Language Selection

English French German Italian Portuguese Spanish

Misc

today's leftovers

Filed under
Misc
  • Netrunner 19.08 Indigo overview | welcome to Netrunner

    In this video, I am going to show an overview of Netrunner 19.08 Indigo and some of the applications pre-installed.

  • How to use the LXD Proxy Device to map ports between the host and the containers

    LXD supports proxy devices, which is a way to proxy connections between the host and containers. This includes TCP, UDP and Unix socket connections, in any combination between each other, in any direction. For example, when someone connects to your host on port 80 (http), then this connection can be proxied to a container using a proxy device. In that way, you can isolate your Web server into a LXD container. By using a TCP proxy device, you do not need to use iptables instead.

    There are 3³=9 combinations for connections between TCP, UDP and Unix sockets, as follows. Yes, you can proxy, for example, a TCP connection to a Unix socket!

  • Management of snaps in a controlled, enterprise environment

    Few enterprises want all their computing devices to be fully exposed to the internet. In an environment of ever-growing security threats, isolating internal networks from the wider internet is not simply best practice, but borderline essential.

    However, with all the benefits that restricted networks provide, it can pose challenges for enterprises who are looking to take advantage of certain technologies. One of these is the automatic update feature of snaps which enable a low-friction process and a fast release cadence. If an enterprise has a restricted network, then this will prevent snaps being able to automatically update due to the necessity for an external internet connection and potentially upsetting change management policies.

  • Dominique Leuenberger: openSUSE Tumbleweed – Review of the week 2019/3

    Seems we’re settling at 3 snapshots per week. It seems to be pretty hard at the moment to get stagings fully built and tested (build are constrained by only few workers able to build e.g. Firefox, and since Leap started the dev cycle, the load on OBS and those few workers massively increased). So, 3 snapshots, or roughly one every other day, does not sound so bad overall. During this week, we released  0829, 0902 and 0904.

  • Improved Common Agricultural Policy compliance with publicly available and user-generated data

    The open source RECAP platform is currently available under the GNU General Public License. The remote sensing components are also market-ready. Both can be hosted either on project partners' servers or on the client's own servers.

today's howtos and leftovers

Filed under
Misc
HowTos
  • Condres 19.09 Cinnamon Run Through

    In this video, we are looking at Condres 19.09, the Cinnamon edition.

  • Overview Of The Lightweight Linux Operating Systems
  • How to open source your academic work in 7 steps
  • How to change the color of your Linux terminal
  • How to Setup MySQL Master-Slave Replication on Ubuntu 18.04
  • Introduction to monitoring with Pandora FMS
  • Performing storage management tasks in Cockpit
  • Semantic Placement in Augmented Reality using MrEd

    In this article we’re going to take a brief look at how we may want to think about placement of objects in Augmented Reality.

    Designers often express ideas in a domain appropriate language. For example a designer may say “place that chair on the floor” or “hang that photo at eye level on the wall”.

    However when we finalize a virtual scene in 3d we often keep only the literal or absolute XYZ position of elements and throw out the original intent - the deeper reason why an object ended up in a certain position.

    It turns out that it’s worth keeping the intention - so that when AR scenes are re-created for new participants or in new physical locations that the scenes still “work” - that they still are satisfying experiences - even if some aspects change.

    In a sense this recognizes the Japanese term 'Wabi-Sabi'; that aesthetic placement is always imperfect and contends between fickle forces. Describing placement in terms of semantic intent is also similar to responsive design on the web or the idea of design patterns as described by Christopher Alexander.

  • ArangoDB: Three Databases in One

    ArangoDB, a German database expanding its business in the United States, has released new capabilities in version 3.5 of its eponymous database management software to make it easier to query and search growing data sets across multiple data models.

    Multimodel databases take on the issue of effectively using data stored in different ways, but also of managing multiple databases, each with its own storage and operational requirements, including data consistency.

    With ArangoDB, data can be stored as key-value pairs, graphs or documents and accessed with one declarative query language. And you can do both at the same time — a document query and a graph query. The combination offers flexibility and performance advantages, explained Claudius Weinberger, CEO.

  • Open Source Is Poised To Have A Greater Impact On Security [iophk: marketeering]

    Falco, another open source security project, is a native runtime protection/detection tool for hosts and containers. It lives right in the container environment and can ascertain everything going on by watching system calls, obviating the need for agents in each container. It also provides rich out-of-box policies/rules that can be used to detect anomalous behavior in different levels, including the host, container and cluster levels.

today's leftovers

Filed under
Misc
  • How to Set and List Environment Variables in Linux
  • Hardware hacking basics, Slackel + OSCAR | Choose Linux 17

    Getting into hardware hacking with Arduino, and analysing sleep data from CPAP machines.

    Plus a glimpse into the past in Distrohoppers.

  • Debian 11 Testing with XFCE 4.14 Run Through

    In this video, we are looking at Debian Testing Bullseye with XFCE 4.14.

