Skip to main content

Feed aggregator

Montréal-Python 72 - Carroty Xenophon

Montreal Python - Sun, 06/03/2018 - 23:00

Let’s meet one last time before our Summer break! Thanks to Notman House for sponsoring this event.

Presentations Socket - Éric Lafontaine

Most of our everyday job include doing request over the internet or hosting a web solution for our company. Each connections we make utilize the socket API in some way that is not always evident. I hope to, by giving this talk, elucidate some of the magic contained in the socket API. I'm also going to give away some trick that I've been using since understanding that API.

Probabilistic Programming and Bayesian Modeling with PyMC3 - Christopher Fonnesbeck

Bayesian statistics offers powerful, flexible methods for data analysis that, because they are based on full probability models, confer several benefits to analysts including scalability, straightforward quantification of uncertainty, and improved interpretability relative to classical methods. The advent of probabilistic programming has served to abstract the complexity associated with fitting Bayesian models, making such methods more widely available. PyMC3 is software for probabilistic programming in Python that implements several modern, computationally-intensive statistical algorithms for fitting Bayesian models. PyMC3’s intuitive syntax is helpful for new users, and its reliance on the Theano library for fast computation has allowed developers to keep the code base simple, making it easy to extend and expand the software to meet analytic needs. Importantly, PyMC3 implements several next-generation Bayesian computational methods, allowing for more efficient sampling for small models and better approximations to larger models with larger associated dataset. I will demonstrate how to construct, fit and check models in PyMC, using a selection of applied problems as motivation.

When

Monday June 11th, 2018 at 6PM

Where

Notman House

51 Sherbrooke West

Montréal, QC

H2X 1X2

Schedule
  • 6:00PM - Doors open
  • 6:30PM - Presentations
  • 8:00PM - End of the event
  • 8:15PM - Benelux
Categories: External Blogs

Microsoft Reportedly Acquires GitHub

Linux Journal - Sun, 06/03/2018 - 18:47
Image

Today Bloomberg reports GitHub was acquired by Microsoft, the announcement being made as early as Monday. "GitHub preferred selling the company to going public and chose Microsoft partially because it was impressed by Chief Executive Officer Satya Nadella, said one of the people, who asked not to be identified discussing private information." Bloomberg goes on to say, "Terms of the agreement weren’t known on Sunday. GitHub was last valued at $2 billion in 2015."

Microsoft, who was once generally opposed to open-source development, is now one of the biggest contributors to GitHub. 

Story developing.

Updated 4:48am GMT June 3, 2018

For those interested, we're compiling a list of some open-source GitHub alternatives. Please write others in the comment section. We'll update the story as verified alternatives come in.

Updated 3:37pm GMT June 4, 2018

Microsoft Acquires GitHub For $7.5 Billion.

 

 

Microsoft GitHub
Categories: Linux News

Weekend Reading: Cloud

Linux Journal - Fri, 06/01/2018 - 12:30
by Carlie Fairchild

The cloud has become synonymous with all things data storage. It additionally equates to the many web-centric services accessing that same back-end data storage, but the term also has evolved to mean so much more.

 

Everything You Need to Know about the Cloud and Cloud Computing, Part I

by Petros Koutoupis

An in-depth breakdown of the technologies involved in making up the cloud and a survey of cloud-service providers.

 

Everything You Need to Know about the Cloud and Cloud Computing, Part II: Using the Cloud

by Petros Koutoupis

How to get started with AWS, install Apache, create an EFS volume and much more.

 

The Agony and the Ecstasy of Cloud Billing

by Corey Quinn

Cloud billing is inherently complex; it's not just you.

 

Nextcloud 13: How to Get Started and Why You Should

by Marco Fioretti

In its simplest form, the Nextcloud server is "just" a personal, free software alternative to services like Dropbox or iCloud. You can set it up so your files are always accessible via the internet, from wherever you are, and share them with your friends. However, Nextcloud can do so much more.

 

Simple Cloud Hardening

by Kyle Rankin

Apply a few basic hardening principles to secure your cloud environment.

 

Vendor Lock-in: Now in the Cloud!

by Kyle Rankin

Vendor lock-in has moved from corporate infrastructure into the cloud, only this time many are all too happy to embrace it.

 

FOSS Project Spotlight: CloudMapper, an AWS Visualization Tool

Go to Full Article
Categories: Linux News

Linux Lite 4.0 Released, Linux Foundation's Acumos AI Challenge, Fedora 29 Bootloader Debate and More

Linux Journal - Fri, 06/01/2018 - 08:41

News briefs June 1, 2018.

Linux Lite 4.0 "Diamond", is now available. This release is the first to drop 32-bit support, and it features "major design changes that include new system theme (Adapta) and icon sets (Papirus)", Softpedia News reports. In addition, Linux Lite 4.0 "adopts the swap file implementation from Ubuntu 18.04 LTS, as well as full disk encryption in the installer to replace home encryption". You can download it from here.

The Linux Foundation yesterday announced the Acumos AI Challenge, sponsored by AT&T and Tech Mahindra. The challenge "is an open source developer competition seeking innovative, ground-breaking artificial intelligence (AI) solutions from students, developers, and data scientists". The challenge is accepting submissions May 31 to August 5, 2018. The 1st place team will win $50,000, and the 2nd and 3rd place teams each will receive $25,000.

