Language Selection

English French German Italian Portuguese Spanish

April 2019

Fedora 30 Performance Is Moving In The Right Direction But A Lot Of Untapped Potential

Filed under
Graphics/Benchmarks

Yesterday we began with our preliminary performance benchmarks of Fedora 30. From those results Intel Core i9 and AMD Threadripper systems and what we're seeing on other systems in the labs, Fedora 30 indeed is coming out generally slightly faster than Fedora 29 when looking at the performance overall. In some cases the performance is much better thanks to GCC 9 and other upgrades, but overall it's a small, modest performance improvement. While that's better than seeing Fedora 30 running slower than its predecessor, there still is more potential to squeeze out of the system.

With the Intel Core i9 7980XE system as a high-performance reference system, here are some additional data points comparing those Fedora 29 and Fedora 30 results to Ubuntu 19.04, openSUSE Tumbleweed (with its GNOME desktop option, to match the other operating systems tested), and Clear Linux for seeing how those distributions compete with the new Fedora Linux.

Read more

Android 9 Pie OS for Raspberry Pi 3 Gets Yalp Store and Evie Launcher

Filed under
Android
Linux

The RaspAnd Pie Build 190429 is here a month and a half after the first release that brought Google's latest Android 9 Pie mobile operating system to the tiny Raspberry Pi computers, which, unfortunately, did not ship with Google Play Store, though you could install Android apps via the Aptoide package manager.

The new release adds Yalp Store, a replacement for Google Play store that lets you install Android apps directly from Google Play Store in the APK file format. You don't even need to have a Google account to install Android apps, except if you want to install paid apps or access your owned apps or write reviews.

Read more

Leftovers: Debian, Kubuntu, RcppArmadillo and VolksPC OS

Filed under
GNU
Linux
Debian
Ubuntu
  • Debian 9.9 KDE Run Through

    In this video, we look at Debian 9.9, the KDE edition. Enjoy! For links and more, look here: https://www.linuxmadesimple.info/2019/04/debian-990-kde.html Background Music: 1973 by Bruno E.

  • Kubuntu 19.04 overview | Making your PC friendly

    In this video, I am going to show an overview of Kubuntu 19.04 and some of the applications pre-installed.

  • Dirk Eddelbuettel: RcppArmadillo 0.9.400.2.0

    A new RcppArmadillo release based on the very recent Armadillo upstream release arrived on CRAN earlier today, and will get to Debian shortly.

    Armadillo is a powerful and expressive C++ template library for linear algebra aiming towards a good balance between speed and ease of use with a syntax deliberately close to a Matlab. RcppArmadillo integrates this library with the R environment and language–and is widely used by (currently) 587 other packages on CRAN.

  • The Best of Both Worlds

    Linux desktop users can now use an estimated two million Android apps that were previously unavailable on Linux with VolksPC OS.

    Open source enthusiasts have spent years waiting for the Linux desktop revolution. The Linux environment now supports hundreds of useful, stable, and secure desktop tools that are available for no cost, but Linux still has not displaced Windows or macOS in the race for desktop marketshare.

    Android, however, which uses the Linux kernel, has actually become mainstream and is competing quite well. In fact, if you combine desktop, laptop, tablet, and mobile usage, Android has reached 38 percent of marketshare, narrowly overtaking Windows as the most popular operating system in the world.

Audio: Linux Journal and Linux Voice Introduction

Filed under
Interviews
  • Episode 18: KidOYO

    Doc Searls talks to Zhen, Devon and Melora Lofretto of KidOYO and Doctor Michael Nagler, superintendent of the Mineola Public School system in Mineola  Long Island.

  • Linux Voice Introduction

    Today's computer magazines talk about big ideas and new age concepts, like containers, cloud computing, and software-defined infrastructure, but we at Linux Voice know that one of the reasons you own you computer in the first place is to take care of everyday tasks more efficiently and without the clutter.

    Linux is home to dozens of useful tools for taking notes and managing to-do lists. This month we feature Joplin, a powerful open source note-taking app that organizes your notes in a searchable form and even supports synchronization with several popular cloud platforms. We also investigate the Unforeseen Incidents point-and-click mystery game, and our tutorial series continues with a look at Bash math functions and more on designing 3D objects with OpenSCAD.

