Language Selection

English French German Italian Portuguese Spanish

July 2019

GNU Guile 2.2.6 released

Filed under
Development
GNU

We are delighted to announce GNU Guile release 2.2.6, the sixth bug-fix
release in the 2.2 stable release series.  See the NEWS excerpt that
follows for full details.

                             *  *  *

Guile is an implementation of the Scheme programming language.

The Guile web page is located at https://gnu.org/software/guile/, and
among other things, it contains a copy of the Guile manual and pointers
to more resources.

Guile can run interactively, as a script interpreter, and as a Scheme
compiler to VM bytecode.  It is also packaged as a library so that
applications can easily incorporate a complete Scheme interpreter/VM.
An application can use Guile as an extension language, a clean and
powerful configuration language, or as multi-purpose "glue" to connect
primitives provided by the application.  It is easy to call Scheme code
from C code and vice versa.  Applications can add new functions, data
types, control structures, and even syntax to Guile, to create a
domain-specific language tailored to the task at hand.

Guile implements many common Scheme standards, including R5RS, R6RS, and
a number of SRFIs.  In addition, Guile includes its own module system,
full access to POSIX system calls, networking support, multiple threads,
dynamic linking, a foreign function call interface, and powerful string
processing.

Guile 2.2.6 can be installed in parallel with Guile 2.0.x; see
https://www.gnu.org/software/guile/manual/html_node/Parallel-Installations.html.

Read more

Also: GNU Guile 2.2.6 released

today's leftovers

Filed under
Misc
  • The Linux Kernel Getting Fixed Up For Booting On Some Intel Systems - No "8254"

    There have been Linux reports of problems pertaining to "8254 Clock Gating" going back a while but more so recently. This problem is some newer Intel Skylake~Apollolake derived systems particularly with Intel SoCs where certain systems ship with the 8254 PIT to be gated via a special register and up until now that has caused Linux to fail to boot. 

  • Vulkan 1.1.113 Brings Two More Extensions

    It's been just one week since the release of Vulkan 1.1.112 but it's now been succeeded by Vulkan 1.1.113 and two new extensions are in tow.

    Vulkan 1.1.113 comes with its usual assortment of specification corrections and clarifications to the massive Vulkan API. Additionally, Vulkan 1.1.113 has two new extensions for EXT_texel_buffer_alignment and EXT_shader_demote_to_helper_invocation.

  • Introducing PyOxidizer, an open source utility for producing standalone Python applications, written in Rust

    On Monday, Gregory Szorc, a Developer Productivity Engineer at Airbnb, introduced PyOxidizer, a Python application packaging and distribution tool written in Rust. This tool is available for Windows, macOS, and Linux operating systems.

  • Joplin is an open source note taking app for iOS, Android, Windows, macOS and Linux

    Note taking apps are handy and can be used for simple tasks like jotting down lists, to storing important information. The primary use of such an app, at least for me, is that you can pull up the data that you require quickly.  Joplin is an open source and cross platform app that is available for iOS, Android, Windows, macOS and Linux.

    It's also available as a terminal app for macOS, Linux, and FreeBSD, if that is your cup of tea. 

  • Paradox Interactive on Linux support, it's being done on a "case by case basis"

    There's been a lot of chatter in the Linux gaming community recently, centred around Paradox Interactive and future Linux support. It's not all doom and gloom.

  • Toontown Rewritten Available to Install in Ubuntu 18.04 / Higher

    Toontown Rewritten, a fan-made recreation of Disney’s closed MMORPG Toontown Online, now is available to install via Snap package in Ubuntu 16.04, Ubuntu 18.04, and higher.

    Toontown Rewritten (TTR) is free to play and open to anybody. The TTR snap package contains a slightly modified version of the official Toontown Rewritten launcher, including python 3 support. Due to the fact that this launcher is modified, the TTR team will not provide support if anything goes wrong with the launcher.

