1825 Monetary Lane Suite #104 Carrollton, TX
Do a presentation at NTLUG.
What is the Linux Installation Project?
Real companies using Linux!
Not just for business anymore.
Providing ready to run platforms on Linux
Show Descriptions... (Show All)
- SciLinux: SLSA-2020-0984-1 Important: ipmitool on SL7.x x86_64>
ipmitool: Buffer overflow in read_fru_area_section function in lib/ipmi_fru.c (CVE-2020-5208) SL7 x86_64 ipmitool-1.8.18-9.el7_7.x86_64.rpm ipmitool-debuginfo-1.8.18-9.el7_7.x86_64.rpm noarch bmc-snmp-proxy-1.8.18-9.el7_7.noarch.rpm exchange-bmc-os-info-1.8.18-9.el7_7.noarch.rpm - Scientific Linux Development Team
- [$] Per-system-call kernel-stack offset randomization
In recent years, the kernel has (finally) upped its game when it comes tohardening. It is rather harder to compromise a running kernel than it usedto be. But "rather harder" is relative: attackers still manage to findways to exploit kernel bugs. One piece of information that can be helpfulto attackers is the location of the kernel stack; thispatch set from Kees Cook and Elena Reshetova may soon make thatinformation harder to come by and nearly useless in any case.
- Security updates for Friday
Security updates have been issued by Debian (bluez and php5), Fedora (chromium, kernel, and PyYAML), Gentoo (adobe-flash, libvpx, php, qtcore, and unzip), openSUSE (chromium, kernel, and mcpp), Oracle (ipmitool and libvncserver), Red Hat (ipmitool and rh-postgresql10-postgresql), Slackware (kernel), and SUSE (ldns and tomcat6).
- Malcolm: Static analysis in GCC 10
David Malcolm writesabout the static-analysis features that he is working on adding to theGCC compiler. "This issue is, of course, a huge problem totackle. For this release, I’ve focused on the kinds of problems seen in Ccode—and, in particular double-free bugs—but with a view toward creating aframework that we can expand on in subsequent releases (when we can addmore checks and support languages other than C)."
- [$] Avoiding retpolines with static calls
January 2018 was a sad time in the kernel community. The Meltdown andSpectre vulnerabilities had finally been disclosed, and the requiredworkarounds hurt kernel performance in a number of ways. One of thoseworkarounds — retpolines —continues to cause pain, with developers goingout of their way to avoid indirect calls, since they must now be implementedwith retpolines. In some cases, though, there may be a way to avoid retpolines and regain much of the lost performance;after a long gestation period, the "static calls" mechanism may finally benearing the point where it can be merged upstream.
- Plasma on TV: Presenting Plasma Bigscreen (KDE.News)
The KDE.News site is carrying anannouncement for the PlasmaBigscreen environment, which is meant for large-screen televisions. "Talking of interacting from the couch,voice control provides users with the ultimate comfort when it comes to TVviewing. But most big brands not only do not safeguard the privacy of theircustomers, but actively harvest their conversations even when they are notsending instructions to their TV sets. We use Mycroft's Open Source voiceassistant to solve this problem."
- Security updates for Thursday
Security updates have been issued by CentOS (firefox, icu, kernel-rt, libvncserver, python-imaging, python-pip, python-virtualenv, thunderbird, tomcat, tomcat6, and zsh), Debian (icu and okular), Fedora (libxslt and php), Gentoo (bluez, chromium, pure-ftpd, samba, tor, weechat, xen, and zsh), Oracle (libvncserver), Red Hat (ipmitool and zsh), and SUSE (python-cffi, python-cryptography and python-cffi, python-cryptography, python-xattr).
- [$] Helping FOSS conferences in the face of a pandemic
The effects of the Coronavirusdisease 2019 (COVID-19) pandemic are horrific and far-reaching; wereally do not yet know just how bad it will get. One far less serious areathat has been affected is conferences forand about free and open-source software (FOSS). On the grand scale, these problems are pretty low on thepriority list.There are a fair number of non-profit organizations behind thegatherings, however, that have spent considerable sums setting upnow-canceled events or depend on the conferences for a big chunk of their budget—or both. A neworganization, FOSS Responders,has formed to try to help out.
- O'Reilly shutting down its conference group
O'Reilly has announcedthat it is canceling all of its upcoming in-person conferences and shuttingdown its conference group permanently. "Without understanding whenthis global health emergency may come to an end, we can’t plan for orexecute on a business that will be forever changed as a result of thiscrisis. With large technology vendors moving their events completelyon-line, we believe the stage is set for a new normal moving forward whenit comes to in-person events." There is still no notice to thiseffect on the OSCON page, butone assumes that is coming.
- Some stable kernels
Stable kernels 5.5.13, 5.5.12, 5.4.28, and 4.19.113 have been released. They all containimportant fixes and users should upgrade.
- [$] Django changes its governance
The Django web framework hascome a long way since it was first released as open source in 2005. Itstarted with a benevolent dictator for life (BDFL) governance model, likethe language it is implemented in, Python, but switched to a differentmodel in 2014. When Python switchedaway from the BDFL model in 2018, it followed Django's lead to someextent. But now Django is changing yet again, moving from governance basedaround a "core team" to one that is more inclusive and better reflects theway the project is operating now.
- Security updates for Wednesday
Security updates have been issued by Debian (e2fsprogs, ruby2.1, and weechat), Fedora (java-1.8.0-openjdk and webkit2gtk3), openSUSE (apache2-mod_auth_openidc, glibc, mcpp, nghttp2, and skopeo), Oracle (libvncserver and thunderbird), and SUSE (keepalived).
- Speeding up Linux disk encryption (Cloudflare)
The Cloudflare blog has anarticle on the company's work to improve the performance of Linux diskencryption. "As we can see the default Linux disk encryption implementation has asignificant impact on our cache latency in worst case scenarios, whereasthe patched implementation is indistinguishable from not using encryptionat all. In other words the improved encryption implementation does not haveany impact at all on our cache response speed, so we basically get it forfree!"Patches are available, but they are apparently not in any form to goupstream.
- LLVM 10.0.0 released
Version 10.0.0 of the LLVM compiler suite is out. New features includesupport for C++concepts, Windowscontrol flow guard support, and much more; click below for pointers toa set of language-specific release notes.
- PSF: New pip resolver to roll out this year
The Python Software Foundation blog looksat some changes to pip, the Python Package installer, in the process ofdeveloping a new resolver. The new resolver will reduce inconsistency and bestricter, refusing to install two packages with incompatible requirements.
Also, this is a major change to a key part of pip - it's quitepossible there will initially be bugs. We would like to make sure thatthose get caught before people start using the new version inproduction. [...]
We recognize that everyone's work is being disrupted by the COVID-19 pandemic, and that many data scientists and medical researchers use Python and pip in their work. We want to make the upgrade process as smooth and bug-free as possible for our users; if you can help us, you'll be helping each other.
- New Linux-powered SoC taps an old ARM9 architecture
Microchip has launched a 600MHz ARM9-based “SAM9X60” processor with a 2D GPU and -40 to 105°C tolerance along with a Linux-driven, $260 “SAM9X60-EK Evaluation Kit” with MikroBus and Raspberry Pi expansion. Microchip has revised the ARM9-based AT91SAM9260 SoC that was introduced in 2006 by its subsidiary Atmel. The new SAM9X60 model has boosted the clock […]
- Reasons to Give openSUSE a Try
Users may fear trying openSUSE because of some reason. In any case, we’ll introduce you to the distribution and its features, and why you should give it a try.
- Just another KVM setup on Debian Buster 10.3
Sequence of steps and bridge network configuration on native Debian Buster 10.3 host seemed to me a bit different from manuals which are available in meantime on the Net. Specifically I've undertaken some additional steps to fix error with Radeon kernel modesetting enabling also configuration bridge to physical LAN is supposed to be done in the way different from how it works on LXDE 4.
- 6 tricks for developing a work from home schedule
When you start working from home, one of the first things you might have noticed is that there almost no outside influences on your schedule. You probably have meetings—some over team chat and others over video— that you have to attend, but otherwise, there[he]#039[/he]s nothing requiring you to do anything at any specific time. What you find out pretty quickly, though, is that there[he]#039[/he]s an invisible influence that sneaks up on you: deadlines.