Servers: Kubernetes, Red Hat, OpenStack, Indie Web Server and More

Filed under
Server
  • Rancher Labs Adds OS Optimized for Kubernetes

    Rancher Labs has made available a beta release of a lightweight operating system on which it envisions IT organizations will deploy its previously announced lightweight instance of Kubernetes dubbed k3s.

    Company CEO Sheng Liang says the main goal is to make it more convenient for IT organizations to use the same set of tools to deploy an instance of Kubernetes along with a k3OS operating system based on the open source Ubuntu kernel. Rancher Labs doesn’t envision IT organizations replacing instances of Linux that have already been deployed in with K3OS, but in circumstances where there has been no operating system standard set, k3OS should provide a more frictionless deployment option, he says.

    In fact, Liang notes the ability to deploy and update Kubernetes and the operating system it runs on from within the same user interface to access a common set of YAML files should be especially appealing to IT organizations that have embraced best DevOps processes to deliver ongoing rolling upgrades to their IT environments.

  • Manage your APIs deployed with Istio service mesh

    And, as explained in “Distributed microservices architecture: Istio, managed API gateways and, enterprise integration”, a service mesh does not relieve the need for an API management solution. A service mesh manages services and the connections between them, whereas an API management solution manages APIs and their consumers. In this article, I’ll describe how to manage APIs using the Red Hat Integration adapter for Istio.

    Red Hat Integration offers an API management capability that let companies build an ecosystem of consumers around their APIs and then drive new revenue from them.

  • MySQL on OpenShift Container Storage performance and failover under heavy load
  • OpenStack Looks to Help Define the Future of Open Infrastructure

    The OpenStack Foundation is continuing to grow its open-source efforts, including confirming new top-level projects and expanding its Ironic bare metal program, as part of the kickoff for the Open Infrastructure Summit.

    The Kata Containers secure container effort and the Zuul Continuous Integration/Continuous Deployment (CI/CD) projects have now been confirmed as top-level projects at the OpenStack Foundation, joining the group's namesake OpenStack cloud. While not yet a top-level project, the Airship lifecycle management project is also celebrating a major milestone with its 1.0 release.

    Additionally, the OpenStack Foundation is promoting its Ironic bare metal program as a way for organizations to deploy cloud resources on physical hardware.

  • Indie Web Server 9.1.0: Better error handling
  • Most Used CLI Based Linux Network Management Tools

    If you are a system administrators or a network administrators then you must be aware of all the commands that we are going to mention in this post.

    Even if you don’t know or you are newbie in system admin domain than this post is for you.Let’s see some of the most used command line based tools for network management in Linux.

  • Docker Security Breach Affects Devops Pipelines

    Docker security took a hit last week -- right before its annual developer and customer event -- with the news that a database in its Docker Hub repository for container images had been hacked.

KDE/Qt: Qt 5.13 Plan, Kdenlive and Craft

Filed under
KDE
  • Qt 5.13 Will Still Try To Ship In May

    The third beta of the Qt 5.13 tool-kit is now available for testing as the developers try to get this update ready to ship as stable in May. 

    Jani Heikkinen of The Qt Company announced this third beta today. A fourth beta is expected as they are still working to update from OpenSSL 1.0 to 1.1 this cycle. Following that, a release candidate will come once their blocker bugs are addressed. As of writing, there are just nine blocker bugs at present ranging from Android crashes to pulling in new Chrome patches to WebAssembly issues.

  • FOSSPicks

    Kdenlive is one of those applications that catches you by surprise. One minute it seems little more than a quick Qt-built GUI wrapped around some command-line tools to concatenate video files, and the next minute it's spending months on hiatus being rewritten and refactored into something that can genuinely start to compete with Final Cut Pro on macOS. This is what's happening with Kdenlive; you'll find the all new version in the KDE Applications 19.04 release. To be fair, it already was the best open source video editor available, barring perhaps Blender if you needed absolute power and had the patience to master its idiosyncratic user interface.

