Language Selection

English French German Italian Portuguese Spanish

About Tux Machines

Saturday, 04 Apr 20 - Tux Machines is a community-driven public service/news site which has been around for over a decade and a half and primarily focuses on GNU/LinuxSubscribe now Syndicate content

Search This Site

Quick Roundup

Type Title Author Replies Last Postsort icon
Story Graphics: Developing KWin Wayland, Mouse DPI, Mesa's RADV Vulkan Driver and More Roy Schestowitz 04/04/2020 - 10:49am
Story Fedora Community News Roy Schestowitz 04/04/2020 - 10:45am
Story today's howtos Roy Schestowitz 04/04/2020 - 10:42am
Story Mesa, Nano, Redis, Git Update in openSUSE Tumbleweed Roy Schestowitz 2 04/04/2020 - 10:32am
Story Sparky 5.11 Roy Schestowitz 04/04/2020 - 10:21am
Story Steam Survey Points To Tiny Uptick In Linux Percentage For March Roy Schestowitz 04/04/2020 - 10:19am
Story Python Programming Roy Schestowitz 04/04/2020 - 10:16am
Story Linux 5.7 Features Roy Schestowitz 9 04/04/2020 - 10:08am
Story Proprietary Stuff and Openwashing Roy Schestowitz 04/04/2020 - 7:58am
Story Android Leftovers Rianne Schestowitz 04/04/2020 - 7:43am

Graphics: Developing KWin Wayland, Mouse DPI, Mesa's RADV Vulkan Driver and More

Filed under
Graphics/Benchmarks
  • Developing KWin Wayland

    On the last few weeks I’ve been looking at KWin more closely than in the past. It’s definitely a special beast within KDE and I figured it could be useful to give some hints on how to develop and test it.

    When developing something, first step is always to compile and get the code installed and usable. It’s especially delicate because when we mess up our system becomes quite unusable so it needs to be done with care. To prevent major damage, we can probably try installing it into a separate prefix (See this blog post, change kate for kwin).
    Second step is to make sure that modifying the code will modify the behaviour you perceive. This is what we’ll focus on in this piece.

    Bear in mind most of the things I’m saying here are possibly obvious and not news, but it’s still good to have it written in case you feel like building on this (not fun to come up with) experience.

  • Peter Hutterer: High resolution wheel scrolling in the desktop stack

    This is a follow up from the kernel support for high-resolution wheel scrolling which you totally forgot about because it's already more then a year in the past and seriously, who has the attention span these days to remember this. Anyway, I finally found time and motivation to pick this up again and I started lining up the pieces like cans, for it only to be shot down by the commentary of strangers on the internet. The Wayland merge request lists the various pieces (libinput, wayland, weston, mutter, gtk and Xwayland) but for the impatient there's also an Fedora 32 COPR. For all you weirdos inexplicably not running the latest Fedora, well, you'll have to compile this yourself, just like I did.

    Let's recap: in v5.0 the kernel added new axes REL_WHEEL_HI_RES and REL_HWHEEL_HI_RES for all devices. On devices that actually support high-resolution wheel scrolling (Logitech and Microsoft mice, primarily) you'll get multiple hires events before the now-legacy REL_WHEEL events. On all other devices those two are in sync.

  • AMD ACO Backend Implements 8-bit / 16-bit Storage Capabilities - Needed For DOOM Eternal

    It's been another busy week for Mesa's RADV Vulkan driver with the Valve-backed ACO compiler back-end alternative to AMDGPU LLVM.

    ACO, which has been wildly popular with Radeon Linux gamers for offering quicker load times and often better overall performance, continues working quite well though isn't the default yet and has been missing some features in comparison to AMDGPU LLVM.

  • NIR Vectorization Lands In Mesa 20.1 For Big Intel Graphics Performance Boost

    The recently covered NIR vectorization pass ported from AMD's ACO back-end for improving the open-source Intel Linux graphics performance has landed now in Mesa 20.1.

    This vectorization pass for NIR came about last month and based on the AMD ACO optimization while with the Intel implementation benefits both OpenGL and Vulkan with this pass being at the NIR intermediate representation level.

Fedora Community News

Filed under
GNU
Linux
Red Hat
  • Fedora Council January 2020 in-person meeting

    The Fedora Council stuck around Brno the day after DevConf.CZ to have a day-long working session. This is part of our newly-adopted regular cadence of in-person meetings. We mostly used this day to follow up on some items from the November meeting, including the vision statement.

  • Fedora Join SIG 2019 retrospective

    There are five active members animating the SIG. One new contributor asked to join the SIG in 2019. And other people not formally part of the SIG but that welcome new people and hang around in the Telegram group, proposing new ideas and giving feedback on various topics.

    We get in touch with new people practically every day.

    The majority of newcomers get in touch via Telegram, someone via IRC and the fewer in the mailing list.

  • What’s new in the Fedora Security Lab?

    Unlike other security distributions is the Fedora Security Lab, speaking about the live media here, not standing alone. The Fedora Security Lab is a package set inside the Fedora Package Collection and a part of that package set is available as live media.

    Everything, I mean everything, that is present in this package set can be used on a regular Fedora installation (some parts are also available for EPEL). You don’t have to switch to a different distribution to perform a security test, an assessment or doing forensics, simple use your day-by-day system.

  • Making a git forge decision

    After evaluating over 300 user stories from multiple stakeholders, the Community Platform Engineering (CPE) team have aligned on a decision for the git forge that CPE will operate for the coming years. We are opting for GitLab for our dist git and project hosting and will continue to run pagure.io with community assistance.

    A lot of comments and concerns were raised about the suitability of GitHub as a forge of choice. The preference from all stakeholders (Fedora, CentOS, RHEL, CPE) is that GitHub is not a contender and not a preference. With that in mind, we have decided to not analyse it as an option and respect the wider wishes of our stakeholders. Therefore the rest of this analysis focuses on Pagure versus GitLab as our choice.