  • Introducing Glean — Telemetry for humans

    In the last few years, Firefox development has become increasingly data-driven. Mozilla’s larger data engineering team builds & maintains most of the technical infrastructure that makes this possible; from the Firefox telemetry code to the Firefox data platform and hosting analysis tools. While data about our products is crucial, Mozilla has a rare approach to data collection, following our privacy principles. This includes requiring data review for every new piece of data collection to ensure we are upholding our principles — even when it makes our jobs harder.

    One great success story for us is having the Firefox telemetry data described in machine-readable and clearly structured form. This encourages best practices like mandatory documentation, steering towards lean data practices and enables automatic data processing — from generating tables to powering tools like our measurement dashboard or the Firefox probe dictionary.

    However, we also learned lessons about what didn’t work so well. While the data types we used were flexible, they were hard to interpret. For example, we use plain numbers to store counts, generic histograms to store multiple timespan measures and allow for custom JSON submissions for uncovered use-cases. The flexibility of these data types means it takes work to understand how to use them for different use-cases & leaves room for accidental error on the instrumentation side. Furthermore, it requires manual effort in interpreting & analysing these data points. We noticed that we could benefit from introducing higher-level data types that are closer to what we want to measure — like data types for “counters” and “timing distributions”.

  • Debugging TypeScript in Firefox DevTools

    Firefox Debugger has evolved into a fast and reliable tool chain over the past several months and it’s now supporting many cool features. Though primarily used to debug JavaScript, did you know that you can also use Firefox to debug your TypeScript applications?

    Before we jump into real world examples, note that today’s browsers can’t run TypeScript code directly. It’s important to understand that TypeScript needs to be compiled into Javascript before it’s included in an HTML page.

    Also, debugging TypeScript is done through a source-map, and so we need to instruct the compiler to produce a source-map for us as well.

  • Sponsor Article: why open frameworks matter

    The use of computers to control buildings was an inevitable consequence of the falling cost of the technology and the huge increase in the complexity of the equipment required to achieve comfort in large modern buildings. As with computers, the nascent BMS market was initially supplied by manufacturers who offered highly-proprietary systems which only they could install and maintain. As the technology matured, so the software to program the required control logic was made easier. As a result, a wider range of people could provide the engineering. Meanwhile, pressure from end users, who didn’t want to be tied to only one manufacturer for the life of the building or campus, led to the development of open protocol standards that could enable one manufacturers’ system to talk to another.

    However, since the way buildings are contracted tends to require a functionally-biased packaging of sub-contracts, each piece of controls equipment in a building developed separately, and each sub-sector developed its own standards. The result today is a plethora of ‘standard’ protocols which are used by the various sub-systems in a building; BACnet for HVAC, DALI and KNX for lighting, Modbus for electrical metering and power management, M-Bus for heat metering etc. Some protocols such as LONworks did manage for a while to gain traction in multiple segments, but its adoption has declined in recent years. So, although people still dream of there being ‘one standard to rule them all’, the reality is much messier, and the challenge of how to get systems talking to one another has not gone away.

  • Free Software Supporter - Issue 137, September 2019

    Defective by Design is calling on you to stand up against digital restrictions management and join us in celebration of the International Day Against DRM (IDAD) on October 12th, 2019. Keep an eye on defectivebydesign.org for further announcements.

  • Some Intel Firmware Binaries Will Reportedly Be More Liberally Licensed

    One interesting nugget of news from this week's Open-Source Firmware Conference is that some Intel firmware binaries pertaining to their Trusted Execution Technology (TXT) will be more liberally licensed under their simpler microcode/firmware license.

    Open-source firmware consulting firm 3mdeb shared that Intel will reportedly publish TXT-related binaries like BIOS and SINIT ACMs under a similar license to the Intel FSP and microcode.

today's leftovers

Filed under
Misc
  • Commons Clause in open source licences: business necessity or betrayal of software freedom?

    Accommodation of new business models and technological advances has fundamentally disrupted the open source industry. Unlike on-prem solutions, which are installed in a user environment, cloud-based software remains hosted on the vendor's servers and is accessed by users through a web browser. Because cloud-based offerings do not involve software distribution, the copyleft effect of open source licences is not triggered.

    Large cloud providers use their market power and infrastructure to generate significant revenues by offering proprietary services around successful open source projects, thus depriving such projects of an opportunity to commercialise similar services.

    [...]

    Whether the benefits of employing the Commons Clause outweigh the potential risks is likely to invoke a case by case analysis. The community consensus on the four software freedoms [the freedom to run the program for any purpose, the freedom to modify it for private or public use, the freedom to make copies and distribute the program and its derivatives] is under continuous pressure for modification. Indeed reshaping the portfolio of freedoms may not necessarily be a threat to open source as we know it, but rather an evolution thereof.

    As Heather Meeker, the drafter of the Commons Clause, has noted, the choice is often between the full proprietary route and a source-available licensing. By choosing the latter, we may preserve at least some of the freedoms.

  • Fedora 30 : About the Jupyter lab tool.

    The tutorial for today is about Jupiter Lab and Fedora 30. You can see an old tutorial with Fedora 29 here.
    The JupyterLab is the next-generation web-based user interface for Project Jupyter.
    This can be installed using conda, pip or pipenv.

