Skip to main content

Linux News

Audacity's New Version 2.3.1 Restores Linux Support, NVIDIA Is Acquiring Mellanox, Flickr Announces All CC-Licensed Images Will Be Protected, ExTiX 19.3 Released and Two Fedora Test Days

Linux Journal - Mon, 03/11/2019 - 08:22

News briefs for March 11, 2019.

Audacity recently released version 2.3.1. This new version restores Linux support, which was missing in the previous version, and also fixes more than 20 bugs and improves Audacity for macOS. For details on all the new features, go here, and see also the release notes.

NVIDIA is acquiring Mellanox. Phoronix reports that NVIDIA confirmed this morning that the company "will be acquiring Mellanox for $6.9 billion USD" by the end of 2019. Also from the Phoronix post: "Acquiring Mellanox is a high performance computing (HPC) play and now gives NVIDIA more exposure in this space outside of GPU/compute with Mellanox's interconnect products widely being used among high-end servers for Ethernet and other network technologies. NVIDIA and Mellanox hardware is already used in both the much talked about Sierra and Summit super-computers."

Flickr has announced that all CC-licensed images will be protected. According to the Creative Commons article, "all CC-licensed and public domain images on the platform will be protected and exempted from upload limits. This includes images uploaded in the past, as well as those yet to be shared. In effect, this means that CC-licensed images and public domain works will always be free on Flickr for any users to upload and share."

ExTiX 19.3, Build 190307, was released last week. This version is based on the upcoming Ubuntu 19.04 Disco Dingo, uses the Xfce Desktop 4.13 and the 5.0.0-exton kernel. The developer notes that "The best thing with ExTiX 19.3 is that while running the system live (from DVD/USB) or from hard drive you can use Refracta Snapshot (pre-installed) to create your own live installable Ubuntu system. So easy that a ten year child can do it! As an alternative to Xfce4 you can run Kodi 18.2 Leia." You can download ExTiX 19.3 from SourceForge.

Two Fedora Test Days are scheduled for this week. The first one is tomorrow, March 12, for testing kernel 5.0, and the second is Wednesday, March 13, for testing Fedora's IoT Edition. See the Kernel Test Day Wiki and the IoT Test Day Wiki for more information on how to participate.

News Audacity NVIDIA creative commons Flickr ExTiX Linux Fedora
Categories: Linux News

Become Queen Bee for a Day Using Python's Built-in Data Types

Linux Journal - Mon, 03/11/2019 - 06:30
by Reuven M. Lerner

Cheaters never win, but at least they can use Python.

Like many other nerds, I love word puzzles. I'm not always great at them, and I don't always have time to do them, but when I do, I really enjoy them.

I recently discovered a new daily puzzle, known as "spelling bee", that the New York Times offers online. The idea is simple. There are seven different letters, one in the center of a circle and six around it. Your job is to make as many different words as you can from those seven letters. Each word must be at least four letters long, and each word also must contain the center letter. You can use each letter as many times as you want.

So if the letters are "eoncylt", with a center letter of "y", some of the words you could create might be "cyclone", "eyelet" and "nylon".

The online game gives you a score based on how many words you've made from the potential pool. If you get them all, you're awarded "queen bee" status.

I do pretty well at this puzzle, but I've never managed to find all of the hidden words. Nevertheless, I have become queen bee on a few occasions. How? The answer is simple. I cheated. How? Using Python, of course.

Now, cheating at games isn't necessarily the first order of business when it comes to programming. And cheating at word games in which you're competing against yourself is probably a sign of unhealthy competition. But, doing so also provides a great way to review some of the ways you can use Python's built-in data types and the ease with which you can process words and text.

So in this article, I explore a number of ways you can cheat—and yes, become the queen bee, if only for a day.

Trying All Combinations

To start, you simply might try to form all of the possible combinations you can with the letters you're given. As you might remember from high-school math class, there's a difference between "permutations" and "combinations". When you generate "permutations", the order is important, but when you generate "combinations", the order is not important.

You easily can see this using Python's itertools module, a part of the standard library that has functions named permutations and combinations. Each takes both an iterable data structure and the number of items you want in each resulting list. For example:

Go to Full Article
Categories: Linux News

Weekend Reading: Science

Linux Journal - Sat, 03/09/2019 - 08:38
by Carlie Fairchild

Mathematics and science tools often depend on cluster and high performance computing, both undeniably Linux strengths. Couple that with the maturity of the science tools available for Linux and you get a lot of computational bang for your buck. Join us this weekend as we review physics, chemistry, biology, astronomy, and other science programs for Linux.

Open Science Means Open Source--Or, at Least, It Should

Why open source was actually invented in 1665.

Getting Started with Scilab

Introducing one of the larger scientific lab packages for Linux.

A Look at KDE's KAlgebra

This article looks at one of the programs specifically available in the KDE desktop environment, KAlgebra.

Atomic Modeling with GAMGI

General Atomistic Modelling Graphic Interface, or GAMGI, provides a very complete set of tools that allows you to design and visualize fairly complex molecules.