- How to detect outdated Kubernetes APIs
Recently, deprecated APIs have been wreaking havoc on everyone[he]#039[/he]s Kubernetes manifests. Why is this happening?!? It[he]#039[/he]s because the objects that we[he]#039[/he]ve come to know and love are moving on to their new homes. And it[he]#039[/he]s not like this happened overnight. Deprecation warnings have been in place for quite a few releases now. We[he]#039[/he]ve all just been lazy and thought the day would never come. Well, it[he]#039[/he]s here!
- Fanless Whiskey Lake mini-PCs include a model based on Intel NUC Elements
Bleujour has launched a $836 and up “Kubb Passive” NUC system and is prepping an even smaller NUC Elements based Meta U mini-PC, both of which run Linux Mint on Intel’s Whiskey Lake. If you’re spending more time than usual on your computer in these days of quarantine, you may ask yourself: Why does my […]
- Build a private chat server with a Raspberry Pi and Rocket.Chat
The internet offers plenty of free messaging services. Applications like WhatsApp and Viber are part of our daily life and are the most common way we communicate with relatives and friends. But security awareness is increasing the demand for a truly private chat solution. Furthermore, messaging apps take up a lot of space in our devices, so an alternative chat channel could be useful to share media, info, and contacts with our friends.
- How to Install WonderCMS on Debian 9
WonderCMS is a free and open-source lightweight CMS designed to make building websites easy. WonderCMS doesn’t require a MySQL database to save the data and content from the website. It uses flat-file technology, which enables WonderCMS to save all data to a text file named database.js. The database.js file is structured in the JSON format. In this tutorial, we will show you how to install WonderCMS on a Debian 9 VPS.
- How to Install Skype on CentOS 8
Skype is one of the most popular communication applications in the world. It allows you to make free online audio and video calls and affordable international calling to mobiles and landlines worldwide.
- Dual-GbE, 24-bit DAQ system does machine monitoring on the edge
Adlink’s “MCM-204” is a compact, rugged digital acquisition computer for machine condition monitoring with a Cortex-A9 SoC, 4x 24-bit ADC inputs, 2x GbE, 2x USB, isolated DIO, and a RESTful-enabled Linux SDK. Adlink has launched a rugged, dual-Ethernet DAQ system with a Linux-based SDK designed for machine condition monitoring (MCM) using a RESTful API. The […]
- School Quits Video Calls After Naked Man 'Guessed' the Meeting Link
An anonymous reader quotes a report from TechCrunch: A school in Norway has stopped using popular video conferencing service Whereby after a naked man apparently "guessed" the link to a video lesson. According to Norwegian state broadcaster NRK, the man exposed himself in front of several young children over the video call. The theory, according to the report, is that the man guessed the meeting ID and joined the video call. One expert quoted in the story said some are "looking" for links. Last year security researchers told TechCrunch that malicious users could access and listen in to Zoom and Webex video meetings by cycling through different permutations of meeting IDs in bulk. The researchers said the flaw worked because many meetings were not protected by a passcode.
Read more of this story at Slashdot.
- Yelp To Stop Auto-Creating GoFundMe Fundraisers After Outrage From Business Owners
Yelp has paused an effort in partnership with GoFundMe that automatically opted tens of thousands of small businesses into fundraisers after complaints from restaurant and bar owners, the company tells The Verge. From the report: Yelp launched the initiative earlier this week in response to the ongoing coronavirus pandemic, but it did so without informing any of participants. Some business owners said the process for opting out -- in the event they were hosting their own fundraisers or simply did not want one automatically set up by Yelp -- was unnecessarily cumbersome. "On Tuesday, Yelp announced a partnership with GoFundMe to provide a fast and easy way for people to support their favorite local businesses by donating to a GoFundMe fundraiser directly on the Yelp pages of eligible businesses. In an effort to get businesses help quickly and easily, a GoFundMe fundraiser was automatically added to the Yelp pages of an initial group of eligible businesses, with information provided on how to claim it or opt out should a business choose to do so," a spokesperson said in a statement. "However, it has come to our attention that some businesses did not receive a notification with opt-out instructions, and some would have preferred to actively opt-in to the program," the statement goes on to say. "As such, we have paused the automatic rollout of this feature, and are working with GoFundMe to provide a seamless way for businesses to opt into the program moving forward, as we have received a great deal of interest and support for the program from both consumers and businesses alike." Yelp said in its original announcement of the GoFundMe partnership that it would be waiving fees and that both companies would match the first $1 million donated. However, critics of the partnership fast discovered that GoFundMe was setting the recommended tip, which is how GoFundMe funds its own operations, at 15 percent. "Yelp does not get any portion of the donations. Donations through the GoFundMe platform may be subject to payment processing fees in some instances per the terms of the GoFundMe platform," reads an FAQ page for the program.
Read more of this story at Slashdot.
- NASA Picks SpaceX To Fly Cargo To Moon-Orbiting Gateway Space Station
NASA has awarded SpaceX with a contract to supply Gateway, the moon-orbiting space station that the agency aims to start building in 2022, agency officials announced Friday. Space.com reports: Gateway is a key part of NASA's Artemis exploration program, which seeks to establish a sustainable, long-term human presence on and around the moon by the late 2020s. The small space station will serve as a jumping-off point for sorties, both crewed and uncrewed, to the lunar surface. SpaceX will help to keep the Gateway supplied, delivering scientific experiments and a variety of other gear to the outpost, NASA officials said. The company is guaranteed two missions under its newly announced Gateway Logistics Services contract. SpaceX's robotic ISS resupply runs employ the company's Falcon 9 rocket and Dragon capsule, which can loft 13,200 lbs. (6,000 kilograms, or 6 metric tons) to low-Earth orbit. But SpaceX's Gateway missions will use different hardware: the huge Falcon Heavy rocket and a special capsule variant called Dragon XL. (SpaceX has also developed another Dragon version, Crew Dragon, which will fly astronauts to and from the ISS under yet another NASA contract.) Dragon XL will be able to carry more than 5 metric tons of cargo to the Gateway, SpaceX representatives said via Twitter Friday. Dragon cargo missions to the ISS typically last about a month from launch to splashdown. But Dragon XL will likely stay attached to the Gateway for six to 12 months at a time, NASA officials said. Other companies may end up joining SpaceX in the Gateway resupply game.
Read more of this story at Slashdot.
- You Can Now Ride a Submarine To the Deepest Point On Earth
An anonymous reader quotes a report from Bloomberg: For some, the ultimate adventure is up in the stars. (See: Musk, Branson, Bezos.) For Texas businessman Victor Vescovo, the trip of a lifetime is a dive to the deepest known point on our own planet, the bottom of the Marianas Trench. For $750,000 per person, Vescovo will take guests down 35,843 feet in Limiting Factor, his $37 million Triton 36,000/2 submarine, whose depth capacity is more than 100 times that of the typical superyacht submersible. "Nobody gets more remote than this," says Rob McCallum, founding partner ofEYOS Expeditions, which is helping to plan and manage the trips to Challenger Deep, as this location is called. Almost seven miles beneath the water's surface, it has seen fewer human visitors than the International Space Station. Just getting to the right patch of the Pacific requires an intrepid spirit. Guests sail roughly 200 miles southwest from Guam on Pressure Drop, a 224-foot-long research vessel, bunked in with scientists, a film crew, and technical experts. Basic comforts include a chef, mess hall, and a rooftop bar for "strategic thinking exercises and international alcohol evaluations," as McCallum puts it. Once there, they pair up with pilots to make roughly 12-hour dives -- four hours down, three to four hours at the bottom, and four hours up -- to a place so deep that its exterior pressure would feel like having five jumbo jets parked on your chest. The eight-day itinerary, which includes three dives and three rest days (during which the submarine's oxygen system is refilled and ballasts reloaded), remains thus far scheduled for two slots in May. The first has already sold out.
Read more of this story at Slashdot.
