Recent Changes - Search:
NTLUG

Linux is free.
Life is good.

NEXT MEETING

What's New

Introducing Ubuntu Phone

Linux Training
10am on Meeting Days!

1825 Monetary Lane Suite #104 Carrollton, TX

Do a presentation at NTLUG.

What is the Linux Installation Project?

Real companies using Linux!

Not just for business anymore.

Providing ready to run platforms on Linux

Show Descriptions... (Show All) (Two Column)

LinuxSecurity - Security Advisories

  • Fedora 31: firefox FEDORA-2020-0e5ada32f1>
    - Updated to latest upstream (77.0.1) ---- - New upstream version (77.0) ---- - Updated VA-API patches for Wayland backend - Use dmabuf WebGL backend by default on Wayland







LWN.net

  • [$] DMA-BUF cache handling: Off the DMA API map (part 1)
    Recently, the DMA-BUF heapsinterface was added to the 5.6 kernel. Thisinterface is similar to ION,which has been used for years by Android vendors. However, in trying to move vendors touse DMA-BUF heaps, we have begun to see how the DMA API modeldoesn't fit well for modern mobile devices. Additionally, the lack of clearguidance in how to handle cache operations efficiently, results in vendorsusing custom device-specific optimizations that aren't generic enough foran upstream solution. This article will describe the nature of theproblem; the upcoming second installment will look at the path toward asolution.


  • Security updates for Thursday
    Security updates have been issued by Debian (firefox-esr), Fedora (firefox and prboom-plus), Oracle (bind), Red Hat (firefox), and SUSE (osc).



  • [$] The history and evolution of PHP governance
    The PHP language is widely used in solving some of the most interestingtechnical problems on the web. But for a language with widespread use, itis unique — or at least an outlier — in the way it's governed compared toother open-source projects. Unlike others, PHP governance has grown intosomething fairly democratic for a project its size, allowing almost anyoneto bring an idea to the table. If it's popular enough, that idea can findits way into a future release. That is, of course, as long as there is adeveloper to put in the work to make it happen.


  • FreeNAS is coming to Linux
    The FreeNAS distribution implements network-attached storage on top of theZFS filesystem; it was reviewed here backin 2015. FreeNAS has always been based on FreeBSD, but now iXsystems, thecompany behind this system, has announceda new version, called TrueNAS SCALE, that will be based on Debian."Linux is a key requirement to achieve some of the SCALE projectgoals". More information about those goals will evidently beforthcoming in the future.


  • [$] Free user space for non-graphics drivers
    In the kernel graphics world, there has been a longstanding "line in the sand" that disallows mergingkernel drivers without a corresponding free-software user-space driver. The idea is thatnot having a way to test the full functionality means that the kerneldevelopers cannot verify the proper functioning and security of thedriver; changes to the kernel driver may lead to unforeseen (anduntestable) problems on the user-space side. More recently, though, wehave seen other types of devices with complex drivers, but no useful freeuser-space piece, that have been proposed for inclusion into the kernel;at least one was merged, but the tide has perhaps turned against those typesof drivers at this point—or some of them, anyway.


  • Stable kernel updates
    Stable kernels 5.6.16, 5.4.44, 4.19.126, 4.14.183, 4.9.226, and 4.4.226 have been released. They all containimportant fixes and users should upgrade.


  • Security updates for Wednesday
    Security updates have been issued by Fedora (java-11-openjdk, perl-Email-MIME, perl-Email-MIME-ContentType, and slurm), openSUSE (imapfilter, mailman, and python-rpyc), Red Hat (bind and firefox), SUSE (evolution-data-server, python, qemu, and w3m), and Ubuntu (python-django).


  • Devuan Beowulf 3.0.0 released
    Devuan Beowulf 3.0.0 has been released. This version is based on Debian10.4 Buster, with eudev and elogind to replace aspects of systemd. Optionalalternatives runit and openrc are also available.


  • [$] Development statistics for the 5.7 kernel
    The 5.7 kernel was released onMay 31. By all appearances this was a normal development cycle,unaffected by the troubles in the wider world. Still, there are things tobe learned by looking at where the code came from this time around. Readon for LWN's traditional look at who contributed to 5.7, who supported thatwork, and the paths by which it got into the mainline.


  • Firefox 77.0
    Firefox 77.0 has been released. Among the new things in this release, LWNreaders may be most interested in the new about:certificate pagewhere you can view and manage web certificates. See the releasenotes for details.


  • Security updates for Tuesday
    Security updates have been issued by Arch Linux (ant, bind, freerdp, and unbound), CentOS (bind, freerdp, and git), Debian (python-httplib2), Fedora (ant, kernel, sqlite, and sympa), openSUSE (java-11-openjdk and qemu), Oracle (bind), Red Hat (freerdp), Scientific Linux (python-pip and python-virtualenv), Slackware (firefox), SUSE (qemu), and Ubuntu (Apache Ant, ca-certificates, flask, and freerdp2).


  • [$] A possible end to the FSGSBASE saga
    The FSGSBASEpatch series is up to its thirteenth version as of late May. Itenables some "new" instructions for the x86 architecture, opening the way for a number ofsignificant performance improvements. One might think that such a patchseries would be a shoo-in, but FSGSBASE has had a troubled history;meanwhile, the delays in getting it merged may have led to a number ofusers installing root holes on their Linux systems in the hope of improvingsecurity.


  • Security updates for Monday
    Security updates have been issued by Debian (bind9, dosfstools, gst-plugins-good0.10, gst-plugins-ugly0.10, json-c, php-horde, php-horde-gollem, salt, and sane-backends), Fedora (drupal7, marked, NetworkManager, and wireshark), Mageia (gdb, jasper, and json-c), openSUSE (freetds, jasper, libmspack, mariadb-connector-c, sysstat, and trousers), Red Hat (bind), Scientific Linux (bind and freerdp), and SUSE (file-roller and java-11-openjdk).


  • The 5.7 kernel is out
    Linus has released the 5.7 kernel right onschedule. Headline features in 5.7 includex86 split-lock detection,thermal-pressure management,frequency invariance in the load-trackingcode,coexistence between BPF and realtimepreemption,support for BPF security hook programs (formerly called the KRSI security module),a new, Microsoft-blessed exFAT filesystem implementation, and more.The final patch to be merged was this one deprecatingthe long-standing 80-column limit for kernel source.See the KernelNewbies 5.7 page forlots of details.


LXer Linux News

  • Linux Keeps Growing and Growing and Growing
    Linux keeps growing, according to new market share data, and if the same trend is continued in the next few months, it’s likely to overtake Apple’s macOS and become the second most-used desktop platform worldwide.



  • Improve Linux system performance with noatime
    Whenever I upgrade Linux on my home computer, I have a list of tasks I usually do. They[he]#039[/he]ve become habits over the years: I back up my files, wipe the system, reinstall from scratch, restore my files, then reinstall my favorite extra applications. I also make a few system tweaks. I[he]#039[/he]ve been making some of these tweaks for so long that I recently wondered if I still needed to do them.


  • How to generate an EPUB file on Fedora
    It is becoming more popular to read content on smartphones. Every phone comes with its own ebook reader. Believe or not, it is very easy to create your own ebook files on Fedora. This article shows two different methods to create an EPUB. The epub format is one of the most popular formats and is […]


  • Red Hat: Holding Its Own and Fueling Open Source Innovation
    When IBM acquired Red Hat for $34 billion in 2019, it was considered the industry’s largest software acquisition. The synergy between the two companies led them to become one of the leading hybrid multi-cloud providers globally. In most acquisitions, the acquired entity sometimes loses momentum and sheds some of its original luster.




  • Linux Lite 5.0 Released With UEFI Support & Other Major Improvements
    Linux Lite is one of the best Linux distributions suitable for Windows users. Not just limited to that, it’s also one of the most preferred lightweight Linux distributions available. The lightweight Linux distribution Linux Lite 5.0 is released with UEFI support & other major improvements.






  • Using AppImage for Linux package management
    A big part of administrating Linux machines—especially remote machines—is managing and installing software. When something goes wrong with a local application or when something on the filesystem breaks and needs fixing, you[he]#039[/he]re often going to want to push updates without having to travel many miles to sit down in front of a physical screen.