Drawing Feynman Diagrams for Fun and Profit with JaxoDraw

In physics, there's a powerful technique for visualizing particle interactions at the quantum level. This technique uses something called Feynman diagrams, invented by physicist Richard Feynman. These diagrams help visualize what happens when one or more particles have some kind of interaction.

Visualizing Molecules with EasyChem

Introducing EasyChem, a program that generates publication-quality images of molecular structures.

Astronomy Software by Any Other Name

Similar to other larger astronomy programs, you can use SkyChart from the desktop to the observatory.

Modeling the Entire Universe

For this article, I want to look at the largest thing possible, the whole universe. At least, that's the claim made by Celestia, the software package I'm introducing here. 

A Good Front End for R

R is the de facto statistical package in the Open Source world. It's also quickly becoming the default data-analysis tool in many scientific disciplines.

Go to Full Article
Categories: Linux News

Microsoft Released the Code for Windows Calculator, Skype for Web Has Launched but It Won't Work on Linux, Google Debuts Google Coral, Wrath: Aeon of Ruin Coming to Linux and Fedora 30 Wallpapers

Linux Journal - Fri, 03/08/2019 - 09:32

News briefs for March 8, 2019.

Microsoft has published the code for Windows Calculator and released it on GitHub under the permissive MIT license. Ars Technica reports that "The repository shows Calculator's surprisingly long history. Although it is in some regards one of the most modern Windows applications—it's an early adopter of Fluent Design and has been used to showcase a number of design elements—core parts of the codebase date all the way back to 1995."

In other Microsoft news, the company's Skype team just launched Skype for Web, so you can skype from a browser instead of needing to install the app. According to ZDNet, "Skype for Web requires Windows and MacOS 10.12 or higher and the latest versions of Google Chrome or Microsoft Edge. That means Skype for Web won't work on a Chromebook or on an Ubuntu or any other Linux machine, and nor will it work in the Firefox browser."

Google this week debuted Google Coral, a dev board and USB accelerator. Hackster.io reports that both of these products "were built around Google's Edge TPU, their purpose-built ASIC designed to run machine learning inference at the edge." So this means that "with the ability to run these trained networks 'at the edge' nearer the data", developers are able "to put the smarts on the smart device, rather than in the cloud. Allowing them to build smart devices that uses machine learning without a network connection at all."

Wrath: Aeon of Ruin is coming to Linux. GamingOnLinux notes that "While Steam only lists Windows system requirements, if you hop on over to the official site there's a Linux "tux" icon to show it will support Linux and the press release sent out by 1C Entertainment has also confirmed this." You can view the trailer here.

Fedora 30 is scheduled to be released July 30, 2019, but you can see the Fedora 30 wallpapers now. 56 wallpapers were submitted, and 16 were chosen by community vote. See the gallery here.

News Microsoft skype Google gaming Fedora
Categories: Linux News

Astronomy Software by Any Other Name

Linux Journal - Fri, 03/08/2019 - 08:00
by Joey Bernard

In this article, I introduce another option available for the astronomers out there—specifically, Cartes du Ciel, also known as SkyChart. Similar to other larger astronomy programs, you can use SkyChart from the desktop to the observatory.

SkyChart probably won't be available in your distribution's package management system, so you'll need to go to the main website to download it. DEB, RPM and TAR files are available, so you should be able to use it for just about any distribution. Downloads also are available for other operating systems and for other hardware. You even can download a version to run on a Raspberry Pi.

When you first start Cartes du Ciel, you'll be asked where on the globe your observatory is located.

Figure 1. The first step is to set the location where you'll be making observations.

A number of locations already are listed in the database. If your location isn't there, you can enter the latitude and longitude. Once you are done, clicking the OK button pops up a new window with the sky at the current time and location.

Figure 2. The initial display is the sky over your location at the current time.

Unlike many other astronomy programs, time does not progress automatically. The design is more along the lines of being able to generate viewing charts for observation. Buttons in the toolbar at the top allow you to update the time easily.

The default view is to look at the sky at due south. You can change this view by clicking and dragging the star field. If you want to center it on a cardinal direction, there are buttons along the bottom right-hand side of the screen for that task. Just above these cardinal direction buttons, field of view (FOV) buttons set the amount of the sky that is visible.

Along the left-hand side of the main window are several buttons for turning various coordinate systems and markers on and off. Along the top, several toolbars allow you to select which elements of the sky are visible within the sky chart that you are generating. All of these options also are available as menu items. Clicking the Chart menu item provides a list where you can change parameters, such as the field of view, the viewing direction or the coordinate system to use.

Go to Full Article
Categories: Linux News

New Security Patch for Ubuntu 18.10, man-pages-5.00 Released, Be Sure to Update Google Chrome, Qt Creator 4.9 Beta2 Now Available and KDevelop Bugfix Is Out

Linux Journal - Thu, 03/07/2019 - 10:17

News briefs for March 7, 2019.