- US Officials Reportedly Agree To Cut Off Huawei From Global Chip Suppliers
Senior U.S. government officials have agreed to new rules to cut off Huawei from global chip suppliers, according to a Reuters report Thursday, citing sources familiar with the matter. CNET reports: Under the new measures, foreign companies that use American chipmaking equipment would first need to secure a license before supplying some chips to Huawei, the report says. The focus of the new rules is to restrict the sale of more sophisticated chips to the Chinese telecom giant rather than generic, more widely available chips. Trump hasn't signed off on the proposed new measures yet, but if he does, a slew of US tech companies stand to lose, like Apple and Qualcomm along with Huawei. It could also negatively impact the world's largest chipmaker, Taiwan's TSMC, the report says.
Read more of this story at Slashdot.
- Google Cancels Its Infamous April Fools' Jokes This Year
Google won't be participating in April Fools' Day this year due to the serious threat of the coronavirus that continues to impact the entire world. The Verge reports: According to an internal email obtained by Business Insider, Google will "take the year off from that tradition out of respect for all those fighting the Covid-19 pandemic. Our highest goal right now is to be helpful to people, so let's save the jokes for next April, which will undoubtedly be a whole lot brighter than this one." "We've already stopped any centralized April Fool's efforts but realize there may be smaller projects within teams that we don't know about," the email from Google's head of marketing Lorraine Twohill continues. "Please suss out those efforts and make sure your teams pause on any jokes they may have planned -- internally or externally." Hopefully other companies will take note of Google's lead here and adjust their own April Fools' plans accordingly. There's a time and a place for a good joke -- but this probably isn't it.
Read more of this story at Slashdot.
- Scientists Identify Microbe That Could Help Degrade Polyurethane-Based Plastics
An anonymous reader quotes a report from Phys.Org: German researchers report in the journal Frontiers in Microbiology that they have identified and characterized a strain of bacteria capable of degrading some of the chemical building blocks of polyurethane. The team out of Germany managed to isolate a bacterium, Pseudomonas sp. TDA1, from a site rich in brittle plastic waste that shows promise in attacking some of the chemical bonds that make up polyurethane plastics. The researchers performed a genomic analysis to identify the degradation pathways at work. They made preliminary discoveries about the factors that help the microbe metabolize certain chemical compounds in plastic for energy. They also conducted other analyses and experiments to understand the bacterium's capabilities. This particular strain is part of a group of bacteria that are well-known for their tolerance of toxic organic compounds and other forms of stress, according to Dr. Christian Eberlein with the Helmholtz Centre for Environmental Research-UFZ. He is a co-author on the paper who coordinated and supervised the work. "That trait is also named solvent-tolerance and is one form of extremophilic microorganisms," he said. In addition to polyurethane, the P4SB consortium, which includes the Helmholtz Centre for Environmental Research-UFZ, is also testing the efficacy of microbes to degrade plastics made of polyethylene terephthalate (PET), which is widely used in plastic water bottles.
Read more of this story at Slashdot.
- Some Recovered Coronavirus Patients In Wuhan Are Testing Positive Again
NPR is reporting that some Wuhan residents in China who had tested positive earlier and then recovered from the disease are testing positive for the virus a second time. It's raising concerns of a possible second wave of cases, as China prepares to lift quarantine measures to allow residents to leave the epicenter of its outbreak next month. From the report: Based on data from several quarantine facilities in the city, which house patients for further observation after their discharge from hospitals, about 5%-10% of patients pronounced "recovered" have tested positive again. Some of those who retested positive appear to be asymptomatic carriers -- those who carry the virus and are possibly infectious but do not exhibit any of the illness's associated symptoms -- suggesting that the outbreak in Wuhan is not close to being over. NPR has spoken by phone or exchanged text messages with four individuals in Wuhan who are part of this group of individuals testing positive a second time in March. All four said they had been sickened with the virus and tested positive, then were released from medical care in recent weeks after their condition improved and they tested negative. One of the Wuhan residents who spoke to NPR exhibited severe symptoms during their first round of illness and was eventually hospitalized. The second resident displayed only mild symptoms at first and was quarantined in one of more than a dozen makeshift treatment centers erected in Wuhan during the peak of the outbreak. But when both were tested a second time for the coronavirus on Sunday, March 22, as a precondition for seeking medical care for unrelated health issues, they tested positive for the coronavirus even though they exhibited none of the typical symptoms, such as a fever or dry cough. The time from their recovery and release to the retest ranged from a few days to a few weeks. One theory is that they were first given a false negative test result. Another theory is that, because the test amplifies tiny bits of DNA, residual virus from the initial infection could have falsely resulted in that second positive reading.
Read more of this story at Slashdot.
- Elizabeth Warren's Campaign Is Making Its Software Open Source
gavron writes: While most politicians are pro copyright maximalism and patent exclusivity, Elizabeth Warren's campaign just open-sourced a bunch of software and are proud of having used open source to save money, and build upon the shoulders of other giants. Way to go! "Our tech team worked hard to make getting involved with @ewarren's campaign as easy as possible," reads a tweet from @TeamWarren. "We leaned heavily on open source technology, and we want to contribute back. So we're open-sourcing some of our most important projects for anyone to use." The Warren for President Tech Team is open-sourcing the following projects: -Spoke: Spoke is a peer-to-peer texting platform originally developed by MoveOn, with several forks under active development. -Pollaris, our polling location lookup tool: While the DNC provides a polling locator interface with IWillVote.org, we wanted a polling place locator that integrated with our website and tools, so we built our own interface and API, using polling location data provided by the DNC and state democratic parties. -Caucus App: Going into the Iowa caucuses, we wanted to give our supporters and precinct captains a way to quickly calculate delegates and report results from each precinct. -Switchboard (FE and BE): [W]e built a piece of software that took new potential volunteers, or "hot leads," from our online channels and assigned them to state-based volunteer leads for personal follow up calls offering ways to get involved with the campaign. As it turned out, this also ended up being a great tool for event recruitment. -Automated organizing email: Our Mobilization and Tech teams worked together to scale email outreach to the widest possible audience and free our incredible organizers from tedious manual tasks. -Redhook: Campaigns run on data, and redhook is a tool that makes data happen. As a system, Redhook ingests web hook data and delivers it to Redshift/Civis in near real time. -I90: This tool was not deployed during the campaign, but there was a need to make short links out of long complicated links moving forward. I90 does that. You can read more about the projects and the team's efforts via this Medium post.
Read more of this story at Slashdot.
- Bosses Panic-Buy Spy Software To Keep Tabs On Remote Workers
An anonymous reader quotes a report from Bloomberg: With so many people working remotely because of the coronavirus, surveillance software is flying off the virtual shelves. "Companies have been scrambling," said Brad Miller, CEO of surveillance-software maker InterGuard. "They're trying to allow their employees to work from home but trying to maintain a level of security and productivity." Along with InterGuard, software makers include Time Doctor, Teramind, VeriClock, innerActiv, ActivTrak and Hubstaff. All provide a combination of screen monitoring and productivity metrics, such as number of emails sent, to reassure managers that their charges are doing their jobs. ActivTrak's inbound requests have tripled in recent weeks, according to CEO Rita Selvaggi. Teramind has seen a similar increase, said Eli Sutton, vice president of global operations. Jim Mazotas, innerActive's founder, said phones have been ringing off the hook. Managers using InterGuard's software can be notified if an employee does a combination of worrisome behaviors, such as printing both a confidential client list and a resume, an indication that someone is quitting and taking their book of business with them. "It's not because of lack of trust," Miller said, who compared the software to banks using security cameras. "It's because it's imprudent not to do it." The software can also be a way for employers to grant more flexibility to workers to fit their jobs around other parts of their lives. It may also let managers spot areas that are overstaffed or where they may need additional hands. Sutton from software maker Teramind says employers worried about workers' every moves might have a bigger issue to deal with. "It's not about spying on the user," Sutton said. "If you hired them, you should trust them. If you don't, they have no reason to be part of the organization." Have you been required to use surveillance software while working from home? If so, which software is your employer using?
Read more of this story at Slashdot.