    Looking at the user story list, we have a picture of a standard set of practices that users expect to have from a git forge. The basics of storing code, accessing it, merging, forking and the traditional git workflow are satisfied by both gorges under investigation.

  • PHP version 7.3.17RC1 and 7.4.5RC1

    Release Candidate versions are available in testing repository for Fedora and Enterprise Linux (RHEL / CentOS) to allow more people to test them. They are available as Software Collections, for a parallel installation, perfect solution for such tests, and also as base packages.

  • editorconfig-geany available for Fedora via Copr

Mesa, Nano, Redis, Git Update in openSUSE Tumbleweed

Filed under
SUSE

Another four openSUSE Tumbleweed snapshots were released this week.

A notable package updated this week is a new major version of (gucharmap)[https://wiki.gnome.org/Apps/Gucharmap]. Plus several python package updates, nano, mesa, git and Xfce packages also had new minor updates.

The most recent snapshot, 202000331 is trending well with a stable rating of 99 on the Tumbleweed snapshot reviewer. The GNOME Character Map, gucharmap, updated to version 13.0.0, but no changelog was provided. An update for glib2 2.62.6 is expected to be the final release of the stable 2.62.x series; maintenance efforts will be shifted to the newer 2.64.x series. The updated glib2 package fixed SOCKS5 username/password authentication. The 2.34 binutils package added and removed a few patches. GTK3 3.24.16 fixed problems with clipboard handling and fixed a crash in the Wayland input method. The package for creating business diagrams, kdiagram 2.6.2 fixed printing issue. The Linux Kernel updated to 5.5.13. A handful of Advanced Linux Sound Architecture changes were made in the kernel update. The 5.6.x kernel is expected to be released in a Tumbleweed snapshot soon. The libstorage-ng 4.2.71 package simplified combining disks with different block sizes into RAID. The programming language vala 0.46.7 made verious improvements and bug fixes and properly set CodeNode.error when reporting an error. Several xfce4 packages were updated and xfce4-pulseaudio-plugin 0.4.3 fixed various memory leaks and warnings and xterm 353 was updated. The yast2-firewall 4.2.4 packaged was updated and forces a reset of the firewalld API instance after modifying the service state and yast2-storage-ng 4.2.104 extended and improved the Application Programming Interface to get udev names for a block device

The package to improve audio and video under Linux pipewire 0.3.1 switched the license to MIT and added fdupes BuildRequires and pass fdupes macro while removing duplicate files, which came in snapshot 20200326. The 1.1.9 spec-cleaner package drop travis and tox and now uses github actions. Several python arrived in this snapshot. Python-packaging 20.3 fixed a bug that caused a 32-bit OS that runs on a 64-bit ARM CPU (e.g. ARM-v8, aarch64), to report the wrong bitness and python-SQLAlchemy 1.3.15 fixed regression in 1.3.14. The Xfce file manager package, thunar 1.8.14 updated translations and reverted a bug that introduced a regression. The snapshot recorded a stable rating of 99.

Read more [Post apparently removed[

Also: openSUSE Tumbleweed – Review of the week 2020/14

Sparky 5.11

Filed under
Debian

A quarterly update point release of live/install media of Sparky 5.11 “Nibiru” of the stable line is out. This is a release based on Debian 10 “Buster”.

Changes:
– the base system upgraded from Debian stable repos as of March 1, 2020
– Linux kernel 4.19.98 LTS (PC)
– Linux kernel 4.19.97 LTS (ARMHF)
– added 9 new nature wallpapers captured by Aneta, Pavbaranov and me
– Sparky repository changed to the named “nibiru” (“stable” works as before); no need to manually change the repo; see also: https://sparkylinux.org/sparky-named-repos/
– Firefox 68.6.0 ESR
– Thunderbird 68.6.0
– LibreOffice 6.1.5

Read more

Steam Survey Points To Tiny Uptick In Linux Percentage For March

Filed under
Gaming

With the Steam Survey numbers out this week, the March 2020 statistics point to the Linux gaming marketshare ticking up by 0.04% to 0.87%. But in reality that is almost a rounding error and sticks to what we have largely been seeing in recent months of 0.8~0.9% for Linux gaming on Steam. Though even with the record number of users on Steam in March, it's good to see the Linux percentage didn't actually diminish -- at least according to the survey numbers.

Read more

Python Programming

Filed under
Development
  • Analysis of the progress of COVID-19 in the world with Data Science.

    All the data in this article was made with Data Scientis tools.

    Given the circumstances the planet is experiencing at the moment, we show below a series of results after implementing Data Science techniques to monitor the virus.
    For the following analyzes, the data from the Johns repositories were taken Hopkins University Center for Systems Science and Engineering (JHU CSSE).
    As it is public knowledge, the advance of the pandemic is a worldwidede concer, that is why I consider interesting to be able to make an analysis of certain countries.

    Therefore we can see in the following graph how the curve of confirmed infected persons in countries such as USA, Italy, France and Argentina advances from the beginning to today.

  • Introduction to the Python HTTP header

    You can create your own custom headers for the HTTP destination using the Python HTTP header plugin of syslog-ng and Python scripts. The included example configuration just adds a simple counter to the headers but with a bit of coding you can resolve authentication problems or fine tune how data is handled at cloud-based logging and SIEM platforms, like Sumologic.

  • Announcing a new Sponsorship Program for Python Packaging

    The Packaging Working Group of the Python Software Foundation is launching an all-new sponsorship program to sustain and improve Python's packaging ecosystem. Funds raised through this program will go directly towards improving the tools that your company uses every day and sustaining the continued operation of the Python Package Index.

  • Python String Concatenation

    String concatenation means creating a new string by combining two or more string values. Many built-in methods and ‘+’ operator are used to combine string values in many programming languages. ‘+’ operator is also used in python to combine string values but it works differently than other scripting languages. In JavaScript, when a string value combines with the number value then the number value will convert automatically into the string and combines with the other string value. But if you do the same task in Python then it will generate an error because Python can’t convert the number into string automatically. Many other ways exist in Python to combine string values. This article shows how you can do string concatenation in Python in different ways. Here, spyder3 editor is used for writing and executing the scripts of this article.

