Language Selection

English French German Italian Portuguese Spanish

Misc

today's leftovers

Filed under
Misc
  • Kernel Electric-Fence: Linux 5.12 Merges KFence For Low-Overhead Memory Safety Feature

    Linus Torvalds just merged a set of patches that includes KFence. Short for the Kernel Electric Fence, KFence is a low-overhead memory safety error detector/validator that is suitable for use in production kernel builds.

    While there has long been KASAN as the Kernel Address Sanitizer for a dynamic memory error detector for discovering use-after-free and out-of-bounds bugs within the Linux kernel, KFence aims to provide a lower-overhead solution.

  • FOSS, Mentorship, and Doing Great Work

    Katherine Druckman and Doc Searls talk to Travis Carden and Petros Koutoupis about maintaining open source projects, mentoring contributors, Drupal, and automated testing.

  • Tailwind does not support pseudo-elements

    This week I came across another tricky part of Tailwind, pseudo-elements. But what if you want to use them?

    What are pseudo-elements anyway? Pseudo-elements are HTML elements that do not exist in the HTML markup at all. Such elements won’t be visible to the browser assistive technology, they can only be styled visually with CSS.

    It’s quite common to define the :before and :after pseudo-elements that style a non-existing element in position relative to the element at hand. People use it for typography or drawing to keep markup clean and tidy. A lot of times, they are used in code pens to showcase some advanced CSS.

  • Spidermonkey Development Blog: SpiderMonkey Newsletter 9 (Firefox 86-87)

    SpiderMonkey is the JavaScript engine used in Mozilla Firefox. This newsletter gives an overview of the JavaScript and WebAssembly work we’ve done as part of the Firefox 86 and 87 Nightly release cycles.

  • Patterns

    The biggest value in design patterns is that it gives us a common language for talking about software and how it’s organized. That’s why Alexander named one of his books A Pattern Language. We’ve all spent hours making diagrams on black- or white-boards to show how some software we’re writing is organized. Design patterns give a common vocabulary so that we can discuss software with some certainty that we all mean the same thing. I eventually realized that UML had the same aim: UML diagrams are like architectural blueprints, in which one kind of line represents a brick wall, another wood, another plasterboard. Unfortunately, UML was never quite standard enough, and like design patterns, was perceived as a good in itself. In the end, a common vocabulary (whether a pattern catalog or UML) is a tool, and any tool can be abused.

  • QtQuick3D instanced rendering

    Using this new instancing feature on my development machine, QtQuick3D can render one million cubes at 60 frames per second (FPS), using only 2% CPU time. The same scene recreated with the API in Qt 6.0, using Repeater3D to generate cubes, starts to struggle at ten thousand cubes: only managing 42 FPS and using 100% of the CPU.

  • Using the Display Posts plugin with WordPress and custom CSS

    My goal when I refactored the site (once again) using WordPress was to focus more on writing than fiddling. I mean, yes, this was a tiny bit fiddly, but I could have spent quite a bit of time trying to code this up myself. Especially since coding isn’t my thing.

    Instead, a few “off-the-shelf” open source bits and I’m in business.

  • EDB tries to crowbar graph, JSON, and time-series data models into PostgreSQL – but can they pull it off?

    EDB, a prominant backer of the PostgreSQL open-source database, expects to focus on graph, JSON, and time-series data in the upcoming autumn release. Analysts, however, are sceptical about its ability to optimise for different data models ahead of built for purpose databases.

    Last week, EDB announced a 59 per cent increase in annual recurring revenue, although being privately held it can pick and choose which financial metrics to release. Its team has grown by nearly half, to 300, however that is dwarfed by comparable open-source-supporting firms like Red Hat, with 13,000 employees.

  • 30 Years of Browsers: A Quick History [Ed: Mostly glosses over Microsoft crimes in that area, as might be expected from IDG]

    It didn’t take long for Internet Explorer (IE) to win over most internet users, but that did attract the attention of the US government, which brought antitrust charges against Microsoft for its practice of preventing computer manufacturers from uninstalling IE and installing other browsers. The case was finally settled in 2001, but IE had three more years of being the preeminent browser ahead of it, peaking at 95% of the market in 2003.

  • Michael Meeks: 2021-02-26 Friday

    Finally got around to posting my FOSDEM slides, first an update for the Collaboration dev-room on integrating

  • FOSDEM 2021: Building massive virtual communities in Matrix

    Matthew, the open source lead for the Matrix project, held a 48 minutes long lecture on Matrix, a open protocol communications system with encrypted chat, chatrooms and more, at FOSDEM 2021. The video is worth watching if you are curious to learn how Matrix works, what their future plans are for shared spaces and other features, and the practical use-cases it can solve for you and your organization.

  • New Affiliate Member Joins OSI: The TeX Users Group

    The TeX Users Group (TUG) is new to the OSI Affiliate program, but not new to the world. It's a membership-based not-for-profit that was founded in 1980 to encourage and expand the use of TeX, LaTeX, Metafont and related systems. TUG fosters innovation while maintaining the usability of these systems. TUG also supports users by hosting an annual event, maintaining a list of active local TeX user groups and publishing a regular journal called TUGboat three times a year.

    The OSI loves to let folks know about open source tools that they could be using like the TeX, LaTeX and Metafont systems for preparing documents. TUG is for anyone who uses the TeX typesetting system created by Donald Knuth and/or is interested in typography and font design. If you want to install TeX on your computer, please consult the resources mentioned on the TUG home page.