  • Facial recognition reader includes thermometry and card readers
    Firefly’s $399 and up “Face X2” is a facial recognition device that runs Ubuntu or Android on an RK3399. The X2 has an 8-inch screen, binocular vision, IR thermometry, and card readers. Its Face-RK3399 mainboard sells for $129 on its own. T-Chip Technology’s Firefly unit has launched a smartphone-like facial recognition device called the Face […]



  • NodeJS on Ubuntu: Installation and First Steps
    NodeJS is a server-side implementation of javascript. It is event-driven and asynchronous so it is often used as a partial replacement for PHP. It's a vital technology in many websites today. This is why new developers are adopting it more and more and are noticing its benefits.


Error: It's not possible to reach RSS file http://services.digg.com/2.0/story.getTopNews?type=rss&topic=technology ...

Slashdot

  • Instagram Just Threw Users of Its Embedding API Under the Bus
    An anonymous reader quotes a report from Ars Technica: Instagram does not provide users of its embedding API a copyright license to display embedded images on other websites, the company said in a Thursday email to Ars Technica. The announcement could come as an unwelcome surprise to users who believed that embedding images, rather than hosting them directly, provides insulation against copyright claims. "While our terms allow us to grant a sub-license, we do not grant one for our embeds API," a Facebook company spokesperson told Ars in a Thursday email. "Our platform policies require third parties to have the necessary rights from applicable rights holders. This includes ensuring they have a license to share this content, if a license is required by law."   In plain English, before you embed someone's Instagram post on your website, you may need to ask the poster for a separate license to the images in the post. If you don't, you could be subject to a copyright lawsuit. Professional photographers are likely to cheer the decision, since it will strengthen their hand in negotiations with publishers. But it could also significantly change the culture of the Web. Until now, people have generally felt free to embed Instagram posts on their own sites without worrying about copyright concerns. That might be about to change. Instagram's announcement follows a recent court ruling where photographer Elliot McGucken sued Newsweek for copyright infringement for embedding his post on their site without permission. "Newsweek countered that it didn't need McGucken's permission because it could get rights indirectly via Instagram," reports Ars Technica. "Instagram's terms of service require anyone uploading photos to provide a copyright license to Instagram -- including the right to sublicense the same rights to other users. Newsweek argued that that license extends to users of Instagram's embedding technology, like Newsweek."   "But in a surprise ruling (PDF) on Monday, Judge Katherine Failla refused to dismiss McGucken's lawsuit at a preliminary stage," the report adds. "She held that there wasn't enough evidence in the record to decide whether Instagram's terms of service provided a copyright license for embedded photos."   The report goes on to note that courts have previously "ruled against plaintiffs in embedding cases based on the 'server test,' which holds that liability goes to whomever runs the server that actually delivers infringing content to the user -- in this case, Instagram." It adds: "Instagram's decision to throw users of its embedding API under the bus makes the server test crucial for cases like this."
          

    Read more of this story at Slashdot.


  • COVID-19 Crippled Movie Theaters and That Could Force Streamers To Be More Transparent About Viewership Data
    Sarah Whitten writes via CNBC: The coronavirus pandemic has fundamentally changed the entertainment industry. With movie theaters shuttered, studios have been forced to either delay their film releases or turn to on-demand and streaming options to present their content to audiences. While cinemas are preparing to reopen this month, eagerly awaiting new films in July, it's still unclear if there is enough demand to keep these businesses profitable. [...] Industry members worry that if films begin to shift towards on-demand and streaming that all of the metrics that were used to gauge success could disappear.   It's easy to figure out if a film is successful because studios give out all of the necessary information. You know the production budget, can ascertain that the marketing budget was about half of the production budget and then you see the box office receipts. If the box office numbers are larger than the production and marketing budgets, then the movie was a success. If that number is smaller, it was a flop. There's even data about how many screens a film was shown on in a given weekend and the average that film made per screen. These metrics not only help studios determine the profitability of a movie, but can also aid in its marketing. [...] In the world of streaming, and even on-demand and home video, that level of transparency is not present. There are very few sources that track the home entertainment market and even fewer companies that share their data on the subject.   Of course, the model for subscriptions services is very different from that of theatrical releases. Consumers pay up front a flat fee for a month's worth of content on a service like Netflix or Disney+, whereas theaters charge per view. So, it's difficult to assign a monetary amount to a movie released on a streaming service. The strongest measure of success for streaming services is total number of subscribers. This figure can be used to persuade content makers to work with one platform instead of another because of the potential reach they could have with an audience. It's not a guarantee that all of those subscribers will watch the content, but they will be exposed to it. [...] [However] it's very difficult to determine if someone signed up for a service just to watch one program. The report notes that Netflix counts a "view" as someone who chose to watch a program for at least two minutes, which is "pretty useless," according to Wedbush analyst Michael Pachter. "Who cares how many people watched a particular movie (other than them and the press)? It doesn't translate to revenue unless the movie is the reason to join the streaming service."   "Netflix gauges the success of shows by calculating how many viewers it was getting compared with the cost of the show," reports CNBC. "Without viewership data from any of Netflix's shows, it's difficult to determine how big of an audience a show on the platform needs to achieve in order to be considered viable by the company."
          

    Read more of this story at Slashdot.


  • Tesla Model 3 Was California's Best Selling Car Through First Quarter
    Through the first quarter of this year, the Tesla Model 3 was California's best selling vehicle. CNET reports: Data from the California New Car Dealers Association released last week shows the Model 3 sold 18,856 units through March 31 of this year. The figure is greater than any rival car, and even trumps mass-market cars and crossovers. The car to come closest was the Honda Civic with 18,001 units sold in the same time period. The Toyota Camry (17,871 units), RAV4 (17,261) and Corolla (15,575) round out the top five cars through Q1 in California. The CNCDA categorizes the Model 3 in the "near luxury" category, which has it compete with cars like the BMW 3 Series and Mercedes-Benz C-Class. In its respective segment, the electric car blew rivals away. The 3 Series sits in second place with 3,437 units sold to the Model 3's 18,856. The Lexus ES (2,703 units), C-Class (2,199) and Audi A4 (1,099 units) fill in the final results, and it's clear, Californians dig their Teslas.
          

    Read more of this story at Slashdot.


  • Slack Partners With Amazon To Take On Microsoft Teams
    Slack is partnering with Amazon in a multi-year agreement that means all Amazon employees will start to use Slack. The Verge reports: The deal comes just as Slack faces increased competition from Microsoft Teams, and it will also see Slack migrate its voice and video calling features over to Amazon's Chime platform alongside a broader adoption of Amazon Web Services (AWS). Amazon's roll out of Slack to all of its employees is a big part of the deal, thanks to an enterprise-wide agreement. It's not immediately clear how many of Amazon's 840,000 employees will be using Slack, though. Up until today, Slack's biggest customer has been IBM, which is rolling out Slack to its 350,000 employees.   While Slack has long used AWS to power parts of its chat app, it's now committing to using Amazon's cloud services as its preferred partner for storage, compute, database, security, analytics, machine learning, and future collaboration features. The deal means it's unlikely we'll see Slack turn to Microsoft's Azure cloud services or Google Cloud to power parts of its service in the foreseeable future. [...] Slack and Amazon are also promising better product integration and interoperability for features like AWS Chatbot, a service that pushes out Slack channel alerts for AWS instances. In the coming months, Slack and AWS will improve its Amazon AppFlow integration to support bi-directional transfer of data between AWS services and Slack channels.
          

    Read more of this story at Slashdot.


  • Small ISP Cancels Data Caps Permanently After Reviewing Pandemic Usage
    An anonymous reader writes: Antietam Broadband, which serves Washington County in Maryland, announced Friday that it "has permanently removed broadband data usage caps for all customers," retroactive to mid-March when the company first temporarily suspended data-cap overage fees. The decision to permanently drop the cap was made partly because of "learnings from the COVID-19 pandemic as more people worked and learned remotely," Antietam explained. "During this period customers moved into broadband packages that more accurately reflected their broadband needs." Like most other ISPs, Antietam charges different prices based on speed tiers as measured in bits per second, with Antietam's advertised download speeds ranging up to 1Gbps.   "These are uncertain times. We felt a need to give customers as much certainty over their bill as possible," Antietam President Brian Lynch said in the press release. "Eliminating data usage caps means that customers will know the exact amount of their broadband bill every month." U.S. residents have been using more Internet data at home since mid-March, when the pandemic caused the closure of offices and schools. "Since the pandemic began, we have seen as much increase in broadband usage as we generally would see over the course of a year," Lynch said. Antietam said it has responded to the growing usage "by adding backhaul, server capacity and local nodes." "Antietam imposed its data cap in 2015, charging a $10 overage fee for each additional block of 50GB," the report adds. "The monthly data caps ranged from 500GB to 1.5TB per month, except for a gigabit fiber plan that already included unlimited data."
          