  • Debunking Microsoft's anti-Right-to-Repair FUD [Ed: The 'new' Microsoft is an enemy of freedom. There's no "new Microsoft"; it's just a PR campaign.]

    Microsoft is no stranger to the use of "Fear, Uncertainty and Doubt" in the pursuit of monopolistic goals; the company perfected the tactic in the early 1990s as a way of scaring enterprise customers away from GNU/Linux; today, the company shows off its mastery of FUD in its filings to the Federal Trade Commission condemning proposals for Right-to-Repair rules.

    In its comments, Microsoft argues that allowing third-party repairs of Microsoft products could compromise its DRM systems, including dual-purpose security systems like the "Trusted Platform Module" (TPM) that are used to lock out rival operating systems as well as malicious actors.

    Luckily, we have Securepairs, a coalition of security experts devoted to debunking claims from repair monopolists who claim that opening repair markets will pose a security threat.

    Microsoft submitted its comments ahead of the FTC's "Nixing the Fix" workshop on Right to Repair, arguing that "If the TPM or other hardware or software protections were compromised by a malicious or unqualified repair vendor, those security protections would be rendered ineffective and consumers’ data and control of the device would be at risk. Moreover, a security breach of one device can potentially compromise the security of a platform or other devices connected to the network."

  • Red Hat Expecting X.org to “Go into Hard Maintenance Mode Fairly Quickly”

    Once we are done with [their Wayland improvements] we expect X.org to go into hard maintenance mode fairly quickly. The reality is that X.org is basically maintained by us and thus once we stop paying attention to it there is unlikely to be any major new releases coming out and there might even be some bitrot setting in over time. We will keep an eye on it as we will want to ensure X.org stays supportable until the end of the RHEL8 lifecycle at a minimum, but let this be a friendly notice for everyone who rely the work we do maintaining the Linux graphics stack, get onto Wayland, that is where the future is."

  • Jonathan Dieter: An update

    Apparently coding experience doesn’t translate into interview experience, as I found out when I did my first. In the stress of the moment, I completely bombed one of the low-level skill questions, painting myself, I’m sure, as a first-class idiot. The interviewer was very gracious, but the interview ended shortly afterwards and I got my official rejection a few minutes later. It was only afterwards that I realized that, at age 37, this had been the very first interview I had ever done in my life.

    I applied for positions in companies around Ireland, and one thing I found interesting is that a majority of the interviews I got were as a result of connections I’d made, mostly through Fedora. In the tech world, as much as any other field, it seems that our ability to build and foster relationships is still essential to our professional growth. It’s not a substitute for competence, but skill can’t replace it either.

    One thing that paints a compelling picture of a company is how it handles rejections. Most companies did well enough, having the courtesy to send out an email when they had decided against me. A number ghosted me, which still puts a sour taste in the mouth when thinking about them. And then there was Red Hat. Now, to be fair, my interviews at Red Hat were different anyway, but a Red Hat rep personally called me and let me know that they were passing on me because they’d found a more qualified applicant. While I was obviously disappointed, I felt that this set a really high bar for other companies.

    In November, I got hired on by a local automated phone number testing company called Spearline. They test phone call quality using in-country servers around the world, and I quickly settled in, getting the opportunity to move their web applications over to a micro-services architecture. The company gave me a lot of responsibility, was a great place to work, and I built a lot of good friendships there.

  • Purism's Security Key Will Generate Keys Directly on the Device, Made in the USA

    Purism, the hardware manufacturer known for its secure Linux-powered laptops and the upcoming Librem 5 security-focused Linux smartphone, announced the upcoming release of the second version of its Librem Key security key.
    Launched last year in September, Librem Key is the first and only OpenPGP-based security key designed to offer a Heads-firmware-integrated tamper-evident boot process for laptops. It has the ultimate goal of protecting users' digital lives by storing security keys on the devices, encrypted with the highest cryptographic algorithms.

    Next month, Purism wants to launch the second generation of Librem Key, which promises even more protection for users by securely generating security keys directly on the device, while being able to store up to 4096-bit RSA keys and up to 512-bit ECC keys. Best of all, Purism has moved the production of the Librem Key to the U.S..