  • Release notes for the Genode OS Framework 21.02

    Genode 21.02 stays close to the plan laid out on our road map, featuring a healthy dose of optimizations, extends the framework's ARM SoC options, and introduces three longed-for new features.

    First, we extended our concept of pluggable device drivers to all network drivers, including Ethernet and Wifi. As reported in Section Pluggable network device drivers, such drivers can now gracefully be started, restarted, removed, and updated at runtime without disrupting network-application stacks.

    Second, the release features the infrastructure needed for mobile-data communication over LTE, which is a prerequisite for our ambition to use Genode on the Pinephone. Section LTE modem stack gives insights into the involved components and the architecture.

    Third, we are happy to feature the initial version of VirtualBox 6 for Genode. Section VirtualBox 6.1.14 gives an overview of the already supported feature set and the outlook to reach feature-parity to our version of VirtualBox 5 soon. Speaking of VirtualBox in general (both versions), we were able to significantly improve the USB-device pass-through abilities, specifically covering audio headsets.

    Further noteworthy improvements of the current release range from added VirtIO-block device support for virtual machines on ARM (Section VirtIO block devices for virtual machines on ARM), revived developments on RISC-V (Section RISC-V), over VFS support for named pipes (Section VFS support for named pipes), to streamlined tooling (Section Build system and tools).

  • Genode OS Framework 21.02 Adds LTE Data Support, More RISC-V Work

    Genode OS 21.02 is out as the latest feature release to this open-source operating system framework.

  • The Apache News Round-up: week ending 26 February 2021

    Farewell, February --we're wrapping up the month with another great week. Here are the latest updates on the Apache community's activities...

  • West: Post-Spectre web development

    Mike West has posted a detailed exploration of what is really required to protect sensitive information in web applications from speculative-execution exploits. "Spectre-like side-channel attacks inexorably lead to a model in which active web content (JavaScript, WASM, probably CSS if we tried hard enough, and so on) can read any and all data which has entered the address space of the process which hosts it. While this has deep implications for user agent implementations' internal hardening strategies (stack canaries, ASLR, etc), here we’ll remain focused on the core implication at the web platform level, which is both simple and profound: any data which flows into a process hosting a given origin is legible to that origin. We must design accordingly."

  • What Is the Shellshock Bug and Is It Still a Risk? [Ed: Borrowing old FUD to keep the scare. 2014 called. It wants is news back.]

    Like most security bugs, Shellshock took the internet by a storm in 2014 and compromised millions of accounts. This deadly bug originates from the Bash (Bourne Again Shell) which is the default command-line interface on all Linux, Unix, and Mac-based operating systems.

    The Shellshock vulnerability was first detected some 30 years ago but was not classified as an official and public threat until September of 2014. Even with the passage of time and numerous patches, this bug still remains a threat to enterprise security.

  • Five Tips For Life Sciences Companies To Protect Their AI Technologies [Ed: Some habitual copyleft FUD]

    Though they come in all shapes and flavors, open source licenses can generally be characterized into two groups: (1) permissive open source licenses, and (2) copyleft open source licenses. A permissive open source license (e.g., the MIT license) makes software code available for free to a user, but does not place significant restrictions on how the code must be used. Importantly, this means the user of code under a permissive open source license can combine the code with its own proprietary code and be under no obligation to disclose or license the combined code. Conversely, copyleft licenses (e.g., the General Public License (GPL)) also make software code available for free, but require that any modified code be licensed under the same terms. Therefore, if the copyleft licensed code is combined with proprietary code, the user may be required to make its proprietary code publicly available for free as well. Obviously, this is not a good outcome for a company desiring to keep its AI software secret. To avoid this negative outcome, companies should incorporate good hygiene around their use of open source software and implement policies and procedures to ensure that no source code is used that could jeopardize the secrecy of the company’s proprietary code.

today's leftovers

Filed under
Misc
  • Panel: A New Era of Open? COVID-19 and the Pursuit for Equitable Solutions

    In this panel, we’ll examine the fields of Open Data, Open Science, and Open Source Medical Hardware with leading experts and practitioners, asking questions like: “What does “open” mean in the COVID-19 context?” “What role can open access and the open community play in ensuring there is timely and equitable access to medical and scientific research outputs and data, vaccines and treatments?” “Can open science and open data help prevent the next pandemic?” “What legal tools should be used to expedite the manufacturing of vaccines?” “How can we balance individual privacy with the need to share information about genome variation and patterns of infection?”

  • WordPress Boots Pirated Themes and Plugins [Ed: "Pirated" is technically and legally the wrong term]

    WordPress issued a statement that pirated themes and plugins are prohibited from being distributed from the official repositories

    [...]

    WordPress.org announced that plugins and themes that are pirated versions of paid plugins and themes will be removed from the official WordPress repositories. The WordPress community debated if that approach violated the WordPress Open Source GPL license that allows derivative works to be distributed.

    The announcement itself affirmed that premium plugins are developed under the GPL that allows the creation of derivative works. But it also reserved the right to remove the plugins from the official plugin repository.

  • New Release: OnionShare 2.3

    This post was originally published on Micah Lee's blog.

    After a ridiculously long sixteen months (or roughly ten years in pandemic time) I'm excited to announce that OnionShare 2.3 is out! Download it from onionshare.org.

  • What is virtualisation? The basics

    Virtualisation plays a huge role in almost all of today’s fastest-growing software-based industries. It is the foundation for most cloud computing, the go-to methodology for cross-platform development, and has made its way all the way to ‘the edge’; the eponymous IoT. This article is the first in a series where we explain what virtualisation is and how it works. Here, we start with the broad strokes. Anything that goes beyond the scope of a 101 article will be covered in subsequent blog posts. Let’s get into it.