Fedora 29 may make the GRUB bootloader hidden by default, and this possibility is stirring up a bit of a debate. According to Phoronix, the pros are for a "faster boot experience", and the cons worry new users won't know how to revert to an older kernel if necessary. See the thread for the whole discussion.

Jolla Sailfish 2.2.0 "Mouhijoki" has been released. This update "introduces a new simpler single item view in Gallery and Camera app, adds fingerprint unlock support and emoji keyboard layout", as well as more robust VPN and MDM, and updated support for Xperia X and Jolla C devices among other things.

Phoronix turns 14 next week. Find out how you can help them celebrate.

Samuel F. Dabney, co-founder of Atari and one of the creators of Pong passed away May 26, 2018, The New York Times reports. He was 81. RIP Mr Dabney.

News Distributions AI Fedora Mobile gaming
Categories: Linux News

Linux Journal June Issue: Do-It-Yourself

Linux Journal - Thu, 05/31/2018 - 22:36
by Carlie Fairchild

As tech editor Kyle Ranklin so aptly put it, June's Do-It-Yourself issue is "like an extra-geeky episode of Cribs featuring single-board computers".

In this issue:

  • Make Your Own RV Offsite Backup and Media Server
  • Create a Custom Minimal Linux Distribution from Source
  • Build a Voice-Controlled Front End for IoT Devices
  • Introducing PyInstaller
  • Shell Scripting a Password Generating Tool
  • OpenStreetMap Should Be a Priority to the Open Source Community
  • The Current State of Linux and Music
  • Open Hardware and IoT
  • A Programmer's Look at Jakarta EE
  • JaxoDraw for Physics
  • FOSS Project Spotlights: Codelobster and WallPaperDownloader

Subscribers, you can download your June issue now.

Not a subscriber? It’s not too late. Subscribe today and receive instant access to this and ALL back issues since 1994!

Want to buy a single issue? Buy the June magazine or other single back issues in the LJ store.

Go to Full Article
Categories: Linux News

A Brand Advertising Restoration Project

Linux Journal - Thu, 05/31/2018 - 09:36
by Doc Searls

The GDPR is breaking advertising apart. 

Never mind the specifics of the regulation. Just look at the effects. Among those, two are obvious and everywhere: 1) opt-back-in emails and 2) "consent walls" in front of websites. Both of those misdirect attention away from how an entire branch of advertising ignored a simple moral principle that has long applied in the offline world: tracking people without their knowledge, approval or a court order is just flat-out wrong.

That branch of advertising is adtech. As I put it here a year ago: 

Let's be clear about all the differences between adtech and real advertising. It's adtech that spies on people and violates their privacy. It's adtech that's full of fraud and a vector for malware. It's adtech that incentivizes publications to prioritize “content generation” over journalism. It's adtech that gives fake news a business model, because fake news is easier to produce than the real kind, and adtech will pay anybody a bounty for hauling in eyeballs.

Real advertising doesn't do any of those things, because it's not personal. It is aimed at populations selected by the media they choose to watch, listen to or read. To reach those people with real ads, you buy space or time on those media. You sponsor those media because those media also have brand value.

The GDPR won't make adtech go away, but it will separate the advertising wheat from the adtech chaff.

The question then is whether advertisers and publishers can recover their lost taste for wheat. Lots of brands still like to advertise on the broadcast and print media that operate in the physical world. In fact, advertising there is still how most brands are made and sustained. In the online world, however, advertisers' appetite for data far outweighs their interest in branding there—with the exception of podcasting. Advertising on podcasts is growing rapidly. While there is data to be gained there, the main reason brands advertise on podcasts are old-fashioned sponsorship ones: brands supporting brands. 

Go to Full Article
Categories: Linux News

Atari VCS Finally on Indiegogo, Free Software Directory Meet-up Tomorrow, Minifree Libreboot X200 Tablet Has Been FSF-Certified and More

Linux Journal - Thu, 05/31/2018 - 09:13

News briefs for May 31, 2018.

The Atari VCS finally appeared on Indiegogo this week and already has $2,083,244 USD at the time of this writing (the goal was $100,000). The user interface is proprietary, but it's "built on an open source Linux OS so you can add your own software and apps to customize your own platform". The Indiegogo page also mentions that "a planned line of Atari VCS peripherals and accessories will let you build your own Game and Entertainment-Powered 'Connected Home' experience." It will include classic arcade games as well as modern titles and is expected to begin shipping in July 2019.

Join the Friday Free Software Directory IRC meet-up tomorrow, June 1, 12pm EDT to 3pm EDT. This week's theme is health software, and the meeting is on IRC in the #fsf channel on irc.freenode.org.

There's a new open-source framework for government projects: the Louisville Metro Government recently made its traffic data infrastructure available in the cloud and open-sourced the code, allowing other cities to build upon it, Route 50 reports. Louisville had won an Amazon Web Services grant last year to "merge its traffic data with Waze's and then run predictive analytics in the cloud to better time traffic signals to manage flow." More than 80 local, state and federal governments are now part of the Waze Connected Citizens Program, and the network is expanding to other open-source projects and is called the Open Government Coalition.