  • AWS celebrates Labor Day weekend by roasting customer data in US-East-1 BBQ

    A power outage fried hardware within one of Amazon Web Services' data centers during America's Labor Day weekend, causing some customer data to be lost.

    When the power went out, and backup generators subsequently failed, some virtual server instances evaporated – and some cloud-hosted volumes were destroyed and had to be restored from backups, where possible, we're told.

    A Register reader today tipped us off that on Saturday morning, Amazon's cloud biz started suffering a breakdown within its US-East-1 region.

    Our tipster told us they had more than 1TB of data in Amazon's cloud-hosted Elastic Block Store (EBS), which disappeared during the outage: they were told "the underlying hardware related to your EBS volume has failed, and the data associated with the volume is unrecoverable."

    [...]

    Unlucky customers who had data on the zapped storage systems were told by AWS staff that, despite attempts to revive the missing bits and bytes, some of the ones and zeroes were permanently scrambled: "A small number of volumes were hosted on hardware which was adversely affected by the loss of power. However, due to the damage from the power event, the EBS servers underlying these volumes have not recovered.

today's leftovers

Filed under
Misc
  • Akademy App now with BoF info + more

    If you already downloaded the app, please open it and refresh to get the new info!

    Also I would like to thank Ben for setting up Sitter’s project on our beloved Binary Factory!

  • Candy Tsai: Beyond Outreachy: Final Interviews and Internship Review

    The last few weeks (week 11 – week 13) of Outreachy were probably the hardest weeks. I had to do 3 informational interviews with the goal of getting a better picture of the open source/free software industry.

    The thought of talking to someone I don’t even know just overwhelms me. So this assignment just leaves me scared to death. Pressing that “Send Email” button to these interviewees required me to summon up all of my courage but it was totally worth it. I really appreciate their time for chatting with me.

    On the other hand, it’s hard to believe the internship is coming to an end! Good news is that I will be sticking around Debci after this.

    [...]

    Last but not least, here’s a wrap-up of my internship in QA format. Hope that this helps anyone that wants to participate in future rounds get a better picture of how the Outreachy Internship was with Debian Debci.

  • LibreOffice developers team up to improve PPT/PPTX (PowerPoint) file support

    Good news for all users of high quality presentation software: a dedicated team has been formed within the LibreOffice community with the aim of further improving PPT/PPTX (PowerPoint) file format support.

    [...]

    LibreOffice’s Quality Assurance team is currently going through the collections of PPT and PPTX issues and carefully re-analysing and prioritising them. The QA team will continue to provide support in the form of patch testing and verification.

  • The ‘weaponisation’ of vulnerabilities

    Jett says the ‘weaponisation’ of vulnerabilities means that cyber criminals are exploiting them to launch highly co-ordinated attacks against individuals, businesses and specific groups by using a combination of technical and non-technical tools. He adds that, in most cases, these vulnerabilities are targeted in automated exploit kits, which are developed by criminal groups and monetised in various online forums.

    [..].

    "Let’s use the example of attacks on specific individuals. By scouring various channels – both legitimate and illicit – attackers are able to amass sufficient information about their targets to build a comprehensive profile about them. Gradually, they gather enough material to determine what’s going to be the most effective method(s) of attack and they’ll typically utilise multiple attack surfaces to pursue their targets."

  • Security updates for Wednesday

    Security updates have been issued by Arch Linux (grafana, irssi, and jenkins), Debian (freetype, samba, and varnish), Fedora (community-mysql, kernel, kernel-headers, kernel-tools, and python-mitogen), openSUSE (postgresql10 and python-SQLAlchemy), Oracle (kdelibs and kde-settings and squid:4), Red Hat (kdelibs and kde-settings, kernel, kernel-rt, openstack-nova, qemu-kvm, and redis), Scientific Linux (kdelibs and kde-settings, kernel, and qemu-kvm), SUSE (ansible, java-1_7_1-ibm, libosinfo, php53, and qemu), and Ubuntu (irssi, samba, and systemd).

today's howtos and leftovers

Filed under
Misc
HowTos

today's leftovers

Filed under
Misc
  • PCLinuxOS Family Member Spotlight: drhadidy

    I got introduced to Linux in the year 2001. I downloaded my first copy of Suse on my IBM Thinkpad. It wasn't easy to install. The CDs and drivers at that time had a lot of issues. So, it was a dual boot install, and mostly I was just updating the install every now and then and was trying to understand more about the system. But I was fascinated by the idea of open source.

    Then I had a very big virus problem at the end of 2006 which destroyed my Windows driven home PC and laptop, my clinic's PC and my Windows mobile phone.

    I decided to shift to Linux and just get rid of Windows forever, especially when I was reading of all the improvements in the development of Linux and how easy it became by then.

    I installed Suse as the only system on my machines. Then I had a problem with the sound card of my LG laptop.

    I started looking around and trying many other distros, until I read about PCLinuxOS. I was amazed by the reviews, and especially how the installation comes out of the box, and how so many people spoke about how their driver problems disappeared when they used PCLinuxOS. I was shocked how Linux people are impressed by its stability.