    "Having a secure supply chain is critical for hardware that holds your most sensitive secrets," said Kyle Rankin, Chief Security Officer of Purism. "By making the Librem Key in the USA, we've removed even more links in the supply chain and can directly oversee the complete process from Librem Key production to shipping to the customer."

  • LG and Qt partner up to expand webOS to automobiles and smart home devices

    LG Electronics has partnered up with The Qt Company to expand the application of its open source webOS platform.

    The South Korean electronics giant and Finnish software developer said they will be teaming up to embed webOS into future automotive, robotics, and smart home devices.

    LG's webOS will also officially become a reference operating system of Qt, the companies added, which means LG will get the latest version of Qt software faster so it can be used for the development of webOS.

Server and OSS Leftovers

Filed under
Server
OSS
  • Breaking IT Down: What Is Kubernetes?

    Kubernetes is an open source tool used for automating and managing container operations. Ever since its launch as an open source platform in 2014, Kubernetes has grown to become the preferred choice for container orchestration. It has the support of tech majors and is the most popular open source project after Linux among the open source community of developers.

    Container technology enables packaging of an application together with all its dependencies, such as OS, SSL libraries, and configuration files, into a single container. This technology is not new; it has been a part of Linux operations for years.

  • Platform9 Extends Scope of Kubernetes Services

    Platform9 announced this week it is adding support for a range of complementary technologies to the managed Kubernetes service it already provides.

    Company CEO Sirish Raghuram says now that Kubernetes adoption is achieving critical mass, organizations are looking to invoke additional services. Platform9 now supports the open source Prometheus monitoring tools and an instance of the open source MySQL database to support stateful containerized applications running on Kubernetes that need access to persistent sources of data.

  • We’re talking Kubernetes at TC Sessions: Enterprise with Google’s Aparna Sinha and VMware’s Craig McLuckie

    Over the past five years, Kubernetes has grown from a project inside of Google to an open source powerhouse with an ecosystem of products and services, attracting billions of dollars in venture investment. In fact, we’ve already seen some successful exits, including one from one of our panelists.

    On September 5th at TC Sessions: Enterprise, we’re going to be discussing the rise of Kubernetes with two industry veterans. For starters we have Aparna Sinha, director of product management for Kubernetes and the newly announced Anthos product. Sinha was in charge of several early Kubernetes releases and has worked on the Kubernetes team at Google since 2016. Prior to joining Google, she had 15 years experience in enterprise software settings.

  • Should Google be a bit less like Google to succeed in cloud?

    It's also very possible that it oversteps the mark. As James Urquhart put it, "Google is the Sun Microsystems of this decade. Engineering for engineering to engineer by engineering. A phenomenal approach for discovering innovative solutions, but not necessarily a great one for product-market fit." Is Google too Googley for its own good?

  • SIM swap horror story: I've lost decades of data and Google won't lift a finger

    We pay for Google Drive, Google Fi, and Google Play Movies so I was hoping there would be some level of customer service for paying customers. There are no phone numbers available for customers who pay for services or those who only use free services. Google prides itself on collecting my information and using it to help with search results. Thus, it has all sorts of information on how I conduct my daily life, including tracking my every movement, tracking my business trips, seeing who I contact daily, and much more. You would think it would be smart enough to see when some stranger appears and completely changes my account information.

    According to Gmail, my Google account has now been deleted so I'm no longer trying to just reset the password, but instead I am trying to recover my account. I have countless PR folks, friends, family, and others who are in my long Gmail history and am currently unable to access any of that information. I also have thousands of photos that may be lost forever if Google won't work with me to get my account back.

  • The Risks Of Outsourcing

    One risk that is often underestimated is that the security of IT outsourced to a cloud provider has a single point of failure, the security of the account at the cloud provider. Brian Wilson of Backblaze pointed to the risk that the account suffers a billing problem: [...]