Canonical has released a Linux kernel security patch for Ubuntu 18.10 on the heels of yesterday's patch for Ubuntu 18.04 LTS. According to Softpedia News, this patch addresses two of the same vulnerabilities as yesterday's patch: CVE-2019-6133 and CVE-2018-18397. It also addresses CVE-2019-16880, which is an out of bounds write vulnerability discovered by Jason Wang. Update now if you haven't already.

man-pages-5.00 was released yesterday. Michael Kerrisk, the man page maintainer, writes: "This release resulted from patches, bug reports, reviews, and comments from around 130 contributors. The release is rather larger than average, since it has been nearly a year since the last release. The release includes more than 600 commits that changed nearly 400 pages. In addition, 3 new manual pages were added." The release tarball is available from kernel.org, the browsable pages are at man7.org, and the Git repo is available from kernel.org.

Be sure you're running the latest version of Google Chrome: 72.0.3626.121. Google fixed a zero-day exploit last week, but only yesterday "publicized that CVE-2019-5786 was 'High' severity and a zero-day. Source: 9to5Google.

Qt Creator 4.9 Beta2 was released today. You can read about the changes here, and download the open-source version from here.

KDevelop 5.3.2 was released today. This is a stabilization and bugfix release. You can find the installers, AppImage and source code archives here.

News Canonical Security Ubuntu man pages Google Chrome Qt Creator KDevelop
Categories: Linux News

Spy Games: the NSA and GCHQ Offer Their Software to the Open Source Community

Linux Journal - Thu, 03/07/2019 - 07:30
by David Habusha

Spies worth their salt are generally expected to be good at keeping secrets. With dead drops, encryption, cyanide pills and the like, openly sharing useful information isn’t supposed to be a part of the job description.

So it caught more than a few of us off guard when a couple years ago, some of the top spy agencies began contributing code to GitHub, making it available to the masses by open-sourcing some of their software.

The National Security Agency, the American signals intelligence organization that is tasked with the majority of the cyber-snooping, has released two separate pages on GitHub. The first is the NSA's primary account on GitHub that has 17 listed repos, followed up by its more substantive “NSA Cybersecurity” page with its 31 repositories.

Even though the NSA appears to have been posting some of its software as open source since 2017, presumably a result in part of the effort from the US government to make more of the code produced by the USG available to the public, the agency made news in early January when it announced plans to release a new product to the Open Source community.

The software is called GHIDRA, and it has been described as a tool for reverse-engineering malware. According to reports, GHIDRA has been referenced in the past during the Vault7 document leaks and is available for use across all the major operating systems. Those who are curious for more information on this tool and how to use it can catch a glimpse at a demonstration that the NSA has committed to putting on at this year’s RSA conference.

However, with perhaps less fanfare, it would seem as though it was the Brits who first made the move to take some of their code open source. The British SigInt agency GCHQ released its first piece of open-source tooling with the Gaffer graph database back in 2015, beating the Americans by two years. At the time of writing, the good folks at Her Majesty’s cyber-snooping agency have 39 repositories on offer for all to try out, including one called the CyberChef, which is billed as the “Cyber Swiss Army Knife—a web app for encryption, encoding, compression, and data analysis”.

Go to Full Article
Categories: Linux News

Purism Announces PureOS Is Now Convergent, LibreOffice 6.2.1 Now Available, Security Patch for Ubuntu 18.0.4 LTS, Bugfix Update for Plasma 5 and KaOS 2019.02 Recently Released

Linux Journal - Wed, 03/06/2019 - 09:52

News briefs for March 6, 2019.

Purism announces that PureOS is now convergent, which means "being able to make the same application code execute, and operate, both on mobile phones and laptops—adapting the applications to screen size and input devices". With PureOS, Purism "has laid the foundation for all future applications to run on both the Librem 5 phone and Librem laptops, from the same PureOS release".

The Document Foundation announces LibreOffice 6.2.1, the first minor release of the 6.2 version. You can download it from here. Note that this release "represents the bleeding edge in term of features for open source office suites, and as such is not optimized for enterprise class deployments, where features are less important than robustness. Users wanting a more mature version can download LibreOffice 6.1.5, which includes some months of back-ported fixes."

Canonical released a Linux kernel security patch for Ubuntu 18.0.4 LTS (Bionic Beaver). Softpedia News reports that this update addresses three vulnerabilities: "a race condition (CVE-2019-6133) in Linux kernel's fork() system call, which could allow a local attacker to gain access to services were authorizations are cached, and a flaw (CVE-2018-18397) in the userfaultd implementation, which could allow a local attacker to modify files. Both issues were discovered by Jann Horn. Furthermore, the kernel security patch addresses a vulnerability (CVE-2018-19854) in Linux kernel's crypto subsystem, which leads to leaked uninitialized memory to user space under certain situations. This would allow a local attacker to expose sensitive information (kernel memory)." Update now if you haven't already.

KDE yesterday released a bugfix update to KDE Plasma 5, version 5.12.8. The announcement notes that "Plasma 5.12 was released in February 2018 with many feature refinements and new modules to complete the desktop experience. This release adds six months' worth of new translations and fixes from KDE's contributors. The bugfixes are typically small but important." See the Changelog for all the details.