- Apple Launches COVID-19 Screening Website and App
Apple launched its own coronavirus screening site and iOS app developed alongside the White House, CDC and FEMA. From a report: The site is pretty simple with basic information about best practices and safety tips alongside a basic screening tool which should give you a fairly solid idea on whether or not you need to be tested for COVID-19. The site which is -- of course -- accessible on mobile and desktop also includes some quick tips on social distancing, isolation, hand-washing, surface disinfecting and symptom monitoring. The app, which contains identical information to the site, is US-only at the moment while the website is available worldwide. Depending on your symptoms, the site will push you to get in contact with your health provider, contact emergency services or it will inform you that you likely do not need to be tested. It will not route you to a testing center directly. Apple says that its app and website gather or collect zero personal information about anyone using it.
Read more of this story at Slashdot.
- Help Needed To Rescue UK's Old Rainfall Records
At a loss to know what to do with your self-isolation time? Well, why not get on the computer and help with a giant weather digitisation effort? From a report: The UK has rainfall records dating back 200 years or so, but the vast majority of these are in handwritten form and can't easily be used to analyse past periods of flooding and drought. The Rainfall Rescue Project is seeking volunteers to transfer all the data into online spreadsheets. You're not required to rummage through old bound volumes; the Met Office has already scanned the necessary documents -- all 65,000 sheets. You simply have to visit a website, read the scribbled rainfall amounts and enter the numbers into a series of boxes. "If you do just a couple of minutes every now and then -- that's great," said Prof Ed Hawkins. "If you want to spend an hour doing 30 or 40 columns - then that'll be amazing. But any amount of time, it will all add up and be a tremendous help." If you want to take part, click here.
Read more of this story at Slashdot.
- Trump Signs $2 Trillion Coronavirus Relief Bill
President Trump on Friday signed into law the largest economic stimulus package in modern American history, backing a $2 trillion measure that expands on a Republican proposal issue last week called the CARES Act -- the Coronavirus Aid, Relief, and Economic Security Act. The New York Times reports: Under the law, the government will deliver direct payments and jobless benefits for individuals, money for states and a huge bailout fund for businesses battered by the crisis. Mr. Trump signed the measure in the Oval Office hours after the House approved it by voice vote and less than two days after the Senate unanimously passed it. The legislation will send direct payments of $1,200 to millions of Americans, including those earning up to $75,000, and an additional $500 per child. It will substantially expand jobless aid, providing an additional 13 weeks and a four-month enhancement of benefits, and for the first time will extend the payments to freelancers and gig workers. The measure will also offer $377 billion in federally guaranteed loans to small businesses and establish a $500 billion government lending program for distressed companies reeling from the crisis, including allowing the administration the ability to take equity stakes in airlines that received aid to help compensate taxpayers. It will also send $100 billion to hospitals on the front lines of the pandemic. You can read the bill yourself here.
Read more of this story at Slashdot.
- Phone Calls Are Back in Fashion
Data shows that people all over the U.S. are doing the same thing. Verizon says it has seen an average of 800 million wireless calls daily on recent weekdays, nearly twice the volume of Mother's Day. From a report: And we're not just calling people more often, we're talking on the phone for longer: AT&T says that wireless voice minutes on Monday were up 39% from the average Monday, and Wi-Fi calling minutes were 78% higher. Thanks to coronavirus, we're no longer in transit, unable to answer a call. We're not physically in the office so, sure, why not jump on the phone to catch up with a friend or colleague between work tasks? There's no stepping out for lunch, no "Let's just cover this in person next time we see one another," because we don't actually know when that will be. Pretty much the only reason you can't reach someone these days is because they're on another call. We're also feeling more isolated and increasingly concerned about the people we love. We want to check in with them more regularly. Texts can be cold and quick; a call is really one of the few ways others can hear the concern in your voice -- and you can hear the concern in theirs. And if you haven't yet changed out of your pajamas or washed your hair in a few days, phone calls beat video chats hands down.
Read more of this story at Slashdot.
- How the Pandemic Will End?
Ed Yong, writing for The Atlantic: The world is experienced at making flu vaccines and does so every year. But there are no existing vaccines for coronaviruses -- until now, these viruses seemed to cause diseases that were mild or rare -- so researchers must start from scratch. The first steps have been impressively quick. Last Monday, a possible vaccine created by Moderna and the National Institutes of Health went into early clinical testing. That marks a 63-day gap between scientists sequencing the virus's genes for the first time and doctors injecting a vaccine candidate into a person's arm. "It's overwhelmingly the world record," Fauci said. But it's also the fastest step among many subsequent slow ones. The initial trial will simply tell researchers if the vaccine seems safe, and if it can actually mobilize the immune system. Researchers will then need to check that it actually prevents infection from SARS-CoV-2. They'll need to do animal tests and large-scale trials to ensure that the vaccine doesn't cause severe side effects. They'll need to work out what dose is required, how many shots people need, if the vaccine works in elderly people, and if it requires other chemicals to boost its effectiveness. "Even if it works, they don't have an easy way to manufacture it at a massive scale," said Seth Berkley of Gavi. That's because Moderna is using a new approach to vaccination. Existing vaccines work by providing the body with inactivated or fragmented viruses, allowing the immune system to prep its defenses ahead of time. By contrast, Moderna's vaccine comprises a sliver of SARS-CoV-2's genetic material -- its RNA. The idea is that the body can use this sliver to build its own viral fragments, which would then form the basis of the immune system's preparations. This approach works in animals, but is unproven in humans. By contrast, French scientists are trying to modify the existing measles vaccine using fragments of the new coronavirus. "The advantage of that is that if we needed hundreds of doses tomorrow, a lot of plants in the world know how to do it," Berkley said. No matter which strategy is faster, Berkley and others estimate that it will take 12 to 18 months to develop a proven vaccine, and then longer still to make it, ship it, and inject it into people's arms.
Read more of this story at Slashdot.
- Announcing the official Reg-approved measure of social distancing: The Osman
Look on my beanpoleness, ye Blighty, and mea-sure! Far away enough? Check our converter and find out!
As you nervously shuffle away from your close-talking neighbour who always stood too near at the best of times, tutting and muttering "social distancing", you may wonder to yourself just what two metres or six feet should really look like. Luckily, El Reg's Standards Soviet is here to help.…
- Google warns against disabling websites during Coronavirus pandemic
Your search ranking will suffer less if you just make it a bit rubbish instead
As companies shut their doors against the coronavirus outbreak, Google has released a set of guidelines to website owners on how to minimise the long-terms effects on their business's search ranking.…
- India’s networking market collapsed … in Q4 2019!
The nation is already well and truly routed, and telcos have new taxes to pay
India's networking equipment market collapsed before the coronavirus could stab it in the back, thanks in part to a new tax on telcos.…
- A Curious Look At Eight Core Server CPU Performance From Intel Xeon Haswell To AMD EPYC Rome
When it comes to the AMD EPYC 7002 "Rome" processors we have looked at the various higher-end SKUs since their launch last August up to and including the EPYC 7742 with its 64 cores / 128 threads per socket. But for those wondering about the EPYC 7002 series performance at the bottom end of the spectrum, here are some fun benchmarks of the EPYC 7232P and EPYC 7262 on the near-final Ubuntu 20.04 LTS state compared to various vintages of Intel Xeon CPUs -- most notably, a curiosity driven look at the 8 core / 16 thread Intel Haswell Xeon performance.
- Some Of The Features To Look Forward To With Linux 5.7
With the Linux 5.7 cycle kicking off in April with its merge window opening upon the release of Linux 5.6, here is a look at some of the changes and new features that have been on our radar for this next version of the Linux kernel...
- GCC's New Static Analysis Capabilities Are Getting Into Shape For GCC 10
One of many new features in the GCC 10 code compiler releasing in about one month's time is finally having a built-in static analyzer. This static analyzer can be enabled with the -fanalyzer switch and has been maturing nicely for its initial capabilities in the GNU Compiler Collection 10...
- PHP 7.4 Lands For Ubuntu 20.04 LTS
It shouldn't come as a big surprise but PHP 7.4 has now landed in Ubuntu 20.04 LTS to replace the existing PHP 7.3 support within the "Focal Fossa" package archive...
- AMD PassThru DMA Engine Driver Still Pending For The Linux Kernel
In addition to the AMD Sensor Fusion Hub driver that we are hopeful could land in Linux 5.7 albeit not yet queued in the iio-next branch, another AMD driver that has been around for a few months in patch form but yet to be mainlined is the AMD PassThru DMA Engine driver...