  • Is Hadoop Dead?

    When you hear "No one needs big data", look over the CV of the speaker. An African telecoms carrier going through amazing levels of growth is not going to reach out to a greenfield JavaScript Web Developer and ask them if they could help architect their data platform and optimise their billing calculations. You might find a lot of internally-hosted web applications in an Airline's headquarters but when it comes to analysing PBs of aircraft telemetry for predictive maintenance there might not be any PHP developers on that project.

    The above projects often aren't advertised in a way that web developers would be exposed to them. This is why someone could spend years working on new projects that are at the bottom of their S-curve in terms of both growth and data accumulated and largely never see a need for data processing outside of what could fit in RAM on a single machine.

  • NZTA open sources security tool for use by other agencies

    The New Zealand Transport Agency is open sourcing a security assurance tool it is developing with Wellington company Catalyst.
    Catalyst has been working with NZTA to open source the tool that automates aspects of the security assurance process and embeds security requirements earlier in the product development life-cycle.

    The Security Development Lifecycle Tool (SDLT), aligns with common government security classifications and risk assessment practices to deliver "security by design" across the agency's tech teams.

    NZTA opted to open source the tool so other government agencies can similarly reduce their compliance overheads and focus on core delivery.

  • 5 common open source software licenses you need to know

    There are two versions of the GNU General Public License (GPL). The terms of the latest iteration, GPL version 3, are clear and readable overall; it allows open copy, redistribution and modification. Developers who use open source code covered by GPL version 3 can choose to charge a fee for their open source software.

    However, the GPL imposes several important restrictions on developers and users. The GPL emphasizes copyleft behaviors for activities such as including linking, distribution, modification and re- or sub-licensing. Generally, copyleft clauses require that uses of the work observe the same terms and conditions to which the original code adheres. Thus, open source software obtained under GPL version 3 retains those rights indefinitely. In addition, developers must include a copy of the GNU GPL with the software as it's redistributed and within the software itself. Other restrictions exist for source and binary software distributions under the GPL.

    The GNU Lesser General Public License (LGPL) provides a slightly more permissive option than version 3. The agreement, for instance, allows linking the LGPL code with code under non-GPL licenses -- a practice prohibited under GPL version 3. Consequently, developers often use LGPL when they want to allow for the use of non-GPL open source libraries, but preserve other copyleft restrictions.

Moving to GNU/Linux: Chrome OS Breaks Crostini, Upgrading from Windows 7 to Ubuntu and Microsoft Antitrust

Filed under
GNU
Linux
  • Latest Chrome OS beta brakes Linux support (Crostini) on multiple devices – here’s what you should know

    Chrome OS from Google is widely popular among students and casual PC users due to its simplicity and lightweight nature. You don’t need to bother about maintenance, antivirus or BSOD – just get the work done with the familiar interface of Google Chrome.

    [...]

    Well, there are some convoluted terminologies regarding the Linux compatibility. In short, Crostini is the unified term used by Google to describe the container based Linux app support layer.

    [...]

    The root cause is actually hidden underneath this commit, which is responsible to break hardware virtualization support, which results in the disappearance of Crostini (Linux apps) altogether from the affected Chromebooks/Chromeboxes.

    The team is discussing the aftereffects of the bug, while internally pushing code commits to fix the disaster. The proper patch is already submitted to the v77 branch, and the Platform version 12239.20.0 of v76 now contains the fix as well.

  • 3 easy ways for Windows users to try out Linux

    People are talking about Linux more and more in the mainstream these days, and even Windows users are starting to take an interest in the platform. However, trying out a new type of operating system can be scary if you’ve never used it before. Since Linux has a perception of being difficult to install, we’ve compiled a list of 3 easy ways you can try out Linux, while keeping your Microsoft Windows PC intact.