    Read more of this story at Slashdot.


  • GTA Online, Red Dead Online Will Temporarily Go Offline In Honor of George Floyd
    Rockstar Games, 2K games, and their parent company Take-Two Interactive announced on Thursday that they will shut down the servers for games such as Grand Theft Auto Online, Red Dead Online, and NBA 2K for two hours on Thursday afternoon "to honor the legacy of George Floyd." Polygon reports: "Black Lives Matter," said Rockstar Games on its official Twitter account. "To honor the legacy of George Floyd, today, 6/4/20, from 2:00-4:00 p.m. ET, we will be shutting down access to our online games, Grand Theft Auto Online and Red Dead Online." "Following the memorial," Rockstar added in a follow-up tweet, "we hope you will join us in further honoring the many victims of America's racial injustices by supporting their families, black-owned businesses, those marching on the streets, and coalitions." Rockstar ended its thread with a link to Charity Navigator, a nonprofit organization that maintains a vetted list of civil rights-focused charities.   In addition to Rockstar's titles, additional games from 2K Games and Social Point will go offline as well from 2-4 p.m. EDT on Thursday, Take-Two Interactive said in a statement to Polygon. The list includes NBA 2K, Dragon City, and Monster Legend. Private Division, whose portfolio includes The Outer Worlds and Kerbal Space Program, will also "suspend" its activities during the window. "George Floyd's memory will serve as a reminder that racism and the violence it incites cannot be tolerated," Take-Two Interactive said. "We are committed to supporting efforts to eradicate racial injustice and stand in solidarity with the Black community against this systemic issue that causes conflict and division in our society."
          

    Read more of this story at Slashdot.


  • Facebook To Block Ads From State-Controlled Media Entities In the US
    Facebook said Thursday it will begin blocking state-controlled media outlets from buying advertising in the U.S. this summer. It's also rolling out a new set of labels to provide users with transparency around ads and posts from state-controlled outlets. Outlets that feel wrongly labeled can appeal the process. Axios reports: Nathaniel Gleicher, Facebook's head of security policy, says the company hasn't seen many examples yet of foreign governments using advertising to promote manipulative content to U.S. users, but that the platform is taking this action out of an abundance of caution ahead of the 2020 election. Beginning Thursday, the types of state-backed media that U.S. users will see labels on include outlets like Russia's Sputnik, China's People's Daily, Iran's Tasnim News Agency and others. [...] The purpose of labeling these outlets is to give users transparency about any kind of potential bias a state-backed entity may have when providing information to U.S. users. Gleicher says it's labeling these outlets, not removing them altogether, because in many places around the world, state-backed media is the only form of local news. Facebook considers an outlet to be state-backed not just if it takes state funding, but also based on the organization's structure (whether a government official helps them make editorial decisions) and whether there are clear indications that the entity has editorial independence (like a law or charter granting them that independence).
          

    Read more of this story at Slashdot.


  • Musk Says 'Time To Break Up Amazon,' Escalating Feud With Bezos
    An anonymous reader quotes a report from Bloomberg: Tesla Chief Executive Officer Elon Musk said it's "time to break up Amazon" in a tweet Thursday, escalating a rivalry with Amazon CEO Jeff Bezos, another billionaire investing in space exploration. "Monopolies are wrong," Musk tweeted while tagging Bezos, the world's wealthiest man. Musk's post came in response to a tweet from a writer who said his book titled "Unreported Truths About COVID-19 and The Lockdown" was being removed from Amazon's Kindle publishing division for violating unspecified guidelines. The book that was removed by Amazon was written by lockdown critic and former New York Times reporter Alex Berenson. "Due to the rapidly changing nature of information around the COVID-19 virus, we are referring customers to official sources for health information about the virus," Amazon said to Berenson. "Please consider removing references to COVID-19 for this book."   In comments to Breitbart News, Berenson explained the topic of his now-censored e-book on the coronavirus, calling it "An introduction and a discussion of death coding, death counts, and who is really dying from COVID, as well as a worst-case estimate of deaths with no mitigation efforts."   Berenson added, "I briefly considered censorship but assumed I wouldn't have a problem both because of my background, because anyone who reads the booklet will realize it is impeccably sourced, nary a conspiracy theory to be found, and frankly because Amazon shouldn't be censoring anything that doesn't explicitly help people commit criminal behavior. [...] I have no idea if the decision was made by a person, an automated system, or a combination (i.e. the system flags anything with COVID-19 or coronavirus in the title and then a person decides on the content)."
          

    Read more of this story at Slashdot.


  • Google Search a Target of US Antitrust Probes, Rival Says
    U.S. federal and state authorities are asking detailed questions about how to limit Google's power in the online search market as part of their antitrust investigations into the tech giant, according to rival DuckDuckGo. From a report: Gabriel Weinberg, chief executive officer of the privacy-focused search engine, said he has spoken with state regulators, and talked with the U.S. Justice Department as recently as a few weeks ago. Justice Department officials and state attorneys general asked the CEO about requiring Google to give consumers alternatives to its search engine on Android devices and in Google's Chrome web browser, Weinberg said in an interview. "We've been talking to all of them about search and all of them have asked us detailed search questions," he added. Weinberg's comments shine a light into how the inquiry is examining Google's core business -- online search.
          

    Read more of this story at Slashdot.


  • Incognito Mode Detection Still Works in Chrome Despite Promise To Fix
    Websites are still capable of detecting when a visitor is using Chrome's incognito (private browsing) mode, despite Google's efforts last year to disrupt the practice. From a report: It is still possible to detect incognito mode in Chrome, and all the other Chromium-based browsers, such as Edge, Opera, Vivaldi, and Brave, all of which share the core of Chrome's codebase. Furthermore, developers have taken the scripts shared last year and have expanded support to non-Chrome browsers, such as Firefox and Safari, allowing sites to block users in incognito mode across the board. Currently, there is no deadline for a new Chrome update to block incognito mode detections, however, today, Google might be interested more than ever in fixing this issue.
          

    Read more of this story at Slashdot.


  • Germany Will Require All Petrol Stations To Provide Electric Car Charging
    Speaking of Germany it will oblige all petrol stations to offer electric car charging to help remove refueling concerns and boost consumer demand for the vehicles as part of its 130 billion euro ($146 billion) economic recovery plan. From a report: The move could provide a significant boost to electric vehicle demand along with the broader stimulus plan which included taxes to penalize ownership of large polluting combustion-engined sports utility vehicles and a 6,000 euro subsidy towards the cost of an electric vehicle. Germany's announcement follows a French plan to boost electric car sales announced last week by President Macron.
          

    Read more of this story at Slashdot.


  • Dropbox is Working On Its Own Password Manager
    AndroidPolice: Dropbox just unceremoniously dumped a brand new app on the Play Store with no fanfare or formal announcement. The new Dropbox Passwords app, according to its listing, is a password manager available exclusively in an invite-only private beta for some Dropbox customers. Based on screenshots and description, the app seems pretty barebones -- or "minimal," depending on your tastes. Dropbox seems to intentionally avoid calling it a "password manager," though its functionality otherwise appears about the same as other solutions. Like other password managers, Dropbox Password can generate passwords for new accounts as required and sync them remotely so you can access all your passwords on multiple devices. It also uses zero-knowledge encryption to store those passwords remotely.
          

    Read more of this story at Slashdot.


  • GM Plans Electric Van for Business Users in Bid To Pre-empt Tesla
    General Motors is developing an electric van aimed at business users, joining a growing list of carmakers planning EVs for the same segment which includes customers such as Amazon.com and United Parcel Service, Reuters reported Thursday. From the report: That multibillion-dollar strategy could enable GM, Ford Motor and at least two EV startups to build and deliver more electric vehicles at a time when consumer demand for battery-powered models is still a small fraction of overall industry sales, while targeting a potentially lucrative market segment that Tesla Inc has yet to address. GM's plan to develop an electric van has not previously been reported. The No. 1 U.S. automaker did not confirm the van, but has said it plans to introduce at least 20 new all-electric vehicles by 2023, in a variety of body styles including sedans, trucks and crossovers. Suppliers familiar with such plans at GM and Ford told Reuters the Detroit automakers, which count trucks and commercial vehicles among their most profitable businesses, "don't want to leave the door open for Tesla" as they did in consumer passenger cars.
          