Redis 5.0 RC1 is out for testing this week, Phoronix reports. The biggest new feature is the Streams data type implementation, but 5.0 also offers new APIs, better memory reporting and more. See the Redis 5.0 RC1 announcement for all the details.

The Minifree Libreboot X200 tablet has been FSF-certified, which means "the product meets the FSF's standards in regard to users' freedom, control over the product, and privacy". The X200 tablet is a "fully free laptop/tablet hybrid that comes with Trisquel and Libreboot pre-installed. The device is similar to the previously certified Libreboot X200 laptop, but with a built-in tablet that enables users to draw, sign documents, or make handwritten notes."

News gaming FOSS Hardware Redis FSF
Categories: Linux News

Why You Should Do It Yourself

Linux Journal - Thu, 05/31/2018 - 07:15
by Kyle Rankin

Bring back the DIY movement and start with your own Linux servers.

It wasn't very long ago that we lived in a society where it was a given that average people would do things themselves. There was a built-in assumption that you would perform basic repairs on household items, do general maintenance and repairs on your car, mow your lawn, cook your food and patch your clothes. The items around you reflected this assumption with visible and easy-to-access screws, spare buttons sewn on the bottom of shirts and user-replaceable parts.

Through the years though, culture has changed toward one more focused on convenience. The microeconomic idea of "opportunity cost" (an idea that you can assign value to each course of action and weigh it against alternative actions you didn't take) has resulted in many people who earn a reasonable wage concluding that they should do almost nothing themselves.

The typical thinking goes like this: if my hourly wage is higher than the hourly cost of a landscaping service, even though that landscaping service costs me money, it's still cheaper than if I mowed my own lawn, because I could somehow be earning my hourly wage doing something else. This same calculation ends up justifying oil-change and landscaping services, microwave TV dinners and replacing items when they break instead of repairing them yourself. The result has been a switch to a service-oriented economy, with the advent of cheaper, more disposable items that hide their screws and vehicles that are all but hermetically sealed under the hood.

This same convenience culture has found its way into technology, with entrepreneurs in Silicon Valley wracking their brains to think of some new service they could invent to do some new task for you. Linux and the Open Source movement overall is one of the few places where you can still find this do-it-yourself ethos in place.

When referring to proprietary software, Linux users used to say "You wouldn't buy a car with the hood welded shut!" With Linux, you can poke under the hood and see exactly how the system is running. The metaphorical screws are exposed, and you can take the software apart and repair it yourself if you are so inclined. Yet to be honest, so many people these days would buy a car with the hood welded shut. They also are fine with buying computers and software that are metaphorically welded shut all justified by convenience and opportunity cost.

Go to Full Article
Categories: Linux News

Chrome 67 Released, New Version of RaspAnd, SEGA Mega Drive and Genesis Classics Now Available for Linux and More

Linux Journal - Wed, 05/30/2018 - 08:29

News briefs for May 30, 2018.

Chrome 67 has been released, and it includes several security fixes as well as default support for WebAuthn, which provides "a way to sign up to websites using biometrics like fingerprints or facial images stored in a smartphone, or USB hardware like Yubikey's authentication device", ZDNet reports. Chrome 67 also features new APIs for augmented and virtual reality.

RaspAnd developer Arne Exton announced yesterday the new version of his Android-based OS for the Raspberry Pi. This build is based on Android 7.1.2 Nougat, and Exton says "RaspAnd 7.1.2 Build 180529 can be used with the official Raspberry Pi 7 inch touchscreen and Big TV Screens." He also mentions that Bluetooth now works for the very first time and video performance in Kodi 18.0 has improved.

SEGA Mega Drive and Genesis Classics are now available for Linux. According to GamingOnLinux, they've also added new features, including two-player online multiplayer, leaderboards, challenge modes, VR support and more. In addition, they have also lowered the price to $29.99 for the whole collection, which is available on Steam.

LWN reports a large set of stable kernel updates this morning: "4.16.13 (272 patches), 4.14.45 (496 patches), 4.9.104 (329 patches), 4.4.134 (268 patches) and 3.18.111 (185 patches)".

Plex now supports podcasts, and according to the Engadget post, "It's also free, helps contain all your media—including photos, music, news and videos—in one place, and doesn't make passive aggressive subscription requests. In fact there isn't any subscription required at all."

News Chrome Security Raspberry Pi gaming kernel multimedia
Categories: Linux News

The Fight for Control: Andrew Lee on Open-Sourcing PIA

Linux Journal - Wed, 05/30/2018 - 08:08
by Doc Searls

When I learned that our new sister company, Private Internet Access (PIA), was opening its source code, I immediately wanted to know the backstory, especially since privacy is the theme of this month's Linux Journal. So I contacted Andrew Lee, who founded PIA, and an interview ensued. Here it is.

DS: What made you start PIA in the first place? Did you have a particular population or use case—or set of use cases—in mind?

AL: Primarily PIA was rooted in my humble beginnings on IRC where it had quickly become important to protect one's IP from exposure using an IRC bouncer. However, due to jumping around in various industries thereafter, I learned a lot and came to an understanding that it was time for privacy to go mainstream, not in the "hide yourself" type of sense, but simply in the "don't watch me" sense.

DS: Had you wanted to open-source the code base all along? If not, why now?