KaOS recently released the first ISO snapshot of the year, KaOS 2019.02. According to the announcement, "Major updates included a move to Python 3.7 (3.7.2), Readline 8.0.0, Glib2 2.58.3, Qt 5.12.1, PHP 7.2 besides the usual full Frameworks, Plasma & KDE Applications replacements, so most systems will see 70-80% of their install replaced by new packages so a new ISO is more than due."

News Purism PureOS LibreOffice Canonical Ubuntu Security Mobile KDE Plasma KaOS
Categories: Linux News

The Digital Unconformity

Linux Journal - Wed, 03/06/2019 - 08:00
by Doc Searls

Will our digital lives leave a fossil record? Or any record at all?

In the library of Earth's history, there are missing books. All were written in rock that is now gone. The greatest example of "gone" rock first was observed by John Wesley Powell in 1869, on his expedition by boat through the Grand Canyon. Floating down the Colorado river, he saw the canyon's mile-thick layers of reddish sedimentary rock resting on a basement of gray non-sedimentary rock, and he correctly assumed that the upper layers did not continue from the bottom one. He knew time had passed between the basement rock and the floors of rock above it, but he didn't know how much. The answer turned out to be more than a billion years. The walls of the Grand Canyon say nothing about what happened during that time. Geology calls that nothing an unconformity.

In fact, Powell's unconformity prevails worldwide. The name for this worldwide missing rock is the Great Unconformity. Because of that unconformity, geology knows comparatively little about what happened in the world through stretches of time ranging regionally up to 1.6 billion years. All of those stretches end abruptly with the Cambrian Explosion, which began about 541 million years ago. Many theories attempt to explain what erased all that geological history, but the prevailing paradigm is perhaps best expressed in "Neoproterozoic glacial origin of the Great Unconformity", published on the last day of 2018 by nine geologists writing for the National Academy of Sciences.

Put simply, they blame snow. Lots of it—enough to turn the planet into one giant snowball, already informally called Snowball Earth. A more accurate name for this time would be Glacierball Earth, because glaciers, all formed from snow, apparently covered most or all of Earth's land during the Great Unconformity—and most or all of the seas as well.

The relevant fact about glaciers is that they don't sit still. They spread and slide sideways, pressing and pushing immensities of accumulated ice down on landscapes that they pulverize and scrape against adjacent landscapes, abrading their way through mountains and across hills and plains like a trowel spreading wet cement. Thus, it seems glaciers scraped a vastness of geological history off the Earth's surface and let plate tectonics hide the rest of the evidence. As a result, the stories of Earth's missing history are told only by younger rock that remembers only that a layer of moving ice had erased pretty much everything other than a signature on its work.

Go to Full Article
Categories: Linux News

LibreSignage Looking for Beta Testers, OpenNebula v. 5.8 "Edge" Now Available, New SPOILER Attack Affecting Intel CPUs Discovered, Bug Found in Android TV OS and GNU Linux-libre 5.0-gnu Released

Linux Journal - Tue, 03/05/2019 - 09:57

News briefs for March 5, 2019.

LibreSignage, "a FOSS digital signage solution for managing a network of digital signage clients...anything from small advertisement displays to larger commercial billboards", is looking for beta testers for LibreSignage v1.0.0: "If you'd like to try out the latest and greatest of LibreSignage development, you can pull the LibreSignage Docker image by pulling libresignage:v1.0.0-beta-1 from Docker Hub. The readme in the GIT repository contains further instructions on setting up and starting a container. Alternatively you can pull the v1.0.0-beta-1 tag from the GIT repository at https://github.com/eerotal/LibreSignage and build LibreSignage yourself."

OpenNebula recently released version 5.8 "Edge". This version is the fifth major release of the open-source cloud management software. New major features include support for LXD, automatic NIC selection, distributed data centers and scalability improvements. See the release notes for more information, and go here to download.

New "SPOILER" attack discovered affecting Intel's CPUs. Phoronix reports that researchers from Worcester Polytechnic Institute and University of Lubeck discovered the speculative attack and that "Intel was notified of this issue a few months ago but no software/hardware fix appears ready yet, while the researchers claim there might not be an effective software solution available at least anytime soon—and any mitigation would likely come at a performance cost, as we've seen with Spectre and Meltdown over the past year. AMD and ARM CPUs aren't believed to be impacted by SPOILER." See also "SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks".

A bug in the Android TV OS has been found that could expose personal photos to others who own the same Android TV. According to Appuals, when Twitter user @wothadei "tried to access his Vu Android TV through the Google Home app, he could see the linked accounts of several other individuals who owned the same television. Unfortunately, however, this is not the only bug that he has discovered. The Twitter user found that he could view personal photos linked to the accounts of other owners of the Android TV device on Google Photos through the Ambient Mode screensaver settings."

GNU Linux-libre 5.0-gnu was released yesterday. Sources and tarballs are here.

News LibreSignage OpenNebula Cloud SPOILER Intel Security Android GNU Linux-libre
Categories: Linux News

Programming Text Windows with ncurses

Linux Journal - Tue, 03/05/2019 - 08:00
by Jim Hall

How to use ncurses to manipulate your terminal screen.