    Read more of this story at Slashdot.


  • Google Says Iranian, Chinese Hackers Targeted Trump, Biden Campaigns
    Google security researchers say they've identified efforts by at least two nation state-backed hackers against the Trump and Biden presidential campaigns. From a report: Shane Huntley, director for Google's Threat Analysis Group, said in a tweet that hackers backed by China and Iran recently targeted the campaigns using malicious phishing emails. But, Huntley said, there are "no signs of compromise" and that the campaigns were both alerted to the attempts.
          

    Read more of this story at Slashdot.


  • Hydroxychloroquine Does Not prevent Covid-19 Infection if Exposed, Study Says
    The malaria drug hydroxychloroquine did not help prevent people who had been exposed to others with Covid-19 from developing the disease, according to the results of an eagerly awaited study that was published Wednesday in the New England Journal of Medicine. From a report: Despite a lack of evidence, many people began taking the medicine to try to prevent infection early in the Covid-19 pandemic, following anecdotal reports it could be effective and claims by President Trump and conservative commentators. Trump, too, said he took hydroxychloroquine to prevent infection. But the new study, the first double-blind randomized, placebo-controlled trial of hydroxychloroquine, found otherwise. "I think in the setting of post-exposure prophylaxis, it doesn't seem to work," said Sarah Lofgren, an assistant professor at the University of Minnesota who is a co-author of the study. Other studies of hydroxychloroquine are ongoing. Also Wednesday, the World Health Organization said it is resuming a clinical trial testing hydroxychloroquine as a treatment after pausing it over safety concerns.
          

    Read more of this story at Slashdot.


The Register



  • Facebook to save US users from ads bought by foreign state-controlled media
    Leaving more room for false ads bought by local politicians, which it still allows
    Facebook will hide ads bought by state-owned media outlets from its US-based users, as part of its plan “to provide an extra layer of protection against various types of foreign influence in the public debate ahead of the November 2020 election in the US.”…





































  • Defending critical national infrastructure... hmm. Does Zoom count as critical now?
    All the old lines are getting pretty darn blurred, say security experts at Euro online confab
    Infosec Europe Does your IT security model take into account things like pacemakers? According to Dr Victoria Baines, speaking at Infosec Europe, "we also perhaps neglect the idea that critical infrastructure might be inside people" as well as merely carried in their pockets.…


  • How many? 28 million fewer PCs and tablets to find a home in 2020
    Factory closures, surge in remote working and weakened economy all fed into forecasting formula
    Seven is lucky for some, but maybe not PC and tab makers in 2020 if research house Canalys has got its forecasts right: manufacturers will ship 367.8 million of those boxes, 27.8 million fewer than the prior 12 months, and down - you guessed it - 7 per cent.…












Phoronix



  • Benchmarks Of 2nd Gen AMD EPYC On Amazon EC2 Against Intel Xeon, Graviton2
    Today AMD and Amazon announced the general availability of 2nd Gen AMD EPYC "Rome" processors available via the Elastic Compute Cloud. AMD EPYC "Rome" on EC2 with the new "C5a" instance types offer very competitive performance against the latest Intel Xeon instance types, Amazon's own Graviton2 Arm-based instances, and a big upgrade compared to the first-generation EPYC processors in the cloud.


  • Fedora 33 Proposal To Allow Packages To Build With LLVM Clang Rather Than Requiring GCC
    A feature proposal raised by Red Hat's Jeff Law would allow Fedora packages to be built under the LLVM Clang compiler rather than defaulting that all packages to be built under GCC. Clang-built packages would happen where the upstream software recommends using Clang by default or for software without an upstream to let the packager(s) make their own decision...



  • The AMD Ryzen 5 4500U / Ryzen 7 4700U Against Intel With 141 Benchmarks
    Following the initial benchmarks of the AMD Ryzen 5 4500U performance a few days ago, here is another more exhaustive look at the performance of this six-core Zen 2 mobile processor as well as that of the eight core Ryzen 7 4700U and several competing Intel CPUs in 140+ benchmarks.


  • GNU Linux-Libre 5.7 Released - Drops Intel iGPU Security Fix Over Arrays Of Numbers
    The GNU Linux-libre 5.7-gnu kernel was released following last weekend's Linux 5.7 kernel release. But the info-gnu mailing list was slow and thus just hitting the wire today for the latest version of this sanitized version of the Linux kernel. One interesting change in GNU Linux-libre 5.7-gnu is dropping the Intel Gen7 "iGPU Leak" security mitigation over not liking the sources...








  • AMD Zen/Zen2 RAPL Support Merged In Linux 5.8
    Complementing the new AMD Energy Driver in the hwmon subsystem for Linux 5.8 to provide per-socket/core reporting, the Linux perf subsystem in this new kernel version has run-time average power limiting (RAPL) framework integration for AMD Zen/Zen2 CPUs...




  • Linux 5.8 Supporting Intel TPAUSE Power-Optimized Delays, TSC Fix When Overclocking
    TPAUSE is the new Intel instruction for supporting lightweight power/performance optimized and improved power/performance states for sleeping until the timestamp counter (TSC) has reached a desired value. This new instruction with Intel's Tremont architecture will now be used by Linux 5.8+ on supported CPUs for an optimized power state while waiting on a delay event...



  • Squeezing Extra Performance Out Of The Intel Core i9 10900K With Clear Linux
    Besides disabling CPU security mitigations (not recommended if security is of importance), for those wanting to squeeze extra performance out of Intel CPUs like Comet Lake with the Core i9 10900K, loading Intel's performance-optimized Clear Linux is one such way. Here is a look at the current performance that can be gained out of using the latest rolling-release Clear Linux on the i9-10900K in comparison to Ubuntu 20.04 LTS.




  • RADV Enables Zero vRAM Option For All Games With VKD3D
    Mesa's Radeon "RADV" Vulkan driver is now enabling the "zero vRAM" option for all VKD3D games -- Direct3D 12 titles running on Steam Play / Wine with this D3D12 to Vulkan layer -- in order to workaround various rendering bugs...



  • Ubuntu's ZFS Daemon Zsys 0.5 Released
    As part of their work on ZFS support improvements for the in-development Ubuntu 20.10, Zsys 0.5 has been tagged and landing in the "Groovy Gorilla" repository for this ZFS daemon spearheaded by Canonical developers...


  • Devuan 3.0 Released For Debian 10 Without Systemd
    Two years after the release of Devuan 2.0 and just a few months since the Beowulf beta, Devuan 3.0 "Beowulf" is now officially available as this Linux distribution providing a Debian package set not dependent upon systemd...



  • iXsystems Announces TrueNAS SCALE As A Linux-Based Offering
    While iXsystems has been known as one of the leading FreeBSD-focused vendors with their various BSD-powered storage devices and servers as well as contributing significantly to upstream FreeBSD in addition to their former work on TrueOS/PC-BSD, they are now developing a new platform called TrueNAS SCALE that is based on Linux...




  • PHP 8.0 JIT Is Offering Very Compelling Performance Ahead Of Its Alpha
    With the PHP 8.0 schedule putting the first alpha release for the middle of June, I've been trying out its latest Git state in recent days for looking at its performance as well as when enabling its brand new JIT (Just In Time) compiler support that is new to PHP8. The results are quite compelling and here are metrics going back to the days of PHP 5.4 for comparison.