  • Python String Replacement using Pattern

    Any string data can be replaced with another string in Python by using the replace() method. But if you want to replace any part of the string by matching a specific pattern then you have to use a regular expression. It is used to search a specific pattern in a particular string value and the string will be replaced with another string if any match found. Python uses ‘re’ module to use regular expression pattern in the script for searching or matching or replacing. Using regular expression patterns for string replacement is a little bit slower than normal replace() method but many complicated searches and replace can be done easily by using the pattern. You can replace a string in various ways using the pattern in Python. Some common uses of pattern to replace string are shown in this tutorial. Spyder3 editor is used here to write and run the script.

  • Python String startswith and endswith

    Sometimes we need to check the starting or the ending part of any string for the programming purpose. There are two built-in methods in Python to do the task. These are startswith() and endswith() methods. If any string starts with a given prefix then startswith() method will return true otherwise returns false and if any string ending with a given suffix then endswith() method will return true otherwise returns false. How these methods work and use in Python are shown in this tutorial. Spyder3 editor is used here to write and run the python script.

  • Examples are Awesome

    There are two things I look for whenever I check out an Opensource project or library that I want to use.

    1. Screenshots (A picture is worth a thousand words).

    2. Examples (Don't tell me what to do, show me how to do it).

    Having a fully working example (or many examples) helps me shape my thought process.

  • App Assisted Contact Tracing

    I don't know how I thought the world would look like 10 years ago, but a pandemic that prevents us from going outside was not what I was picturing. It's about three weeks now that I and my family are spending at home in Austria instead of going to work or having the kids at daycare, two of those weeks were under mandatory social distancing because of SARS-CoV-2.

    And as cute as social distancing and “flattening the curve” sounds at first, the consequences to our daily lives are beyond anything I could have imagined would happen in my lifetime.

    What is still conveniently forgotten is that the curve really only stays flat if we're doing this for a very, very long time. And quite frankly, I'm not sure for how long our society will be able to do this. Even just closing restaurants is costing tens of thousands of jobs and closing schools is going to set back the lives of many children growing up. Many people are currently separated from their loved ones with no easy way to get to them because international travel grinded to a halt.

Proprietary Stuff and Openwashing

Filed under
Software
  • Federal, State, and Local Law Enforcement Warn Against Teleconferencing [Cracking] During Coronavirus Pandemic

    Western District of Michigan U.S. Attorney Andrew Birge advised video conference users: “Whether you run a business, a law enforcement meeting, a classroom or you just want to video chat with family, you need to be aware that your video conference may not be secure and information you share may be compromised. Be careful. If you do get [attacked], call us.”

  • Zoom CEO says company reached 200 million daily users in March

    In order to address the company’s problems, Yuan detailed steps taken including removing Facebook’s software development kit to stop the collection of unnecessary user data, updating Zoom’s privacy policy to be more transparent, giving tips to users to prevent Zoom bombings and offering more specific programs for classes on Zoom.

  • Update: Zoom issues fix for UNC vulnerability that lets [attackers] steal Windows credentials via chat

    All an attacker needs to do is to send a link to another user and convince them to click it, for the attack to commence. Though the Windows password is still encrypted, the hack claims it can be easily decrypted by third-party tools if the password is a weak one.

  • Thousands of Zoom recordings exposed because of the way Zoom names recordings

    Thousands of Zoom cloud recordings have been exposed on the web because of the way Zoom names its recordings, according to a report by The Washington Post. The recordings are apparently named in “an identical way” and many have been posted onto unprotected Amazon Web Services (AWS) buckets, making it possible to find them through an online search.

    One search engine that can look through cloud storage space turned up more than 15,000 Zoom recordings, according to The Washington Post. “Thousands” of clips have apparently also been uploaded to YouTube and Vimeo. The Washington Post said it was able to view recordings of therapy sessions, orientations, business meetings, elementary school classes, and more.

  • Move Fast & Roll Your Own Crypto

    Zoom documentation claims that the app uses “AES-256” encryption for meetings where possible. However, we find that in each Zoom meeting, a single AES-128 key is used in ECB mode by all participants to encrypt and decrypt audio and video. The use of ECB mode is not recommended because patterns present in the plaintext are preserved during encryption.

    The AES-128 keys, which we verified are sufficient to decrypt Zoom packets intercepted in Internet traffic, appear to be generated by Zoom servers, and in some cases, are delivered to participants in a Zoom meeting through servers in China, even when all meeting participants, and the Zoom subscriber’s company, are outside of China.

    Zoom, a Silicon Valley-based company, appears to own three companies in China through which at least 700 employees are paid to develop Zoom’s software. This arrangement is ostensibly an effort at labor arbitrage: Zoom can avoid paying US wages while selling to US customers, thus increasing their profit margin. However, this arrangement may make Zoom responsive to pressure from Chinese authorities.

  • ‘Zoombombing’ is a federal offense that could result in imprisonment, prosecutors warn

    Federal prosecutors are now warning pranksters and [attackers] of the potential legal implications of “Zoombombing,” wherein someone successfully invades a public or sometimes even private meeting over the videoconferencing platform to broadcast shock videos, pornography, or other disruptive content.

    The warning was posted as a press released to the Department of Justice’s website under the US Attorney’s office for the state’s Eastern district with support from the state attorney general and the FBI.

  • [Attackers] are targeting your kids to infect Android and Chromebook devices with malware

    Hide your kids; hide your wives. Security investigators from Check Point Research discovered 56 malware-infected Google Play apps. Before Google had a chance to pull them down, users already downloaded the apps one million times; 24 of those apps, Check Point Research discovered, targeted children.

    The study -- spearheaded by Israel Wernik, Danil Golubenko , Aviran Hazum -- found that the Google Play Store-based apps were poisoned with Tekya, which is a form of adware. The goal of Tekya, Hazum told Laptop Mag, is to commit mobile-ad fraud.