- VirtIO Video Driver Coming Together For The Mainline Linux Kernel
VirtIO-Video is a VirtIO-based video driver for a virtual V4L2 streaming device with input/output buffers for sharing of video devices with guests. VirtIO Video has existed for a while now but it looks like it could be getting close to upstreaming in the Linux kernel...
- Fedora Adopts A New Vision Statement
Fedora Project Leader Matthew Miller has sent out a reminder to Fedora contributors to "be excellent to each other" while announcing the project has a new vision statement...
- OpenJDK 8/11 vs. GraalVM 20 vs. Amazon Corretto JVM Benchmarks
Following last week's benchmarks of OpenJDK 8 through the newly-released OpenJDK 14 JVM benchmarks, some Phoronix readers expressed interest in seeing Java benchmarks with Oracle's GraalVM as well as Amazon's Corretto JVM implementations. Here are some benchmarks of those benchmarks up against OpenJDK both for Java 8 and Java 11 releases.
- Android-x86 9.0-r2 Released With Updated Kernel, UEFI Boot Fix
Released at the end of February was the long overdue stable release of Android-x86 9.0 that re-based this Intel/AMD focused Android spin atop the 9.0 "Pie" Android Open-Source Project state plus with various additions/improvements for running on x86_64 laptop/desktop hardware. Out today is the second stable update to the Android-x86 9.0 series...
- Security: Why Linux Is Better Than Windows Or Mac OS
Linux is a free and open source operating system that was released in 1991 developed and released by Linus Torvalds. Since its release it has reached a user base that is greatly widespread worldwide. Linux users swear by the reliability and freedom that this operating system offers, especially when compared to its counterparts, windows and 
- Essential Software That Are Not Available On Linux OS
An operating system is essentially the most important component in a computer. It manages the different hardware and software components of a computer in the most effective way. There are different types of operating system and everything comes with their own set of programs and software. You cannot expect a Linux program to have all 
- Things You Never Knew About Your Operating System
The advent of computers has brought about a revolution in our daily life. From computers that were so huge to fit in a room, we have come a very long way to desktops and even palmtops. These machines have become our virtual lockers, and a life without these network machines have become unimaginable. Sending mails, 
- How To Fully Optimize Your Operating System
Computers and systems are tricky and complicated. If you lack a thorough knowledge or even basic knowledge of computers, you will often find yourself in a bind. You must understand that something as complicated as a computer requires constant care and constant cleaning up of junk files. Unless you put in the time to configure 
- The Top Problems With Major Operating Systems
There is no such system which does not give you any problems. Even if the system and the operating system of your system is easy to understand, there will be some times when certain problems will arise. Most of these problems are easy to handle and easy to get rid of. But you must be 
- 8 Benefits Of Linux OS
Linux is a small and a fast-growing operating system. However, we can’t term it as software yet. As discussed in the article about what can a Linux OS do Linux is a kernel. Now, kernels are used for software and programs. These kernels are used by the computer and can be used with various third-party software 
- Things Linux OS Can Do That Other OS Can’t
What Is Linux OS? Linux, similar to U-bix is an operating system which can be used for various computers, hand held devices, embedded devices, etc. The reason why Linux operated system is preferred by many, is because it is easy to use and re-use. Linux based operating system is technically not an Operating System. Operating 
- Packagekit Interview
Packagekit aims to make the management of applications in the Linux and GNU systems. The main objective to remove the pains it takes to create a system. Along with this in an interview, Richard Hughes, the developer of Packagekit said that he aims to make the Linux systems just as powerful as the Windows or 
- What’s New in Ubuntu?
What Is Ubuntu? Ubuntu is open source software. It is useful for Linux based computers. The software is marketed by the Canonical Ltd., Ubuntu community. Ubuntu was first released in late October in 2004. The Ubuntu program uses Java, Python, C, C++ and C# programming languages. What Is New? The version 17.04 is now available here 
- Ext3 Reiserfs Xfs In Windows With Regards To Colinux
The problem with Windows is that there are various limitations to the computer and there is only so much you can do with it. You can access the Ext3 Reiserfs Xfs by using the coLinux tool. Download the tool from the official site or from the sourceforge site. Edit the connection to “TAP Win32 Adapter 
- Control Panel isn’t dead yet but the System applet is looking nervous
You may have seen dark rumors around the Web that Microsoft is about to kill off the classic Control Panel. Rest assured, friend, we were as horrified as you are—but on more careful inspection, this seems not to be the case. Thats one of the many downsides of being at the mercy of closed operating systems like Windows or macOS as a user, youre not really in control, and your platform landlords can decide to remove vital functionality or features on a whim, and theres nothing you can do about it. If you havent done so yet, Id highly suggest start looking at open source alternatives before its too late, because I feel the noose is only going to tighten more, not less.
- Amiga machine code course
Here you’ll find my complete set of posts covering the Amiga Machine Code course. The course consists of twelve letters and two disks, that can be found here. The letters are available as PDF’s in their original Danish language as well as translated to English. Some light reading for the weekend.
- Dumping MiniDisc media
If you have music on a collection of MiniDisc media and want to finally copy the data off onto modern media (or the cloud!), here are simple instructions for some different solutions. Why would you stop using MiniDisc though?
- The exFAT filesystem is coming to Linux Paragon software’s not happy about it
Ars Technica reports on a story from the early 2000s 2020: When software and operating system giant Microsoft announced its support for inclusion of the exFAT filesystem directly into the Linux kernel back in August, it didnt get a ton of press coverage. But filesystem vendor Paragon Software clearly noticed this months merge of the Microsoft-approved, largely Samsung-authored version of exFAT into the VFS for-next repository, which will in turn merge into Linux 5.7—and Paragon doesnt seem happy about it. Yesterday, Paragon issued a press release about European gateway-modem vendor Sagemcom adopting its version of exFAT into an upcoming series of Linux-based routers. Unfortunately, it chose to preface the announcement with a stream of FUD (Fear, Uncertainty, and Doubt) that wouldnt have looked out of place on Steve Ballmers letterhead in the 1990s. This is some get the facts! level of tripe. Youd think that in 2020, wed be spared this sort of nonsense, and Im sad Im even spending precious bits on this one but at least we get the name of Paragon out so you can avoid them like the plague.
- AMD uses DMCA to mitigate massive GPU source code leak
AMD has filed at least two DMCA notices against Github repos that carried stolen! source code relating to AMDs Navi and Arden GPUs, the latter being the processor for the upcoming Xbox Series X. The person claiming responsibility for the leak informs TorrentFreak that if they doesnt get a buyer for the remainder of the code, they will dump the whole lot online. Id love to hear the backstory behind this hack. For a company like AMD, such a hack mustve been an inside job, right? While I know I shouldnt be surprised anymore by just how lacking security can be at even the most prominent technology companies, I just cant imagine it being very easy to get your hands on this documentation and code without some form of inside help.
- MIPS Loongson 3 seeing support improvements with Linux 5.7
For those managing to get their hands on a recently released Loongson 3A4000/3B4000 or even older Loongson 3 MIPS64 processors, improving the support is on the way with the upcoming Linux 5.7 kernel. Queued as part of the MIPS architecture work for Linux 5.7 are a number of Loongson improvements, in particular for the Loongson 3 series. The Loongson processors are pretty much impossible to come by outside of China, and gained some fame as the platform of choice for Richard Stallman.
- Apple releases macOS 10.15.4, watchOS 6.2, and iOS, iPadOS and tvOS 13.4
Apple has released macOS 10.15.4, watchOS 6.2, and iOS, iPadOS and tvOS 13.4. Earlier today, Apple continued its tradition of updating all of its operating systems at once. The day brought major new feature releases to iOS, iPadOS, macOS, watchOS, and tvOS. The iOS, iPadOS, and tvOS updates are numbered 13.4, Apple Watches got watchOS 6.2, and Macs saw the release of macOS Catalina 10.15.4. You know where to get them.