  • Upgrade from Windows 7 to Ubuntu Part 1: Intro

    Ubuntu is a free, libre, easy to use, secure, popular desktop operating system capable to replace Windows 7. As many people anticipated, soon Windows 7 will cease away just like XP, and this is the time for them to consider switching to GNU/Linux operating system. This article is the first part of my migration guide to Ubuntu for Windows 7 users anywhere. You will find here intro to Ubuntu and its goodness, its user interface, difference to Windows, and its terminology. I'm trying my best to make every part short and easy enough to understand for everybody. Finally, enjoy Ubuntu!

    [...]

    Ubuntu is a popular computer operating system developed by Canonical Ltd., that is free and libre, easy to use, modern and complete with worldwide community and commercial support. Its name comes from ancient African word meaning humanity to others. Ubuntu is capable to replace Windows or macOS in everybody's computing life. Ubuntu first released in 2004 as version 4.10 and reached version 18.04 in 2018. Everybody can obtain Ubuntu gratis at its website www.ubuntu.com.

  • 5 Lessons From Microsoft’s Antitrust Woes, by People Who Lived It

    Interviews with several of the people at the center of the government’s case against the company, as well as antitrust experts, suggest that tech executives will need to be careful and flexible in navigating their turn in the cross hairs.

    Here are five lessons that today’s executives might want to take away from the Microsoft experience, according to the people who lived through it.

Debian LTS and Sparky

Filed under
Debian
  • Sylvain Beucler: Debian LTS - June 2019

    Here is my transparent report for my work on the Debian Long Term Support (LTS) project, which extends the security support for past Debian releases, as a paid contributor.

    In June, the monthly sponsored hours were split evenly among contributors depending on their max availability - I declared max 30h and got 17h.

  • Chris Lamb: Free software activities in June 2019

    Whilst anyone can inspect the source code of free software for malicious flaws almost all software is distributed pre-compiled to end users. The motivation behind the Reproducible Builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.

  • Ben Hutchings: Debian LTS work, June 2019

    I was assigned 17 hours of work by Freexian's Debian LTS initiative and worked all those hours this month.

    I applied a number of security fixes to Linux 3.16, including those for the TCP denial-of-service vulnerabilities. I uploaded the updated package to jessie and issued DLA-1823.

    I backported the corresponding security update for Linux 4.9 from stretch to jessie and issued DLA-1824.

  • Sparky 5.8 RC2 ARMHF

    New images of Sparky 5.8 RC2 for RaspberryPi are ready to go. Sparky 5.8 RC is a release candidate and is based on upcoming Debian stable Buster.

  • Sparky news 2019/06

    The 6th monthly report of 2019 of the Sparky project:

    • Sparky 5.8 RC based on Debian testing Buster has been released
    • Linux kernel updated up to version 5.1.15 & 5.2-rc7
    • added to repos: Baka-MPlayer, Atom editor
    • preparations to next Sparky stable 5 “Nibiru” are on the way
    • Sparky 5.8 RC2 ARMHF for RaspberryPi is out and ready for testing

Security: VLC, Threats, FUD and More

Filed under
Security

Cinnamon 4.2.0 Packs Plenty of Bug Fixes, But Nothing Particularly Exciting

Filed under
GNU
Linux
GNOME

A new version of the Cinnamon desktop is tagged for release, but Linux Mint fans who favour major changes won’t be too excited by this update.

Cinnamon 4.2.0 is squarely a bug fix release that does not bring any shiny new things to the fore. Instead, the update focuses on improving the features and functions that are already present in the popular desktop environment.

Such updates may be short on excitement, but they’re always big on fit and finish.

Among the many bug fixes and resolved issues shipping as part of Cinnamon 4.2.0 is a patch that allows auto-hidden desktop panels to ‘peek’ in to view for 1.5 seconds when highlighted or selected in the panel or applet settings.

Other changes include window animation tweaks, layout adjustments, and the addition of tooltips to the workspace switcher applet.

Read more

GNOME Shell Adds Another Much-Requested Feature

Filed under
GNOME

Sound the ‘long-requested-feature-finally-materalises-in-reality‘ alarm because it looks like GNOME Shell is FINALLY adding drag and drop folder creation to the Applications Overview.