  • Apparently Microsoft’s Claim of 775 Percent Surge in Cloud Services Wasn’t Really Accurate

    The company has now made a correction, saying that the 775 percent increase was experienced by Microsoft Teams, not all of the cloud offerings, which isn't as surprising since the video calling app generated over 900 million meeting and calling minutes daily in a one-week period alone.

    As it turns out the figure also only came from Microsoft Teams' users in Italy, where millions of people were put under lockdown. The corrected statement now reads: [...]

  • Zoom isn’t actually end-to-end encrypted

    Zoom does use TLS encryption, the same standard that web browsers use to secure HTTPS websites. In practice, that means that data is encrypted between you and Zoom’s servers, similar to Gmail or Facebook content. But the term end-to-end encryption typically refers to protecting content between the users entirely with no company access at all, similar to Signal or WhatsApp. Zoom does not offer that level of encryption, making the use of “end-to-end” highly misleading.

  • Zoom Calls Are Not End-to-End Encrypted Contrary to Claims

    What this means it that Zoom can access the video feed of your meetings. The company did confirm that it does not “directly access, mine, or sell user data.”

    Zoom offers an option where a meeting can only be hosted with mandatory encryption for third-party endpoints. However, when contacted, the company clarified that it is currently not possible to hold E2E video meetings using Zoom.

  • Zoom’s sudden spike in popularity is revealing its privacy (and porn) problems

    With its vaguely worded privacy policies and misleading marketing materials, Zoom’s real overarching issue seems to be a lack of transparency. Combine that with an apparent lack of forethought about how video meetings with insufficient privacy protections — both on the back and the front end — could be exploited by [attackers] or trolls. This entire scenario becomes especially problematic considering the growing number of students that Zoom eagerly recruits for the platform. It all seems like a bad publicity time bomb that went off as soon as Zoom became an essential piece of pandemic software and people started really looking more closely at how the service worked.

  • Dark Sky Has a New Home

    Android and Wear OS App

    The app will no longer be available for download. Service to existing users and subscribers will continue until July 1, 2020, at which point the app will be shut down. Subscribers who are still active at that time will receive a refund.

    Website

    Weather forecasts, maps, and embeds will continue until July 1, 2020. The website will remain active beyond that time in support of API and iOS App customers.

  • Microsoft’s Skype struggles have created a Zoom moment

    The transition lasted years, and resulted in calls, messages, and notifications repeating on multiple devices. Skype became unreliable, at a time when rivals were continuing to offer solid alternatives that incorporated messaging functionality that actually worked and synced across devices. Instead of quickly fixing the underlying issues, Microsoft spent years trying to redesign Skype. This led to a lethal combination of an unreliable product with a user experience that changed on a monthly basis.

  • ‘War Dialing’ Tool Exposes Zoom’s Password Problems

    Lo said a single instance of zWarDial can find approximately 100 meetings per hour, but that multiple instances of the tool running in parallel could probably discover most of the open Zoom meetings on any given day. Each instance, he said, has a success rate of approximately 14 percent, meaning for each random meeting number it tries, the program has a 14 percent chance of finding an open meeting.

    Only meetings that are protected by a password are undetectable by zWarDial, Lo said.

  • Open Source Moves From Rebel to Mainstream

    That shift has its critics. “The degree in which corporations knowingly and openly use open source has grown,” says Karl Fogel, a developer and open-source advocate. Still, some open-source developers feel that although these businesses build a lot of value on top of their work, they’re not seeing “enough of it flowing back to them,” Fogel says.

    But the narrative of a noncommercial open source being colonized by the corporate world also has its flaws, cautions Fogel. Open source has always been commercial to a certain degree. Even in the more radical currents of the movement, where the term “free software” is preferred over open source, making money isn’t necessarily shunned. Richard Stallman, one of the movement’s pioneers, famously said that the “free” in “free software” should be taken as “free speech, not free beer.” All the talk about freedom and digital self-ownership doesn’t preclude making money.

  • HPE announces new open source programme to simplify 5G rollout

    Hewlett Packard Enterprise (HPE) today announced the Open Distributed Infrastructure Management initiative, a new open source programme that will simplify the management of large-scale geographically distributed physical infrastructure deployments. In addition, HPE will introduce an enterprise offering, the HPE Open Distributed Infrastructure Management Resource Aggregator that is aligned with the initiative.

    Open Distributed Infrastructure Management helps resolve the complexity that telcos face in rolling out 5G networks across thousands of sites equipped with IT infrastructure from multiple vendors and different generations of technology. This new initiative underlines HPE’s continued leadership in open 5G technologies and commitment to accelerating industry alignment through open source innovation.

Security Leftovers

Filed under
Security
  • Browser makers cite coronavirus, restore support for obsolete TLS 1.0 and 1.1 encryption

    By common agreement, Google's Chrome, Microsoft's Internet Explorer (IE) and Edge, and Mozilla's Firefox were to disable support for TLS 1.0 and 1.1 early in 2020. They, along with Apple - which produces Safari - announced the move a year and a half ago, noting then that the protocols had been made obsolete by TLS 1.2 and 1.3.

    Apple, Google and Mozilla had committed to dropping support in March 2020, while Microsoft had only promised to purge TLS 1.0 and 1.1 sometime during the first half of this year.

    But it was Microsoft that was most detailed about the TLS turnabout. "In light of current global circumstances, we will be postponing this planned change - originally scheduled for the first half of 2020," Karl Pflug, of the Edge developer experience team, wrote in a post to a company blog.

  • Security updates for Friday

    Security updates have been issued by Debian (mediawiki and qbittorrent), Gentoo (gnutls), Mageia (bluez, kernel, python-yaml, varnish, and weechat), Oracle (haproxy and nodejs:12), SUSE (exiv2, haproxy, libpng12, mgetty, and python3), and Ubuntu (libgd2).

  • Google Squashes High-Severity Flaws in Chrome Browser

    Do you use Google Chrome as your web browser? Google has patched high-security vulnerabilities in its Chrome browser, and is rolling out the newest Chrome browser version in the coming days.

    [...]