    I installed PCLinuxOS on my laptop, and my LG laptop started singing. I was really so impressed and happy with the new system, and really didn't need to go back to Windows since that day.

  • How to Test Website Speed in Linux Terminal
  • [PCLinuxOS] Screenshot Showcase
  • Debian Policy call for participation -- September 2019

    There hasn’t been much activity lately, but no shortage of interesting and hopefully-accessible Debian Policy work. Do write to debian-policy@lists.debian.org if you’d like to participate but are struggling to figure out how.

  • The Fridge: Ubuntu Weekly Newsletter Issue 594

    Welcome to the Ubuntu Weekly Newsletter, Issue 594 for the week of August 25 – 31, 2019. The full version of this issue is available here.

  • Fedora Update Weeks 33–34

    The past two weeks have been rather simple, just catching up on the remaining updates from release monitoring, and also those that monitoring missed. I’m also working through some build/test failures for various reasons.

    Most failures are around the Python 3.8 rebuild. Generally, upstreams are aware of the problems, or I could have reported a bug about it. So fixing these involve backporting fixes that are to be in the next releases. For xtl, I’ve un-retired the package, and disabled the failing arches. I’ve given up on hoping someone might figure out the gcc issue, so I’m just leaving the arch-specific bugs (RHBZ#1745840, RHBZ#1745841) as they are.

today's leftovers

Filed under
Misc
  • Espressif ESP-Skainet Voice Assistant Offers Wake Word Engine and Speech Commands Recognition for Embedded MCUs
  • scikit-survival 0.10 released

    To illustrate the use of compare_survival, let’s consider the Veterans’ Administration Lung Cancer Trial. Here, we are considering the Celltype feature and we want to know whether the tumor type impacts survival. We can visualize the survival function for each subgroup using the Kaplan-Meier estimator.

  • How To Choose The Perfect Open-Source Dashboard

    In the current data-driven scenario, data visualisation is something all data analyst have to court, and a dashboard, in this case, is an obvious protagonist. Dashboards allow real-time visualising and easy understanding of the key performance indicators in an organisation. Dashboards extract meaningful insights from data which is further used by organisations for decision-making.

    [...]

    Mozaïk is a tool based on NodeJS/ React / D3 / stylus to easily craft beautiful dashboards. It supports multiple devices through an adaptive layout such as on a big screen in the open space or smartphones.

  • Warning Issued For Millions Of Microsoft Windows 10 Users

    Picked up by the eagle eyes of Windows Latest, users are warning that Microsoft’s latest Windows 10 update is hitting performance hard. And what’s most frustrating is Microsoft was warned about this prior to release, shipped it anyway and continues to ignore it.

    Showing up for anyone who hits the ‘Check for updates’ button in Windows Update, KB4512941 was released to fix multiple problems, including bugs in Windows Sandbox, black screen issues and more. But inside the update is a botched Cortana fix which is causing the service to gobble up to 40% of user’s CPUs. Wave goodbye to half your PC’s power and a good chunk of battery life.

  • Security updates for Monday

    Security updates have been issued by Debian (gosa, libav, libextractor, nghttp2, pump, and python2.7), Fedora (dovecot, mod_http2, and pango), Gentoo (dovecot, gnome-desktop, libofx, and nautilus), Mageia (ansible, ghostscript, graphicsmagick, memcached, mpg123, pango, vlc, wavpack, webmin, wireshark, and wpa_supplicant, hostapd), openSUSE (flatpak, libmirage, podman, slirp4netns and libcontainers-common, python-SQLAlchemy, and qemu), Red Hat (ghostscript, java-1.8.0-ibm, and squid:4), and SUSE (kernel, libsolv, libzypp, zypper, NetworkManager, nodejs10, nodejs8, perl, python-Django, and python-SQLAlchemy).

  • GSoC’19 Project : Milestone 4

    The fourth milestone for my Google Summer of Code 2019’s project Porting KDE Connect to Windows involves creating some system integrations for the windows Operating System so it works seamlessly on Windows.

today's leftovers

Filed under
Misc
  • Destination Linux 136 - Raspberry Pi, System76 Firmware Tool, OBS, IBM Open-Source POWER, EVERSPACE
  • EROFS Is Graduating From Staging In Linux 5.4

    Linux 5.4 will be a big kernel on the file-system front as in addition to introducing the new VirtIO-FS and exFAT file-system support, Huawei's EROFS file-system will be graduating from staging.

  • GreenWithEnvy 0.13 Released For Better NVIDIA GPU Overclocking On Linux

    t's been a number of months since last seeing a new release of GreenWithEnvy or hearing anything out of the project, but this weekend is finally a new version of this open-source overclocking panel for NVIDIA graphics cards on Linux.

    GreenWithEnvy 0.13 is the new release out today and their first since February. GreenWithEnvy 0.13 has various library updates, fixes the saving of preferences when running the Flatpak version of the program, and adds an option to minimize the application to the tray when hitting the close button.