    [...]

    Snaps are containerised software packages that focus on being singular application containers. Where LXC could be seen as a machine container, Docker as a process container, snaps can be seen as application containers. Snaps package code and dependencies in a similar way to containers to keep the application content isolated and immutable. They have a writable area that is separated from the rest of the system, but are visible to the host via user application-defined interfaces and behave more like traditional Debian apt packages.

    Snaps are designed for when you want to deploy to a single machine. Applications are built and packaged as snaps using a tool called snapcraft that incorporates different container technologies to create a secure and easy-to-update way to package applications for workstations or for fleets of IoT devices. There are a few ways to develop snaps. Developers can configure snap to even run unconfined while they put it together and containerise everything later when pushing to production. Read more about the different way snaps can be configured in another article.

  • Full Circle Magazine #166

    This month:
    * Command & Conquer : LMMS
    * How-To : Python, Podcast Production, and Make a Budget
    * Graphics : Inkscape

    [...]

  • resolvd(8) - daemon to handle nameserver configuration

    From manual page description (at the time of writing):

    resolvd handles the contents of /etc/resolv.conf, which contains details of the system's DNS nameservers, and is read by the resolver routines in the C library.

    resolvd checks whether unwind(8) is running and monitors the routing socket for proposals sent by dhclient(8), slaacd(8), or network devices which learn DNS information such as umb(4).

  • February 2021 Web Server Survey

    Apache also holds a more significant lead in terms of Netcraft’s active sites metric, which favours sites with unique content. Apache serves 25.5% of active sites, whereas nginx serves 19.8%. Google accounts for a reasonably large 9.9% share of active sites, owing to its popular Blogger service.

    Microsoft’s server software market share remains in decline. Microsoft’s figures took a significant drop in 2020 in favour of OpenResty, and Microsoft now only has 6.5% (-1.0pp) of the site market and 6.0% (-0.3pp) of domains as of February 2021. OpenResty also looks set to overtake Microsoft as the third largest vendor in terms of sites and active sites.

  • #MonthOfMaking is back in The MagPi 103!
  • The Rise & Rise Of Linux Foundation

    Open Source Development Labs and Free Standards Group merged to form the Linux Foundation at the turn of the millennium.

  • Bundling for the Web

    One set of touted advantages for bundling relate to performance and efficiency. Today, we have a better understanding of the ways in which performance is affected by resource composition, so this has been narrowed down to two primary features: compression efficiency and reduced overheads.

    Compression efficiency can be dramatically improved if similar resources are bundled together. This is because the larger shared context results in more repetition and gives a compressor more opportunities to find and exploit similarities.

    Bundling is not the only way to achieve this. Alternative methods of attaining compression gains have been explored, such as SDCH and cross-stream compression contexts for HTTP/2. Prototypes of the latter showed immense improvements in compression efficiency and corresponding performance gains. However, general solutions like these have not been successful in find ways to manage operational security concerns.

    Bundling could also reduce overheads. While HTTP/2 and HTTP/3 reduce the cost of making requests, those costs still compound when multiple resources are involved. The claim here is that internal handling of individual requests in browsers has inefficiencies that are hard to eliminate without some form of bundling.

    I find it curious that protocol-level inefficiencies are not blamed here, but rather inter-process communication between internal browser processes. Not having examined this closely, I can’t really speak to these claims, but they are quite credible.

    What I do know is that performance in this space is subtle. When we were building HTTP/2, we found that performance was highly sensitive to the number of requests that could be made by clients in the first few round trips of a connection. The way that networking protocols work means that there is very limited space for sending anything early in a connection[2]. The main motivation for HTTP header compression was that it allowed significantly more requests to be made early in a connection. By reducing request counts, bundling might do the same.

  • Digital Restrictions (DRM) Screws People Yet Again: Book DRM Data Breach Exposes Reporters' Emails And Passwords

    I have a few different services that report to me if my email is found in various data breaches, and recently I was notified that multiple email addresses of mine showed up in a leak of the service NetGalley. NetGalley, if you don't know, is a DRM service for books, that is regularly used by authors and publishers to send out "advance reader" copies (known around the publishing industry as "galleys.") The service has always been ridiculously pointless and silly. It's a complete overreaction to the "risk" of digital copies of a book getting loose -- especially from the people who are being sent advance reader copies (generally journalists or industry professionals). I can't recall ever actually creating an account on the service (and can't find any emails indicating that I had -- but apparently I must have). However, in searching through old emails, I do see that various publishers would send me advance copies via NetGalley -- though I don't think I ever read any through the service (the one time I can see that I wanted to read such a book, after getting sent a NetGalley link, I told the author that it was too much trouble and they sent me a PDF instead, telling me not to tell the publisher who insisted on using NetGalley).

Free Software Leftovers

Filed under
Misc
  • From Clean & Green Mockup to OpenBSD cwm(1) desktop

    If the words CGA or Hercules raise sweet memories from your far away youth, the Mockup Clean & Green from u/awareofdistractions may hit you right in the heart. And if you like it so much, it may be used for real-life desktop environment using OpenBSD stock and ports material.

  • Learning more about our users

    At the Tor Project we practice user-centered design. This means we put our users at the heart of our development process, making a conscious effort to understand the contexts in which people use our tools and paying particular attention to the bumps they encounter along the way.