    Many who have perhaps not used Kdenlive for a while won't realize that it now includes some rather advanced features. One, for example, allows you to use low quality copies of a clip as proxies for edits you want to make. This saves CPU and storage resources and is perfect for our 8K future. There's also a brilliant Title Editor toolbar that enables you to create 2D text frames without having to resort to an external package. This important function is always overlooked in open source video editors, as they often focus on performance and clip editing. However, adding titles is equally important. You only have to look at the most popular YouTube videos to see how words, spacing, shadows, gradients, and images are spliced into video segments to create a professional and snappy video. Dropping an alpha-blended Gimp text render doesn't really cut it, unless you're creating a video about Gimp. Kdenlive has done all this for some time, which has perhaps been our only criticism: It was difficult to see where new developments were taking the project.

  • Craft: Platforms and Compiler

    While my last post was still about the new cache and which compilers we should support, the pre built binaries for Craft (the cache) are now 2 years old. They are used for continues integration and to speed up user builds.

    We now provide binaries for Windows, MacOS and Linux.

OSS Leftovers

Filed under
OSS
  • $2.4 Million in Prizes for Schools Teaching Ethics Alongside Computer Science

    Today, we are announcing the first winners of the Responsible Computer Science Challenge. We’re awarding $2.4 million to 17 initiatives that integrate ethics into undergraduate computer science courses.

    The winners’ proposed curricula are novel: They include in-class role-playing games to explore the impact of technology on society. They embed philosophy experts and social scientists in computer science classes. They feature “red teams” that probe students’ projects for possible negative societal impacts. And they have computer science students partner with local nonprofits and government agencies.

    The winners will receive awards of up to $150,000, and they span the following categories: public university, private university, liberal arts college, community college, and Jesuit university. Stage 1 winners are located across 13 states, with computer science programs ranging in size from 87 students to 3,650 students.

    The Responsible Computer Science Challenge is an ambitious initiative by Omidyar Network, Mozilla, Schmidt Futures, and Craig Newmark Philanthropies. It aims to integrate ethics and responsibility into undergraduate computer science curricula and pedagogy at U.S. colleges and universities.

  • Firefox 67 new contributors

    With the release of Firefox 67, we are pleased to welcome the 75 developers who contributed their first code change to Firefox in this release, 66 of whom were brand new volunteers!

  • Confronting linguistic bias: The case for an open human language

    Open source—that is, making the code of digital tools and datasets accessible to anyone—is a popular approach to improving the methodological transparency of this work in educational organizations. The field's broader open access movement stresses skepticism about the proprietary nature of algorithms, data, and code involved in humanistic research more generally—and cautions researchers about the impact that ownership can have on the research process itself.

    This perspective has tremendous implications for the way we think about the embedded biases and assumptions in humanistic research. What if we subjected our human languages to the same rigorous assessment we do with our computational languages? What biases might we discover in them? How might those biases impact our scholarship?

  • ONLYOFFICE – document collaboration via blockchain and encryption

    Earlier in 2019 ONLYOFFICE announced the release of the end-to-end document encryption reinforced by blockchain. The new technology is available as a developer preview in the new version of ONLYOFFICE Desktop Editors.

    ONLYOFFICE is a project developed by Ascensio System SIA, with its in Riga (Latvia). Ascensio Systems designed OONLY OFFICE for internal team collaboration. However, an attempt to introduce it to a wider audience proved successful. In consequence, it revised and expanded functionality which has attracted use by more than 5M people (according to Ascensio Systems).

    [...]

    ONLYOFFICE Desktop Editors is a free open-source office suite which comprises editors for documents, spreadsheets and presentations working offline. The suite also provides users with quick access to collaborative features.

  • LibreOffice monthly recap: April 2019

    Check out our regular summary of events and updates in the last month!

GNU and GPL Picks

Filed under
GNU
Legal
  • The decade long wait for Bash 5

    It's a coincidence that the Linux kernel and Bash jumped to version 5.0 at about the same time. While Linus assigns the numbers as he sees fit, Bash changes its version when major adjustments are made. Here's what users can expect in Bash 5.

    My last article about a Bash version change is 10 years old [1]. Version 4 was in the starting blocks at that time, but it took some time for all distributions to switch to this version. Nobody puts their production system at risk without good reason.