    As is typical for Chrome updates, Google is initially scant in details of the bugs “until a majority of users are updated with a fix.” It did outline three of the vulnerabilities that were discovered by external researchers, however.

    These included two high-severity vulnerabilities the WebAudio component of Chrome (CVE-2020-6450 and CVE-2020-6451). The WebAudio component is used for processing and synthesizing audio in web applications.

    The flaws tied to CVE-2020-6450 and CVE-2020-6451 are both use-after-free flaws. Use after free is a memory corruption flaw where an attempt is made to access memory after it has been freed. This can cause an array of malicious impacts, from causing a program to crash, to potentially leading to execution of arbitrary code.

  • How YubiKey Bio could make remote security concerns a thing of the past

    The bottom line is, your office brings a level of built-in security that’s not as readily available at home. Even if your Wi-Fi is WPA2-encrypted with a strong password, the security on your PC and personal accounts likely pales in comparison to the firewalls and intranets inside your office. “This is the perfect scenario for an attacker to thrive in and opens opportunities for social engineering and phishing attacks––making it imperative for businesses to develop a contingency plan that includes securing remote workers,” said Appenzeller. “Enabling multi-factor authentication wherever possible is one of the best ways to protect a remote team and should be a top requirement for a work-from-home policy.”

Ubuntu/Canonical: The State of Robotics and Buzzwords

Filed under
Ubuntu
  • The State of Robotics – March 2020

    Damn it March. 2020 was doing so well. The biggest news last month was the dramatic escalation of COVID-19. We won’t go into any detail, I’m sure you’re seeing enough of that. But due to the outbreak, the state of robotics this March has been, heartwarming. We have seen a surge in online learning platforms, companies, startups and communities rising to the challenge. Members of open-source communities across the world are doing great things, with and without robotics, to support whoever they can. In this blog, we first want to highlight at a few responses to COVID-19 using robotics. And then it’s back to usual programming, highlighting robotics work and projects we have seen or done in March. If we have missed something in particular, please reach out to robotics.community@canonical.com and let us know.

  • Edge AI in a 5G world – part 3: Why ‘smart cell towers’ matter to AI

    In part 1 we talked about the industrial applications and benefits that 5G and fast compute at the edge will bring to AI products. In part 2 we went deeper into how you can benefit from this new opportunity. In this part we will focus on the key technical barriers that 5G and Edge compute remove for AI applications.

  • Edge AI in a 5G world – part 4: How your business can benefit from ‘smart cell towers’

    In part 1 we talked about the industrial applications and benefits that 5G and fast compute at the edge will bring to AI products. In part 2 we went deeper into how you can benefit from this new opportunity. In part 3 we focused on the key technical barriers that 5G and Edge compute remove for AI applications. In this part we will summarise the IoT use cases that can benefit from smart cell towers and how they will help businesses focus their efforts on their key differentiating advantage.

How to Upgrade to Ubuntu 20.04 From Ubuntu 18.04 and 19.10

Filed under
Ubuntu

Here are the steps for you to Upgrade to Ubuntu 20.04 From Ubuntu 18.04 and 19.10.
Read more

Ubuntu 20.04 LTS Beta is Available. Download Now.

Filed under
Ubuntu

The beta release of Ubuntu 20.04 LTS is here and it is available for download immediately. The final release is planned on Apr 23, 2020, and this beta release gives early adopters, testers a quick preview on what to expect on the final product.
Read more

The cataloging of free software

Filed under
GNU

The Free Software Directory is a collaborative catalog of software aimed to be the primary source for representing all free software. Each free program has its own page in the Directory from which it is possible to study the evolution it has undergone in both technological and legal terms through a chronological system similar to that of Wikipedia. Each catalogued program is distinguished by one or more aliases, and accompanied by a huge amount of information, which goes beyond the pure needs of the end user. Snapshots of the graphic interface, detailed descriptions, change logs, links to social pages, and lists of licenses and dependencies are examples of all the useful information which can be carefully attached by users to each page.

Everyone can freely subscribe to the Directory and create new pages, but only the pages reviewed and approved by administrators become visible and indexable. Administrative approvals are always made according to strict rules aimed at preventing the spread of proprietary content. As on Wikipedia, each user can have a self-approved personal page, where they can define their identity and discuss with other users. Users can also include sub-pages on which to publish their thematic articles, and any tools useful for the daily life of the Directory. User access rights are assigned to active users, and all those who demonstrate that they have the necessary technical skills and wish to devote themselves daily to the care of the pages have a chance to be welcomed onto the staff. This serene and flexible organization, based on bonds of trust built on facts and adherence to well-defined common ideals, guarantees that the technological and social development produced by the project is gradual but unstoppable. Thus, any investment of time by volunteers is amply repaid.

The project has proved to be a clear success, so much that over the years it has received funding from UNESCO, and is still supported by the Free Software Foundation. The portal boasts the participation of more than 3,000 users from all over the world. Since its creation, it has accumulated more than 80,000 verified and recorded revisions for posterity in the chronology of the MediaWiki pages, all of which are dedicated to facilitating the essential freedoms in more than 16,000 free programs.

The portal's ability to adapt and survive was possible not only because of the technical creativity of the staff, but also by the solid ideal at its base. By guaranteeing maximum visibility to free software, it has thus rewarded developers who freely employ their knowledge for the good of humanity. The transition to free licenses is indeed a moral duty of every developer, and the Free Software Directory is deployed at the forefront to facilitate it with great benefit to the world's cultural heritage.

Read more

Software: Remote Working, Cockpit, YouTube Tools and Sparky Upgrade

Filed under
Software
  • FSFE Supporters write about Free Software for remote working

    Due to the ongoing Covid-19 virus outbreak many employees - voluntarily or mandatory - are working remotely now. Many organisations who have not been used to remote working so far now face a number of difficulties adapting to the situation. To avoid potential lock-ins, some FSFE supporters collectively wrote about the good reasons to use Free Software for remote working and collected a detailed list of practical solutions in our wiki.