- Living a Google-free life with a Huawei phone
Ever wondered whats it like to run Android without Googles services and applications? Well, get a Huawei device. A smartphone UI isn’t much use without apps, of course, and here is where Huawei hits its first hurdle. Huawei has its own store called AppGallery, which it claims is the third largest in the world based on its more than 400 million monthly active users. The vast majority of those users will be in China, of course, where the Google Play Store has never been included alongside AppGallery. If you buy a Mate 30 Pro now anywhere in the world, though, AppGallery is what you get out of the box. To be blunt, it is not great. I wouldn’t call it barren — there is support from major US companies like Microsoft, Amazon, and Snap. You can’t get Chrome, of course, but Opera is there if you want something with desktop sync. But a huge amount of its content is aimed at China, with other big Western names like Facebook, Slack, Netflix, and Twitter missing, which puts the Mate 30 Pro in a more precarious app situation than even the diciest days of Windows Phone. Huawei has announced a $1 billion plan to help stock AppGallery’s shelves, but it has its work cut out. A bigger problem is that even if you can get popular applications installed, they often wont work properly because the device lacks the Google Mobile Services. Its an incredibly hard situation for Huawei to be in.
- Chrome phasing out support for user agent
Google announced its decision to drop support for the User-Agent string in its Chrome browser. Instead, Chrome will offer a new API called Client Hints that will give the user greater control over which information is shared with websites. Weve talked about this earlier this year, but I want to highlight it again since its very important this initiative doesnt devolve into Google and Chrome shoving this alternative down the webs throat. Deprecating user agent strings is a good thing, but only if the replacement is a collective effort supported by everyone.
- Apple just killed offline web apps while purporting to protect your privacy [updated: not really]
Update: the WebKit blog post has been updated with a clarification: Web applications added to the home screen are not part of Safari and thus have their own counter of days of use. Their days of use will match actual use of the web application which resets the timer. We do not expect the first-party in such a web application to have its website data deleted. Thats definitely a relief, and good thing they cleared this up. Original continues below: On the face of it, WebKit’s announcement yesterday titled Full Third-Party Cookie Blocking and More sounds like something I would wholeheartedly welcome. Unfortunately, I can’t because the “and more” bit effectively kills off Offline Web Apps and, with it, the chance to have privacy-respecting apps like the prototype I was exploring earlier in the year based on DAT. Block all third-party cookies, yes, by all means. But deleting all local storage (including Indexed DB, etc.) after 7 days effectively blocks any future decentralised apps using the browser (client side) as a trusted replication node in a peer-to-peer network. And that’s a huge blow to the future of privacy. Im sure thats entirely a coincidence for a company that wants to force everyone to use their App Store, the open web be damned.
- Apple CarPlay, Android Auto distract drivers more than pot, alcohol, says study
When Apple CarPlay and Android Auto first started rolling out, initial evidence suggested these technologies held promise to reduce distracted driving. These systems funneled the most important features from our phones onto the infotainment screen, curbing motorists desire to reach for their handhelds. Yet, it looks like these mirroring technologies may not be nearly as safe as initially hoped. A new study from the UKs IAM Roadsmart, an independent road safety organization, paints a far bleaker picture. The stark findings showed that drivers using one of the smartphone mirroring systems in a car displayed reaction times slower than someone whod used cannabis. In fact, these motorists reaction times were five times slower than someone driving with the legal limit of alcohol in their system. This shouldnt come as a surprise to anyone with more than two braincells to rub together. These systems are based on touch screen technology, and touchscreens without any tactility are simply not suited for use while operating a motor vehicle. Touchscreens are far more distracting than plain old tactile buttons in a fixed order that you learn over time and can feel, and it blows my mind that no safety regulations heavily curtailing their use to parked situations has been enacted just yet.
- The Counterpoint program launcher
The Counterpoint program launcher was supplied with the Amstrad PC5086 and other Amstrad PCs from that era. It acts as a user-friendly front end, replacing the full GUIs (Windows 2.0, or GEM) supplied with previous models. The Amstrad-branded version opens with a warning that it should only be used on Amstrad computers. However it appears to run successfully in non-Amstrad environments, such as the virtual machine used to make these screenshots. I love discovering user interfaces Ive never known about this before, and this one fits the bill just right. Wild UI experimentation was the norm during the late 80s and early 90s, before we all settled on what were all using now. Digging into the past and learning from even relatively obscure footnotes such as these is fascinating.
- Android 11 Preview 2 hands-on: more polish and a new install method
It came out much later in March than we expected, but yesterday Google launched the second developer preview for Android 11, the next big version of Android due out at the end of the year. Despite the coronavirus disrupting just about every part of normal life, Google posted the same schedule it did with Preview 1, indicating that the plan is still to have a preview release every month. Anyway, here are the important new things in this release. As always, an excellent look at the new features by Ars. Were still early on in Android 11s development cycle, though, so everything is still very much subject to change.
- EAX x86 register: meaning and history
Usually, x86 tutorials don’t spend much time explaining the historical perspective of design and naming decisions. When learning x86 assembly, you’re usually told something along the lines: Here’s EAX. It’s a register. Use it. So, what exactly do those letters stand for? E–A–X. I’m afraid there’s no short answer! We’ll have to go back to 1972… I love digital archeology.
- Microsoft teases new File Explorer, Start Menu for Windows 10
We have seen earlier that Microsoft’s designers are working on a new Start Menu for Windows 10 (not Windows 10X) and now Panos Panay has posted a video celebrating 1 billion Windows 10 installations which appears to confirm that the changes and more are on the way. Theres finally hopefully going to be a modern replacement for Explorer, and context menus seem to be modern and thus consistent too. The already mentioned updated Stert menu is coming, too.
- Linux Journal Ceases Publication: An Awkward Goodbye
by Kyle Rankin IMPORTANT NOTICE FROM LINUX JOURNAL, LLC: On August 7, 2019, Linux Journal shut its doors for good. All staff were laid off and the company is left with no operating funds to continue in any capacity. The website will continue to stay up for the next few weeks, hopefully longer for archival purposes if we can make it happen. –Linux Journal, LLC
Final Letter from the Editor: The Awkward Goodbye
by Kyle Rankin
Have you ever met up with a friend at a restaurant for dinner, then after dinner you both step out to the street and say a proper goodbye, only when you leave, you find out that you both are walking in the same direction? So now, you get to walk together awkwardly until the true point where you part, and then you have another, second goodbye, that's much more awkward.
That's basically this post.
So, it was almost two years ago that I first said goodbye to Linux Journal and the Linux Journal community in my post "So Long and Thanks for All the Bash". That post was a proper goodbye. For starters, it had a catchy title with a pun. The post itself had all the elements of a proper goodbye: part retrospective, part "Thank You" to the Linux Journal team and the community, and OK, yes, it was also part rant. I recommend you read (or re-read) that post, because it captures my feelings about losing Linux Journal way better than I can muster here on our awkward second goodbye.
Of course, not long after I wrote that post, we found out that Linux Journal wasn't dead after all! We all actually had more time together and got to work fixing everything that had caused us to die in the first place. A lot of our analysis of what went wrong and what we intended to change was captured in my article Go to Full Article
- Oops! Debugging Kernel Panics
by Petros Koutoupis
A look into what causes kernel panics and some utilities to help gain more information.
Working in a Linux environment, how often have you seen a kernel panic? When it happens, your system is left in a crippled state until you reboot it completely. And, even after you get your system back into a functional state, you're still left with the question: why? You may have no idea what happened or why it happened. Those questions can be answered though, and the following guide will help you root out the cause of some of the conditions that led to the original crash.
Figure 1. A Typical Kernel Panic
Let's start by looking at a set of utilities known as kexec and kdump. kexec allows you to boot into another kernel from an existing (and running) kernel, and kdump is a kexec-based crash-dumping mechanism for Linux.
Installing the Required Packages
First and foremost, your kernel should have the following components statically built in to its image:
CONFIG_RELOCATABLE=y CONFIG_KEXEC=y CONFIG_CRASH_DUMP=y CONFIG_DEBUG_INFO=y CONFIG_MAGIC_SYSRQ=y CONFIG_PROC_VMCORE=y
You can find this in /boot/config-`uname -r`.
Make sure that your operating system is up to date with the latest-and-greatest package versions:
$ sudo apt update && sudo apt upgrade
Install the following packages (I'm currently using Debian, but the same should and will apply to Ubuntu):
$ sudo apt install gcc make binutils linux-headers-`uname -r` ↪kdump-tools crash `uname -r`-dbg
Note: Package names may vary across distributions.