Polish Linux

  • Security: Why Linux Is Better Than Windows Or Mac OS
    Linux is a free and open source operating system that was released in 1991 developed and released by Linus Torvalds. Since its release it has reached a user base that is greatly widespread worldwide. Linux users swear by the reliability and freedom that this operating system offers, especially when compared to its counterparts, windows and [0]


  • Essential Software That Are Not Available On Linux OS
    An operating system is essentially the most important component in a computer. It manages the different hardware and software components of a computer in the most effective way. There are different types of operating system and everything comes with their own set of programs and software. You cannot expect a Linux program to have all [0]


  • Things You Never Knew About Your Operating System
    The advent of computers has brought about a revolution in our daily life. From computers that were so huge to fit in a room, we have come a very long way to desktops and even palmtops. These machines have become our virtual lockers, and a life without these network machines have become unimaginable. Sending mails, [0]


  • How To Fully Optimize Your Operating System
    Computers and systems are tricky and complicated. If you lack a thorough knowledge or even basic knowledge of computers, you will often find yourself in a bind. You must understand that something as complicated as a computer requires constant care and constant cleaning up of junk files. Unless you put in the time to configure [0]


  • The Top Problems With Major Operating Systems
    There is no such system which does not give you any problems. Even if the system and the operating system of your system is easy to understand, there will be some times when certain problems will arise. Most of these problems are easy to handle and easy to get rid of. But you must be [0]


  • 8 Benefits Of Linux OS
    Linux is a small and a fast-growing operating system. However, we can’t term it as software yet. As discussed in the article about what can a Linux OS do Linux is a kernel. Now, kernels are used for software and programs. These kernels are used by the computer and can be used with various third-party software [0]


  • Things Linux OS Can Do That Other OS Can’t
    What Is Linux OS?  Linux, similar to U-bix is an operating system which can be used for various computers, hand held devices, embedded devices, etc. The reason why Linux operated system is preferred by many, is because it is easy to use and re-use. Linux based operating system is technically not an Operating System. Operating [0]


  • Packagekit Interview
    Packagekit aims to make the management of applications in the Linux and GNU systems. The main objective to remove the pains it takes to create a system. Along with this in an interview, Richard Hughes, the developer of Packagekit said that he aims to make the Linux systems just as powerful as the Windows or [0]


  • What’s New in Ubuntu?
    What Is Ubuntu? Ubuntu is open source software. It is useful for Linux based computers. The software is marketed by the Canonical Ltd., Ubuntu community. Ubuntu was first released in late October in 2004. The Ubuntu program uses Java, Python, C, C++ and C# programming languages. What Is New? The version 17.04 is now available here [0]


  • Ext3 Reiserfs Xfs In Windows With Regards To Colinux
    The problem with Windows is that there are various limitations to the computer and there is only so much you can do with it. You can access the Ext3 Reiserfs Xfs by using the coLinux tool. Download the tool from the  official site or from the  sourceforge site. Edit the connection to “TAP Win32 Adapter [0]


OSnews

  • Emacs as an email client
    Emailing in Emacs is a super power that I have been grateful for over the past several years. Below I will describe a simple setup that works for me and more importantly for me, it’s something I like. This setup makes me almost want to write descriptive emails simply because it moves the pain of writing emails into the same ecosystem that I feel comfortable writing long form articles, programs, design documents and other artifacts that involve “putting my thoughts down”. I cringe everytime I see an email written in rich text with broad lines going well over 150 characters. It may not be for me  in fact, its really not for me  but I always greatly enjoy reading about peoples unique way of doing things with hardware and software.


  • Those Win9x Crashes on Fast Machines0
    It is well known that Win9x variants prior to Windows 98 have a tendency to crash on fast CPUs. The definition of “fast” is of course fuzzy but the problems were known to occur on AMD K6-2 processors running at 350 MHz or faster as early as 1998. This led to some acrimony when Microsoft attempted to charge $35 for the fix. The crashes were intermittent on the 350 MHz parts but harder to avoid with faster clock speeds. The problem soon started affecting other CPUs with higher frequencies, but it didn’t affect Intel processors for a while. Were Intel CPUs somehow better? Not exactly, but there was a reason for that; more about it later. I have been long aware of this problem but never looked into the details. And when I did, at first I didn’t realize it. An acquaintance mentioned that Windows 3.11 for Workgroups no longer works in a VM. A good and interesting read.


  • Microsoft Defender SmartScreen is hurting independent developers
    Let us say you are an independent developer and it is time to publish your app to the world. To make it easier, you build an installer and start distributing it. A courageous early adopter downloads and runs it, only to be greeted by this strongly worded warning: Indeed, in today’s Windows environment, Microsoft actively blocks binaries from running; thanks to “SmartScreen”. This article details some of the problems with SmartSCreen, which in theory could be an important and useful technology.


  • 5G coronavirus conspiracy theorists are endangering the workers who keep networks running
    Since the UK entered lockdown in March, engineers like Qureshi had unwillingly found themselves on the front line of a strange global crusade. Conspiracy theorists had linked the spread of the novel coronavirus to the installation of new 5G mobile networks, with some claiming the cellular network weakened the immune system and allowed the virus to thrive, while others said 5G masts were broadcasting the virus through the ether (all “crackpot” claims, to quote the UK government). The thing these theories have in common is that they give people someone to blame. And though some of that paranoia comes from a reasonable mistrust of large corporations and institutions, the end target was always workers like Qureshi, out on the street in high-visibility vests, just trying to do their job. These people are what the facepalm was invented for.


  • Buyer beware  that 2TB-6TB “NAS” drive you’ve been eyeing might be SMR
    Storage vendors, including but reportedly not limited to Western Digital, have quietly begun shipping SMR (Shingled Magnetic Recording) disks in place of earlier CMR (Conventional Magnetic Recording) disks. SMR is a technology that allows vendors to eke out higher storage densities, netting more TB capacity on the same number of platters—or fewer platters, for the same amount of TB. Until recently, the technology has only been seen in very large disks, which were typically clearly marked as archival!. In addition to higher capacities, SMR is associated with much lower random I/O performance than CMR disks offer. This is going to be another one of those stupid things us technology buyers have to look out for when buying storage, isnt it? Like


  • Linux Mint wont install snaps behind your back
    A few weeks ago, we talked about how Ubuntu is forcing snap packages on users, even when using apt. Since various distributions are based on Ubuntu, a lot of users of those distributions are wondering if snaps will infect their systems, too. One of the most popular Ubuntu-based distributions, Linux Mint, has a clear answer. First, I’m happy to confirm that Linux Mint 20, like previous Mint releases will not ship with any snaps or snapd installed. Second, to address this situation we’ll do exactly what we said we would: • In Linux Mint 20, Chromium won’t be an empty package which installs snapd behind your back. It will be an empty package which tells you why it’s empty and tells you where to look to get Chromium yourself.• In Linux Mint 20, APT will forbid snapd from getting installed. You’ll still be able to install it yourself and we’ll document this in the release notes, but by default APT won’t allow repository packages from doing this on your behalf. This is good news, and the right route to take.


  • Twitter, Reddit file in support of lawsuit challenging US government’s social media registration requirement for visa applicants
    Twitter, Reddit, and Internet Association filed an amicus brief late yesterday in support of a lawsuit filed last year by the Knight First Amendment Institute at Columbia University, the Brennan Center for Justice, and Simpson Thacher 8 Bartlett LLP on behalf of plaintiffs Doc Society and International Documentary Association, challenging rules that require nearly all visa applicants to register their social media handles with the U.S. government and connected policies permitting the retention and dissemination of that information. The brief argues that the social media registration requirement and connected policies “unquestionably chill a vast quantity of speech” and harm the First Amendment rights of their users, particularly those who use pseudonymous handles to discuss political, controversial, or otherwise sensitive issues on the platforms. This has bad idea written all over it, but that has never stopped any government from implementing tech-related policy. This wont be an issue for average joes around the world  many western countries have visa-free travel to the US anyway through things like the ESTA program  but it will be for people from repressive regimes.


  • Linux 5.7 kernel released
    As far as Linux 5.7 goes there are many new features and improvements like an Apple USB Fast Charge! driver, Intel Tiger Lake Gen12! graphics are now deemed stable and promoted out of the experimental flag, AMD Renoir graphics are in good shape, F2FS Zstd support, Qualcomm Snapdragon 865 support on this mainline kernel, and a lot more. You can of course build the new kernel yourself, but itll make its way to your distribution of choice soon enough.


  • Caught on camera, police explode in rage and violence across the US
    Over the past 72 hours, people across the US have captured what may be the most comprehensive live picture of police brutality ever. Any one of the videos we’ve seen could have sparked a national discussion, with people picking apart their elements, searching for context to argue about, and digging through the pasts of everyone involved. But it’s not just one act of violence. It’s everywhere. Here is just a short list of scenes from the past few days. This is what fascism looks like.