    Because of the ongoing Covid-19 virus outbreak many organisations who never previously directed any strategic thought towards the available solutions for remote working in their business now opt for a quick solution and choose to follow the - in the beginning often free of charge - offerings from big tech companies and their proprietary solutions. However, such proprietary solutions lock-in these organisations in the future.

    Choosing a Free Software solution instead means to opt for a solution that has a future, where your organization no longer depends on a particular vendor or file format or whichever other means those vendors choose to lock you in. Free Software puts you in control.

  • Cockpit 216

    Cockpit is the modern Linux admin interface. We release regularly. Here are the release notes from version 216.

  • Excellent Console-Based YouTube Tools

    YouTube is a video-sharing website, created in February 2005, and purchased by Google in November 2006. The web service lets billions of people find, watch, and share originally-created videos. This service lets you watch a wide variety of user-generated and corporate media video. It also offers a forum for people to communicate with others around the world, and acts as a distribution platform. Mainstream media corporations such as CBS, Vevo, Hulu and the BBC publish some of their catalog via YouTube, as part of the YouTube partnership program.

    Although some parents might disagree, YouTube is one of the shining lights of the internet. According to a survey of 1,500 American teenagers commissioned by Variety, the top five most influential celebrities are YouTube stars, with mainstream celebs eclipsed. Moreover, there are many thousands of “YouTube celebs” who have spun a full-time career of creating videos. This new wave of young ‘YouTubers’ threaten mainstream entertainment with their direct video blogs and interaction with their millions of mostly teenage devotees.

  • Sparky Upgrade text tool

    There is a tool available for Sparkers, which lets you make full system upgrade in a text mode via just one command: Sparky Upgrade.

New Screencasts: Ubuntu 20.04 Beta, Kubuntu 20.04 Beta and Nitrux 1.2.7

Filed under
GNU
Linux

Audiocasts/Shows: Storage Stories, Daniel Foré, Linux Headlines, Open Source Security Podcast and LHS

Filed under
GNU
Linux
  • Storage Stories | TechSNAP 426

    We take a look at Cloudflare’s impressive Linux disk encryption speed-ups, and explore how zoned storage tools like dm-zoned and zonefs might help mitigate the downsides of Shingled Magnetic Recording.

    Plus we celebrate WireGuard’s inclusion in the Linux 5.6 kernel, and fight some exFAT FUD.

  • Brunch with Brent: Daniel Foré | Jupiter Extras 68

    Brent sits down with Daniel Foré, founder of elementary OS and co-host of User Error. We explore his early years in design and software, formative aspects of Ubuntu and Gentoo, the philosophies and history of elementary OS, and more.

  • 2020-04-03 | Linux Headlines

    Outreachy receives the second Open Source Community Grant from IBM, the LLVM project adds mitigations for Load Value Injection attacks, more bad news for the Linux-based Atari VCS console, and the Python Software Foundation seeks recurring sponsorships to support its software repository.

  • Open Source Security Podcast: Episode 189 - Video game hackers - speedrunning

    Josh and Kurt talk about video games and hacking. Specifically how speed runners are really just video game hackers.

  • LHS Episode #336: The Weekender XLV

    It's time once again for The Weekender. This is our bi-weekly departure into the world of amateur radio contests, open source conventions, special events, listener challenges, hedonism and just plain fun. Thanks for listening and, if you happen to get a chance, feel free to call us or e-mail and send us some feedback. Tell us how we're doing. We'd love to hear from you.

Programming: POCL 1.5, Remote Technical Work, LLVM and Ada++

Filed under
Development
  • pocl v1.5 released

    A more detailed changelog here.

    Please note that there's an official pocl maintenance policy in place. This text describes the policy and how you can get your favourite project that uses OpenCL to remain regression free in the future pocl releases.

  • POCL 1.5 Released With Performance Improvements, Fixes For OpenCL On CPUs

    POCL 1.5 has been released as the "Portable CL" implementation for running OpenCL on CPUs and other devices with LLVM back-ends.

    The POCL project lets OpenCL 1.2~2.0 run over CPU back-ends as well as for running OpenCL on NVIDIA GPUs over CUDA, on AMD GPUs via HSA, and other accelerator targets that have LLVM back-end coverage.

  • How to work from home like a pro

    Across the globe, businesses are transitioning to remote work. While remote work or "working from home" has been an overall growing trend, the recent push to transition has been driven by the COVID-19 response; organizations are asking staff to work from home to help limit the spread of the Coronavirus.

    If you are like many of your peers, you may quite suddenly find yourself working from home. How can you remain productive at home when you're used to going into an office?

    A year ago, I launched my own business as a consultant. When I'm not working with a client, I'm working from my home, and during that time, I've learned a thing or two about how to be most effective. I'd like to share a few of those tips here.

  • LLVM Lands Performance-Hitting Mitigation For Intel LVI Vulnerability

    Made public in March was the Load Value Injection (LVI) attack affecting Intel CPUs with SGX capabilities. LVI combines Spectre-style code gadgets with Meltdown-type illegal data flows to bypass existing defenses and allow injecting data into a victim's transient execution. While mitigations on the GNU side quickly landed, the LLVM compiler mitigations were just merged today.

    Intel quickly provided LVI mitigations for the GNU Assembler as new opt-in flags. These assembler mitigations end up introducing many more load fences (LFENCE) to mitigate and cause quite some performance hits but is not enabled by default.

    Intel and other developers in the LLVM community have been working on their respective mitigations for LVI. In fact, a Google engineer proposed a new "SESES" technique for helping address LVI and speculative execution in general. But with Google's own benchmark that only left 7% the original performance (as in down 93%) for the company's BoringSSL workload as their internal fork of OpenSSL.

  • Ada++ Wants To Make The Ada Programming Language More Accessible

    Ada is a beautiful programming language when it comes to code safety with it continuing to be used by aircraft and other safety critical systems. There is now Ada++ as an unofficial fork of the language focused on making the language more accessible and friendlier in an era of the likes of Rust and Golang attracting much interest.