    Nevertheless, the change was very attractive for developers of complex scripts, because – thanks to associative arrays – a completely new data structure was introduced. The advantages were more elegant, simpler programs that were also easier to maintain. Other important changes included the coproc command (which supports parallelization) and redirection operators.

  • Stack Clash mitigation in GCC: Why -fstack-check is not the answer

    In our previous article about Stack Clash, we covered the basics of the Stack Clash vulnerability. To summarize, an attacker first uses various means to bring the heap and stack close together. A large stack allocation is then used to “jump the stack guard.” Subsequent stores into the stack may modify objects in the heap or vice versa. This, in turn, can be used by attackers to gain control over applications.

  • Cooperation and freedom for all

    The GPL's "freedom zero" can be applied to more than just open-source software.

    Recently, a discussion came up on one of the mailing lists for a GNU/Linux distribution, on which I feel it is necessary to comment. Because this discussion has a place in world politics today, I am bringing my input to this column.

    I started working for Digital Equipment Corporation (DEC) in 1983. At that time, I had traveled only domestically in the USA, never internationally.

  • Software Freedom Conservancy Announces End to VMware Lawsuit

    Linux developer Christoph Hellwig has announced that he is discontinuing his lawsuit against VMware for non-compliance with the terms of the GPL. Hellwig and the Software Freedom Conservancy accused VMware of including GPLed code associated with vmklinux into VMware's proprietary vSphere product. A German appeals court dismissed the case on February 28. Hellwig and the Software Freedom Conservancy have decided they will not appeal the case further in German courts.

Programming: Microsoft Yardsticks, Crypto Puzzle, Go and Python

Filed under
Development
  • The 7 Most Popular Programming Languages on GitHub in 2019 [ED: Stop treating Microsoft like everything that isn't controlled by it does not exist. And delete GitHub to discourage this kind of lying lunacy.]
  • A Programmer Solved a 20-Year-Old, Forgotten Crypto Puzzle

    Organizations impacted by breach, which gave attackers illegal access to a database containing sensitive account information, need to check their container images.
    The owners of some 190,000 Docker accounts will need to change their passwords and verify their container images haven't been tampered with as the result of a recent intrusion into a Docker Hub database.

    Docker discovered the unauthorized access on April 25. It said it had already notified impacted users about the incident and sent them a password-reset link.

    The company said it had also unlinked Docker Hub from GitHub and Bitbucket for those using these external repositories to automatically build — or autobuild — container images. Such users will need to relink their Docker Hub accounts to these repositories in order for autobuild to work properly.

  • Screen scraping with Colly in Go

    The Colly scraper helps developers who work with the Go programming language to collect data off the web. Mike Schilli illustrates the capabilities of this powerful tool with a few practical examples.

    As long as there are websites to view for the masses of browser customers on the web, there will also be individuals on the consumer side who want the data in a different format and write scraper scripts to automatically extract the data to fit their needs.

  • Overlaying Debug Data onto Wing Pro 7's Editor

    Wing 7 has been released, so in this issue of Wing Tips we take a look at one of the new debugger features in Wing Pro 7: The ability to press and hold Shift-Space to display the value of all visible symbols, using an overlay on top of the editor.

  • HOW TO GET STARTED WITH “Machine Learning”

    If you ever heard of terms like Machine Learning, Artificial Intelligence or Data Science, you may be fascinating that What are these things and how to get started.

  • Python 3.7.3 : Fix kivy python module installation.
  • Teaching a kid to code with Pygame Zero

    How can you excite a kid about coding and computers? As a software developer and father of two children, I think about this question often. A person with software skills can have big advantages in our modern world, so I’d like to equip my kids for their future.

    In my home, we play video games together. My children (aged six and four) watch me play through many classics like Super Mario World and The Legend of Zelda: A Link to the Past. They like spending that time with daddy and are really engaged with the video game. When I considered how my six year old son might enjoy coding, using video games as the channel into computing was a very natural idea.

More in Tux Machines

Security Leftovers

  • Cryptojacking Code Found in 11 Open Libraries, Thousands Infected

    A cryptojacking code was found in 11 open-source code libraries written in Ruby, which have been downloaded thousands of times. Hackers downloaded the software, infected it with malware, and subsequently reposted it on the RubyGems platform, industry news outlet Decrypt reported on Aug. 21.