    Many digital product companies rely heavily on data gathered from invasive tracking scripts to better understand their users’ behavior, further fueling the surveillance economy. However that’s not how we do things at Tor – instead, we aim to conduct research that respects the basic principles of privacy and consent.

  • New Release: Tor Browser 10.5a11

    Tor Browser 10.5a11 is now available from the Tor Browser Alpha download page and also from our distribution directory.

    Note: This is an alpha release, an experimental version for users who want to help us test new features. For everyone else, we recommend downloading the latest stable release instead.

  • FSFE20 +++ IloveFS +++ Job vacancy

    In our February Newsletter, we interview our founding president Georg Greve as part of our publication series to celebrate 20 Years FSFE, we reflect on I love Free Software Day and our FOSDEM participation, we advertise our new job vacancy and as usual we report on our diverse community activities.

  • Keeping platforms open

    My previous article, Whatsapp and the domestication of users, got more attention than I was expecting. Some responses gave me a lot to think about,1 especially regarding actions we can take. I suggest reading that article first; it explained what “user domestication” is and why it’s a problem. It enumerated three countermeasures: FOSS, simplicity, and open platforms.

    Hard problems, by definition, lack easy solutions. Simply choosing (or creating) a platform that avoids user domestication isn’t enough if that platform can change. The price of freedom is eternal vigilance; in addition to settling on the right platform, we must ensure that it honors its users in both the present and the future. Keeping a platform FOSS and simple is more straightforward2 than keeping a platform “open”.

    How do we keep an open platform from becoming a closed platform in the future?

today's leftovers

Filed under
Misc

     

  • Tempted But the Truth is Discovered | LINUX Unplugged 394

    After all these years, what's made us stick with Linux?

    Plus the commitment just made by the GNOME team, and some new tools that are changing our game.

  •   

  • mintCast 355 – Deferred Update

    First up, in our Wanderings, Mike shreds a new axe, I’m more and more impressed by Proton, Joe has frozen joints, Moss is going to be rich someday, Tony Hughes gets immunities, and Josh panics with a crowbar. 

    Then, in the News, so much controversy, Linux on Mars, VLC on the moon, Mint and mintCast make the cut, and more

  • Tetrate Says Its Istio Distribution Is Easier to Use Than the Upstream Version

    The startup, one of Istio's top contributors, has also launched an online community for Istio and Envoy enthusiasts to surface problems, brainstorm solutions.

  •  

  • New service: https://debuginfod.debian.net

    Hello there,

    I would like to announce a new service that I have just configured for
    Debian: https://debuginfod.debian.net.

    debuginfod is a new-ish project whose purpose is to serve
    ELF/DWARF/source-code information over HTTP.  It is developed under the
    elfutils umbrella.  You can find more information about it here:

      https://sourceware.org/elfutils/Debuginfod.html

    In a nutshell, by using a debuginfod service you will not need to
    install debuginfo (a.k.a. dbgsym) files anymore; the symbols will be
    served to GDB (or any other debuginfo consumer that supports debuginfod)
    over the network.  Ultimately, this makes the debugging experience much
    smoother (I myself never remember the full URL of our debuginfo
    repository when I need it).

    If you would like to use the service, and if the service supports the
    Debian distribution you are using (see below), all you have to do is
    make sure that the following environment variable is set in your shell:

      DEBUGINFOD_URLS="https://debuginfod.debian.net";

    Currently, the elfutils and GDB packages in unstable and testing have
    native support for using debuginfod.  I will soon propose a change to
    the elfutils package in order to make it be configured with our
    debuginfod instance by default, so that users will be able to use the
    service transparently.

    For now, debuginfod.debian.net is serving debug information symbols for
    the following Debian distributions:

      - unstable

      - testing
      - testing-proposed-updates

      - stable
      - stable-backports
      - proposed-updates

    In the near future I intend to expand this list and include the
    debuginfo stored at snapshot.debian.org as well.

    Setting up a debuginfod service for Debian has been on my TODO list for
    some time now, and I finally got enough time & resources to do it.  I
    would like to thank a few people for their feedback and help:

      - Héctor Orón (zumbi)
      - Jonathan Carter (highvoltage)
      - Paul Wise (pabs)

    Last, but not least, you can find a wiki page about our service here:

      https://wiki.debian.org/Debuginfod

    Thanks,

  • Debian Launches A Debuginfod Server For Smoother Debugging Experience

    Debian is the latest major Linux distribution deploying a Debuginfod web server so that ELF/DWARF/source-code information can be supplied via HTTP to clients on-demand when debugging. 

    Introduced last year was Debuginfod with GNU Binutils 2.34 for distributing debugging information / source code on demand. Readelf and objdump utilities can query connected Debuginfod servers for source files / data based on a build ID. Debuginfod support was later integrated into the GNU Debugger too (GDB 10.1). The effort was led by Red Hat engineers while now Debian is getting in on this practical feature too. 

  •  

  • Introducing veb(4) - a new Virtual Ethernet Bridge

                     

                       

    In this commit, David Gwynne (dlg@) adds a new veb(4) driver to the tree. David's goal is to replace the old bridge(4) driver: [...]

  •                

     

  • GNU poke 0.91 pre-released in alpha.gnu.org

    GNU poke (http://www.jemarch.net/poke) is an interactive, extensible editor for binary data.  Not limited to editing basic entities such as bits and bytes, it provides a full-fledged procedural, interactive programming language designed to describe data structures and to operate on them. 

