Language Selection

English French German Italian Portuguese Spanish

August 2019

TDF Annual Report 2018

Filed under
LibO
OOo

The Annual Report of The Document Foundation for the year 2018 is now available in PDF format from TDF Nextcloud in two different versions: low resolution (6.4MB) and high resolution (53.2MB). The annual report is based on the German version presented to the authorities in April.

The 52 page document has been entirely created with free open source software: written contents have obviously been developed with LibreOffice Writer (desktop) and collaboratively modified with LibreOffice Writer (online), charts have been created with LibreOffice Calc and prepared for publishing with LibreOffice Draw, drawings and tables have been developed or modified (from legacy PDF originals) with LibreOffice Draw, images have been prepared for publishing with GIMP, and the layout has been created with Scribus based on the existing templates.

Read more

Devices: PegLeg, ARM and Neousys

Filed under
Linux
Hardware
Gadgets
  • PegLeg Biohackers Installed Raspberry Pis in Their Legs

    This was probably just a matter of time, right? We do so many things with the Internet of things ? just about anything can be made into an IoT device, so why not a person? Why not turn a person into an IoT device?

    A group of biohackers have installed Raspberry Pis under the skin in their legs. The PegLeg (you have to appreciate the name here) project is actually so far along it?s already v2.

  • Pi-oT Raspberry Pi Add-on Board Targets Commercial & Industrial IoT Automation (Crowdfunding)

    USA Based Startup Builds RPi Add-on Pi-oT, a Cleveland based startup has launched a Kickstarter campaign for a Raspberry Pi add-on for commercial and industrial IoT automation.

  • Arm Talks Up Their BFloat16 / BF16 Support For Upcoming Processors

    With the next revision to ARMv8-A will come Neon and SVE vector instructions for select computations using the BFloat16 floating-point number format. For nearly the past year we have seen Intel prepping the Linux/open-source ecosystem for BFloat16 and its support with their upcoming Cooperlake support for BF16. It's looking now like Arm might beat AMD in to supporting BF16 on their processor designs.

  • Industrial computers feature with 9th or 8th Gen Coffee Lake

    Neousys has launched a “Nuvo-8208GC” edge AI PC and three variants of a “Nuvo-7100VTC” automotive controller with 9th and 8th Gen Coffee Lake CPUs. It also added 9th Gen support to the 8th Gen ready Nuvo-7000 and Nuvo-7164GC.

    Taiwan-based Neousys Technology announced support for Intel’s 9th Generation Coffee Lake processors on six Nuvo-branded industrial computers, half of which were originally announced with 8th Gen Coffee Lake. The four systems covered here — the Nuvo-8208GC, Nuvo-7100VTC, Nuvo-7200VTC, and Nuvo-7250VTC — were announced in June and July and are still listed as “coming soon.”

Best Linux Distributions For Everyone in 2019

Filed under
GNU
Linux

There are a lot of Linux distributions. I can’t even think of coming up with an exact number because you would find loads of Linux distros that differ from one another in one way or the other.

Some of them just turn out to be a clone of one another while some of them tend to be unique. So, it’s kind of a mess – but that is the beauty of Linux.

Fret not, even though there are thousands of distributions around, in this article, I have compiled a list of the best Linux distros available right now. Of course, the list can be subjective. But, here, we try to categorize the distros – so there’s something for everyone.

Read more

HowTos and Software

Filed under
Software
HowTos

Servers: Databases, Microservices, Stackrox, Docker Block Storage and UNIX Turning 50

Filed under
Server
  • Open source databases: Today’s viable alternative for enterprise computing

    There was a time when proprietary solutions from well-capitalized software companies could be expected to provide superior solutions to those produced by a community of dedicated and talented developers. Just as Linux destroyed the market for expensive UNIX versions, open source database management systems like EDB Postgres are forcing Oracle, Microsoft, SAP, and other premium database management products to justify their pricing. With so many large, critical applications running reliably on open source products, it’s a hard case to make.

  • 5 questions everyone should ask about microservices

    The basis of the question is uncertainty in what’s going to happen once they start decomposing existing monolithic applications in favor of microservices where possible. What we need to understand is that the goal of splitting out these services is to favor deployment speed over API invocation speed.

    The main reason to split off microservices out of an existing monolith should be to isolate the development of the service within a team, completely separate from the application development team. The service engineering team can now operate at their own intervals, deploying changes weekly, daily, or even hourly if a noteworthy Common Vulnerabilities and Exposures (CVE) is applicable.