  • Google details Fuchsia, states it is not experimental
    It seems Google has opened up a little bit about its Fuchsia operating system. A (I think) new Overview page details what Fuchsia is, what its not, and what its intended to be used for. Security is obviously a primary goal of the operating system: Security and privacy are woven deeply into the architecture of Fuchsia. The basic building blocks of Fuchsia, the kernel primitives, are exposed to applications as object-capabilities, which means that applications running on Fuchsia have no ambient authority: applications can interact only with the objects to which they have been granted access explicitly. Software is delivered in hermetic packages and everything is sandboxed, which means all software that runs on the system, including applications and system components, receives the least privilege it needs to perform its job and gains access only to the information it needs to know. Google seems to want to make really clear that Fuchsia is diametrically the opposite of Android when it comes to updates. They dont mince words here, and it might as well read everything Android is not!: Fuchsia works by combining components delivered in packages. Fuchsia packages are designed to be updated independently or even delivered ephemerally, which means packages are designed to come and go from the device as needed and the software is always up-to-date, like a Web page. Fuchsia aims to provide drivers with a binary-stable interface. In the future, drivers compiled for one version of Fuchsia will continue to work in future versions of Fuchsia without needing to be modified or even recompiled. This approach means that Fuchsia devices will be able to update to newer versions of Fuchsia seamlessly while keeping their existing drivers. Theres more information about Fuchsia on the page, but the final paragraph should finally shed some light on that Google is definitely serious about the new operating system, and is intending to actually, you know, use it for stuff. Fuchsias goal is to power production devices and products used for business-critical applications. As such, Fuchsia is not a playground for experimental operating system concepts. Instead, the platform roadmap is driven by practical use cases arising from partner and product needs.


  • Genode 20.05 released
    Genode 20.05 takes our road maps focus on the consolidation and optimization of the framework and its API to heart. It contains countless of under-the-hood improvements, mostly on the account of vastly intensified automated testing, the confrontation of Genode with increasingly complex software stacks, and stressful real-world work loads. You will find this theme throughout the release notes below. The result of this overhaul is captured in the updated version of the Genode Foundations book (Section New revision of the Genode Foundations book). I wish every project had release notes as detailed as Genodes always are. Excellent work.


  • PowerPC Solaris on the RS/6000
    One of the weirdest times in computing was during the mid-90s, when the major RISC vendors all had their own plans to dominate the consumer market and eventually wipe out Intel. This was a time that led to overpriced non-x86 systems that intended to wipe out the PC, Windows NT being ported to non-x86 platforms, PC style hardware paired with RISC CPUs, Apple putting the processor line from IBM servers into Macs, and Silicon Graphics designing a game console for Nintendo. While their attempts worked wonders in the embedded field for MIPS and the AIM alliance, quite a few of these attempts at breaking into the mainstream were total flops. Despite this, there were some weird products released during this period that most only assumed existed in tech magazine ads and reviews. One such product was Solaris for PowerPC. Now Solaris has existed on Intel platforms for ages and the Illumos fork has some interesting ports including a DEC Alpha port, but a forgotten official port exists for the PowerPC CPU architecture. Unlike OS/2, it’s complete and has a networking stack. It’s also perhaps one of the weirdest OSes on the PowerPC platform. I love machines from this era. Theres some seriously weird hardware from that time floating around eBay for serious prices.


  • Android Studio 4.0 released
    Some highlights of Android Studio 4.0 include a new Motion Editor to help bring your apps to life, a Build Analyzer to investigate causes for slower build times, and Java 8 language APIs you can use regardless of your app’s minimum API level. Based on your feedback, we’ve also overhauled the CPU Profiler user interface to provide a more intuitive workflow and easier side-by-side analysis of thread activity. And the improved Layout Inspector now provides live data of your app’s UI, so you can easily debug exactly what’s being shown on the device. Its available on the stable channel.


  • The story of how Microsoft embraced and then killed AppGet
    Keivan Beigi, the developer behind AppGet, a package manager for Windows, claims Microsoft copied his software. He was contacted by Microsoft as a possible hire, and flew in to Microsofts headquarters to talk about AppGet, and after suddenly being ghosted, Microsoft announced WinGet  what he claims is pretty much a direct copy. Realistically, no matter how hard I tried to promote AppGet, it would never grow at the rate a Microsoft solution would. I didn’t create AppGet to get rich or to become famous or get hired by Microsoft. I created AppGet because I thought us Windows users deserved a decent app management experience too. What bothers me is how the whole thing was handled. The slow and dreadful communication speed. The total radio silence at the end. But the part that hurts the most was the announcement. AppGet, which is objectively where most ideas for WinGet came from, was only mentioned as another package manager that just happened to exist; While other package managers that WinGet shares very little with were mentioned and explained much more deliberately. This is the kind of stuff big tech does, so it really shouldnt come as a surprise to anyone.


  • OS/2 on Virtualbox guide
    There is this interesting article about running different versions of OS/2 on VirtualBox. It offers tips for each different version, disk image conversion information and prebuilt images. When I started looking into getting it working on a virtual machine, I had a hard time finding some crucial information and files, there were steps in the install process that were not explained in the few guides I could find, it wasnt clear to me which versions could be installed, and some of the install files were in formats I couldnt read. Now that Ive figured out all those problems Ive created a guide with specific instructions on how to get all major versions working on VirtualBox, complete with sound, video and network in some cases, and youll find those guides below. I also created prebuilt virtual machines you can just download and press play on. You owe it to yourself to play with OS/2. Its an amazingly fascinating operating system with some great ideas and features.


Linux Journal - The Original Magazine of the Linux Community

  • Linux Journal Ceases Publication: An Awkward Goodbye
    by Kyle Rankin    IMPORTANT NOTICE FROM LINUX JOURNAL, LLC: On August 7, 2019, Linux Journal shut its doors for good. All staff were laid off and the company is left with no operating funds to continue in any capacity. The website will continue to stay up for the next few weeks, hopefully longer for archival purposes if we can make it happen.  –Linux Journal, LLC
     


     
    Final Letter from the Editor: The Awkward Goodbye

    by Kyle Rankin

    Have you ever met up with a friend at a restaurant for dinner, then after dinner you both step out to the street and say a proper goodbye, only when you leave, you find out that you both are walking in the same direction? So now, you get to walk together awkwardly until the true point where you part, and then you have another, second goodbye, that's much more awkward.

    That's basically this post. 

    So, it was almost two years ago that I first said goodbye to Linux Journal and the Linux Journal community in my post "So Long and Thanks for All the Bash". That post was a proper goodbye. For starters, it had a catchy title with a pun. The post itself had all the elements of a proper goodbye: part retrospective, part "Thank You" to the Linux Journal team and the community, and OK, yes, it was also part rant. I recommend you read (or re-read) that post, because it captures my feelings about losing Linux Journal way better than I can muster here on our awkward second goodbye. 

    Of course, not long after I wrote that post, we found out that Linux Journal wasn't dead after all! We all actually had more time together and got to work fixing everything that had caused us to die in the first place. A lot of our analysis of what went wrong and what we intended to change was captured in my article Go to Full Article          


  • Oops! Debugging Kernel Panics
    by Petros Koutoupis   
    A look into what causes kernel panics and some utilities to help gain more information.

    Working in a Linux environment, how often have you seen a kernel panic? When it happens, your system is left in a crippled state until you reboot it completely. And, even after you get your system back into a functional state, you're still left with the question: why? You may have no idea what happened or why it happened. Those questions can be answered though, and the following guide will help you root out the cause of some of the conditions that led to the original crash.

    Figure 1. A Typical Kernel Panic

    Let's start by looking at a set of utilities known as kexec and kdump. kexec allows you to boot into another kernel from an existing (and running) kernel, and kdump is a kexec-based crash-dumping mechanism for Linux.
     Installing the Required Packages
    First and foremost, your kernel should have the following components statically built in to its image:
      CONFIG_RELOCATABLE=y CONFIG_KEXEC=y CONFIG_CRASH_DUMP=y CONFIG_DEBUG_INFO=y CONFIG_MAGIC_SYSRQ=y CONFIG_PROC_VMCORE=y  
    You can find this in /boot/config-`uname -r`.

    Make sure that your operating system is up to date with the latest-and-greatest package versions:
      $ sudo apt update && sudo apt upgrade  
    Install the following packages (I'm currently using Debian, but the same should and will apply to Ubuntu):
      $ sudo apt install gcc make binutils linux-headers-`uname -r`  ↪kdump-tools crash `uname -r`-dbg  
    Note: Package names may vary across distributions.