  • Null MX - We do not accept email here!

    By creating a NULL MX RECORD for a domain name which isn't meant to receive email, the domain will clearly state that it doesn't accept any email, period. Anyone attempting to send email to that domain will then immediately received a notification saying you cannot send email to that domain.

  • RFC7505 Means Yes, Your Domain Can Refuse to Handle Mail. Please Leave Us a TXT If You Do.

    If you do not want a domain to receive any mail, there is a way to be at last somewhat civil about it. There's a different DNS trick for that.

DRM Chaos

Filed under
Misc
  • Google Disbands Stadia Game Developers And Signals Potential For More Trouble Ahead

    It's no secret that in the year and a half since Google launched its video game streaming platform, Stadia, things haven't gone particularly well. Game developers were wary at the onset that Google, as it has with projects like this in the past, might simply one day shut the whole thing down if it thinks the venture is a loser. The launch of Stadia itself was mostly met with meager interest, due to scant games available on the platform. Even then, the rollout was a mix of chaos and glitch, critiques of its promise for true 4k game streaming, very low adoption rates, and some at the company appearing to want to go to war with game-streamers.

  • John Deere Promised To Back Off Monopolizing Repair. It Then Ignored That Promise Completely.

    Five years or so ago, frustration at John Deere's draconian tractor DRM helped birth a grassroots tech movement dubbed "right to repair." The company's crackdown on "unauthorized repairs" turned countless ordinary citizens into technology policy activists, after DRM (and the company's EULA) prohibited the lion's share of repair or modification of tractors customers thought they owned. These restrictions only worked to drive up costs for owners, who faced either paying significantly more money for "authorized" repair (which for many owners involved hauling their tractors hundreds of unnecessary miles), or toying around with pirated firmware just to ensure the products they owned actually worked.

  • Spotify CEO Daniel Ek explains how the company plans to help artists (and itself) make money

    During the 90-minute event, the company rattled through a series of announcements. It detailed a slew of new podcasts, including one featuring former President Barack Obama and rockstar Bruce Springsteen as co-hosts, as well as a full universe of DC Comics programming. It debuted an expanded podcast ad marketplace, bolstered by its Megaphone acquisition and Streaming Ad Insertion technology, along with a Hi-Fi subscription tier. And it teased new tools for podcasters to engage with their audiences and make money through subscriptions. Spotify obviously intends to make podcasting a real revenue driver.

    But none of the announcements were groundbreaking for people in the industry. If anything, they demonstrated how far Spotify has yet to go. Crucially, Spotify announced that 7,500 musicians are making at least $100,000 per year through its platform, which isn’t much considering the service is available in 93 markets. Now, Spotify is trying to make the same pitch to podcasters as it did to musicians — that they’re all on the same side and share the same goals.

Free Software and Other Leftovers

Filed under
Misc
  • WordPress 5.7 Release Candidate

    The first release candidate for WordPress 5.7 is now available!

    Please join us in celebrating this very important milestone in the community’s progress towards the final release!

    “Release Candidate” means that the new version is ready for release, but with millions of users and thousands of plugins and themes, it’s possible something was missed. WordPress 5.7 is slated for release on March 9, 2021, but your help is needed to get there—if you haven’t tried 5.7 yet, now is the time!

  • The Apache® Software Foundation Sustains its Mission of Providing Software for the Public Good through Corporate Sponsorships and Charitable Giving

    The ASF is the world's largest Open Source foundation. Apache software projects are integral to nearly every end-user computing device, benefit billions of users worldwide, with Web requests received from every Internet-connected country on the planet. Valued conservatively at more than $22B, Apache Open Source software is available to the public-at-large at 100% no cost. No payment of any kind is ever required to use, contribute to, or otherwise participate in Apache projects. The ASF depends on tax-deductible Sponsorships and donations to offset its operations expenses that include infrastructure, marketing and publicity, accounting, and legal services.

    "We are proud of our Sponsors, whose generous support helps our volunteer community continue to develop essential software that keeps the world running," said Daniel Ruggeri, ASF Vice President of Fundraising. "ASF Sponsorship allows us to make great strides towards developing and improving our projects, enriching our communities, educating and mentoring newcomers, and encouraging and facilitating participation by under-represented groups. Fiscal support today secures the groundwork to ensure future Apache benefits can be shared by all."

  • Nextcloud Hub 21 Comes With New Collaboration Features

    Nextcloud has announced immediate availability of Nextcloud Hub 21, adding performance improvement and important new collaboration features in Text, Talk, Groupware and Files.

    According to the company, the new High Performance Back-end for Files in particular reduces server load from desktop clients and web interface polling by 90% while delivering instant notifications and file changes to users.

    Optimizations to app loading and database queries as well as a range of specific scenarios like the usage of Text, Object storage, LDAP group handling and more deliver up to twice more responsive user experience.

  • KubeEdge: Reliable Connectivity Between The Cloud & Edge
  • SBC Enclosure Ready! Model 100 Appears on Kickstarter

    Looking to do more with your Raspberry Pi? That may be one of the best factors of single-board computers: the possibilities seem endless. And those possibilities are growing. The Ready! Model 100, an SBC enclosure, is making an appearance on Kickstarter.

today's leftovers

Filed under
Misc
  • Dima Kogan: feedgnuplot: labelled bar charts and a guide

    I just released feedgnuplot 1.57, which includes two new pieces that I've long thought about adding...

    [...]