  • Open-source flash emulator hopes to preserve a generation of Flash games

    In a bid to preserve a generation's worth of Flash games, a new open-source project hopes to create, and share, a Flash emulator.

    The project - which comes just a few weeks after Adobe announced plans to "end-of-life Flash" - hopes to secure a way to play Flash games in your browser via emulation. Mike Welsh, who has previously worked on the Flash-to-HD video converter Swivel for Newgrounds, is currently leading the project.

  • Coding Education Challenge promises $500k for innovative ways to teach next-gen programmers

    Non-profit organization The GNOME Foundation and philanthropic tech company Endless have teamed up to help the next-generation of coders by announcing the Coding Education Challenge. Endless has agreed to provide $500,000 to fund the competition.

    The challenge's aim is to attract projects that’ll bring new ways for educators and students to teach and learn coding through free and open-source coding software.

  • KDE Connect macOS Release

    Now it’s the end of Google Summer of Code 2019. As my GSoC project, the port of KDE Connect on macOS has made great progress. You can find and download it in my blog release page.

    Note: This post aims at presenting the features of KDE Connect which have been implemented on macOS. If you’d like to know more information, such as compilation of your own KDE Connect binary on macOS, please turn to another post in my post Connect your Android phone with your Mac via KDE Connect. And if you’re interested in what I’ve done during Google Summer of Code, my status report of Google Summer of Code is HERE.

today's leftovers

Filed under
Misc
  • Waypipe Is Successfully Working For This Network-Transparent Wayland Apps/Games Proxy

    Waypipe is off to the races as the newest network transparency effort in the Wayland space. Waypipe provides a network transparent Wayland proxy for running native Wayland programs/games over a network similar to X11's capabilities and forwarding X over an SSH connection.

    Waypipe development was successful this summer by student developer Manuel Stoeckl who was working on the effort as part of this year's Google Summer of Code (GSoC). Waypipe is successfully working now for running Wayland games/applications over the network using this proxy mechanism and supports features like compression, multi-threading optimizations, and hardware-accelerated VA-API for video encode/decode across the network.

  • Fedora Community Blog: Stories from the amazing world of release-monitoring.org #7

    The view from the top of the tower was amazing. With few exceptions most of the things worked as they should. I had one hand on my wizard hat to protect it from wind. It’s too windy in this height. As I was looking from the tower, door behind me opened and traveler came in.

    “I’m glad to see you. It was a while till we met. There was plenty of things that happened in the meantime and needed my attention. I even spent some time in the world of Bodhi and I must say it is complicated and noisy world. Too different from this one. But this is the story for another time.” I stepped back from the railing and moved to part of the balcony that was shielded from the wind. There was table and two chairs. I sat on one and traveler followed me. “You probably want to hear some news. So relax and listen, this will take some time.”

  • Fedora Community Blog: FPgM report: 2019-35

    Here’s your report of what has happened in Fedora Program Management this week. The Beta freeze is underway.

    I have weekly office hours in #fedora-meeting-1. Drop by if you have any questions or comments about the schedule, Changes, elections, or anything else.

  • Chris Lamb: Free software activities in August 2019

    I was extremely proud to be announce I will be joining the folks at Software in the Public Interest to assist its many umbrella projects and free software in General. You can read the official announcement here.

    [...]

    I attended this year's Debian Party in Cambridge, UK. Better known as the "OMGWTFBBQ", I had a great time despite the remarkable heat. A special thanks to Steve for hosting the event and all others who helpedand organise this, as well as Mythic Beasts, Collabora and Codethink for sponsoring the event. For my part I made some souvenir beer mats commemorating the event, offering them gratis with a nudge towards becoming a supporter of the Software Freedom Conservancy:

  • CUPS 2.3 Printing System Finally Released With Licensing Change & Other Additions

    CUPS 2.3 is an important update due to a licensing change and important for Linux users now that there is an issue being resolved from earlier in the development cycle. Apple, which has been under the control of CUPS for the past decade, decided to relicense this printing server to the Apache 2.0 license. But due to various non-Apple Linux CUPS utilities like cups-filters being GPLv2, that presents a problem. Apple lawyers ended up adding an exception to their Apache 2.0 license to allow linking the software with GPLv2 software, which takes care of the issue while still satisfying them with their re-license. This seems to be part of the reason why the CUPS 2.3 release took so long to materialize.

  • A very deep dive into iOS Exploit chains found in the wild

    Project Zero’s mission is to make 0-day hard. We often work with other companies to find and report security vulnerabilities, with the ultimate goal of advocating for structural security improvements in popular systems to help protect people everywhere.

    Earlier this year Google's Threat Analysis Group (TAG) discovered a small collection of hacked websites. The hacked sites were being used in indiscriminate watering hole attacks against their visitors, using iPhone 0-day.

    There was no target discrimination; simply visiting the hacked site was enough for the exploit server to attack your device, and if it was successful, install a monitoring implant. We estimate that these sites receive thousands of visitors per week.

    TAG was able to collect five separate, complete and unique iPhone exploit chains, covering almost every version from iOS 10 through to the latest version of iOS 12. This indicated a group making a sustained effort to hack the users of iPhones in certain communities over a period of at least two years.