Long time coming, right?

Code contributed by GNOME dev Georges Basile Stavracas Neto (aka Feaneron), and already proposed for merging, is said to “…implement drag n’ drop as a way to way manage folders in GNOME Shell.”

GNOME Shell does support app folders natively, you just can’t create app folders directly from the apps grid by using drag and drop. In fact, the process is really rather hidden, obtusely tucked away in GNOME Software (of all places).

There are third-party extensions which make it easier to create app folders in GNOME Shell, having the functionality native, blessed, and included out-of-the-box is always preferable, isn’t it?

And that’s precisely what Georges’ promising code proposal purports to provide.

Read more

More in Tux Machines

Infrastructure living the ideals of software freedom

Can organisations with limited resources be digitally sovereign and still provide modern services? It is not trivial, but the FSFE proves it's possible. Take a deep dive with us into our infrastructure to learn how we run all the different services within the FSFE and cope with numerous challenges. A story non only for techies. Charity, non-profit organisations run into limits every day: personnel, budget, time, and the pressing question how to use donations most efficiently. When it comes to technical infrastructure, many organisations unfortunately decide to outsource and use proprietary, non-free services. By this, they give up software freedom and thereby digital sovereignty and independence. Since its founding more than 20 years ago, the FSFE has been pursuing the opposite way. Right from the start, we have relied on Free Software although it sometimes meant not being able to use and offer trendy services. Also, given the limited resources, we constantly have to choose between useful features and maintainability. Read more

Ubuntu Frame - A picture is worth a thousand snaps

The development of graphical applications intended for use on IoT devices isn’t trivial. The complexity goes beyond the usual challenges that exist in the classic desktop and server domains. One, the IoT world is much less mature. Two, developers need to take into consideration various edge cases that do not apply to hands-on devices like laptops, for instance. Kiosks, industrial displays and digital signage devices require additional focus and rigor. Ubuntu Frame is a solution designed to simplify and streamline the build and development of products that need graphical output. On a technical level, it is a fullscreen shell, based on Wayland, intended for interactive usage applications. On a product level, Ubuntu Frame bundles communication protocols, input protocols and security policies into a single kit, which can then be used in IoT devices. You can test it today. Read more

LoRa HAT starts at $31

SB Components is crowdfunding a $31-and-up “LoRa HAT for Raspberry Pi” with a 5-Km range at 868MHz or 433MHz. There is also a $47 “LoRa Expansion for Pico” board with a pre-soldered RPi Pico. Raspberry Pi milliner SB Components, which is behind such RPi HATs as the PiFinger fingerprint sensor HAT, has won Kickstarter funding for a simple, low-cost LoRa communications HAT. The LoRa HAT for Raspberry Pi is still available in a super early bird special for 23 UK Pounds ($31), as well as an identical 30-Pound ($40) package discounted from the eventual 40-Pound retail price. Read more

Preparing for PipeWire

In the coming year, PipeWire will replace PulseAudio resulting in better audio on Linux. If you can't wait, here's what you need to know to get started with PipeWire. Unless you use a version of Fedora released in 2021, you may not have heard of PipeWire. However, by this time next year, PipeWire will likely be installed on your computer. Already, many distributions are starting to carry PipeWire (marked as experimental) in their repositories. Still unfinished with its installation varied depending on distribution, PipeWire is about to replace PulseAudio as Linux’s main audio server. If you are unwilling to wait until PipeWire becomes a standard part of a Linux installation, here is what you should know. PipeWire was created by Wim Taymans of Red Hat in 2015. Based on an earlier project called PulseVideo, PipeWire was originally intended as a server for capture and playback of audio and video. The video side of the project is still in development, but the audio side is mature enough that in the spring of 2021 Fedora 34 become the first Linux distribution to install it by default. In Fedora 34, PipeWire is used to manage PulseAudio, JACK, ALSA, and GStreamer-based applications. Read more