    I've thought about adding these for a while, but had no specific need for them. Finally, somebody asked for it, and I wrote the code. Now that I can, I will probably use these all the time. The new capability can override the usual numerical tic labels on the x axis, and instead use text from a column in the data stream.

  • libredwg-0.12.2 released
  • Nextcloud 21 arrives with ten times better performance | ZDNet

    I've been using and recommending Nextcloud as a great open-source, private Infrastructure-as-a-Service (IaaS) cloud for years now. I run it myself both on a server in my office and on my TMDHosting remote server. Besides just providing a great cloud-based file server, Nextcloud has been adding more features. These include built-in video-conferencing and group meeting services. Nextcloud Talk and Software-as-a-Service (SaaS) version of the LibreOffice office suite, Collabora, and integration with third-party services such as Microsoft Teams, Slack, Jira, GitHub, and Twitter. Now, returning to basics, the latest version, Nextcloud 21, features a new, optional Rust-based high-performance backend for files, which reduces server load from desktop clients and web interface polling by 90% while delivering instant notifications and file changes to users.

  • Closing the digital divide with Raspberry Pi computers
  • Port of the week: catgirl irc client

    Catgirl has the following features: tab completion, split scrolling, URL detection, nick coloring, ignores filter. On the other hand, it doesn't support non-TLS networks, CCTP, multi networks or dynamic configuration. If you want to use catgirl with multiples networks, you have to run it once per network.

    Catgirl will be available as a package in OpenBSD starting with version 6.9.

  • Valheim tops 500,000 simultaneous players, beating four more records

    Valheim is on a trajectory like nothing we’ve ever seen. The Viking-themed indie survival game has been shooting up the Steam charts, selling 3 million copies in an unheard-of 17 days. And people aren’t just buying it on a whim; they’re actively playing it, too. On Sunday, the game reached 500,000 simultaneous players, according to SteamDB, leaving the charred remains of four other all-time Steam player count records in its wake.

  • Moving from an RTOS to Linux? (Practical Insights Nobody's Telling You) [Ed: Mostly FUD from Siemens]
  • Review of Three Hyperledger Tools – Caliper, Cello and Avalon

    In our previous article (Review of Five popular Hyperledger DLTs- Fabric, Besu, Sawtooth, Iroha and Indy), we discussed the following Hyperledger Distributed Ledger Technologies (DLTs).

  • Google Fires AI Ethics Lead Margaret Mitchell

    Close on the heels of the departure of its AI ethics researcher Timnit Gebru, Google has now fired Margaret Mitchell, the founder and former co-lead of the company’s ethical AI team.

    Mitchell announced the news on Twitter.

    Both Gebru and Mitchell had called for more diversity and inclusion among research staff. “Firing [Gebru] created a domino effect of trauma for me and the rest of the team, and I believe we are being increasingly punished for that trauma,” Mitchell tweeted on the same day.

today's leftovers

Filed under
Misc
  • Containers

    I was using a container for a bioinformatics tool released two weeks ago, but my shell script wrapping the tools could not run because the container was built around an old version of Debian (Jessie) that was released in 2015. I was asked to use a container for bioinformatics, based on conda, and found one that distributes coreutils, but it did not include a real version of sed. I try Debian's docker image. No luck; it does not contain ps, which my workflow manager needs.

  • Resilient sysadmin: 5 tips for success in a remote work environment | Enable Sysadmin

    I'm sitting here one month into 2021 and I was thinking about the challenges that we faced in 2020 and how resilient the tech industry has been. The industry is nothing without the people who do the work. So that got me thinking, "How are people doing?"

    Many of us were thrust into 100 percent remote roles recently and that's created its fair share of challenges. However, the switch was anything but negative. There were also some amazing benefits to employee work/life balance, as well as an increase in efficiency (no commute times) for many. Even subtle changes, like improved inclusion of our normally-remote coworkers and time for health and fitness, were added bonuses.

  • Sandia Labs Develops Open User Quantum Testbed

    Sandia Labs has also developed the Jaqal (or Just Another Quantum Assembly Language) programming language, which is used to specify programs executed on QSCOUT. According to Andrew Landahl, QSCOUT software team lead, Jaqal “forces the quantum computer to do exactly what you want, exactly when you want it. Or to put it another way, a language for micro-managing control freaks.”

    This specification document provides a summary of QSCOUT 1.0 capabilities, example Jaqal programs, and plans for possible future extensions.

  • Codes of Conduct: The Devil’s in the Details [Ed: Can we also have "Codes of Conduct" to exclude corporations that profit from bombing people?]

    Once such codes are implemented, organizations must also be prepared to enforce them – not simply have them be aspirational. If they are only in the latter category, Neugebauer suggests they be revamped.

    They should also be transparent. For example, in 2019, PyCon published a Code of Conduct Transparency Report stating that staff were made aware of 11 incidents of behavior not consistent with its standards. They included unwelcome sexual attention or advancement and incidents related to inappropriate content and privacy. Some of the incidents were resolved during the conference, one after the conference ended, and one was still awaiting resolution.

    “The idea of doing regular transparency reports is not something I saw five years ago,’’ Neugebauer says, adding that he’s not sure what to attribute this to. “Now they’re at the leading edge of best practices.”

    He adds that “you’d want the code of conduct to affect those people because you’ll run into them at the conference … someone might not be a drunken terrible person during business hours but that doesn’t make their behavior appropriate the night before.’’

  • Take-Two Interactive hit the DMCA nuke on GTA III and Vice City reverse engineered effort

    It was only recently that we picked up the news of both GTA III and Vice City getting a fully working reverse engineered game engine, along with plenty of upgrades. Sadly, and expectedly, it got nuked from orbit.