    The penalty for unknown network invocations is the trade-off to your monolith’s highly regimented deployment requirements that cause it to move at two- to three-month deployment intervals. Now, with microservice teams, you can react quicker to the business, competition, and security demands with faster delivery intervals. Equally critical for network invocations is to look closely at how course-grained your network calls become in this new distributed architecture.

  • Stackrox Launches Kubernetes Security Platform Version 2.0

    StackRox, the security for holders and Kubernetes company, declared the general accessibility of form 2.5 of the StackRox Kubernetes Security Platform. The new form incorporates upgraded arrangement and runtime controls that empower organizations to flawlessly authorize security controls to improve use cases, including threat detection, network segmentation, configuration management, and vulnerability management.

  • Pete Zaitcev: Docker Block Storage... say what again?

    Okay. Since they talk about consistency and replication together, this thing probably provides actual service, in addition to the necessary orchestration. Kind of the ill-fated Sheepdog. They may under-estimate the amount of work necesary, sure. Look no further than Ceph RBD. Remember how much work it took for a genius like Sage? But a certain arrogance is essential in a start-up, and Rancher only employs 150 people.

    Also, nobody is dumb enough to write orchestration in Go, right? So this probably is not just a layer on top of Ceph or whatever.

    Well, it's still possible that it's merely an in-house equivalent of OpenStack Cinder, and they want it in Go because they are a Go house and if you have a hammer everything looks like a nail.

    Either way, here's the main question: what does block storage have to do with Docker?

  • Changing the face of computing: UNIX turns 50

    In the late 1960s, a small team of programmers was aspiring to write a multi-tasking, multi-user operating system. Then in August 1969 Ken Thompson, a programmer at AT&T Bell Laboratories, started development of the first-ever version of the UNIX operating system (OS).

    Over the next few years, he and his colleagues Dennis Ritchie, Brian Kernighan, and others developed both this and the C-programming language. As the UNIX OS celebrates its 50th birthday, let’s take a moment to reflect on its impact on the world we live in today.

  • The Legendary OS once kicked by many big companies turns 50. The Story.

    Maybe its pervasiveness has long obscured its roots. But Unix, the OS which proves to be legendary and, in one derivative or another, powers nearly all smartphones sold worldwide, came 50 years ago from the failure of an ambitious project involving titans like GE, Bell Labs, and MIT.

    [...]

    Still, it was something to work on, and as long as Bell Labs was working on Multics, they would also have a $7 million mainframe computer to play around with in their spare time. Dennis Ritchie, one of the programmers working on Multics, later said they all felt some stake in the victory of the project, even though they knew the odds of that success were exceedingly remote.

    Cancellation of Multics meant the end of the only project that the programmers in the Computer science department had to work on—and it also meant the loss of the only computer in the Computer science department. After the GE 645 mainframe was taken apart and hauled off, the computer science department’s resources were reduced to little more than office supplies and a few terminals.

Coreboot/LinuxBIOS Rising

Filed under
Linux
Hardware
OSS
  • SD Times Open-Source Project of the Week: Coreboot

    This week’s open source project of the week is coreboot (previously LinuxBIOS), an extended firmware platform that is aimed at replacing proprietary firmware (BIOS or UEFI) found in many computers.

  • AMD Is Hiring For Coreboot Development, Sponsoring Open-Source Firmware Conference

    That's exciting itself and certainly noteworthy, but also notable is AMD is now sponsoring next week's Open-Source Firmware Conference. AMD has joined the likes of Amazon AWS, Arm, System76, TrustedFirmware.org, and other companies in sponsoring this conference about Coreboot, LinuxBoot, and related open-source firmware projects.

ACRN Project Releases Version 1.2

Filed under
Linux
  • ACRN Project Releases Version 1.2

    We are pleased to announce the release of ACRN™ Hypervisor version 1.2 which introduces a number of new features.

  • ACRN 1.2 Hypervisor Released With Kata Containers Support, Secure Boot Capability

    The ACRN hypervisor that was open-sourced by Intel last year as a small footprint virtualization hypervisor focused on real-time computing and safety-critical applications for IoT and related embedded use-cases is up to version 1.2.