    During the installation, you will be prompted with questions to enable kexec to handle reboots (answer whatever you'd like, but I answered "no"; see Figure 2).

    Figure 2. kexec Configuration Menu

    And to enable kdump to run and load at system boot, answer "yes" (Figure 3).

    Figure 3. kdump Configuration Menu
     Configuring kdump
    Open the /etc/default/kdump-tools file, and at the very top, you should see the following:
        Go to Full Article          


  • Loadsharers: Funding the Load-Bearing Internet Person
    by Eric S. Raymond   
    The internet has a sustainability problem. Many of its critical services depend on the dedication of unpaid volunteers, because they can't be monetized and thus don't have any revenue stream for the maintainers to live on. I'm talking about services like DNS, time synchronization, crypto libraries—software without which the net and the browser you're using couldn't function.

    These volunteer maintainers are the Load-Bearing Internet People (LBIP). Underfunding them is a problem, because underfunded critical services tend to have gaps and holes that could have been fixed if there were more full-time attention on them. As our civilization becomes increasingly dependent on this software infrastructure, that attention shortfall could lead to disastrous outages.

    I've been worrying about this problem since 2012, when I watched a hacker I know wreck his health while working on a critical infrastructure problem nobody else understood at the time. Billions of dollars in e-commerce hung on getting the particular software problem he had spotted solved, but because it masqueraded as network undercapacity, he had a lot of trouble getting even technically-savvy people to understand where the problem was. He solved it, but unable to afford medical insurance and literally living in a tent, he eventually went blind in one eye and is now prone to depressive spells.

    More recently, I damaged my ankle and discovered that although there is such a thing as minor surgery on the medical level, there is no such thing as "minor surgery" on the financial level. I was looking—still am looking—at a serious prospect of either having my life savings wiped out or having to leave all 52 of the open-source projects I'm responsible for in the lurch as I scrambled for a full-time job. Projects at risk include the likes of GIFLIB, GPSD and NTPsec.

    That refocused my mind on the LBIP problem. There aren't many Load-Bearing Internet People—probably on the close order of 1,000 worldwide—but they're a systemic vulnerability made inevitable by the existence of common software and internet services that can't be metered. And, burning them out is a serious problem. Even under the most cold-blooded assessment, civilization needs the mean service life of an LBIP to be long enough to train and acculturate a replacement.

    (If that made you wonder—yes, in fact, I am training an apprentice. Different problem for a different article.)

    Alas, traditional centralized funding models have failed the LBIPs. There are a few reasons for this:
        Go to Full Article          


  • Documenting Proper Git Usage
    by Zack Brown   
    Jonathan Corbet wrote a document for inclusion in the kernel tree, describing best practices for merging and rebasing git-based kernel repositories. As he put it, it represented workflows that were actually in current use, and it was a living document that hopefully would be added to and corrected over time.

    The inspiration for the document came from noticing how frequently Linus Torvalds was unhappy with how other people—typically subsystem maintainers—handled their git trees.

    It's interesting to note that before Linus wrote the git tool, branching and merging was virtually unheard of in the Open Source world. In CVS, it was a nightmare horror of leechcraft and broken magic. Other tools were not much better. One of the primary motivations behind git—aside from blazing speed—was, in fact, to make branching and merging trivial operations—and so they have become.

    One of the offshoots of branching and merging, Jonathan wrote, was rebasing—altering the patch history of a local repository. The benefits of rebasing are fantastic. They can make a repository history cleaner and clearer, which in turn can make it easier to track down the patches that introduced a given bug. So rebasing has a direct value to the development process.

    On the other hand, used poorly, rebasing can make a big mess. For example, suppose you rebase a repository that has already been merged with another, and then merge them again—insane soul death.

    So Jonathan explained some good rules of thumb. Never rebase a repository that's already been shared. Never rebase patches that come from someone else's repository. And in general, simply never rebase—unless there's a genuine reason.

    Since rebasing changes the history of patches, it relies on a new "base" version, from which the later patches diverge. Jonathan recommended choosing a base version that was generally thought to be more stable rather than less—a new version or a release candidate, for example, rather than just an arbitrary patch during regular development.

    Jonathan also recommended, for any rebase, treating all the rebased patches as new code, and testing them thoroughly, even if they had been tested already prior to the rebase.

    "If", he said, "rebasing is limited to private trees, commits are based on a well-known starting point, and they are well tested, the potential for trouble is low."

    Moving on to merging, Jonathan pointed out that nearly 9% of all kernel commits were merges. There were more than 1,000 merge requests in the 5.1 development cycle alone.
        Go to Full Article          


  • Understanding Python's asyncio
    by Reuven M. Lerner   
    How to get started using Python's asyncio.

    Earlier this year, I attended PyCon, the international Python conference. One topic, presented at numerous talks and discussed informally in the hallway, was the state of threading in Python—which is, in a nutshell, neither ideal nor as terrible as some critics would argue.

    A related topic that came up repeatedly was that of "asyncio", a relatively new approach to concurrency in Python. Not only were there formal presentations and informal discussions about asyncio, but a number of people also asked me about courses on the subject.

    I must admit, I was a bit surprised by all the interest. After all, asyncio isn't a new addition to Python; it's been around for a few years. And, it doesn't solve all of the problems associated with threads. Plus, it can be confusing for many people to get started with it.

    And yet, there's no denying that after a number of years when people ignored asyncio, it's starting to gain steam. I'm sure part of the reason is that asyncio has matured and improved over time, thanks in no small part to much dedicated work by countless developers. But, it's also because asyncio is an increasingly good and useful choice for certain types of tasks—particularly tasks that work across networks.

    So with this article, I'm kicking off a series on asyncio—what it is, how to use it, where it's appropriate, and how you can and should (and also can't and shouldn't) incorporate it into your own work.
     What Is asyncio?
    Everyone's grown used to computers being able to do more than one thing at a time—well, sort of. Although it might seem as though computers are doing more than one thing at a time, they're actually switching, very quickly, across different tasks. For example, when you ssh in to a Linux server, it might seem as though it's only executing your commands. But in actuality, you're getting a small "time slice" from the CPU, with the rest going to other tasks on the computer, such as the systems that handle networking, security and various protocols. Indeed, if you're using SSH to connect to such a server, some of those time slices are being used by sshd to handle your connection and even allow you to issue commands.

    All of this is done, on modern operating systems, via "pre-emptive multitasking". In other words, running programs aren't given a choice of when they will give up control of the CPU. Rather, they're forced to give up control and then resume a little while later. Each process running on a computer is handled this way. Each process can, in turn, use threads, sub-processes that subdivide the time slice given to their parent process.
        Go to Full Article          


  • RV Offsite Backup Update
    by Kyle Rankin   
    Having an offsite backup in your RV is great, and after a year of use, I've discovered some ways to make it even better.

    Last year I wrote a feature-length article on the data backup system I set up for my RV (see Kyle's "DIY RV Offsite Backup and Media Server" from the June 2018 issue of LJ). If you haven't read that article yet, I recommend checking it out first so you can get details on the system. In summary, I set up a Raspberry Pi media center PC connected to a 12V television in the RV. I connected an 8TB hard drive to that system and synchronized all of my files and media so it acted as a kind of off-site backup. Finally, I set up a script that would attempt to sync over all of those files from my NAS whenever it detected that the RV was on the local network. So here, I provide an update on how that system is working and a few tweaks I've made to it since.
     What Works
    Overall, the media center has worked well. It's been great to have all of my media with me when I'm on a road trip, and my son appreciates having access to his favorite cartoons. Because the interface is identical to the media center we have at home, there's no learning curve—everything just works. Since the Raspberry Pi is powered off the TV in the RV, you just need to turn on the TV and everything fires up.

    It's also been great knowing that I have a good backup of all of my files nearby. Should anything happen to my house or my main NAS, I know that I can just get backups from the RV. Having peace of mind about your important files is valuable, and it's nice knowing in the worst case when my NAS broke, I could just disconnect my USB drive from the RV, connect it to a local system, and be back up and running.