    Even though it required you to own the game assets, so you would have needed to purchase a copy of either to use the re3 and reVC game reimplementations that wasn't enough to satisfy Take-Two Interactive Software, Inc., the parent company of Rockstar Games. They've now given it the DMCA treatment, with the main repository and all known forks at the time to be taken offline on GitHub.

today's leftovers

Filed under
Misc

  • The linux.conf.au 2021 Online Experience

    linux.conf.au has been running now for more than two decades, and I’ve been attending since 2008, but 2021 turned out to be a little bit different, thanks to COVID-19. The conference was originally going to be held in Canberra, but that’s been shifted out to 2022, with 2021 being run as an online event from January 23-25.
    As Angela Ashton mentioned in her post last month, SUSE sponsored the conference again, and William Brown, Lana Brindley and myself presented talks. The videos are now available thanks to the excellent folks at Next Day Video:

  • A friendly guide to the syntax of C++ method pointers

    If you're looking for performance, complexity, or many possible solutions to solve a problem, C ++ is always a good candidate when it comes to extremes. Of course, functionality usually comes with complexity, but some C++ peculiarities are almost illegible. From my point of view, C++ method pointers may be the most complex expressions I've ever come across, but I'll start with something simpler.

    [...]

    Methods pointers can get a bit complicated if you're not familiar with them. I did a lot of trial and error, and it took time to find the correct syntax. However, once you understand the general principle, method pointers become less terrifying.

    This is the most complex syntax I have found in C++ so far. Do you know something even worse? Post it in the comments!

  • UGC Asks Universities To Raise Awareness About Cybersecurity [iophk: Windows TCO]

    The Union Education Ministry had earlier asked the UGC to develop an ecosystem for cyber security in the Indian educational institutions’ cyber space. It further asked to give publicity to the MHA cybersecurity Twitter handle @cyberdost, share link of the ‘National Cyber Crime Reporting Portal’ that is cybercrime.gov.in, prepare a handbook on cyber hygiene in vernacular languages for the students across colleges and universities and provide hands-on training to both graduate and post graduate students to deal with any instance of cyber crime.

    The curriculum will have to include certain courses on cyber-security to make the students of all the streams aware about the given theme.

  • Mac malware for new and old machines found, payload a mystery

                     

                       

    Hurd and Killam said they had found two versions of the malware: one which was only an Intel x86_64 binary, while the second contained binaries both x86_64 and the M1 ARM64 platform; all files were in the PKG format.

today's leftovers

Filed under
Misc

  • Tokyo area Debian meeting Feb, 2021 was held on online

    I gave a short presentation - WAF on Debian.

    Especially, I talked about usage of ModSecurity-nginx.

  • Louis-Philippe Véronneau: dput-ng or: How I Learned to Stop Worrying and Love the Hooks

    As my contributions to Debian continue to grow in number, I find myself uploading to the archive more and more often.

    Although I'm pretty happy with my current sbuild-based workflow, twice in the past few weeks I inadvertently made a binary upload instead of a source-only one.1

    As it turns out, I am not the only DD who has had this problem before. As Nicolas Dandrimont kindly pointed to me, dput-ng supports pre and post upload hooks that can be used to lint your uploads. Even better, it also ships with a check-debs hook that lets you block binary uploads.

  •  

  • Tantek Çelik: Life Happens: Towards Community Support For Prioritizing Life Events And Mutual Care, Starting With The #IndieWeb

    A couple of weeks ago I noticed one of our newer IndieWeb community participants found an example on the IndieWeb wiki that no longer worked, and it was from someone who hasn’t been around for a while.

    [...]

    When these things happen, as a community, I feel we should respond with kindness, support, and understanding when someone steps back from community participation or projects. We should not shame or guilt them in any way, and ideally act in such a way that welcomes their return whenever they are able to do so.

    Many projects (especially open source software) often talk about their “bus factor” (or more positively worded “lottery factor”). However that framing focuses on the robustness of the project (or company) rather than those contributing to it. Right there in IndieWeb’s motto is an encouragement to reframe: be a “people-focused alternative to the corporate […]”.

    The point of “life happens” is to decenter the corporation or project when it comes to such matters, and instead focus on the good of the people in the community. Resiliency of humanity over resiliency of any particular project or organization.

    Adopting such values and practices explicitly is more robust than depending on accidental good faith or informal cultural support. Such emotional care should be the clearly written default, rather than something everyone has to notice and figure out on their own. I want to encourage more mutual care-taking as a form of community-based resiliency, and make it less work for folks experiencing “life happens” moments. Through such care, I believe you get actually sustainable community resiliency, without having to sacrifice or burn people out.

  • Mocha tests in Collabora Online

    We have many data structure classes in Collabora Online. Most of them are complex enough to warrant unit tests for their correctness. We already have cypress tests in Online which does integration testing, but we need unit tests for the internal data structure classes too. Mocha testing framework is a good match for this. With this we can do asserts via its BDD interface. In fact we could use any assertion library like Chai or Expect.js. You can now add Mocha tests in Online to test its any existing typescript classes or functions.

  • Free Software development for the public administration

    On 17 February I participated in a panel discussion about opportunities, hurdles with and incentives for Free Software in the public administration. The panel was part of the event "digital state online", focusing on topics like digital administration, digital society and digital sovereignty. Patron of the event is the German Federal Chancellor's Office. Here a quick summary of the points I made and some quick thoughts about the discussion.