  • Malicious cryptojacking code found in 11 Ruby libraries

    Cryptojacking software has been found in 11 code libraries for the programming language Ruby—exposing thousands of people. The latest heist, discovered yesterday on code repository Github made use of a package manager called RubyGems, a popular program that allows developers to upload and share improvements on existing pieces of software.

  • Cryptojacking Scripts Found in 11 Open-Source Code Libraries

    According to a Decrypt report, the malware was discovered on Tuesday inside Github code repository, infecting the language manager called RubyGems.

  • First‑of‑its‑kind spyware sneaks into Google Play
  • Open-source spyware bypasses Google Play defenses — twice

    Radio Balouch — the app in question — is a legitimate radio application serving Balouchi music enthusiasts, except that it also included AhMyth, a remote access espionage tool that has been available on GitHub as an open-source project since late 2017. Lukas Stefanko, ESET researcher who uncovered the campaign, said the app was uploaded twice on Google Play — once on July 2 and a second time on July 13 — only to be swiftly removed by Google within 24 hours upon being alerted by the security team. It continues to be available on third-party app stores. While the service’s dedicated website “radiobalouch.com” is no longer accessible, the attackers also seem to have promoted the app on Instagram and YouTube. The app, in total, attracted over 100 installs.

  • 61 impacted versions of Apache Struts left off security advisories

    Security researchers have reviewed security advisories for Apache Struts and found that two dozen of them inaccurately listed affected versions for the open-source development framework. The advisories have since been updated to reflect vulnerabilities in an additional 61 unique versions of Struts that were affected by at least one previously disclosed vulnerability but left off the security advisories for those vulnerabilities.

  • Sectigo Sponsors Automated Certificate Issuance and Renewal in Electronic Frontier Foundation’s Certbot Open Source Software Tool

    Sectigo, the world’s largest commercial Certificate Authority (CA) and a provider of purpose-built and automated PKI management solutions, today announced its sponsorship of Electronic Frontier Foundation’s (EFF) free, open source software tool, Certbot, to support efforts to encrypt the entire internet and build a network that is more structurally private, safe, and protected against censorship.

GNU Parallel 20190822 ('Jesper Svarre') released [stable]

GNU Parallel 20190822 ('Jesper Svarre') [stable] has been released. It is available for download at: http://ftpmirror.gnu.org/parallel/ No new functionality was introduced so this is a good candidate for a stable release. GNU Parallel is 10 years old next year on 2020-04-22. You are here by invited to a reception on Friday 2020-04-17. Read more

KDE ISO Image Writer – Release Announcement

My GSoC project comes to an end and I am going to conclude this series of articles by announcing the release of a beta version of KDE ISO Image Writer. Read more Also: How I got a project in Labplot KDE

Linux Foundation: Automotive Grade Linux Announcement and Calling Surveillance Operations "Confidential Computing"

  • Automotive Grade Linux Announces New Instrument Cluster Expert Group and UCB 8.0 Code Release

    Automotive Grade Linux (AGL), an open source project developing a shared software platform for in-vehicle technology, today announced a new working group focused on Instrument Cluster solutions, as well as the latest code release of the AGL platform, the UCB 8.0. The AGL Instrument Cluster Expert Group (EG) is working to reduce the footprint of AGL and optimize the platform for use in lower performance processors and low-cost vehicles that do not require an entire infotainment software stack. Formed earlier this year, the group plans to release design specifications later this year with an initial code release in early 2020. “AGL is now supported by nine major automotive manufacturers, including the top three producers by worldwide volume, and is currently being used in production for a range of economy and luxury vehicles” said Dan Cauchy, Executive Director of Automotive Grade Linux at the Linux Foundation. “The new Instrument Cluster Expert Group, supported by several of these automakers, will expand the use cases for AGL by enabling the UCB platform to support solutions for lower-cost vehicles, including motorcycles.”