AL: We always wanted to open-source the code base, and we finally got around to it. It's late, but late is better than never. We were incredibly busy, and we didn't prioritize it enough, but by analyzing our philosophies deeply, we've been able to re-prioritize things internally. Along with open-sourcing our software, there are a lot of great things to come.

DS: People always wonder if open-sourcing a code base affects a business model. Our readers have long known that it doesn't, and that open-sourcing in fact opens more possibilities than leaving code closed. But it would be good to hear your position on the topic, since I'm sure you've thought about it.

AL: Since Private Internet Access is a service, having open-source code does not affect the business' ability to generate revenue as a company aiming for sustainable activism. Instead, I do believe we're going to end up with better and stronger software as an outcome.

DS: Speaking of activism, back in March, you made a very strong statement, directly to President Trump and Congress, with a two-page ad in The New York Times, urging them to kill off SESTA-FOSTA. I'm curious to know if we'll be seeing more of that and to hear what the response was at the time.

AL: Absolutely! We ran a few newspaper campaigns, including one for the Internet Defense League. It's a very strong place to mobilize people for important issues for society. As a result of the campaign, many tweets from concerned Americans were received by President Trump. I would say it was a success, but from here it's up to our President. Let's hope he does the right thing and vetoes it. That said, if the bill is signed in its current form [which it was after this interview was conducted], the internet is routing, and the cypherpunks have the power of the crypto. We will decentralize and route around bad policy.

Go to Full Article
Categories: Linux News

Rocket.Chat, Nitrux Linux and More. It's Cooking with Linux (without a Net)

Linux Journal - Tue, 05/29/2018 - 16:50

Please support Linux Journal by subscribing or becoming a patron.

Today on "Cooking with Linux without a Net", I cover (and install) @RocketChat , show you another Linux distribution you've never heard of (Nitrux Linux), and hunt rootkits and perform security audits. Oh, and I crash and burn too. Much fun was had, so watch and enjoy.

Cooking with Linux
Categories: Linux News

Emacs 26.1 Released, Linux 4.17-rc7, GNOME Foundation Receives Anonymous Donation and More

Linux Journal - Tue, 05/29/2018 - 08:48

News briefs for May 29, 2018.

Emacs 26.1 was released yesterday. New features include limited form of concurrency with Lisp threads, support for optional display of line numbers in the buffer, use of double buffering to reduce flicker on the X Window System, redesign of Flymake, support for 24-bit colors on text terminals and lots more.

Linus Torvalds had these remarks over the weekend on Linux 4.17-rc7: "This week we had the whole 'spectre v4' thing, and yes, the fallout from that shows up as part of the patch and commit log. But it's not actually dominant: the patch is pretty evenly one third arch updates, one third networking updates, and one third "rest". He also mentioned "The bulk of it is really pretty trivial one-liners, and nothing looks particularly scary. Let's see how next week looks, but if nothing really happens I suspect we can make do without an rc8."

The GNOME Foundation recently received a pledge for $1,000,000 over the next two years from an anonymous donor. The Foundation plans to use the funds "to increase staff to streamline operations and to grow its support of the GNOME Project and the surrounding ecosystem."

KDE Connect Development Sprint took place last week, and the developers worked on the ability to send SMS from the desktop, making the Run Commands interface more discoverable, improving the functionality of multimedia controls ("now it's possible to display album art from your desktop on your Android devices") and more.

A new desktop environment option has arrived. The Jade Desktop is built on Python, HTML5, CSS and JavaScript and uses GTK with WebKit2, Phoronix reports. For more info, see Sparky Linux, which is offering the new desktop to its users.

The Korora Project and BackSlash Linux are ceasing development due to time constraints and financial issues, respectively, It's FOSS reports. The Korora project is taking a sabbatical (the developers aren't saying how long that will be), and the BackSlash Linux distro is asking for donations to help get started again.

News Emacs GNOME Distributions KDE kernel Mobile Desktop
Categories: Linux News

Generating Good Passwords, Part II

Linux Journal - Tue, 05/29/2018 - 08:08
by Dave Taylor

Passwords. They're the bane of computer users and a necessary evil, but they have risks and challenges associated with them. None of the choices are great. If it's up to your memory, you'll end up using the same password again and again. Use a password manager like 1Password, and you're reliant on its database security and portability. Two-factor? Um, can I borrow your phone for a minute?

Still, having complex and random passwords is definitely more secure than having a favorite phrase or variation you've been using for years. You know what I mean, just own it; you've been using the same PIN and password forever, right?

Last time, I built a script that could produce a random character from one of a set of character sets. For example, a random uppercase letter can be produced like this:

uppercase="ABCDEFGHIJKLMNOPQRSTUVWXYZ" ${uppercase:$(( $RANDOM % ${#uppercase} )):1}

Add lowercase and a constrained set of punctuation and some rules on how many of each you want, and you can make some pretty complicated passwords. To start, let's just focus on a random sequence of n uppercase letters.

That's easily done:

while [ ${#password} -lt $length ] ; do letter=${uppers:$(( $RANDOM % ${#uppers} )):1} password="${password}$letter" done

Remember that the ${#var} notation produces the length of the current value of that variable, so this is an easy way to build up the $password variable until it's equal to the target length as specified in $length.

