Language Selection

English French German Italian Portuguese Spanish

Android Leftovers

More in Tux Machines

GNOME: Tracker 3.0, Sandboxing WebKitGTK Apps, DevConf.CZ 2020, GNOME's Mutter

  • API changes in Tracker 3.0

    Lots has happened in the 2 months since my last post, most notably the global coronavirus pandemic … in Spain we’re in week 3 of quarantine lockdown already and noone knows when it is going to end. Let’s take our mind off the pandemic and talk about Tracker 3.0. At the start of the year Carlos worked on some key API changes which are now merged. It’s a good opportunity to recap what’s really changing in the new version. I made the developer documentation for Tracker 3.0 available online. Thanks to GitLab, this can be updated every time we merge a change in Git. The documentation a work in progress and we appreciate if you can help us to improve it. The documentation contains a migration guide, but let’s have a broader look at some common use cases.

  • Sandboxing WebKitGTK Apps

    When you connect to a Wi-Fi network, that network might block your access to the wider internet until you’ve signed into the network’s captive portal page. An untrusted network can disrupt your connection at any time by blocking secure requests and replacing the content of insecure requests with its login page. (Of course this can be done on wired networks as well, but in practice it mainly happens on Wi-Fi.) To detect a captive portal, NetworkManager sends a request to a special test address (e.g. http://fedoraproject.org/static/hotspot.txt) and checks to see whether it the content has been replaced. If so, GNOME Shell will open a little WebKitGTK browser window to display http://nmcheck.gnome.org, which, due to the captive portal, will be hijacked by your hotel or airport or whatever to display the portal login page.

  • DevConf.CZ 2020

    Once again, DevConf.CZ, is our meeting-while-freezing winter conference in Brno. For this year I cooked up two talks: An hour-long talk about Portals during the first day of the conference. The room was almost full and the questions were very relevant. A few attendees met me after the talk seeking help to make their apps start using Portals and with ideas for new Portals. You can watch the recordings below: On the last conference day, I had a quick twenty minutes talk about GNOME Boxes in the virtualization track. The audience wasn’t our known faces from the desktop talks, so I got the chance to show Boxes for the first time for a bunch of people. I did a quick presentation with live demos and Q&A. It was a success IMHO. Check the recordings below:

  • GNOME's Mutter Working On Variable Refresh Rate Support (VRR / Adaptive-Sync / FreeSync)

    Sway's Wayland compositor recently added Variable Refresh Rate / Adaptive-Sync support to help avoid tearing and stuttering while now GNOME's Mutter is working on similar VRR support on the desktop. A work-in-progress patch series was posted over the weekend for adding variable refresh rate support into Mutter for X.Org and Wayland. This includes checking for VRR support from connected monitors using the DRM properties, support for activating VRR, and the ability to toggle the VRR support via a DBus API. The VRR support isn't advertised to Wayland clients at the moment for the lack of an upstream Wayland protocol around VRR.

Ubuntu Leftovers

  • Edge AI in a 5G world – part 1: How ‘smart cell towers’ will change our lives

    In part 1 we will talk about the industrial applications and benefits that 5G and fast compute at the edge in the form of ‘smart cell towers’ will bring to AI products. In part 2 we will go deeper into how you can benefit from this new opportunity. Part 3 will focus on the key technical barriers that 5G and Edge compute remove for AI applications. In part 4 we will summarise the IoT use cases that can benefit from smart cell towers and how they will help businesses focus their efforts on their key differentiating advantage.

  • Rigado cuts customers’ time-to-market with Ubuntu Core and AWS

    In the fast-paced world of IoT, being able to reduce time-to-market is a priority. Rigado’s core mission is to provide scalable and secure infrastructure for their customers’ commercial IoT deployments. It became clear to Rigado that, to achieve the ease of use it was looking for, it needed to redesign its gateway software – and containerisation emerged as the best way. After looking at a number of container options that involved a lot of moving parts, Rigado decided to turn to Ubuntu Core and snaps. Switching to Ubuntu Core has also enabled Rigado to take advantage of Ubuntu Amazon Machine Images (AMIs) to rapidly launch Ubuntu instances in AWS.

  • Ubuntu Weekly Newsletter Issue 624

    Welcome to the Ubuntu Weekly Newsletter, Issue 624 for the week of March 22 – 28, 2020.

  • Design and Web team summary – 30th March 2020

    Due to the rapidly developing Coronavirus (COVID-19) situation, the entire web team has transitioned to 100% remote for the foreseeable future. Canonical is well set up to remain productive but brings design challenges such as group sketching which we are testing and evaluating solutions.

Security Leftovers

  • Security updates for Tuesday

    Security updates have been issued by Debian (tinyproxy), Fedora (okular), Gentoo (ffmpeg, libxls, and qemu), openSUSE (GraphicsMagick), Red Hat (qemu-kvm-rhev), SUSE (cloud-init and spamassassin), and Ubuntu (bluez, libpam-krb5, linux-raspi2, linux-raspi2-5.3, and Timeshift).

  • Why Understanding CVEs Is Critical for Data Scientists

    CVEs are Common Vulnerabilities and Exposures found in software components. Because modern software is complex with its many layers, interdependencies, data input, and libraries, vulnerabilities tend to emerge over time. Ignoring a high CVE score can result in security breaches and unstable applications. Because data scientists work with vast stores of data, they need to take responsibility for the software components they use to minimize risk and protect customer data. A golden rule in security is, wherever valuable data can be found, hackers will go. Software developers refer to CVE databases and scores on a regular basis to minimize the risk of using vulnerable components (packages and binaries) in their applications or web pages. They also monitor for vulnerabilities in components they currently use. To reduce the risk of a security breach from open-source packages, data science teams need to take this page from the software developer’s playbook and apply it to their data science and machine learning pipeline.

  • pam-krb5 4.9

    This is a security release fixing a one-byte buffer overflow when relaying prompts from the underlying Kerberos library. All users of my pam-krb5 module should upgrade as soon as possible. See the security advisory for more information. There are also a couple more minor security improvements in this release: The module now rejects passwords as long or longer than PAM_MAX_RESP_SIZE (normally 512 octets) since they can be a denial of service attack via the Kerberos string-to-key function, and uses explicit_bzero where available to clear passwords before releasing memory.

  • rethinking openbsd security

    OpenBSD aims to be a secure operating system. In the past few months there were quite a few security errata, however. That’s not too unusual, but some of the recent ones were a bit special. One might even say bad. The OpenBSD approach to security has a few aspects, two of which might be avoiding errors and minimizing the risk of mistakes. Other people have other ideas about how to build secure systems. I think it’s worth examining whether the OpenBSD approach works, or if this is evidence that it’s doomed to failure.

today's howtos