In my article series about programming for the text console using the ncurses library, I showed you how to draw text on the screen and use basic text attributes. My examples of Sierpinski's Triangle (see "Getting Started with ncurses") and a simple Quest adventure game (see "Creating an Adventure Game in the Terminal with ncurses") used the entire screen at once.

But what if it makes more sense to divide the screen into portions? For example, the adventure game might divide the screen to use part of it for the game map and another portion of the screen for the player's status. Many programs organize the screen into multiple parts—for instance, the Emacs editor uses an editing pane, a status bar and a command bar. You might need to divide your program's display areas similarly. There's an easy way to do that, and that's with the windows functions in ncurses. This is a standard part of any curses-compatible library.

Simple Senet

You may associate "windows" with a graphical environment, but that is not the case here. In ncurses, "windows" are a means to divide the screen into logical areas. Once you define a window, you don't need to track its location on the screen; you just draw to your window using a set of ncurses functions.

To demonstrate, let me define a game board in an unexpected way. The ancient Egyptian game Senet uses a board of 30 squares arranged in three rows and ten columns. Two players move their pieces around the board in a backward "S" formation, so that the board looks like this:

1 2 3 4 5 6 7 8 9 10 20 19 18 17 16 15 14 13 12 11 21 22 23 24 25 26 27 28 29 30

Without the windows functions, you'd have to keep track of the row and column for each piece and draw them separately. Since the board is arranged in a backward "S" pattern, you'll always need to do weird math to position the row and column correctly every time you update each square on the board. But with the windows functions, ncurses lets you define the squares once, including their position, and later refer to those windows by a logical identifier.

The ncurses function newwin() lets you define a text window of certain dimensions at a specific location on the screen:

Go to Full Article
Categories: Linux News

Linux Kernel 5.0 Is Officially Out, ReactOS 0.4.11 Released, Python 2.7.16 Now Available, Some Linux Mint Updates and Rancher Labs Launches K3s

Linux Journal - Mon, 03/04/2019 - 09:36

News briefs for March 4, 2019.

Linux kernel 5.0 is out. Linus writes, "We have more than a handful of real fixes in the last week, but not enough to make me go "Hmm, things are really unstable". In fact, at least two thirds of the patches are marked as being fixes for previous releases, so it's not like 5.0 itself looks bad." The merge window for 5.1 is now open.

ReactOS 0.4.11 was released today. This version includes substantial improvements to the kernel, storage, application start/stop, networking and more. See the official ChangeLog for all the details, and go here to download.

Python 2.7.16 was released yesterday. This is a bug-fix release, and you can get it here.

Linux Mint is getting a new website design and logo. The Linux Mint Blog describes the changes and gives a preview of what the team is working on. In addition, Cinnamon has received some performance improvements, and there also are improvements to the Mint Tools, such as automated removal of old kernels, inhibition of system shutdown/reboot during automated tasks, persistent rotated logs and more.

Rancher Labs has launched k3s, "a lightweight version of Kubernetes that weighs-in at only 40MB". According to Christine Hall's ITPro Today post, "The folks at Rancher are betting that K3s's smaller footprint will be valuable both for edge-based servers and even more constrained connected devices, i.e. anything from assembly line robots to smartphones to connected automobiles." For more information, and to download k3s, go here.

News kernel ReactOS python Linux Mint Distributions Kubernetes k3s
Categories: Linux News

By Jupyter--Is This the Future of Open Science?

Linux Journal - Mon, 03/04/2019 - 07:30
by Glyn Moody

Taking the scientific paper to the next level.

In a recent article, I explained why open source is a vital part of open science. As I pointed out, alongside a massive failure on the part of funding bodies to make open source a key aspect of their strategies, there's also a similar lack of open-source engagement with the needs and challenges of open science. There's not much that the Free Software world can do to change the priorities of funders. But, a lot can be done on the other side of things by writing good open-source code that supports and enhances open science.

People working in science potentially can benefit from every piece of free software code—the operating systems and apps, and the tools and libraries—so the better those become, the more useful they are for scientists. But there's one open-source project in particular that already has had a significant impact on how scientists work—Project Jupyter:

Project Jupyter is a set of open-source software projects that form the building blocks for interactive and exploratory computing that is reproducible and multi-language. The main application offered by Jupyter is the Jupyter Notebook, a web-based interactive computing platform that allows users to author documents that combine live code, equations, narrative text, interactive dashboard and other rich media.

Project Jupyter was spun-off from IPython in 2014 by Fernando Pérez. Although it began as an environment for programming Python, its ambitions have grown considerably. Today, dozens of Jupyter kernels exist that allow other languages to be used. Indeed, the project itself speaks of supporting "interactive data science and scientific computing across all programming languages". As well as this broad-based support for programming languages, Jupyter is noteworthy for its power. It enables users to create and share documents that contain live code, equations, visualizations and narrative text. Uses include data cleaning and transformation, numerical simulation, statistical modeling, data visualization and machine learning.

Go to Full Article
Categories: Linux News

Weekend Reading: FOSS Projects

Linux Journal - Sat, 03/02/2019 - 08:15
by Carlie Fairchild

Linux Journal's FOSS Project Spotlights provide an opportunity for free and open-source project team members to show Linux Journal readers what makes their project compelling. Join us this weekend as we explore some of the latest FOSS projects in the works.