Here's a quick test run or two:

$ sh makepw.sh password generated = HDBYPMVETY password generated = EQKIQRCCZT password generated = DNCJMMXNHM

Looks great! Now the bigger challenge is to pick randomly from a set of choices. There are a couple ways to do it, but let's use a case statement, like this:

while [ ${#password} -lt $length ] ; do case $(( $RANDOM % 4 )) in 0 ) letter=${uppers:$(( $RANDOM % ${#uppers} )):1} ;; 1 ) letter=${lowers:$(( $RANDOM % ${#lowers} )):1} ;; 2 ) letter=${punct:$(( $RANDOM % ${#punct} )):1} ;; 3 ) letter=${digits:$(( $RANDOM % ${#digits} )):1} ;; esac password="${password}$letter" done

Since you're basically weighing upper, lower, digits and punctuation the same, it's not a huge surprise that the resultant passwords are rather punctuation-heavy:

$ sh makepw.sh password generated = 8t&4n=&b(B password generated = 5=B]9?CEqQ password generated = |1O|*;%&A;

These are all great passwords, impossible to guess algorithmically (and, yeah, hard to remember too, but that's an inevitable side effect of this kind of password algorithm).

Go to Full Article
Categories: Linux News

Privacy Plugins

Linux Journal - Mon, 05/28/2018 - 06:30
by Kyle Rankin

Protect yourself from privacy-defeating ad trackers and malicious JavaScript with these privacy-protecting plugins.

Although your phone is probably the biggest threat to your privacy, your web browser is a close second. In the interest of providing you targeted ads, the web is littered with technology that attempts to track each site you go to via a combination of cookies and JavaScript snippets. These trackers aren't just a privacy threat, they are also a security threat. Because of how ubiquitous these ad networks are, attackers have figured out ways to infiltrate some of them and make them serve up even more malicious code.

The good news is that a series of privacy plugins work well with Firefox under Linux. They show up as part of the standard list of approved add-ons and will help protect you against these kinds of threats. Many different privacy plugins exist, but instead of covering them all, in this article, I highlight some of my personal favorites—the ones I install on all of my browsers. Although I discuss these plugins in the context of Firefox, many of them also are available for other Linux browsers. Because all of these plugins are standard Firefox add-ons, you can install them through your regular Firefox add-on search panel.

Privacy Badger

The EFF has done a lot of work recently to improve privacy and security for average users online, and its Privacy Badger plugin is the first one I want to cover here. The idea behind Privacy Badger is to apply some of the tools from different plugins like AdBlock Plus, Ghostery and others that inspect third-party JavaScript on a page. When that JavaScript comes from a known tracking network or attempts to install a tracking cookie on your computer, Privacy Badger steps in and blocks it.

If so many other plugins do something similar, why re-invent the wheel with Privacy Badger? Well, the downside to many of the other tools is that they often require user intervention to tweak and tune. Although it's great for people who want to spend their time doing that, average users probably rather would spend their time actually browsing the web. Privacy Badger has focused on providing similar protection without requiring any special tweaking or tuning. As you browse the web, it keeps track of these different sites, and by observing their behavior, decides whether they are tracking you.

Go to Full Article
Categories: Linux News

Diversity, education, privilege and ethics in technology

Anarcat - Sat, 05/26/2018 - 11:48

This article is part of a series on KubeCon Europe 2018.

This is a rant I wrote while attending KubeCon Europe 2018. I do not know how else to frame this deep discomfort I have with the way one of the most cutting edge projects in my community is moving. I see it as a symptom of so many things wrong in society at large and figured it was as good a way as any to open the discussion regarding how free software communities seem to naturally evolved into corporate money-making machines with questionable ethics.

A white man groomed by a white woman

Diversity and education

There is often a great point made of diversity at KubeCon, and that is something I truly appreciate. It's one of the places where I have seen the largest efforts towards that goal; I was impressed by the efforts done in Austin, and mentioned it in my overview of that conference back then. Yet it is still one of the less diverse places I've ever participated in: in comparison, Pycon "feels" more diverse, for example. And then, of course, there's real life out there, where women constitute basically half the population, of course. This says something about the actual effectiveness diversity efforts in our communities.

4000 white men

The truth is that contrary to programmer communities, "operations" knowledge (sysadmin, SRE, DevOps, whatever it's called these days) comes not from institutional education, but from self-learning. Even though I have years of university training, the day to day knowledge I need in my work as a sysadmin comes not from the university, but from late night experiments on my personal computer network. This was first on the Macintosh, then on the FreeBSD source code of passed down as a magic word from an uncle and finally through Debian consecrated as the leftist's true computing way. Sure, my programming skills were useful there, but I acquired those before going to university: even there teachers expected students to learn programming languages (such as C!) in-between sessions.

Diversity program

The real solutions to the lack of diversity in our communities not only comes from a change in culture, but also real investments in society at large. The mega-corporations subsidizing events like KubeCon make sure they get a lot of good press from those diversity programs. However, the money they spend on those is nothing compared to tax evasion in their home states. As an example, Amazon recently put 7000 jobs on hold because of a tax the city of Seattle wanted to impose on corporations to help the homeless population. Google, Facebook, Microsoft, and Apple all evade taxes like gangsters. This is important because society changes partly through education, and that costs money. Education is how more traditional STEM sectors like engineering and medicine have changed: women, minorities, and poorer populations were finally allowed into schools after the epic social struggles of the 1970s finally yielded more accessible education. The same way that culture changes are seeing a backlash, the tide is turning there as well and the trend is reversing towards more costly, less accessible education of course. But not everywhere. The impacts of education changes are long-lasting. By evading taxes, those companies are keeping the state from revenues that could level the playing field through affordable education.