    Ada++ allows for curly braces in place of begin/end keywords, new types like Int_32 / Int_64 / Char_8 / Bool, allow pragmas to be set with a leading # or :, supporting the ++ operator, a raise when construct, and other changes in discussion.

    Ada++ is currently implemented as a forked version of GCC with its Ada front-end being modified but there is talk of a possible LLVM front-end in the future.

Mozilla: WebAssembly, 74.0.1 Firefox Release, VR and DMs

Filed under
Moz/FF
  • Andy Wingo: multi-value webassembly in firefox: from 1 to n

    Greetings, hackers! Today I'd like to write about something I worked on recently: implementation of the multi-value future feature of WebAssembly in Firefox, as sponsored by Bloomberg.

    In the "minimum viable product" version of WebAssembly published in 2018, there were a few artificial restrictions placed on the language. Functions could only return a single value; if a function would naturally return two values, it would have to return at least one of them by writing to memory. Loops couldn't take parameters; any loop state variables had to be stored to and loaded from indexed local variables at each iteration. Similarly, any block that would naturally return more than one result would also have to do so via locals.

    This restruction is lifted with the multi-value proposal. Function types now map from result type to result type, where a result type is a sequence of value types. That is to say, just as functions can take multiple arguments, they can return multiple results. Similarly, with the multi-value proposal, block types are now the same as function types: loops and blocks can take arguments and return any number of results. This change improves the expressiveness of WebAssembly as a compilation target; a C++ program compiled to multi-value WebAssembly can be encoded in fewer bytes than before. Multi-value also establishes a base for other language extensions. For example, the exception handling proposal builds on multi-value to pass multiple values to catch blocks.

  • 74.0.1 Firefox Release

    Version 74.0.1, first offered to Release channel users on April 3, 2020

  • Firefox 74.0.1

    Firefox 74.0.1 has been released with two security fixes. CVE-2020-6819 is a use-after-free when running the nsDocShell destructor and CVE-2020-6820 is a use-after-free when handling a ReadableStream. In both cases there have been targeted attacks in the wild abusing these flaws. These issues have also been fixed in Firefox ESR 68.6.1.

  • Creating VR Worlds and Teaching Class with Mozilla Hubs

    With so many people stuck at home, self-isolating, because of the COVID-19 pandemic, people in every walk of life, including educators, are looking for novel ways to reach out to their audience. For teachers, that means students in classes that are now empty. How best to create and present content to students scattered in their various homes? Virtual reality (VR) presents an interesting way to scratch every itch, from the social, to the visual, to the need for 'being there'. It's also a great way to explore new and interesting ways to share information with students. #teachers #virtualreality #covid19

  • Twitter Direct Message Caching and Firefox

    Twitter is telling its users that their personal direct messages might be stored in Firefox’s web cache.

    This problem affects anyone who uses Twitter on Firefox from a shared computer account. Those users should clear their cache.

    This post explains how this problem occurred, what the implications are for those people who might be affected, and how problems of this nature might be avoided in future. To get there, we need to dig a little into how web caching works.

  • Twitter Data Cache on Mozilla Firefox

    We recently learned that the way Mozilla Firefox stores cached data may have resulted in non-public information being inadvertently stored in the browser's cache. This means that if you accessed Twitter from a shared or public computer via Mozilla Firefox and took actions like downloading your Twitter data archive or sending or receiving media via Direct Message, this information may have been stored in the browser’s cache even after you logged out of Twitter. The Mozilla Firefox browser’s cache retention period is set to 7 days and after that time the information should have automatically been removed from the cache. This issue did not impact people using other browsers like Safari or Chrome.

  • What you need to know about Twitter on Firefox

    Yesterday Twitter announced that for Firefox users data such as direct messages (DMs) might be left sitting on their computers even if they logged out. In this post I’ll try to help sort out what’s going on here.

    First, it’s important to understand the risk: what we’re talking about is “cached” data. All web browsers store local copies of data they get from servers so that they can avoid downloading the same data over the internet repeatedly. This makes a huge performance difference because websites are full of large files that change infrequently. Ordinarily this is what you want, but if you share a computer with other people, then they might be able to see that cached data, even if you have logged out of Twitter. It’s important to know that this data is just stored locally, so if you don’t share a computer this isn’t a problem for you. If you do share a computer, you can make sure all of your Twitter data is deleted by following the instructions here. If you do nothing, the data will be automatically deleted after 7 days the next time you run Firefox.

Syndicate content

More in Tux Machines

Mesa, Nano, Redis, Git Update in openSUSE Tumbleweed

Another four openSUSE Tumbleweed snapshots were released this week. A notable package updated this week is a new major version of (gucharmap)[https://wiki.gnome.org/Apps/Gucharmap]. Plus several python package updates, nano, mesa, git and Xfce packages also had new minor updates. The most recent snapshot, 202000331 is trending well with a stable rating of 99 on the Tumbleweed snapshot reviewer. The GNOME Character Map, gucharmap, updated to version 13.0.0, but no changelog was provided. An update for glib2 2.62.6 is expected to be the final release of the stable 2.62.x series; maintenance efforts will be shifted to the newer 2.64.x series. The updated glib2 package fixed SOCKS5 username/password authentication. The 2.34 binutils package added and removed a few patches. GTK3 3.24.16 fixed problems with clipboard handling and fixed a crash in the Wayland input method. The package for creating business diagrams, kdiagram 2.6.2 fixed printing issue. The Linux Kernel updated to 5.5.13. A handful of Advanced Linux Sound Architecture changes were made in the kernel update. The 5.6.x kernel is expected to be released in a Tumbleweed snapshot soon. The libstorage-ng 4.2.71 package simplified combining disks with different block sizes into RAID. The programming language vala 0.46.7 made verious improvements and bug fixes and properly set CodeNode.error when reporting an error. Several xfce4 packages were updated and xfce4-pulseaudio-plugin 0.4.3 fixed various memory leaks and warnings and xterm 353 was updated. The yast2-firewall 4.2.4 packaged was updated and forces a reset of the firewalld API instance after modifying the service state and yast2-storage-ng 4.2.104 extended and improved the Application Programming Interface to get udev names for a block device The package to improve audio and video under Linux pipewire 0.3.1 switched the license to MIT and added fdupes BuildRequires and pass fdupes macro while removing duplicate files, which came in snapshot 20200326. The 1.1.9 spec-cleaner package drop travis and tox and now uses github actions. Several python arrived in this snapshot. Python-packaging 20.3 fixed a bug that caused a 32-bit OS that runs on a 64-bit ARM CPU (e.g. ARM-v8, aarch64), to report the wrong bitness and python-SQLAlchemy 1.3.15 fixed regression in 1.3.14. The Xfce file manager package, thunar 1.8.14 updated translations and reverted a bug that introduced a regression. The snapshot recorded a stable rating of 99. Read more [Post apparently removed[ Also: openSUSE Tumbleweed – Review of the week 2020/14