    The "Behördenspiegel" meanwhile published the recordings of the discussion moderated by Benjamin Stiebel (Editor, Behörden Spiegel) with Dr. Hartmut Schubert (State Secretary, Thuringian Ministry of Finance), Reiner Bamberger (developer at Higher Administrative Court of Rhineland-Palatinate), Dr. Matthias Stürmer (University of Bern), and myself (as always you can use youtube-dl).

    [...]

    I also plead for a different error culture in the public administration. Experimentation clauses would allow to be test innovative approaches without every bad feedback immediately suggesting that a project has to be stopped. We should think about how to incentivize the sharing and reuse of Free Software. For example if public administrations document good solutions and support others in benefiting from those solutions as well could they get a budget bonus for that for future projects? Could we provide smaller budgets which can be more flexible used to experiment with Free Software, e.g. by providing small payments to Free Software offers even if they do not yet meet all the criteria to use it productively for the tasks envisioned.

    One point we also briefly talked about was centralization vs decentralization. We have to be careful that "IT consolidation" efforts do not lead to a situation of more monopolies and more centralization of powers. For Germany, I argued that the bundling of IT services and expertise in some authorities should not go that far that federal states like Thuringia or other levels and parts of government lose their sovereignty and are dependent on a service centre controlled by the federal government or another part of the state. Free Software provides the advantage that for example the federal state of Bavaria can offer a software solution for other federal states. But if they abuse their power over this technology, other federal states like Thuringa could decide to host the Free Software solution themselves, and contract a company to make modifications, so they can have it their way. The same applies for other mechanisms for distribution of power like the separation between a legislature, an executive, and a judiciary. All of them have to make sure their sovereignty is not impacted by technology - neither by companies (as more often discussed) nor by other branches of government. For a democracy in the 21st century such a technological distribution of power is crucial.

  • Video: AlmaLinux Beta Release Webinar
Syndicate content

More in Tux Machines

Documentation Improvements in KDE

Doxyqml, our documentation bridge between QML and doxygen, got various improvements, thanks to Olaf Mandel and Lasse Lopperi. Now QML enums are supported and the lexer/parser got various bug fixes. Speaking of QML documentation, the Kirigami API documentation was improved and now uses more correctly @inherit tags and @property tags. There is still room for improvements, but the current state is already a lot better. Most Components are now showing all their properties correctly and the type of the property is correct. (kirigami!239) Another improvement is that the generated Kirigami documentation now shows more accurate names: e.g. Kirigami.Page instead of org::kde::kirigami::Page. This makes it easier to read and navigate the documentation. There was also a bit of background work inside KApiDox, Jannet added support for QDoc, allowing to use QDoc as an alternative to Doxygen. This might be a better solution for generating documentation for projects with a lot of QML. Read more Also: MJ Inventory Released

today's howtos

  • What is Automation and Configuration Management with CHEF – Part 1

    Configuration Management is the key focus point of DevOps practice. In the Software development cycle, all the servers should be software-configured and maintained well in such a way that they should not make any break in the development cycle. Bad configuration Management can make system outages, leaks, and data breaches. Using Configuration Management tools is about facilitating accuracy, efficiency, and speed in the DevOps-driven environment. There are two models of configuration Management tools – PUSH-based & PULL-based. In the PUSH-based, the Master server pushes the configuration code to the servers wherein PULL-based individual servers contact the Master for getting configuration code. PUPPET and CHEF are widely used PULL-based models, ANSIBLE is a popular PUSH-based model. In this article, we will see about CHEF.

  • How to Install XWiki on Ubuntu 20.04

    XWiki is a free and open-source Wiki Software platform written in Java. It runs on servlet containers like Tomcat and uses a database such as MySQL to store information.

  • How To Install Zoom on Manjaro 20 - idroot

    In this tutorial, we will show you how to install Zoom on Manjaro 20. For those of you who didn’t know, Zoom is the leader in modern enterprise video communications, with an easy, reliable cloud platform for video and audio conferencing, chat, and webinars across mobile, desktop, and room systems. It is commonly used in education sectors, in workplaces for communication with clients and colleagues, teleconferencing, and even for social relations. This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Zoom on a Manjaro 20 (Nibia).

  • Starting LaTeX on Ubuntu with the User Friendly Gummi

    Academics people and alike tend to love documents written with LaTeX -- one of the best text creation systems you can run on computer. The benefit is, the resulting document is truly beautiful. To start making LaTeX document on Ubuntu, you can start with the user friendly application, Gummi, which features preview. This short tutorial includes examples for basic texting and several math formulas. Now let's learn!

What is GNU/Linux Copypasta?

I’d just like to interject for a moment. What you’re refering to as Linux, is in fact, GNU/Linux, or as I’ve recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX. Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called Linux, and many of its users are not aware that it is basically the GNU system, developed by the GNU Project. There really is a Linux, and these people are using it, but it is just a part of the system they use. Linux is the kernel: the program in the system that allocates the machine’s resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called Linux distributions are really distributions of GNU/Linux! Read more

Ben Widawsky: Framebuffer Modifiers Part 1

In a now pretty well established tradition on my part, I am posting on things I no longer work on! I gave a talk on modifiers at XDC 2017 and Linux Plumbers 2017 audio only. It was always my goal to have a blog post accompany the work. Relatively shortly after the talks, I ended up leaving graphics and so it dropped on the priority list. I'm splitting this up into two posts. This post will go over the problem, and solutions. The next post will go over the implementation details. Read more