Hell, any education in the field would help. There is basically no sysadmin education curriculum right now. Sure you can follow a Cisco CCNA or MSCE private trainings. But anyone who's been seriously involved in running any computing infrastructure knows those are a scam: that will tie you down in a proprietary universe (Cisco and Microsoft, respectively) and probably just to "remote hands monkey" positions and rarely to executive positions.

Velocity

Besides, providing an education curriculum would require the field to slow down so that knowledge would settle down and trickle into a curriculum. Configuration management is pretty old, but because the changes in tooling are fast, any curriculum built in the last decade (or even less) quickly becomes irrelevant. Puppet publishes a new release every 6 month, Kubernetes is barely 4 years old now, and is changing rapidly with a ~3 month release schedule.

Here at KubeCon, Mark Zuckerberg's mantra of "move fast and break things" is everywhere. We call it "velocity": where you are going does not matter as much as how fast you're going there. At one of the many keynotes, Abby Kearns from the Cloud Foundry Foundation boasted at how Home Depot, in trying to sell more hammers than Amazon, is now deploying code to production multiple times a day. I am still unclear as whether this made Home Depot actually sell more hammers, or if it's something that we should even care about in the first place. Shouldn't we converge over selling less hammers? Making them more solid, reliable, so that they are passed down from generations instead of breaking and having to be replaced all the time?

Home Depot ecstasy

We're solving a problem that wasn't there in some new absurd faith that code deployments will naturally make people happier, by making sure Home Depot sells more hammers. And that's after telling us that Cloud Foundry helped the USAF save 600M$ by moving their databases to the cloud. No one seems bothered by the idea that the most powerful military in existence would move state secrets into a private cloud, out of the control of any government. It's the name of the game, at KubeCon.

USAF saves (money)

In his keynote, Alexis Richardson, CEO of Weaveworks, presented the toaster project as an example of what not to do. "He did not use any sourced components, everything was built from scratch, by hand", obviously missing the fact that toasters are deliberately not built from reusable parts, as part of the planned obsolescence design. The goal of the toaster experiment is also to show how fragile our civilization has become precisely because we depend on layers upon layers of parts. In this totalitarian view of the world, people are also "reusable" or, in that case "disposable components". Not just the white dudes in California, but also workers outsourced out of the USA decades ago; it depends on precious metals and the miners of Africa, the specialized labour of the factories and intricate knowledge of the factory workers in Asia, and the flooded forests of the first nations powering this terrifying surveillance machine.

Privilege

"Left to his own devices he couldn’t build a toaster. He could just about make a sandwich and that was it." -- Mostly Harmless, Douglas Adams, 1992

Staying in an hotel room for a week, all expenses paid, certainly puts things in perspectives. Rarely have I felt more privileged in my entire life: someone else makes my food, makes my bed, and cleans up the toilet magically when I'm gone. For me, this is extraordinary, but for many people at KubeCon, it's routine: traveling is part of the rock star agenda of this community. People get used to being served, both directly in their day to day lives, but also through the complex supply chain of the modern technology that is destroying the planet.

Nothing is like corporate nothing.

The nice little boxes and containers we call the cloud all abstract this away from us and those dependencies are actively encouraged in the community. We like containers here and their image is ubiquitous. We acknowledge that a single person cannot run a Kube shop because the knowledge is too broad to be possibly handled by a single person. While there are interesting collaborative and social ideas in that approach, I am deeply skeptical of its impact on civilization in the long run. We already created systems so complex that we don't truly know who hacked the Trump election or how. Many feel it was, but it's really just a hunch: there were bots, maybe they were Russian, or maybe from Cambridge? The DNC emails, was that really Wikileaks? Who knows! Never mind failing close or open: the system has become so complex that we don't even know how we fail when we do. Even those in the highest positions of power seem unable to protect themselves; politics seem to have become a game of Russian roulette: we cock the bot, roll the secret algorithm, and see what dictator will shoot out.

Ethics

All this is to build a new Skynet; not this one or that one, those already exist. I was able to pleasantly joke about the AI takeover during breakfast with a random stranger without raising as much as an eyebrow: we know it will happen, oh well. I've skipped that track in my attendance, but multiple talks at KubeCon are about AI, TensorFlow (it's opensource!), self-driving cars, and removing humans from the equation as much as possible, as a general principle. Kubernetes is often shortened to "Kube", which I always think of as a reference to the Star Trek Borg all mighty ship, the "cube". This might actually make sense given that Kubernetes is an open source version of Google's internal software incidentally called... Borg. To make such fleeting, tongue-in-cheek references to a totalitarian civilization is not harmless: it makes more acceptable the notion that AI domination is inescapable and that resistance truly is futile, the ultimate neo-colonial scheme.

"We are the Borg. Your biological and technological distinctiveness will be added to our own. Resistance is futile."