  • Shhh! Microsoft, Intel, Google and more sign up to the Confidential Computing Consortium

    The Linux Foundation has signed up the likes of Microsoft and Google for its Confidential Computing Consortium, a group with the laudable goal of securing sensitive data. The group – which also includes Alibaba, Arm, Baidu, IBM, Intel, Red Hat, Swisscom and Tencent – will be working on open-source technologies and standards to speed the adoption of confidential computing. The theory goes that while approaches to encrypting data at rest and in transit have supposedly been dealt with, assuming one ignores the depressingly relentless splurts of user information from careless vendors, keeping it safe while in use is quite a bit more challenging. Particularly as workloads spread to the cloud and IoT devices.

  • Tech giants come together to form cloud security watchdog

    Some of the world’s biggest technology companies are joining forces to improve the security of files in the cloud. This includes Google, IBM, Microsoft, Intel, and many others. The news first popped up on the Linux Foundation, where it was said that the Confidential Computing Consortium will work to bring industry standards and identify the proper tools to encrypt data used by apps, devices and online services. At the moment, cloud security solutions focus to protect data that’s either resting, or is in transit. However, when the data is being used is “the third and possibly most challenging step to providing a fully encrypted lifecycle for sensitive data.”

  • Tech firms join forces to boost cloud security

    Founding members of the group – which unites hardware suppliers, cloud providers, developers, open source experts and academics – include Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom and Tencent. [...] “The earliest work on technologies that have the ability to transform an industry is often done in collaboration across the industry and with open source technologies,” said Jim Zemlin, executive director at the Linux Foundation. “The Confidential Computing Consortium is a leading indicator of what is to come for security in computing and will help define and build open technologies to support this trust infrastructure for data in use.”

  • Google, Intel and Microsoft form data protection consortium
  • Intel Editorial: Intel Joins Industry Consortium to Accelerate Confidential Computing

    Leaders in information and infrastructure security are well versed in protecting data at-rest or in-flight through a variety of methods. However, data being actively processed in memory is another matter. Whether running on your own servers on-prem, in an edge deployment, or in the heart of a cloud service provider’s data center, this “in-use” data is almost always unencrypted and potentially vulnerable.

  • Confidential Computing: How Big Tech Companies Are Coming Together To Secure Data At All Levels

    Data today moves constantly from on-premises to public cloud and the edge, which is why it is quite challenging to protect. While there are standards available that aim to protect data when it is in rest and transit, standards related to protecting it when in use do not exist. Protecting data while in use is called confidential computing, which the Confidential Computing Consortium is aiming to create across the industry. The Confidential Computing Consortium, created under the Linux Foundation, will work to build up guidelines, systems and tools to ensure data is encrypted when it’s being used by applications, devices and online services. The consortium says that encrypting data when in use is “the third and possibly most challenging step to providing a fully encrypted lifecycle for sensitive data.” Members focused on the undertaking are Alibaba, ARM, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom and Tencent.

  • IT giants join forces for full-system data security

    Apple is conspiciously missing from the consortium, despite using both Intel hardware and inhouse designed ARM-based processors. Of the first set of commitments, Intel will release its Software Guard Extensions (SGX) software development kit as open source through the CCC.

  • Google, Intel, and Microsoft partner to improve cloud security

    Some of the biggest names in tech have banded together in an effort to promote industry-wide security standards for protecting data in use.

  • Alibaba, Baidu, Google, Microsoft, Others Back Confidential Computing Consortium

    The Confidential Computing Consortium aims to help define and accelerate open-source technology that keeps data in use secure. Data typically gets encrypted by service providers, but not when it’s in use. This consortium will focus on encrypting and processing the data “in memory” to reduce the exposure of the data to the rest of the system. It aims to provide greater control and transparency for users.

  • Microsoft, Intel and others are doubling down on open source Linux security

    In other words, the operating system could be compromised by some kind of malware, but the data being used in a program would still be encrypted, and therefore safe from an attacker.

  • Microsoft, Intel, and Red Hat Back Confidential Computing

    The Linux Foundation’s latest project tackles confidential computing with a group of companies that reads like a who’s who of cloud providers, chipmakers, telecom operators, and other tech giants. Today at the Open Source Summit the Linux Foundation said it will form a new group called the Confidential Computing Consortium. Alibaba, Arm, Baidu, Google Cloud, IBM, Intel, Microsoft, Red Hat, Swisscom, and Tencent all committed to work on the project, which aims to accelerate the adoption of confidential computing.