    ACRN, which continues to function as a Linux Foundation project, reached version 1.2 yesterday with new capabilities. Perhaps most notably, UEFI Secure Boot is now supported by ACRN 1.2 as part of its new OVMF support for serving as a virtual boot-loader to launch Clear Linux / VxWorks / Windows. There is also support for Kata Containers, another innovation originally out of Intel's open-source group.

Greg Kroah-Hartman: Microsoft exFAT "code is horrible"

Filed under
Linux
Microsoft
  • Microsoft Will Publish exFAT Spec, but Linux Devs Aren’t Happy

    Greg Kroah-Hartman, who maintains the Linux -stable branch, defended the decision to take the code into staging, despite its current condition, writing: “I know the code is horrible, but I will gladly take horrible code into staging. If it bothers you, just please ignore it.”

    Stephen J. Vaughan-Nichols writes that the move could be read as a partial answer to a request made by Bradley Kuhn when Microsoft joined the Open Invention Network (OIN)’s patent non-aggression pact last year. After noting that Microsoft had specifically shaken down Linux product vendors for licensing fees related to exFAT in the past, he called on Microsoft to “submit to upstream the exfat code themselves under GPLv2-or-later.” Microsoft has not taken this step. Instead, it is publishing the specification and supports the work to create a Linux driver that will add exFAT support to the kernel at a future time. While Microsoft is supporting this effort, it expects the actual code submission to be performed by others.

  • The Initial exFAT Driver Queued For Introduction With The Linux 5.4 Kernel

Mozilla: Firefox 69, Firefox 70, and Firefox Nightly

Filed under
Moz/FF
  • Firefox 69 new contributors

    With the release of Firefox 69, we are pleased to welcome the 50 developers who contributed their first code change to Firefox in this release, 39 of whom were brand new volunteers!

  • Hacks.Mozilla.Org: The Baseline Interpreter: a faster JS interpreter in Firefox 70

    Modern web applications load and execute a lot more JavaScript code than they did just a few years ago. While JIT (just-in-time) compilers have been very successful in making JavaScript performant, we needed a better solution to deal with these new workloads.

    To address this, we’ve added a new, generated JavaScript bytecode interpreter to the JavaScript engine in Firefox 70. The interpreter is available now in the Firefox Nightly channel, and will go to general release in October. Instead of writing or generating a new interpreter from scratch, we found a way to do this by sharing most code with our existing Baseline JIT.

  • Firefox Nightly: These Weeks in Firefox: Issue 63

    The about:addons shortcut management view is now notifying users when there extensions are using the same shortcuts. Thanks to Trishul for contributing this enhancement.

More in Tux Machines

Security: Windows, Microsoft Malware, GPS Bug, and Some Exaggeration/FUD

  • Sophisticated Spearphishing Campaign Targets Government Organizations, IGOs, and NGOs - blackMORE Ops

    The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) are engaged in addressing a spearphishing campaign targeting government organizations, intergovernmental organizations (IGOs), and non-governmental organizations (NGOs). A sophisticated cyber threat actor leveraged a compromised end-user account from Constant Contact, a legitimate email marketing software company, to spoof a U.S.-based government organization and distribute links to malicious URLs.[1] CISA and FBI have not determined that any individual accounts have been specifically targeted by this campaign.

  • Malicious NPM Packages Caught Running Cryptominer On Windows, Linux, macOS Devices [Ed: Lousy anti-journalist sites try to blame the victims for having received malware from Microsoft itself]

    Three JavaScript libraries uploaded to the official NPM package repository have been unmasked as crypto-mining malware, once again demonstrating how open-source software package repositories are becoming a lucrative target for executing an array of attacks on Windows, macOS, and Linux systems.

  • GPS Daemon (GPSD) Rollover Bug

    Critical Infrastructure (CI) owners and operators, and other users who obtain Coordinated Universal Time (UTC) from Global Positioning System (GPS) devices, should be aware of a GPS Daemon (GPSD) bug in GPSD versions 3.20 (released December 31, 2019) through 3.22 (released January 8, 2021).

  • New Linux kernel memory corruption bug causes full system compromise [Ed: This is "local privilege escalation", i.e. vastly less severe than all those back doors in Windows, but so-called 'security' firms aren't meant to talk about state-mandated holes]

    Researchers dubbed it a “straightforward Linux kernel locking bug” that they exploited against Debian Buster’s 4.19.0.13-amd64 kernel.

today's howtos

  • Inspect the capabilities of ELF binaries with this open source tool

    Capa is an open source project from Mandiant (a cybersecurity company). In the project's own words, capa detects capabilities in executable files. Although the primary target of Capa is unknown and possibly malicious executables, the examples in this article run Capa on day-to-day Linux utilities to see how the tool works. Given that most malware is Windows-based, earlier Capa versions only supported the PE file format, a dominant Windows executable format. However, starting with v3.0.0, support for ELF files has been added (thanks to Intezer).