FOSS Project Spotlight: Mender.io, an Open-Source Over-the-Air Software Update Manager for IoT Devices

by Ralph Nguyen

Mender is an open-source (Apache 2.0) project to address over-the-air (OTA) software update management for Linux-based IoT devices.

FOSS Project Spotlight: Nitrux, a Linux Distribution with a Focus on AppImages and Atomic Upgrades

by Nitrux Latinoamericana S.C.

Nitrux is a Linux distribution with a focus on portable, application formats like AppImages. Nitrux uses KDE Plasma 5 and KDE Applications, and it also uses our in-house software suite Nomad Desktop.

FOSS Project Spotlight: Tutanota, the First Encrypted Email Service with an App on F-Droid

by Matthias Pfau

Seven years ago, Tutanota was being built, an encrypted email service with a strong focus on security, privacy and open source. Long before the Snowden revelations, the Tutanota team felt there was a need for easy-to-use encryption that would allow everyone to communicate online without being snooped upon.

FOSS Project Spotlight: LinuxBoot

by David Hendricks

Linux as firmware.

The more things change, the more they stay the same. That may sound cliché, but it's still as true for the firmware that boots your operating system as it was in 2001 when Linux Journal first published Eric Biederman's "About LinuxBIOS". LinuxBoot is the latest incarnation of an idea that has persisted for around two decades now: use Linux as your bootstrap.

FOSS Project Spotlight: CloudMapper, an AWS Visualization Tool

by Scott Piper

Duo Security has released CloudMapper, an open-source tool for visualizing Amazon Web Services (AWS) cloud environments.

Go to Full Article
Categories: Linux News

The Single-Board Computers Issue

Linux Journal - Fri, 03/01/2019 - 11:30
by Bryan Lunduke

When I was a child in the 1980s, I had a computer—a very 1980s computer.

It had a hefty, rectangular, grey case made of some sort of industrial sheet metal. Two plain (but rather large), square buttons adorned the front, begging to be pressed: "Reset" and "Turbo". On the right side of the case, far in the back (nearly out of reach), sat an almost comically large, red power switch. It was the kind of lever that would look right at home in an action movie—used to cut the electricity to all of New York City.

When you "threw the switch", the PC turned on with a deeply satisfying, soul-reverberating, "ka-THUNK".

Inside, sat an Intel 286 CPU decked out with 640k of RAM, which, as some unnamed person may or may not have said, "ought to be enough for anybody". For mass storage, it had a big, double tall hard drive. The connection for this drive wasn't SATA, or SCSI, or even IDE. We're talking about an MFM connection here, baby (MFM stands for Modified Frequency Modulation). As a child, I simply assumed MFM had something to do with the fact that you could hear the hard drive spinning up from down the street.

I kid, I kid. You couldn't actually hear the hard drive—not over the roar of the fan in the power supply.

It was, to say the least, a beast—beastly in size, beastly in power usage and beastly in price.

Flash-forward [counts on fingers, gets depressed at own age, downs a pint of ice cream, resumes writing article] 35 years later. We now have single-board computers (SBCs) with no fans—heck, no moving parts whatsoever—running completely silently.

These SBCs have several hundred times (in some cases, several thousand times) the RAM. Ditto for storage. With significantly faster networking (including wireless, which wasn't even a thing on that old 286) and processing speed that, even among the slowest SBCs, is so much faster, it's almost mind-boggling.

All of this is contained within a physical size often smaller than a credit card and at a price somewhere roughly between one hamburger and...a couple more hamburgers.

These small, silent, low-power, low-cost computers have changed things. They've made general-purpose computing more affordable (and durable), bringing down costs in data centers and allowing solo makers and small companies to create computer-driven hardware projects that would have been nearly impossible to tackle in days gone by.

Here in 2019, we've even got a whole heaping helping of SBCs from which to choose: Arduino, BeagleBoard, Gumstix, ODROID, Pine64, Raspberry Pi—the list goes on and on. We are spoiled for choices.

Go to Full Article
Categories: Linux News

New Crypto-mining Group Targeting Linux Servers, Creative Commons Holding a 24-Hour Web-a-thon for Open Education Week, Canonical Announces Support for Containerd, JDK Mission Control Now Available in Fedora 29 and Google Is Speeding Up the Back Button

Linux Journal - Fri, 03/01/2019 - 09:49

News briefs for March 1, 2019.

A new crypto-mining group is targeting Linux servers. According to ZDNet, the attackers, called Pacha Group, are believed to be from China and have been attacking Linux servers since this past fall, inserting malware that mines cryptocurrency. Security researchers at Intezer discovered that the attackers "use brute-force attacks to compromise services like WordPress or PhpMyAdmin, and once they have an initial foothold, they escalate their access to the underlying server, where they deploy their malware, which Intezer has named Linux.GreedyAntd." See the Intezer Blog for more details.