Sparky 5.11

A quarterly update point release of live/install media of Sparky 5.11 “Nibiru” of the stable line is out. This is a release based on Debian 10 “Buster”. Changes: – the base system upgraded from Debian stable repos as of March 1, 2020 – Linux kernel 4.19.98 LTS (PC) – Linux kernel 4.19.97 LTS (ARMHF) – added 9 new nature wallpapers captured by Aneta, Pavbaranov and me – Sparky repository changed to the named “nibiru” (“stable” works as before); no need to manually change the repo; see also: https://sparkylinux.org/sparky-named-repos/ – Firefox 68.6.0 ESR – Thunderbird 68.6.0 – LibreOffice 6.1.5 Read more

Steam Survey Points To Tiny Uptick In Linux Percentage For March

With the Steam Survey numbers out this week, the March 2020 statistics point to the Linux gaming marketshare ticking up by 0.04% to 0.87%. But in reality that is almost a rounding error and sticks to what we have largely been seeing in recent months of 0.8~0.9% for Linux gaming on Steam. Though even with the record number of users on Steam in March, it's good to see the Linux percentage didn't actually diminish -- at least according to the survey numbers. Read more

Python Programming

  • Analysis of the progress of COVID-19 in the world with Data Science.

    All the data in this article was made with Data Scientis tools. Given the circumstances the planet is experiencing at the moment, we show below a series of results after implementing Data Science techniques to monitor the virus. For the following analyzes, the data from the Johns repositories were taken Hopkins University Center for Systems Science and Engineering (JHU CSSE). As it is public knowledge, the advance of the pandemic is a worldwidede concer, that is why I consider interesting to be able to make an analysis of certain countries. Therefore we can see in the following graph how the curve of confirmed infected persons in countries such as USA, Italy, France and Argentina advances from the beginning to today.

  • Introduction to the Python HTTP header

    You can create your own custom headers for the HTTP destination using the Python HTTP header plugin of syslog-ng and Python scripts. The included example configuration just adds a simple counter to the headers but with a bit of coding you can resolve authentication problems or fine tune how data is handled at cloud-based logging and SIEM platforms, like Sumologic.

  • Announcing a new Sponsorship Program for Python Packaging

    The Packaging Working Group of the Python Software Foundation is launching an all-new sponsorship program to sustain and improve Python's packaging ecosystem. Funds raised through this program will go directly towards improving the tools that your company uses every day and sustaining the continued operation of the Python Package Index.

  • Python String Concatenation

    String concatenation means creating a new string by combining two or more string values. Many built-in methods and ‘+’ operator are used to combine string values in many programming languages. ‘+’ operator is also used in python to combine string values but it works differently than other scripting languages. In JavaScript, when a string value combines with the number value then the number value will convert automatically into the string and combines with the other string value. But if you do the same task in Python then it will generate an error because Python can’t convert the number into string automatically. Many other ways exist in Python to combine string values. This article shows how you can do string concatenation in Python in different ways. Here, spyder3 editor is used for writing and executing the scripts of this article.

  • Python String Replacement using Pattern

    Any string data can be replaced with another string in Python by using the replace() method. But if you want to replace any part of the string by matching a specific pattern then you have to use a regular expression. It is used to search a specific pattern in a particular string value and the string will be replaced with another string if any match found. Python uses ‘re’ module to use regular expression pattern in the script for searching or matching or replacing. Using regular expression patterns for string replacement is a little bit slower than normal replace() method but many complicated searches and replace can be done easily by using the pattern. You can replace a string in various ways using the pattern in Python. Some common uses of pattern to replace string are shown in this tutorial. Spyder3 editor is used here to write and run the script.

  • Python String startswith and endswith

    Sometimes we need to check the starting or the ending part of any string for the programming purpose. There are two built-in methods in Python to do the task. These are startswith() and endswith() methods. If any string starts with a given prefix then startswith() method will return true otherwise returns false and if any string ending with a given suffix then endswith() method will return true otherwise returns false. How these methods work and use in Python are shown in this tutorial. Spyder3 editor is used here to write and run the python script.

  • Examples are Awesome

    There are two things I look for whenever I check out an Opensource project or library that I want to use. 1. Screenshots (A picture is worth a thousand words). 2. Examples (Don't tell me what to do, show me how to do it). Having a fully working example (or many examples) helps me shape my thought process.

  • App Assisted Contact Tracing

    I don't know how I thought the world would look like 10 years ago, but a pandemic that prevents us from going outside was not what I was picturing. It's about three weeks now that I and my family are spending at home in Austria instead of going to work or having the kids at daycare, two of those weeks were under mandatory social distancing because of SARS-CoV-2. And as cute as social distancing and “flattening the curve” sounds at first, the consequences to our daily lives are beyond anything I could have imagined would happen in my lifetime. What is still conveniently forgotten is that the curve really only stays flat if we're doing this for a very, very long time. And quite frankly, I'm not sure for how long our society will be able to do this. Even just closing restaurants is costing tens of thousands of jobs and closing schools is going to set back the lives of many children growing up. Many people are currently separated from their loved ones with no easy way to get to them because international travel grinded to a halt.