During the installation, you will be prompted with questions to enable kexec to handle reboots (answer whatever you'd like, but I answered "no"; see Figure 2).
Figure 2. kexec Configuration Menu
And to enable kdump to run and load at system boot, answer "yes" (Figure 3).
Figure 3. kdump Configuration Menu
Open the /etc/default/kdump-tools file, and at the very top, you should see the following:
Go to Full Article
- Loadsharers: Funding the Load-Bearing Internet Person
by Eric S. Raymond
The internet has a sustainability problem. Many of its critical services depend on the dedication of unpaid volunteers, because they can't be monetized and thus don't have any revenue stream for the maintainers to live on. I'm talking about services like DNS, time synchronization, crypto libraries—software without which the net and the browser you're using couldn't function.
These volunteer maintainers are the Load-Bearing Internet People (LBIP). Underfunding them is a problem, because underfunded critical services tend to have gaps and holes that could have been fixed if there were more full-time attention on them. As our civilization becomes increasingly dependent on this software infrastructure, that attention shortfall could lead to disastrous outages.
I've been worrying about this problem since 2012, when I watched a hacker I know wreck his health while working on a critical infrastructure problem nobody else understood at the time. Billions of dollars in e-commerce hung on getting the particular software problem he had spotted solved, but because it masqueraded as network undercapacity, he had a lot of trouble getting even technically-savvy people to understand where the problem was. He solved it, but unable to afford medical insurance and literally living in a tent, he eventually went blind in one eye and is now prone to depressive spells.
More recently, I damaged my ankle and discovered that although there is such a thing as minor surgery on the medical level, there is no such thing as "minor surgery" on the financial level. I was looking—still am looking—at a serious prospect of either having my life savings wiped out or having to leave all 52 of the open-source projects I'm responsible for in the lurch as I scrambled for a full-time job. Projects at risk include the likes of GIFLIB, GPSD and NTPsec.
That refocused my mind on the LBIP problem. There aren't many Load-Bearing Internet People—probably on the close order of 1,000 worldwide—but they're a systemic vulnerability made inevitable by the existence of common software and internet services that can't be metered. And, burning them out is a serious problem. Even under the most cold-blooded assessment, civilization needs the mean service life of an LBIP to be long enough to train and acculturate a replacement.
(If that made you wonder—yes, in fact, I am training an apprentice. Different problem for a different article.)
Alas, traditional centralized funding models have failed the LBIPs. There are a few reasons for this:
Go to Full Article
- Documenting Proper Git Usage
by Zack Brown
Jonathan Corbet wrote a document for inclusion in the kernel tree, describing best practices for merging and rebasing git-based kernel repositories. As he put it, it represented workflows that were actually in current use, and it was a living document that hopefully would be added to and corrected over time.
The inspiration for the document came from noticing how frequently Linus Torvalds was unhappy with how other people—typically subsystem maintainers—handled their git trees.
It's interesting to note that before Linus wrote the git tool, branching and merging was virtually unheard of in the Open Source world. In CVS, it was a nightmare horror of leechcraft and broken magic. Other tools were not much better. One of the primary motivations behind git—aside from blazing speed—was, in fact, to make branching and merging trivial operations—and so they have become.
One of the offshoots of branching and merging, Jonathan wrote, was rebasing—altering the patch history of a local repository. The benefits of rebasing are fantastic. They can make a repository history cleaner and clearer, which in turn can make it easier to track down the patches that introduced a given bug. So rebasing has a direct value to the development process.
On the other hand, used poorly, rebasing can make a big mess. For example, suppose you rebase a repository that has already been merged with another, and then merge them again—insane soul death.
So Jonathan explained some good rules of thumb. Never rebase a repository that's already been shared. Never rebase patches that come from someone else's repository. And in general, simply never rebase—unless there's a genuine reason.
Since rebasing changes the history of patches, it relies on a new "base" version, from which the later patches diverge. Jonathan recommended choosing a base version that was generally thought to be more stable rather than less—a new version or a release candidate, for example, rather than just an arbitrary patch during regular development.
Jonathan also recommended, for any rebase, treating all the rebased patches as new code, and testing them thoroughly, even if they had been tested already prior to the rebase.
"If", he said, "rebasing is limited to private trees, commits are based on a well-known starting point, and they are well tested, the potential for trouble is low."
Moving on to merging, Jonathan pointed out that nearly 9% of all kernel commits were merges. There were more than 1,000 merge requests in the 5.1 development cycle alone.
Go to Full Article
- Understanding Python's asyncio
by Reuven M. Lerner
How to get started using Python's asyncio.
Earlier this year, I attended PyCon, the international Python conference. One topic, presented at numerous talks and discussed informally in the hallway, was the state of threading in Python—which is, in a nutshell, neither ideal nor as terrible as some critics would argue.
A related topic that came up repeatedly was that of "asyncio", a relatively new approach to concurrency in Python. Not only were there formal presentations and informal discussions about asyncio, but a number of people also asked me about courses on the subject.
I must admit, I was a bit surprised by all the interest. After all, asyncio isn't a new addition to Python; it's been around for a few years. And, it doesn't solve all of the problems associated with threads. Plus, it can be confusing for many people to get started with it.
And yet, there's no denying that after a number of years when people ignored asyncio, it's starting to gain steam. I'm sure part of the reason is that asyncio has matured and improved over time, thanks in no small part to much dedicated work by countless developers. But, it's also because asyncio is an increasingly good and useful choice for certain types of tasks—particularly tasks that work across networks.
So with this article, I'm kicking off a series on asyncio—what it is, how to use it, where it's appropriate, and how you can and should (and also can't and shouldn't) incorporate it into your own work.
What Is asyncio?
Everyone's grown used to computers being able to do more than one thing at a time—well, sort of. Although it might seem as though computers are doing more than one thing at a time, they're actually switching, very quickly, across different tasks. For example, when you ssh in to a Linux server, it might seem as though it's only executing your commands. But in actuality, you're getting a small "time slice" from the CPU, with the rest going to other tasks on the computer, such as the systems that handle networking, security and various protocols. Indeed, if you're using SSH to connect to such a server, some of those time slices are being used by sshd to handle your connection and even allow you to issue commands.
All of this is done, on modern operating systems, via "pre-emptive multitasking". In other words, running programs aren't given a choice of when they will give up control of the CPU. Rather, they're forced to give up control and then resume a little while later. Each process running on a computer is handled this way. Each process can, in turn, use threads, sub-processes that subdivide the time slice given to their parent process.
Go to Full Article
- RV Offsite Backup Update
by Kyle Rankin
Having an offsite backup in your RV is great, and after a year of use, I've discovered some ways to make it even better.
Last year I wrote a feature-length article on the data backup system I set up for my RV (see Kyle's "DIY RV Offsite Backup and Media Server" from the June 2018 issue of LJ). If you haven't read that article yet, I recommend checking it out first so you can get details on the system. In summary, I set up a Raspberry Pi media center PC connected to a 12V television in the RV. I connected an 8TB hard drive to that system and synchronized all of my files and media so it acted as a kind of off-site backup. Finally, I set up a script that would attempt to sync over all of those files from my NAS whenever it detected that the RV was on the local network. So here, I provide an update on how that system is working and a few tweaks I've made to it since.
Overall, the media center has worked well. It's been great to have all of my media with me when I'm on a road trip, and my son appreciates having access to his favorite cartoons. Because the interface is identical to the media center we have at home, there's no learning curve—everything just works. Since the Raspberry Pi is powered off the TV in the RV, you just need to turn on the TV and everything fires up.
It's also been great knowing that I have a good backup of all of my files nearby. Should anything happen to my house or my main NAS, I know that I can just get backups from the RV. Having peace of mind about your important files is valuable, and it's nice knowing in the worst case when my NAS broke, I could just disconnect my USB drive from the RV, connect it to a local system, and be back up and running.
The WiFi booster I set up on the RV also has worked pretty well to increase the range of the Raspberry Pi (and the laptops inside the RV) when on the road. When we get to a campsite that happens to offer WiFi, I just reset the booster and set up a new access point that amplifies the campsite signal for inside the RV. On one trip, I even took it out of the RV and inside a hotel room to boost the weak signal.