The "hackers" of our age are building this machine with conscious knowledge of the social and ethical implications of their work. At best, people admit to not knowing what they really are. In the worse case scenario, the AI apocalypse will bring massive unemployment and a collapse of the industrial civilization, to which Silicon Valley executives are responding by buying bunkers to survive the eventual roaming gangs of revolted (and now armed) teachers and young students coming for revenge.

Only the most privileged people in society could imagine such a scenario and actually opt out of society as a whole. Even the robber barons of the 20th century knew they couldn't survive the coming revolution: Andrew Carnegie built libraries after creating the steel empire that drove much of US industrialization near the end of the century and John D. Rockefeller subsidized education, research and science. This is not because they were humanists: you do not become an oil tycoon by tending to the poor. Rockefeller said that "the growth of a large business is merely a survival of the fittest", a social darwinist approach he gladly applied to society as a whole.

But the 70's rebel beat offspring, the children of the cult of Job, do not seem to have the depth of analysis to understand what's coming for them. They want to "hack the system" not for everyone, but for themselves. Early on, we have learned to be selfish and self-driven: repressed as nerds and rejected in the schools, we swore vengeance on the bullies of the world, and boy are we getting our revenge. The bullied have become the bullies, and it's not small boys in schools we're bullying, it is entire states, with which companies are now negotiating as equals.

The fraud

...but what are you creating exactly?

And that is the ultimate fraud: to make the world believe we are harmless little boys, so repressed that we can't communicate properly. We're so sorry we're awkward, it's because we're all somewhat on the autism spectrum. Isn't that, after all, a convenient affliction for people that would not dare to confront the oppression they are creating? It's too easy to hide behind such a real and serious condition that does affect people in our community, but also truly autistic people that simply cannot make it in the fast-moving world the magical rain man is creating. But the real con is hacking power and political control away from traditional institutions, seen as too slow-moving to really accomplish the "change" that is "needed". We are creating an inextricable technocracy that no one will understand, not even us "experts". Instead of serving the people, the machine is at the mercy of markets and powerful oligarchs.

A recurring pattern at Kubernetes conferences is the KubeCon chant where Kelsey Hightower reluctantly engages the crowd in a pep chant:

When I say 'Kube!', you say 'Con!'

'Kube!' 'Con!' 'Kube!' 'Con!' 'Kube!' 'Con!'

Cube Con indeed...

I wish I had some wise parting thoughts of where to go from here or how to change this. The tide seems so strong that all I can do is observe and tell stories. My hope is that the people that need to hear this will take it the right way, but I somehow doubt it. With chance, it might just become irrelevant and everything will fix itself, but somehow I fear things will get worse before they get better.

Categories: External Blogs

Weekend Reading: Ansible

Linux Journal - Sat, 05/26/2018 - 06:30
by Shawn Powers

I've written about and trained folks on various DevOps tools through the years, and although they're awesome, it's obvious that most of them are designed from the mind of a developer. There's nothing wrong with that, because approaching configuration management programmatically is the whole point. Still, it wasn't until I started playing with Ansible that I felt like it was something a sysadmin quickly would appreciate.

Part of that appreciation comes from the way Ansible communicates with its client computers—namely, via SSH. As sysadmins, you're all very familiar with connecting to computers via SSH, so right from the word "go", you have a better understanding of Ansible than the other alternatives.

With that in mind, I've written a few articles exploring how to take advantage of Ansible. It's a great system, but when I was first exposed to it, it wasn't clear how to start. It's not that the learning curve is steep. In fact, if anything, the problem was that I didn't really have that much to learn before starting to use Ansible, and that made it confusing. For example, if you don't have to install an agent program (Ansible doesn't have any software installed on the client computers), how do you start?

Ansible, Part I: the Automation Framework That Thinks Like a Sysadmin

How to get started with Ansible. Shawn tells us the reason Ansible was so difficult for him at first was because it's so flexible with how to configure the server/client relationship, he didn't know what he was supposed to do. The truth is that Ansible doesn't really care how you set up the SSH system; it will utilize whatever configuration you have. This article will get you set up.  

Ansible, Part II: Making Things Happen

Finally, an automation framework that thinks like a sysadmin. Ansible, you're hired.

Ansible is supposed to make your job easier, so the first thing you need to learn is how to do familiar tasks. For most sysadmins, that means some simple command-line work. Ansible has a few quirks when it comes to command-line utilities, but it's worth learning the nuances, because it makes for a powerful system.

Ansible, Part III: Playbooks

Playbooks make Ansible even more powerful than before.

Go to Full Article
Categories: Linux News

OpenSUSE 15 Leap Released, Facebook and Google Already Face GDPR Complaints, GNOME 3.29.2 and More

Linux Journal - Fri, 05/25/2018 - 07:29

News briefs for May 25, 2018.

OpenSUSE 15 Leap, the "project's latest non-rolling-release, enterprise-geared distribution", was released today. This new version "brings a new partitioner, makes use of Firewalld for its firewall, a new look, various new enterprise features, support for NextCloud, atomic updates support via Kubic, and much more. The GNOME version of openSUSE Leap 15 is also using Wayland by default while their KDE Plasma 5.12 LTS desktop continues using an X.org session default." For more details on all the new features, visit the OpenSUSE News site.