  • Coin-mining malware jumps from Arm IoT gear to Intel servers

    A coin-mining malware infection previously only seen on Arm-powered IoT devices has made the jump to Intel systems.

    Akamai senior security researcher Larry Cashdollar says one of his honeypot systems recently turned up what appears to be an IoT malware that targets Intel machines running Linux.

    "I suspect it’s probably a derivate of other IoT crypto mining botnets," Cashdollar told The Register. "This one seems to target enterprise systems."

    In addition to being fine-tuned for Intel x86 and 686 processors, the malware looks to establish an SSH Port 22 connection and deliver itself as a gzip archive. From there, the malware checks to see if the machine has already been infected (at which point the installation stops) or if an earlier version is running and needs to be terminated. From there, three different directories are created with different versions of the same files.

    "Each directory contains a variation of the XMrig v2.14.1 cryptocurrency miner in either x86 32bit or 64bit format," the Akamai security ace explained. "Some of the binaries are named after common Unix utilities, like ps, in an attempt to blend into a normal process list."

  • AMD Prepping Their HDCP 1.4 Content Protection Support For Raven Ridge & Newer

    AMD developers have sent out their latest open-source Linux patches doing their kernel driver share for enabling High-bandwidth Digital Content Protection (HDCP) support for version 1.4 and newer.

    While seeing HDCP support patches for open-source graphics drivers does irritate many in the community, similar to other open-source drivers supporting HDCP, this is only one part of the content protection puzzle. These patches alone do not impose any restrictions on users or other impairments, but mainly comes down to such proprietary software wanting to make use of HDCP capabilities on Linux. Open-source video players and the like can continue to enjoy GPU-based video acceleration uninterrupted.

    [...]

    Intel's open-source Linux graphics driver only began seeing HDCP work relatively recently when Google engineers were interested with the Intel support in the context of Chromebook support.

  • Hey, it's 2019. Quit making battery-draining webpages – say makers of webpage-displaying battery-powered kit

    Apple WebKit engineers Benjamin Poulain and Simon Fraser have offered advice to web developers about how to design power-efficient web pages, to preserve the life of mobile device batteries and give users more time interacting with web content.

    "Web developers rarely think about power usage, but they really should," said Fraser, via Twitter.

    WebKit is the browser rendering engine at the heart of Apple's mobile and desktop Safari browsers, but the tips presented by its programmers apply to web pages presented in any browser, for the most part.

Syndicate content

More in Tux Machines

OSS Leftovers

  • Workarea Commerce Goes Open-source

    The enterprise commerce platform – Workarea is releasing its software to the open-source community. In case you don’t already know, Workarea was built to unify commerce, content management, merchant insights, and search. It was developed upon open-source technologies since its inception like Elasticsearch, MongoDB, and Ruby on Rails. Workarea aims to provide unparalleled services in terms of scalability and flexibility in modern cloud environments. Its platform source code and demo instructions are available on GitHub here.

  • Wyoming CV Pilot develops open-source RSU monitoring system

    The team working on the US Department of Transportation’s (USDOT) Connected Vehicle Pilot Deployment Program in Wyoming have developed open-source applications for the operation and maintenance of Roadside Units (RSUs) that can be viewed by all stakeholders. The Wyoming Department of Transportation (WYDOT) Connected Vehicle Pilot implementation includes the deployment of 75 RSUs along 400 miles (644km) of I-80. With long drive times and tough winters in the state, WYDOT needed an efficient way to monitor the performance of and manage and update these units to maintain peak performance. With no suitable product readily available, the WYDOT Connected Vehicle team developed an open-source application that allows authorized transportation management center (TMC) operators to monitor and manage each RSU at the roadside. The WYDOT team found that the application can also be used as a public-facing tool that shows a high-level status report of the pilot’s equipment. [...] For other state or local agencies and departments of transportation (DOTs) wishing to deploy a similar capability to monitor and manage RSUs, the application code has been made available on the USDOT’s Open Source Application Development Portal (OSADP). The code is downloadable and can be used and customized by other agencies free of charge. WYDOT developed this capability using USDOT funds under the CV Pilot program as open-source software and associated documentation. The application represents one of six that the program will be providing during its three phases.

  • You Too Can Make These Fun Games (No Experience Necessary)

    Making a videogame remained a bucket list item until I stumbled on an incredibly simple open source web app called Bitsy. I started playing around with it, just to see how it worked. Before I knew it, I had something playable. I made my game in a couple of hours.

  • From maverick to mainstream: why open source software is now indispensable for modern business

    Free and open source software has a long and intriguing history. Some of its roots go all the way back to the 1980s when Richard Stallman first launched the GNU project.

  • Analyst Watch: Is open source the great equalizer?

    If you had told me 25 years ago that open source would be the predominant force in software development, I would’ve laughed. Back then, at my industrial software gig, we were encouraged to patent as much IP as possible, even processes that seemed like common-sense business practices, or generally useful capabilities for any software developer. If you didn’t, your nearest competitor would surely come out with their own patent claims, or inevitable patent trolls would show up demanding fees for any uncovered bit of code. We did have this one developer who was constantly talking about fiddling with his Linux kernel at home, on his personal time. Interesting hobby.