Canonical yesterday announced support for containerd in the 1.14 releases of Charmed Kubernetes and Microk8s. Carmine Rimi, product manager for Kubernetes at Canonical, says "Containerd has become the industry-standard container runtime focused on simplicity, robustness and portability. Enabling Kubernetes to drive containerd directly reduces the number of moving parts, reduces latency in pod startup times, and improves CPU and memory usage on every node in the cluster." Containerd's GitHub page is here.

JDK Mission Control is now available as a module in Fedora 29. JDK Mission Control is a profiling app for HotSpot JVMs, and it "has an advanced set of tools that enables efficient and detailed analysis of the extensive data collected by JDK Flight Recorder (JFR). JMC requires JDK 8 or later."

Creative Commons announces a 24-hour Web-a-thon to be held on March 5–6 (depending on your time zone) as part of Open Eduction Week: "We have amazing speakers from around the world presenting in multiple languages. Experts from Algeria, Nigeria, Argentina, South Africa, Italy, Chile, United Kingdom, Afghanistan, United States, Ireland, Sweden, Canada and Poland will present their open education projects." Sessions will be here. See this post for the presentation schedule.

Google is speeding up the back button with Chrome's new "back/forward" cache. Ars Technica reports that Chrome's new bfcache "lets the browser capture the entire state of a running page—including scripts that are in the middle of execution, the rendered images, and even the scroll position—and reload that state later. With bfcache, rather than having to reload the page from scratch, the page will look as if it was paused when you clicked a link to a new page and subsequently resumed when you hit back."

News Security cryptomining Canonical containerd Kubernetes JDK Mission Control Fedora creative commons Google Chrome
Categories: Linux News

Mozilla Releases Common Voices, KStars v3.1.0 Is Out, LibreELEC 9.0.1 (Leia) Now Available, System76's New Oryx Pro Laptops Slated to Arrive and Security Flaw in Google Chrome

Linux Journal - Thu, 02/28/2019 - 09:31

News briefs for February 28, 2019.

Mozilla today released Common Voices, the "largest to-date public domain transcribed voice dataset". The dataset includes 18 languages and almost 1,400 hours of recorded voice from more than 42,000 people. From the Mozilla blog: "With this release, the continuously growing Common Voice dataset is now the largest ever of its kind, with tens of thousands of people contributing their voices and original written sentences to the public domain (CC0). Moving forward, the full dataset will be available for download on the Common Voice site."

KStars v3.1.0 was released today, marking the first release of 2019. This release focuses on stability and performance improvements—for example, some bugs in the Ekos Scheduler, Ring-Field Focusing was added to the Focus module, and the LiveView window now enables zooming and panning for supported DSLR cameras. See the Jasem's Ekosphere blog for all the details, and go here for download links and other resources.

LibreELEC 9.0.1 (Leia) is now available. This release of the Linux-based open-source operating system for embedded devices "contains many changes and refinements to user experience and a complete overhaul of the underlying OS core to improve stability and extend hardware support. Kodi v18 also brings new features like Kodi Retroplayer and DRM support that (equipped with an appropriate add-on) allows Kodi to unofficially stream content from services like Netflix and Amazon." In addition, "Changeable SSH passwords and a default firewall configuration have been added to combat the increasing number of HTPC installs that can be found on the public internet." Go here to download.

System76's new Oryx Pro laptop with RTX 20-Series GPUs is slated to arrive today. Features include "super thin aluminum alloy design, switchable NVIDIA and Intel GPUs, performance 8th-gen CPus, 15" and 17" IPS display options and up to 32GB of memory", and comes with Pop!_OS 18.04 LTS (64-bit) or Ubuntu 18.04 LTS (64-bit) for the OS.

Softpedia News reports that the security flaw discovered by EdgeSpot is "already being exploited in the wild and an official fix would only be released by Google in late April." In addition, "The PDF documents do not appear to leak any personal information when opened in dedicated PDF readers like Adobe Reader. However, it seems the malicious code specifically targets a vulnerability in Google Chrome, as opening them in the browser triggers outbound traffic to one of two different domains called burpcollaborator.net and readnotify.com." To protect yourself, don't open any PDFs in Google Chrome, especially from untrusted sources.

News Mozilla Common Voices KStars LibreELEC System76 Laptops Google Chrome Security
Categories: Linux News

Indie Makers Using Single-Board Computers

Linux Journal - Thu, 02/28/2019 - 09:31
by Bryan Lunduke

Possibly the most amazing thing, to me, about single board computers (SBCs) is that they allow small teams of people (and even lone individuals) to create new gadgets using not much more than SBCs and 3D printers. That opportunity for makers and small companies is absolutely astounding.

Two such projects have really caught my attention lately: the Noodle Pi and the TinyPi.

The Noodle Pi is a simple, handheld computer (about the size of a deck of playing cards). And, when I say simple, I mean simple. It's got a micro-USB charging port, another for plugging in USB devices, a touch screen and a battery. Think of it like an old-school PDA without any buttons (other than a small power toggle) and the ability to run a full Linux-based desktop.