    The WiFi booster I set up on the RV also has worked pretty well to increase the range of the Raspberry Pi (and the laptops inside the RV) when on the road. When we get to a campsite that happens to offer WiFi, I just reset the booster and set up a new access point that amplifies the campsite signal for inside the RV. On one trip, I even took it out of the RV and inside a hotel room to boost the weak signal.
        Go to Full Article          


  • Another Episode of "Seems Perfectly Feasible and Then Dies"--Script to Simplify the Process of Changing System Call Tables
    by Zack Brown   
    David Howells put in quite a bit of work on a script, ./scripts/syscall-manage.pl, to simplify the entire process of changing the system call tables. With this script, it was a simple matter to add, remove, rename or renumber any system call you liked. The script also would resolve git conflicts, in the event that two repositories renumbered the system calls in conflicting ways.

    Why did David need to write this patch? Why weren't system calls already fairly easy to manage? When you make a system call, you add it to a master list, and then you add it to the system call "tables", which is where the running kernel looks up which kernel function corresponds to which system call number. Kernel developers need to make sure system calls are represented in all relevant spots in the source tree. Renaming, renumbering and making other changes to system calls involves a lot of fiddly little details. David's script simply would do everything right—end of story no problemo hasta la vista.

    Arnd Bergmann remarked, "Ah, fun. You had already threatened to add that script in the past. The implementation of course looks fine, I was just hoping we could instead eliminate the need for it first." But, bowing to necessity, Arnd offered some technical suggestions for improvements to the patch.

    However, Linus Torvalds swooped in at this particular moment, saying:

    Ugh, I hate it.

    I'm sure the script is all kinds of clever and useful, but I really think the solution is not this kind of helper script, but simply that we should work at not having each architecture add new system calls individually in the first place.

    IOW, we should look at having just one unified table for new system call numbers, and aim for the per-architecture ones to be for "legacy numbering".

    Maybe that won't happen, but in the _hope_ that it happens, I really would prefer that people not work at making scripts for the current nasty situation.

    And the portcullis came crashing down.

    It's interesting that, instead of accepting this relatively obvious improvement to the existing situation, Linus would rather leave it broken and ugly, so that someone someday somewhere might be motivated to do the harder-yet-better fix. And, it's all the more interesting given how extreme the current problem is. Without actually being broken, the situation requires developers to put in a tremendous amount of care and effort into something that David's script could make trivial and easy. Even for such an obviously "good" patch, Linus gives thought to the policy and cultural implications, and the future motivations of other people working in that region of code.

    Note: if you're mentioned above and want to post a response above the comment section, send a message with your response text to ljeditor@linuxjournal.com.
        Go to Full Article          


  • Experts Attempt to Explain DevOps--and Almost Succeed
    by Bryan Lunduke   
    What is DevOps? How does it relate to other ideas and methodologies within software development? Linux Journal Deputy Editor and longtime software developer, Bryan Lunduke isn't entirely sure, so he asks some experts to help him better understand the DevOps phenomenon.

    The word DevOps confuses me.

    I'm not even sure confuses me quite does justice to the pain I experience—right in the center of my brain—every time the word is uttered.

    It's not that I dislike DevOps; it's that I genuinely don't understand what in tarnation it actually is. Let me demonstrate. What follows is the definition of DevOps on Wikipedia as of a few moments ago:

    DevOps is a set of software development practices that combine software development (Dev) and information technology operations (Ops) to shorten the systems development life cycle while delivering features, fixes, and updates frequently in close alignment with business objectives.

    I'm pretty sure I got three aneurysms just by copying and pasting that sentence, and I still have no clue what DevOps really is. Perhaps I should back up and give a little context on where I'm coming from.

    My professional career began in the 1990s when I got my first job as a Software Test Engineer (the people that find bugs in software, hopefully before the software ships, and tell the programmers about them). During the years that followed, my title, and responsibilities, gradually evolved as I worked my way through as many software-industry job titles as I could:
     Automation Engineer: people that automate testing software.    Software Development Engineer in Test: people that make tools for the testers to use.    Software Development Engineer: aka "Coder", aka "Programmer".    Dev Lead: "Hey, you're a good programmer! You should also manage a few other programmers but still code just as much as you did before, but, don't worry, we won't give you much of a raise! It'll be great!"    Dev Manager: like a Dev Lead, with less programming, more managing.    Director of Engineering: the manager of the managers of the programmers.    Vice President of Technology/Engineering: aka "The big boss nerd man who gets to make decisions and gets in trouble first when deadlines are missed." 
    During my various times with fancy-pants titles, I managed teams that included:
        Go to Full Article          


  • DNA Geometry with cadnano
    by Joey Bernard   
    This article introduces a tool you can use to work on three-dimensional DNA origami. The package is called cadnano, and it's currently being developed at the Wyss Institute. With this package, you'll be able to construct and manipulate the three-dimensional representations of DNA structures, as well as generate publication-quality graphics of your work.

    Because this software is research-based, you won't likely find it in the package repository for your favourite distribution, in which case you'll need to install it from the GitHub repository.

    Since cadnano is a Python program, written to use the Qt framework, you'll need to install some packages first. For example, in Debian-based distributions, you'll want to run the following commands:
      sudo apt-get install python3 python3-pip  
    I found that installation was a bit tricky, so I created a virtual Python environment to manage module installations.

    Once you're in your activated virtualenv, install the required Python modules with the command:
      pip3 install pythreejs termcolor pytz pandas pyqt5 sip  
    After those dependencies are installed, grab the source code with the command:
      git clone https://github.com/cadnano/cadnano2.5.git  
    This will grab the Qt5 version. The Qt4 version is in the repository https://github.com/cadnano/cadnano2.git.

    Changing directory into the source directory, you can build and install cadnano with:
      python setup.py install  
    Now your cadnano should be available within the virtualenv.

    You can start cadnano simply by executing the cadnano command from a terminal window. You'll see an essentially blank workspace, made up of several empty view panes and an empty inspector pane on the far right-hand side.

    Figure 1. When you first start cadnano, you get a completely blank work space.

    In order to walk through a few of the functions available in cadnano, let's create a six-strand nanotube. The first step is to create a background that you can use to build upon. At the top of the main window, you'll find three buttons in the toolbar that will let you create a "Freeform", "Honeycomb" or "Square" framework. For this example, click the honeycomb button.

    Figure 2. Start your construction with one of the available geometric frameworks.
        Go to Full Article          


  • Running GNOME in a Container
    by Adam Verslype   
    Containerizing the GUI separates your work and play.

    Virtualization has always been a rich man's game, and more frugal enthusiasts—unable to afford fancy server-class components—often struggle to keep up. Linux provides free high-quality hypervisors, but when you start to throw real workloads at the host, its resources become saturated quickly. No amount of spare RAM shoved into an old Dell desktop is going to remedy this situation. If a properly decked-out host is out of your reach, you might want to consider containers instead.

    Instead of virtualizing an entire computer, containers allow parts of the Linux kernel to be portioned into several pieces. This occurs without the overhead of emulating hardware or running several identical kernels. A full GUI environment, such as GNOME Shell can be launched inside a container, with a little gumption.

    You can accomplish this through namespaces, a feature built in to the Linux kernel. An in-depth look at this feature is beyond the scope of this article, but a brief example sheds light on how these features can create containers. Each kind of namespace segments a different part of the kernel. The PID namespace, for example, prevents processes inside the namespace from seeing other processes running in the kernel. As a result, those processes believe that they are the only ones running on the computer. Each namespace does the same thing for other areas of the kernel as well. The mount namespace isolates the filesystem of the processes inside of it. The network namespace provides a unique network stack to processes running inside of them. The IPC, user, UTS and cgroup namespaces do the same for those areas of the kernel as well. When the seven namespaces are combined, the result is a container: an environment isolated enough to believe it is a freestanding Linux system.

    Container frameworks will abstract the minutia of configuring namespaces away from the user, but each framework has a different emphasis. Docker is the most popular and is designed to run multiple copies of identical containers at scale. LXC/LXD is meant to create containers easily that mimic particular Linux distributions. In fact, earlier versions of LXC included a collection of scripts that created the filesystems of popular distributions. A third option is libvirt's lxc driver. Contrary to how it may sound, libvirt-lxc does not use LXC/LXD at all. Instead, the libvirt-lxc driver manipulates kernel namespaces directly. libvirt-lxc integrates into other tools within the libvirt suite as well, so the configuration of libvirt-lxc containers resembles those of virtual machines running in other libvirt drivers instead of a native LXC/LXD container. It is easy to learn as a result, even if the branding is confusing.
        Go to Full Article          


Page last modified on November 02, 2011, at 10:01 PM