Facebook and Google are already facing GDPR complaints due to "forced consent". TechCrunch reports that Max Schrems has filed complaints against Facebook, Instagram, WhatsApp and Android. Regarding Facebook, Schrems commented "In the end users only had the choice to delete the account or hit the 'agree'-button—that's not a free choice, it more reminds of a North Korean election process."

If you have a NETGEAR router, see the security advisory for steps you can take to protect yourself against the VPNFilter malware.

GNOME 3.29.2 was released yesterday. This is the second unstable release in the 3.30 cycle and is primarily for testing and hacking.

GamingOnLinux reports that Paradox has confirmed its new game Imperator: Rome! will be supported for Linux.

News Distributions openSUSE Facebook Google GDPR GNOME gaming
Categories: Linux News

FOSS as a Part of a Corporate Sustainability Plan

Linux Journal - Fri, 05/25/2018 - 07:15
by VM Brasseur

Free and open-source software is a critical part of your company's supply chain. Here's why and how you can include it in your corporate sustainability plan.

In 1983 the United Nations convened a commission of 22 people to investigate the question of the worldwide environmental and social impact of human development. Four years later, in 1987, the commission released Our Common Future, more commonly known as the Brundtland Report in honour of Gro Harlem Brundtland, chairperson of the commission. This report detailed the very real socio-environmental issues facing humanity. One of its recommendations was for governments, organizations and companies to start engaging in what it called sustainable development. That is, "...development that meets the needs of the present without compromising the ability of future generations to meet their own needs".

Since then there's been steep growth in the number of corporations that maintain and operate according to a corporate sustainability plan. These plans encompass environmental as well as social aspects of doing business. They encompass actions within an organization—such as natural resource usage, diversity and inclusion, and fair treatment of employees—as well as those external to the organization—such as the sustainability operations of their entire supply chain as well as the overall impact the corporation has on the Earth and its inhabitants.

The Benefits of Sustainability

A sustainability plan impacts every facet of an organization's operations and can take a fair bit of effort to implement and maintain. If that's the case, why are more corporations putting these plans into action every year? While it would be nice to think that this occurs for entirely altruistic reasons—taking care of the Earth and its inhabitants is simply the right thing to do, after all—the fact of the matter is that studies repeatedly show that properly implemented corporate sustainability plans are very good for the bottom line.

Go to Full Article
Categories: Linux News

RIP Robin "Roblimo" Miller

Linux Journal - Thu, 05/24/2018 - 11:19
by Carlie Fairchild

Linux Journal has learned fellow journalist and long-time voice of the Linux community Robin "Roblimo" Miller has passed away. Miller was perhaps best known by the community for his role as Editor in Chief of Open Source Technology Group, the company that owned Slashdot, SourceForge.net, freshmeat, Linux.com, NewsForge, and ThinkGeek from 2000 to 2008. He went on to write and do video interviews for FOSS Force, penned articles for several publications, and authored three books, The Online Rules of Successful Companies, Point & Click Linux!, and Point & Click OpenOffice.org, all published by Prentice Hall.

As Marcel Gagne so perfectly summarized, "Robin was one of those people who could make you laugh while teaching you a thing or two."

Roblimo, you will be missed. 

Go to Full Article
Categories: Linux News

An FUQ for the GDPR

Linux Journal - Thu, 05/24/2018 - 09:49
by Doc Searls

Today is Privmas Eve: the day before Privmas, aka GDPR Day: the one marked red on the calendars of every company in the world holding an asset the GDPR has suddenly made toxic: personal data. The same day—25 May—should be marked green for everyone who has hated the simple fact that harvesting personal data from everybody on the internet has been too damned easy for too damned long for too damned many companies, and governments too.

Whether you like the GDPR or not (and there are reasons for both, which we'll get into shortly), one thing it has done for sure is turn privacy into Very Big Deal. This is good, because we've had damned little of it on the internet and now we're going to get a lot more. That's worth celebrating, everybody. Merry Privmas! 

To help with that, and because 99.99x% of GDPR coverage is about what it means for the fattest regulatory targets (Facebook, Google, et al.), here's an FUQ: Frequently Unasked (or Unanswered) Questions about the GDPR and what it means for you, me and everybody else who wants to keep personal data personal—or to get back personal data those data farmers have already harvested. (The GDPR respects both.)

A note before we begin: this is a work in progress. It's what we know about what's now possible in a world changed by the GDPR. And "we" includes everybody. If you want to help, weigh in. Here goes...

Bottom line, what does the GDPR mean for the "natural persons" it also calls "data subjects"?

It means we're in charge now: at least of ourselves—and of our sides of relationships with the corporate entities we deal with.

No, the GDPR doesn't say that specifically, but both the letter and the spirit of the GDPR respect privacy as a fundamental human right. Since rights are something we exercise as individuals, and not just a something good corporate behavior allows us to enjoy, we should be able to provide it for ourselves as well.

Don't we have enough privacy tools already with crypto, onion routing, VPNs and so on?

No, we don't.

Those are all forms of protection against exploitation by others. We need tools that create private spaces around us on the net, much as clothing (the original privacy tech) does for us in the natural world. We need ways to signal to others what's okay and what's not okay, and to know easily when those signals are being respected and when they are not. We need ways to move about the net anonymously, and to submit identifiers only on a need to know basis, and then in ways we control.

Go to Full Article
Categories: Linux News
Syndicate content