  • What you need to know about Kubernetes NetworkPolicy | Opensource.com

    With a growing number of cloud-native applications going to production through Kubernetes adoption, security is an important checkpoint that you must consider early in the process. When designing a cloud-native application, it is very important to embed a security strategy up front. Failure to do so leads to lingering security issues that can cause project delays and ultimately cost you unnecessary stress and money. For years, people left security at the end—until their deployment was about to go into production. That practice causes delays on deliverables because each organization has security standards to adhere to, which are either bypassed or not followed with a lot of accepted risks to make the deliverables. Understanding Kubernetes NetworkPolicy can be daunting for people just starting to learn the ins and outs of Kubernetes implementation. But this is one of the fundamental requirements that you must learn before deploying an application to your Kubernetes cluster. When learning Kubernetes and cloud-native application patterns, make your slogan "Don't leave security behind!"

  • 3 tips for printing with Linux

    I have a confession to make. This may be an unpopular opinion. I actually enjoy reading documents on a piece of paper as opposed to digitally. When I want to try a new recipe, I print it out to follow it so I don't have to continually swipe my mobile device to keep up with the steps. I store all my favorite recipes in sheet protectors in a binder. I also like to print out coloring pages or activity sheets for my kids. There are a ton of options online or we create our own! Though I have a fond appreciation for printed documents, I have also had my fair share of printing nightmares. Paper jams, low ink, printer not found, the list of frustrating errors goes on and on. Thankfully, it is possible to print frustration-free on Linux. Below are three tutorials you need to get started printing on Linux. The first article walks through how to connect your printer to your Linux computer. Then, learn how to print from anywhere in your house using your home network. The last article teaches you how to print from your Linux terminal so you can live out all your productivity dreams. If you are in the market for a new printer, check out this article about choosing a printer for Linux.

  • 3 basic Linux user management commands every sysadmin should know [Ed: But those have nothing to do with Linux… they’re part of shadow-utils.]

    I like logical commands; commands that are simple, straightforward, and just make sense. When I delivered Linux sysadmin training, I found Linux user management commands to be easy to explain.

  • Strange Apache Reload Issue « etbe - Russell Coker

    I recently had to renew the SSL certificate for my web server, nothing exciting about that but Certbot created a new directory for the key because I had removed some domains (moved to a different web server). This normally isn’t a big deal, change the Apache configuration to the new file names and run the “reload” command. My monitoring system initially said that the SSL certificate wasn’t going to expire in the near future so it looked fine. Then an hour later my monitoring system told me that the certificate was about to expire, apparently the old certificate came back! I viewed my site with my web browser and the new certificate was being used, it seemed strange. Then I did more tests with gnutls-cli which revealed that exactly half the connections got the new certificate and half got the old one. Because my web server isn’t doing anything particularly demanding the mpm_event configuration only starts 2 servers, and even that may be excessive for what it does. So it seems that the Apache reload command had reloaded the configuration on one mpm_event server but not the other!

  • Featured Unixcop Oracle Data Integrator (ODI) on CentOS 8 Oracle Data Integrator (ODI) on CentOS 8

    Data Integration ensures that information is timely, accurate, and consistent across complex systems. Although it is still frequently referred as Extract-Transform-Load (ETL), data integration was initially considered as the architecture used for loading Enterprise Data Warehouse systems. Data integration now includes data movement, data synchronization, data quality, data management, and data services. Oracle Data Integrator s built on several components all working together around a centralized metadata repository. Also these components – graphical modules, runtime agents and web based interfaces – in conjunction with other advanced features make ODI a lightweight, state of the art data integration platform. With its superior performance and flexible architecture, Oracle Data Integrator can_be used in various types of projects such as Data Warehousing, SOA, Business Intelligence or Application Integration.