Go to Full Article
- Another Episode of "Seems Perfectly Feasible and Then Dies"--Script to Simplify the Process of Changing System Call Tables
by Zack Brown
David Howells put in quite a bit of work on a script, ./scripts/syscall-manage.pl, to simplify the entire process of changing the system call tables. With this script, it was a simple matter to add, remove, rename or renumber any system call you liked. The script also would resolve git conflicts, in the event that two repositories renumbered the system calls in conflicting ways.
Why did David need to write this patch? Why weren't system calls already fairly easy to manage? When you make a system call, you add it to a master list, and then you add it to the system call "tables", which is where the running kernel looks up which kernel function corresponds to which system call number. Kernel developers need to make sure system calls are represented in all relevant spots in the source tree. Renaming, renumbering and making other changes to system calls involves a lot of fiddly little details. David's script simply would do everything right—end of story no problemo hasta la vista.
Arnd Bergmann remarked, "Ah, fun. You had already threatened to add that script in the past. The implementation of course looks fine, I was just hoping we could instead eliminate the need for it first." But, bowing to necessity, Arnd offered some technical suggestions for improvements to the patch.
However, Linus Torvalds swooped in at this particular moment, saying:
Ugh, I hate it.
I'm sure the script is all kinds of clever and useful, but I really think the solution is not this kind of helper script, but simply that we should work at not having each architecture add new system calls individually in the first place.
IOW, we should look at having just one unified table for new system call numbers, and aim for the per-architecture ones to be for "legacy numbering".
Maybe that won't happen, but in the _hope_ that it happens, I really would prefer that people not work at making scripts for the current nasty situation.
And the portcullis came crashing down.
It's interesting that, instead of accepting this relatively obvious improvement to the existing situation, Linus would rather leave it broken and ugly, so that someone someday somewhere might be motivated to do the harder-yet-better fix. And, it's all the more interesting given how extreme the current problem is. Without actually being broken, the situation requires developers to put in a tremendous amount of care and effort into something that David's script could make trivial and easy. Even for such an obviously "good" patch, Linus gives thought to the policy and cultural implications, and the future motivations of other people working in that region of code.
Note: if you're mentioned above and want to post a response above the comment section, send a message with your response text to email@example.com.
Go to Full Article
- Experts Attempt to Explain DevOps--and Almost Succeed
by Bryan Lunduke
What is DevOps? How does it relate to other ideas and methodologies within software development? Linux Journal Deputy Editor and longtime software developer, Bryan Lunduke isn't entirely sure, so he asks some experts to help him better understand the DevOps phenomenon.
The word DevOps confuses me.
I'm not even sure confuses me quite does justice to the pain I experience—right in the center of my brain—every time the word is uttered.
It's not that I dislike DevOps; it's that I genuinely don't understand what in tarnation it actually is. Let me demonstrate. What follows is the definition of DevOps on Wikipedia as of a few moments ago:
DevOps is a set of software development practices that combine software development (Dev) and information technology operations (Ops) to shorten the systems development life cycle while delivering features, fixes, and updates frequently in close alignment with business objectives.
I'm pretty sure I got three aneurysms just by copying and pasting that sentence, and I still have no clue what DevOps really is. Perhaps I should back up and give a little context on where I'm coming from.
My professional career began in the 1990s when I got my first job as a Software Test Engineer (the people that find bugs in software, hopefully before the software ships, and tell the programmers about them). During the years that followed, my title, and responsibilities, gradually evolved as I worked my way through as many software-industry job titles as I could:
Automation Engineer: people that automate testing software. Software Development Engineer in Test: people that make tools for the testers to use. Software Development Engineer: aka "Coder", aka "Programmer". Dev Lead: "Hey, you're a good programmer! You should also manage a few other programmers but still code just as much as you did before, but, don't worry, we won't give you much of a raise! It'll be great!" Dev Manager: like a Dev Lead, with less programming, more managing. Director of Engineering: the manager of the managers of the programmers. Vice President of Technology/Engineering: aka "The big boss nerd man who gets to make decisions and gets in trouble first when deadlines are missed."
During my various times with fancy-pants titles, I managed teams that included:
Go to Full Article
- DNA Geometry with cadnano
by Joey Bernard
This article introduces a tool you can use to work on three-dimensional DNA origami. The package is called cadnano, and it's currently being developed at the Wyss Institute. With this package, you'll be able to construct and manipulate the three-dimensional representations of DNA structures, as well as generate publication-quality graphics of your work.
Because this software is research-based, you won't likely find it in the package repository for your favourite distribution, in which case you'll need to install it from the GitHub repository.
Since cadnano is a Python program, written to use the Qt framework, you'll need to install some packages first. For example, in Debian-based distributions, you'll want to run the following commands:
sudo apt-get install python3 python3-pip
I found that installation was a bit tricky, so I created a virtual Python environment to manage module installations.
Once you're in your activated virtualenv, install the required Python modules with the command:
pip3 install pythreejs termcolor pytz pandas pyqt5 sip
After those dependencies are installed, grab the source code with the command:
git clone https://github.com/cadnano/cadnano2.5.git
This will grab the Qt5 version. The Qt4 version is in the repository https://github.com/cadnano/cadnano2.git.
Changing directory into the source directory, you can build and install cadnano with:
python setup.py install
Now your cadnano should be available within the virtualenv.
You can start cadnano simply by executing the cadnano command from a terminal window. You'll see an essentially blank workspace, made up of several empty view panes and an empty inspector pane on the far right-hand side.
Figure 1. When you first start cadnano, you get a completely blank work space.
In order to walk through a few of the functions available in cadnano, let's create a six-strand nanotube. The first step is to create a background that you can use to build upon. At the top of the main window, you'll find three buttons in the toolbar that will let you create a "Freeform", "Honeycomb" or "Square" framework. For this example, click the honeycomb button.
Figure 2. Start your construction with one of the available geometric frameworks.
Go to Full Article
- Running GNOME in a Container
by Adam Verslype
Containerizing the GUI separates your work and play.
Virtualization has always been a rich man's game, and more frugal enthusiasts—unable to afford fancy server-class components—often struggle to keep up. Linux provides free high-quality hypervisors, but when you start to throw real workloads at the host, its resources become saturated quickly. No amount of spare RAM shoved into an old Dell desktop is going to remedy this situation. If a properly decked-out host is out of your reach, you might want to consider containers instead.
Instead of virtualizing an entire computer, containers allow parts of the Linux kernel to be portioned into several pieces. This occurs without the overhead of emulating hardware or running several identical kernels. A full GUI environment, such as GNOME Shell can be launched inside a container, with a little gumption.
You can accomplish this through namespaces, a feature built in to the Linux kernel. An in-depth look at this feature is beyond the scope of this article, but a brief example sheds light on how these features can create containers. Each kind of namespace segments a different part of the kernel. The PID namespace, for example, prevents processes inside the namespace from seeing other processes running in the kernel. As a result, those processes believe that they are the only ones running on the computer. Each namespace does the same thing for other areas of the kernel as well. The mount namespace isolates the filesystem of the processes inside of it. The network namespace provides a unique network stack to processes running inside of them. The IPC, user, UTS and cgroup namespaces do the same for those areas of the kernel as well. When the seven namespaces are combined, the result is a container: an environment isolated enough to believe it is a freestanding Linux system.
Container frameworks will abstract the minutia of configuring namespaces away from the user, but each framework has a different emphasis. Docker is the most popular and is designed to run multiple copies of identical containers at scale. LXC/LXD is meant to create containers easily that mimic particular Linux distributions. In fact, earlier versions of LXC included a collection of scripts that created the filesystems of popular distributions. A third option is libvirt's lxc driver. Contrary to how it may sound, libvirt-lxc does not use LXC/LXD at all. Instead, the libvirt-lxc driver manipulates kernel namespaces directly. libvirt-lxc integrates into other tools within the libvirt suite as well, so the configuration of libvirt-lxc containers resembles those of virtual machines running in other libvirt drivers instead of a native LXC/LXD container. It is easy to learn as a result, even if the branding is confusing.
Go to Full Article