  • Scientists Create World’s First Open Source Tool for 3D Analysis of Advanced Biomaterials

    Materials scientists and programmers from the Tomsk Polytechnic University in Russia and Germany's Karlsuhe Institute of Technology have created the world’s first open source software for the 2D and 3D visualization and analysis of biomaterials used for research into tissue regeneration. [...] Scientists have already tested the software on a variety of X-ray tomography data. “The results have shown that the software we’ve created can help other scientists conducting similar studies in the analysis of the fibrous structure of any polymer scaffolds, including hybrid ones,” Surmenev emphasised.

  • Making Collaborative Data Projects Easier: Our New Tool, Collaborate, Is Here

    On Wednesday, we’re launching a beta test of a new software tool. It’s called Collaborate, and it makes it possible for multiple newsrooms to work together on data projects. Collaborations are a major part of ProPublica’s approach to journalism, and in the past few years we’ve run several large-scale collaborative projects, including Electionland and Documenting Hate. Along the way, we’ve created software to manage and share the large pools of data used by our hundreds of newsrooms partners. As part of a Google News Initiative grant this year, we’ve beefed up that software and made it open source so that anybody can use it.

  • Should open-source software be the gold standard for nonprofits?

    Prior to its relaunch, nonprofit organization Cadasta had become so focused on the technology side of its work that it distracted from the needs of partners in the field. “When you’re building out a new platform, it really is all consuming,” said Cadasta CEO Amy Coughenour, reflecting on some of the decisions that were made prior to her joining the team in 2018.

  • Artificial intelligence: an open source future

    At the same time, we’re seeing an increasing number of technology companies invest in AI development. However, what’s really interesting is that these companies - including the likes of Microsoft, Salesforce and Uber - are open sourcing their AI research. This move is already enabling developers worldwide to create and improve AI & Machine Learning (ML) algorithms faster. As such, open source software has become a fundamental part of enabling fast, reliable, and also secure development in the AI space. So, why all the hype around open source AI? Why are businesses of all sizes, from industry behemoths to startups, embracing open source? And where does the future lie for AI and ML as a result?

  • How open source is accelerating innovation in AI

    By eradicating barriers like high licensing fees and talent scarcity, open source is accelerating the pace of AI innovation, writes Carmine Rimi No other technology has captured the world’s imagination quite like AI, and there is perhaps no other that has been so disruptive. AI has already transformed the lives of people and businesses and will continue to do so in endless ways as more startups uncover its potential. According to a recent study, venture capital funding for AI startups in the UK increased by more than 200 percent last year, while a Stanford University study observed a 14-times increase in the number of AI startups worldwide in the last two years.

  • Adam Jacob Advocates for Building Healthy OSS Communities in “The War for the Soul of Open Source”

    Chef co-founder and former CTO Adam Jacob gave a short presentation at O’Reilly Open Source Software Conference (OSCON) 2019 titled “The War for the Soul of Open Source.” In his search for meaning in open source software today, Jacob confronts the notion of open source business models. “We often talk about open source business models,” he said. “There isn’t an open source business model. That’s not a thing and the reason is open source is a channel. Open source is a way that you, in a business sense, get the software out to the people, the people use the software, and then they become a channel, which [companies] eventually try to turn into money.” [...] In December 2018, Jacob launched the Sustainable Free and Open Source Communities (SFOSC) project to advocate for these ideas. Instead of focusing on protecting revenue models of OSS companies, the project’s contributors work together to collaborate on writing core principles, social contracts, and business models as guidelines for healthy OSS communities.

  • New Open Source Startups Emerge After Acquisition, IPO Flurry

    After a flurry of mega-acquisitions and initial public offerings of open source companies, a new batch of entrepreneurs are trying their hands at startups based on free software projects.

  • TC9 selected by NIST to develop Open Source Software for Transactive Energy Markets

    TC9, Inc. was selected by National Institute of Standards and Technology (NIST) to develop open source software for Transactive Energy Bilateral Markets based on the NIST Common Transactive Services. Under the contract, TC9 will develop open source software (OSS) for agents for a transactive energy market. The software will be used to model the use of transactive energy to manage power distribution within a neighborhood. Transactive Energy is a means to balance volatile supply and consumption in real time. Experts anticipate the use of Transactive Energy to support wide deployment of distributed energy resources (DER) across the power grid.

  • Open Source Software Allows Auterion to Move Drone Workflows into the Cloud

    “Until today, customizing operations in the MAVLink protocol required a deep understanding of complex subjects such as embedded systems, drone dynamics, and the C++ programming language,” said Kevin Sartori, co-founder of Auterion. “With MAVSDK, any qualified mobile developer can write high-level code for complex operations, meaning more developers will be able to build custom applications and contribute to the community.”

  • ApacheCon 2019 Keynote: James Gosling's Journey to Open Source

    At the recent ApacheCon North America 2019 in Las Vegas, James Gosling delivered a keynote talk on his personal journey to open-source. Gosling's main takeaways were: open source allows programmers to learn by reading source code, developers must pay attention to intellectual property rights to prevent abuse, and projects can take on a life of their own.