  • Oracle Weblogic 14c on CentOS 8 - Unixcop

    Modern business environment demands Web and e-commerce applications that accelerate your entry into new markets like a boom ! help you find new ways to reach and retain customers, and allow you to introduce new products and services quickly. To build and deploy these new solutions, you need a proven, reliable e-commerce platform that can connect and empower all types of users while integrating your corporate data. Oracle WebLogic Server is a unified and extensible platform for developing, deploying and running enterprise applications, such as Java, for on-premises and in the cloud. Hi Guys ! Today, we will discuss about Oracle WebLogic server. We have got through some intro & now will have a glimpse of some architectural overview of this Oracle Middle ware product, Then we will go the how to’s. Don’t get bored till then ! WebLogic Server operates in the middle tier of a multi tier (or n-tier) architecture. A multi tier architecture determines where the software components that make up a computing system are executed in relation to each other and to the hardware, network, and users. Choosing the best location for each software component lets you develop applications faster; eases deployment and administration; and provides greater control over performance, utilization, security, scalability, and reliability.

  • Store Passwords Securely with Hashicorp Vault on Ubuntu 20.04 – VITUX

    It is always not possible to remember all the secret keys, passphrases, and tokens. Sometimes managing and maintaining secrets might be challenging tasks. We may need to store such secrets somewhere which we can use when needed. Hashicorp Vault is a solution that can be used to store secrets. It protects all the secrets stored on it and keeps secured. In this article, we will learn how to install Hashicorp vault on ubuntu 20.04.

Open Hardware/Modding: New Hardware Based on RISC-V and Arduino Projects

  • M5Stamp C3 RISC-V board supports WiFI 4, Bluetooth 5.0 Long Range and 2 Mbps bitrate - CNX Software

    It was only last month that M5Stack launched the M5Stamp Pico module based on an ESP32-PICO-D4 SiP and heat-resistant plastic shell, but M5Stamp C3 board is already out with most of the same specifications and features but an ESP32-C3 RISC-V SoC replaces the ESP32 dual-core Xtensa processor. M5Stamp C3 offers WiFi 4 and Bluetooth 5.0 with high bitrate and long-range connectivity and comes with the same heat-resistant plastic shell, but the company also highlights the RSA-3072-based secure boot and the AES-128-XTS-based flash encryption as a more secure way to address Bluetooth security concerns.

  • Alibaba open sources four RISC-V cores: XuanTie E902, E906, C906 and C910 - CNX Software

    Alibaba introduces a range of RISC-V processors in the last few years with the Xuantie family ranging from the E902 micro-controller class core to the C910 core for servers in data centers. This also includes the XuanTie C906 core found in the Allwinner D1 single-core RISC-V processor. While RISC-V is an open standard and there’s a fair share of open-source RISC-V cores available, many commercial RISC-V cores are closed source, but Zhang Jianfeng, President of Alibaba Cloud Intelligence speaking at the 2021 Apsara Conference, announced that T-Head had open-sourced four RISC-V-based Xuantie series processor cores, namely Xuantie E902, E906, C906, and C910, as well as related software and tools.

  • SiFive Has A New RISC-V Core To Improve Performance By 50%, Outperform Cortex-A78 - Phoronix

    SiFive just shared word that at today's Linley Conference they teased their Performance P550 successor that will "set a new standard for the highest efficiency RISC-V processor available."

  • This tinyML device counts your squats while you focus on your form | Arduino Blog

    Getting in your daily exercise is vital to living a healthy life and having proper form when squatting can go a long way towards achieving that goal without causing joint pain from doing them incorrectly. The Squats Counter is a device worn around the thigh that utilizes machine learning and TensorFlow Lite to automatically track the user’s form and count how many squats have been performed. Creator Manas Pange started his project by flashing the tf4micro-moition-kit code to a Nano 33 BLE Sense, which features an onboard three-axis accelerometer. From there, he opened the Tiny Motion Trainer Experiment by Google that connects to the Arduino over Bluetooth and captures many successive samples of motion. After gathering enough proper and improper form samples, Manas trained, tested, and deployed the resulting model to the board.

Neos.io: the next generation open-source WordPress CMS alternative

Neos.io is a free open-source modern CMS solution for developers and designers. It is the ideal solution for enterprise and developers. Neos.io is packed with dozens of features aiming to be easy to use for content creators and editors, effortlessly customized by designers, and extensible for developers. Developers can easily build custom themes, custom content models, plugins to add new features and functions and integrate 3rd party services and solutions. Neos.io offers long-term support for its releases, which means every production release goes through extensive testing and quality check before production. Read more