Figure 1. The Credit-Card-Sized, Pi Zero-Powered, Noodle Pi

The TinyPi is a gaming handheld. And, believe it or not, it's even smaller than the Noodle Pi, with a tiny screen and tiny buttons. This is the sort of handheld game console you could put on a keychain.

Figure 2. The Impossibly Small TinyPi (Banana for Scale)

Both of these are built on top of the (super-tiny and super-cheap) Raspberry Pi Zero. And, both are built by lone individuals with a heavy reliance on 3D printers.

I wanted to know how they did it and how their experience was. What can we learn from these independent gadget makers? So, I reached out to both of them and asked them each the same questions (more or less).

Let's start with a chat with Pete Barker (aka "pi0cket"), maker of the TinyPi.

Interview with Pete Barker (pi0cket), TinyPi Maker

Bryan Lunduke: Could you give a quick overview of the TinyPi?

Pete Barker: TinyPi is (unofficially) the world's smallest pi-based gaming device. It started life as a bit of a joke—"how small can i make this?"—but it actually turned into something pretty good. The Pro version added more features and improvements, and a kickstarter was funded on December 30, 2018. Manufacturing is already underway, and the early-bird backers should start getting the kits in February 2019.

Figure 3. The parts of the TinyPi—the Smallest Handheld Game Console I Can Possibly Imagine

Go to Full Article
Categories: Linux News

KDE Participating in Google Summer of Code 2019, MariaDB Releasing New Open-Source MariaDB Enterprise Server, CentOS Celebrates 15th Birthday, Cmd Is a New Security Tool for Linux and Red Hat Announces Red Hat Certified Architect Program in Telco Cloud

Linux Journal - Wed, 02/27/2019 - 09:40

News briefs for February 27, 2019.

KDE announces it's been selected to participate in the Google Summer of Code for the 14th year. See the KDE Community Wiki for ideas and instructions for students interested in working with KDE for GSoC 2019.

MariaDB announced it is releasing a new version of its MySQL-compatible database management system called MariaDB Enterprise Server 10.4. ZDNet reports that "This new business server comes with more powerful and fine-grained auditing, faster, highly reliable backups for large databases, and end-to-end encryption for all data at rest in MariaDB clusters." The MariaDB Enterprise Server will be available in the second quarter of this year and will be fully open source.

CentOS is celebrating its 15th birthday. As part of its birthday celebrations, the CentOS blog wants to talk with those who "were involved in the early days, as well as some that have joined later on, to talk about how and why people get involved in this project". If you're interested in telling your story, contact rbowen@centosproject.org for an interview.

Cmd is a new security tool for Linux. According to Network World, "It reaches way beyond the traditional configuration of user privileges and takes an active role in monitoring and controlling the commands that users are able to run on Linux systems." It is designed for the cloud and monitors user activity "by forming user activity profiles (characterizing the activities these users generally perform), noticing abnormalities in their online behavior (login times, commands used, user locations, etc.), and preventing and reporting certain activities (e.g., downloading or modifying files and running privileged commands) that suggest some kind of system compromise might be underway. The product's behaviors are configurable and changes can be made rapidly."

Red Hat today announced the Red Hat Certified Architect Program in Telco Cloud, "a new training and certification program emphasizing the next-generation of telecommunications innovation". The program "focuses on the skills that telecommunications engineers need to build network functions virtualization (NFV) clouds, critical technologies that can help drive advanced services like 5G."

News KDE Google MariaDB Cloud CentOS Cmd Security Red Hat Certification
Categories: Linux News

Privacy, Mine: the Right of Individual Persons, Not of the Data

Linux Journal - Wed, 02/27/2019 - 08:15
by Augustine Fou

 

“For true, lasting privacy, we must shift from the ‘privacy policies’ of companies, which spring from data protection laws, to the ‘privacy’ of individual persons, as contemplated by human rights laws.”

How do we accomplish this shift?

TL;DR (in summary)

  • Privacy pertains to the person; “privacy” is the state of being free from public attention and unwanted intrusion.
  • Data is not privacy, but data from or about a person can be private or not private depending on how it’s used, who is using it and who has control of it.
  • In the digital world, a person’s privacy policy is like the clothing that one puts on to signal what data they consider private and what is not private.
  • The companies (sites, apps and so on) that respect a person’s privacy will build relationships with that person over time.
  • The accumulation of trust over time incentivizes good behavior by both parties, to preserve value and not lose it instantly.

We live in the age of surveillance marketing, where consumers’ privacy is being violated without their knowledge, consent or recourse. Data from and about consumers is collected en masse by ad-tech companies and traded for profit. But few consumers knew about it until things blow up like the Cambridge Analytica/Facebook scandal. Most consumers think they are interacting with the sites they’re visiting or the apps (like Facebook) they’re using, but they aren't aware of the dozens of hidden ad-tech trackers that siphon their data off to other places or the aggressive data collection and cross-device tracking of apps. Not only are they not aware, they also definitely did not give consent to third parties to use, buy and sell their data. They wouldn’t even know who ABCTechCompany was anyway if it asked for consent.

Consent Is Not the Same as Permission, But Consumers Are Tricked Anyway

Go to Full Article
Categories: Linux News
Syndicate content