  • 20 Years of the Apache Software Foundation: ApacheCon 2019 Opening Keynote

    At the recent ApacheCon North America 2019 in Las Vegas, the opening keynote session celebrated the 20th anniversary of the Apache Software Foundation (ASF), with key themes being: the history of the ASF, a strong commitment to community and collaboration, and efforts to increase contributions from the public. The session also featured a talk by astrophysicist David Brin on the potential dangers of AI.

Open Hardware/Modding

  • Delta X open source delta robot kit hits Kickstarter from €179

    After previously being unveiled earlier this month the Delta X open source delta robot kit has now launched via Kickstarter offering open source hardware, firmware and software for the community. Watch the demonstration video below to learn more about the Arduino powered 3D printed open source robot kit which is now available from €179. The Delta X offers both a complete desktop robot and a modular kit and can be combined with a range of end effectors to complete a wide variety of different applications, offering increased speed and flexibility when compared to other robotic arm kits on the market.

  • AXIS open source 3D printer from $125

    An affordable 3D printer has launched via Kickstarter this week in the form of the AXIS 3D Printer which is priced from just £99, $125 or €115. Complete with dual 3D printing head the 3D printer is based on open source technology with “tried and tested industry standard components designed to work right, first time” say it’s creators.

  • Freemelt raises $1.6 million in investment round for open-source EBM 3D printer
  • 3D printing stethoscopes, tourniquets and crucial dialysis-machine parts in Gaza

    Tarek Loubani is a Palestinian-Canadian doctor who works with the Glia Project, a group that creates open-source designs for 3D-printable medical hardware. Their goal is to let local populations manufacture their own medical wares at prices considerably lower than in the marketplace, and in situations where -- because of distance or war -- it may not even be possible to ship in equipment at any price. Some of their early work has been in blockaded Gaza, for example. So far, Glia has designed a stethoscope that can be made for about $2.83, and a tourniquet that costs about $7 to make.

  • GameShell Kit – Open Source Portable Game Console

    This portable console has a GNU/LINUX embedded operating system that lets you play all kinds of retro games from Atari, GB, GBA, NES, MAME, MD, PS1, and more. You can even create your own games if you want. Get one for yourself or build it together with your kids. Check out more details by clicking the link above.

  • Play classic games on an open-source console with GameShell: $143 (Orig. $199)

Openwashing Leftovers

A Setback for FOSS in the Public (War) Sector, CONNECT Interoperability Project Shifting to the Private Sector

  • GAO: DoD Not Fully Implementing Open-Source Mandates

    The Department of Defense has not fully implemented mandates from the Office of Management and Budget (OMB) and the 2018 National Defense Authorization Act (NDAA) to increase its use of open-source software and release code, according to a September 10 Government Accountability Office (GAO) report. The report notes that the 2018 NDAA mandated DoD establish a pilot program on open source and a report on the program’s implementation. It also says that OMB’s M-16-21 memorandum requires all agencies to release at least 20 percent of custom-developed code as open-source, with a metric for calculating program performance. However, DoD has released less than 10 percent of its custom code, and had not developed a measure to calculate the performance of the pilot program. In comments to GAO, the DoD CIO’s office said there has been difficulty inventorying all of its custom source code across the department, and disagreement on how to assess the success for a performance measure. While the department worked to partially implement OMB’s policy, the department had not yet issued a policy.

  • Pentagon moves slowly on open-source software mandate amid security concerns

    The Defense Department has been slow to meet a government-wide mandate to release more open-source software code, as DOD officials have concerns about cybersecurity risks and are struggling to implement such a program across the department, according to a new audit.

  • DOD struggles to implement open source software pilots

    The Department of Defense’s congressionally mandated efforts to create an open source software program aren’t going so well. DOD must release at least 20 percent of its custom software as open source through a pilot required by a 2016 Office of Management and Budget directive and the 2018 National Defense Authorization Act. Open source software, OMB says, can encourage collaboration, “reduce costs, streamline development, apply uniform standards, and ensure consistency in creating and delivering information.”

  • DOD drags feet with open-source software program due to security, implementation concerns

    The Defense Department has been slow to meet a government-wide mandate to release more open-source software code, as DOD officials have concerns about cybersecurity risks and are struggling to implement such a program across the department, according to a new audit. Since 2016, DOD has been required by law to implement an open-source software pilot program in accordance with policy established by the Office of Management and Budget.

  • DOD pushes back on open source
  • DOD pushes back on open source
  • CONNECT Interoperability Project Shifting to the Private Sector

    The CONNECT project, an open source project that aims to increase interoperability among organizations, is transitioning from federal stewardship to the private sector and will soon be available to everyone. Developed ten years ago by a group of federal agencies in the Federal Health Architecture (FHA), CONNECT was a response to ONC’s original approach to a health information network. The agencies decided to build a joint health interoperability solution instead of having each agency develop its own custom solution, and they chose to make the project open source.