoned or inactive projects into platforms for distribution of "bundle-ware" installers.

Despite promises to avoid deceptive advertisements that trick site visitors into downloading unwanted software and malware onto their computers, these malicious ads are legion on projects that have been taken over by SourceForge's anonymous editorial staff. SourceForge's search engine ranking for these projects often makes the site the first link provided to people seeking downloads for code on Google and Bing search results.

And because of SourceForge's policies, it's nearly impossible for open-source projects to get their code removed from the site. SourceForge is, in essence, the Hotel California of code repositories: you can check your project out any time you want, but you can never leave.

Read more

[Ed: Why am I not surprised?]

Syndicate content

More in Tux Machines

Programming: Django, Python and Qt

  • Introducing DjangoCon Africa

    Following the huge success of PyCon Africa, the Django community in Africa is ready to bring a new major software event to the continent - the very first DjangoCon Africa! The Django Software Foundation is excited to endorse and support this initiative. Plans are already in motion for a DjangoCon Africa to be held in Addis Ababa, Ethiopia in November 2020. Actual dates to be announced as soon as key details are in place. DjangoCon Africa will include 3 days of single-track talks, 1 day of workshops and sprints, and another day for touring for international visitors. The event will also include a Django Girls workshop to be held the weekend before DjangoCon Africa. To make the conference as inclusive as possible, the event will offer financial aid to members of under-represented communities in software to ensure they can also attend.

  • Django 3.0 release candidate 1 released

    Django 3.0 release candidate 1 is the final opportunity for you to try out the raft of new features before Django 3.0 is released. The release candidate stage marks the string freeze and the call for translators to submit translations. Provided no major bugs are discovered that can't be solved in the next two weeks, Django 3.0 will be released on or around December 2. Any delays will be communicated on the django-developers mailing list thread.

  • Cyber Discovery - What it is all about

    Cyber Discovery is made of 4 rounds. The first one being CyberStart Assess. It ran from the 3rd September to the 25th October 2019. There are 10 challenges starting easy, getting much harder. The aim for most of the challenges are to use 'Inspect Element' to get into the website and find the flag. I completed all of these challenges and was invited onto the next round: CyberStart Game. CyberStart Game is much more about finding things out yourself. A useful tip if you are stuck is to search for help on Google. CyberStart Game has 3 'Bases': Headquarters where you get to take part in lots of varied challenges, Moon Base where you learn the basics of Python and Internet Tools that can be run in python e.g. FTP... You also learn how to use python to Brute Force password protected ZIP files and other securities. The Forensics Base is, well you can guess: Forensics. It teaches you about Cryptography and other hiding methods.

  • PyDev of the Week: Martin Uribe

    While taking some college courses I learned Java, but I didn’t like it much. I know enough of the following to get things done: HTML, CSS, JavaScript, Perl, SQL, and BASH. Python is my favorite; I use it pretty much every day even though my job doesn’t require me to code.

  • You can now hone your testing / pytest skills on our platform

    Writing test code is an essential skill. As PyBites we believe writing code is the only solution to becoming a master (Ninja) at programming. The same applies to test code. For that reason we extended our regular exercises with Test Bites. In this article you will read about the feature showcasing it on our first ever Test Bite. We also share some details around implementation and a challenge we hit getting it to work. Enjoy and start honing your testing skills today!

  • unu – Using Qt on embedded Linux

    Right from the start, unu wanted to add a stylish, first-class embedded high-res display to their second generation electric scooter. Like many top-class engineering companies, unu didn’t have in-house expertise for building a modern UI, so they decided to partner with KDAB to build a modern UI based on Qt. In this video you learn more about the development process in this project and why unu chose KDAB as a partner.

Google and fwupd sitting in a tree

I’ve been told by several sources (but not by Google directly, heh) that from Christmas onwards the “Designed for ChromeBook” sticker requires hardware vendors to use fwupd rather than random non-free binaries. This does make a lot of sense for Google, as all the firmware flash tools I’ve seen the source for are often decades old, contain layer-on-layers of abstractions, have dubious input sanitisation and are quite horrible to use. Many are setuid, which doesn’t make me sleep well at night, and I suspect the security team at Google also. Most vendor binaries are built for the specific ODM hardware device, and all of them but one doesn’t use any kind of source control or formal review process. The requirement from Google has caused mild panic among silicon suppliers and ODMs, as they’re having to actually interact with an open source upstream project and a slightly grumpy maintainer that wants to know lots of details about hardware that doesn’t implement one of the dozens of existing protocols that fwupd supports. These are companies that have never had to deal with working with “outside” people to develop software, and it probably comes as quite a shock to the system. To avoid repeating myself these are my basic rules when adding support for a device with a custom protocol in fwupd: I can give you advice on how to write the plugin if you give me the specifications without signing an NDA, and/or the existing code under a LGPLv2+ license. From experience, we’ll probably not end up using any of your old code in fwupd but the error defines and function names might be similar, and I don’t anyone to get “tainted” from looking at non-free code, so it’s safest all round if we have some reference code marked with the right license that actually compiles on Fedora 31. Yes, I know asking the legal team about releasing previously-nonfree code with a GPLish licence is difficult. Read more

Cumulus Networks unveils updates to its Linux OS and NetQ

Cumulus Networks announced on Monday that it has released Cumulus Linux 4.0, which is its network operating system (OS), and version 2.4 of its NetQ network operations toolset. Cumulus Networks' Partho Mishra, president and chief product officer, said Cumulus Linux 4.0 and NetQ 2.4 are key elements in the company's ongoing efforts to enable its customers' automation efforts across data centers and campus networks. "From a solutions standpoint, our focus has been on developing automation and the capabilities that our customers are going after to make their data centers run like an AWS or Google," Mishra said. "The biggest thing they focus on is automation and they've made big strides working with us and using their own resources." Read more

App Highlight: Flameshot for Taking and Editing Screenshots

A lot of users want to simply upload their screenshots directly to the cloud in order to easily share it with others. You can do that by syncing your saved files to a cloud storage solution and share them later. But, that’s quite a few steps to follow in order to share your screenshot, right? So, here, Flameshot lets you upload your image directly to Imgur with a single click. All you have to do is share the URL. Do note that these uploads will not be associated with your Imgur account (if you have one) and will be only accessible to the ones with the link. Read more