Skip to main content

Feed aggregator

Five Trends Influencing Linux's Growth at the Endpoint

Linux Journal - Wed, 12/26/2018 - 08:00
by Jeff Kalberg

A recent IDC InfoBrief identified Linux as the only endpoint operating system growing globally. While Windows market share remains flat, at 39% in 2015 and 2017, Linux has grown from 30% in 2015 to 35% in 2017, worldwide. And the trend is accelerating.

Considering everywhere that systems built around the Linux kernel are used, we quickly realize that Linux is the most dominating operating system in the comparatively brief history of computer technology. Information systems have changed dramatically since August 1991 when Linus Torvalds announced, “I'm doing a (free) operating system (just a hobby, won't be big like gnu) for 386(486) AT clones.” With all due respect to the icons of open source, Linus is without question the Nicolas Tesla of information technology.

The influence of Linux boggles the mind—smartphones, televisions, digital video recorders, airline entertainment systems, automobile control systems, digital signage, routers, switches and, of course, the desktop operating system for the one percent, which in this case are those of us who run a Linux distro as their core OS.

Why Linux?

Although the “Which is the better operating system: Microsoft Windows or a Linux-based OS?” debate is as popular as ever these days, in truth, Linux has won the war. If there is any doubt, consider the influence of the Linux-based Android operating system (and its UNIX-based Apple brethren) to that of Microsoft Windows. Windows still has a place in our lives, but only because of the large volume of core applications that require a Windows OS. This will not always be the case, and to Microsoft’s credit, it has seen the future, and the future is Linux.

Over the past ten years, Microsoft has been enabling Linux and open-source technology. In July 2009, Microsoft quietly contributed 22,000 lines of source code to the Linux kernel under the GPLv2 license. Without a doubt, Microsoft’s motives were self-serving; it needed to ensure that Windows and Linux would interoperate well into the future. Microsoft achieved this goal when its code was accepted by the Linux kernel developers.

In more recent years, Microsoft has continued to embrace Linux. Microsoft supports Linux-based operating systems running on its Hyper-V hypervisor and Microsoft Azure, which uses Linux-based components and supports Linux OS guests. Microsoft ported SQL Server to Linux, albeit for internal use, and has made it available publicly. And by developing the Windows Subsystem for Linux, Microsoft made it possible to run Linux application workloads on Windows Server.

Go to Full Article
Categories: Linux News

Linux 4.20 and GNU Linux-libre 4.20-gnu Released, Darktable 2.6 Now Available, New Version of SuperTux and GDB 8.2.1 Is Out

Linux Journal - Mon, 12/24/2018 - 10:04

News briefs for December 24, 2018.

Linux 4.20 was released yesterday. Of the release, Linux Torvalds writes, "let's face it, last week wasn't quite as quiet as I would have hoped for, but there really doesn't seem to be any point to delay 4.20 because everybody is already taking a break. And it's not like there are any known issues, it's just that the shortlog below is a bit longer than I would have wished for. Nothing screams "oh, that's scary", though."

GNU Linux-libre 4.20-gnu is also now available. Links to sources and tarballs are here.

Darktable 2.6 was released today. Phoronix reports that this new version of the open-source RAW photography workflow software includes experimental PowerPC PPC64LE support and "also brings a number of new modules around handling of duplicate images, allowing changes based on image frequency layers, new logarithm controls for the tone curve, ProPhotoRGB and HSL modes for the color balance module, and a lot more." See also the GitHub page for more details.

The SuperTux team recently announced the release of version 0.6.0 of the game, which comes after almost two years of development. Changes include a "complete redesign of the icy world and forest", a revamp of the rendering engine, support for OpenGL 3.3 Core as well as OpenGL ES 2.0 and more. Source tarballs and builds are available on the Downloads page or via GitHub.

GDB 8.2.1 was released yesterday. This version of the GNU Debugger brings lots of fixes and enhancement. For the complete list, see the gdb/NEWS file. You can download GDB from the GNU FTP server.

News kernel GNU Linux Darktable SuperTux gaming GDB
Categories: Linux News

Weekend Reading: Cloud

Linux Journal - Sat, 12/22/2018 - 07:30
by Carlie Fairchild

The cloud has become synonymous with all things data storage. It additionally equates to the many web-centric services accessing that same back-end data storage, but the term also has evolved to mean so much more.

This weekend join us as we explore the cloud.

CloudWatch Is of the Devil, but I Must Use It

by Corey Quinn

Let's talk about Amazon CloudWatch.

Everything You Need to Know about the Cloud and Cloud Computing, Part I

by Petros Koutoupis

An in-depth breakdown of the technologies involved in making up the cloud and a survey of cloud-service providers.

Everything You Need to Know about the Cloud and Cloud Computing, Part II: Using the Cloud

by Petros Koutoupis

How to get started with AWS, install Apache, create an EFS volume and much more.

The Agony and the Ecstasy of Cloud Billing

by Corey Quinn

Cloud billing is inherently complex; it's not just you.

Nextcloud 13: How to Get Started and Why You Should

by Marco Fioretti

In its simplest form, the Nextcloud server is "just" a personal, free software alternative to services like Dropbox or iCloud. You can set it up so your files are always accessible via the internet, from wherever you are, and share them with your friends. However, Nextcloud can do so much more.

Simple Cloud Hardening

by Kyle Rankin

Apply a few basic hardening principles to secure your cloud environment.  

Vendor Lock-in: Now in the Cloud!

by Kyle Rankin

Go to Full Article
Categories: Linux News

December 2018 report: archiving Brazil, calendar and LTS

Anarcat - Fri, 12/21/2018 - 14:40
Last two months free software work

Keen readers probably noticed that I didn't produce a report in November. I am not sure why, but I couldn't find the time to do so. When looking back at those past two months, I didn't find that many individual projects I worked on, but there were massive ones, of the scale of archiving the entire government of Brazil or learning the intricacies of print media, both of which were slightly or largely beyond my existing skill set.

Calendar project

I've been meaning to write about this project more publicly for a while, but never found the way to do so productively. But now that the project is almost over -- I'm getting the final prints today and mailing others hopefully soon -- I think this deserves at least a few words.

As some of you might know, I bought a new camera last January. Wanting to get familiar with how it works and refresh my photography skills, I decided to embark on the project of creating a photo calendar for 2019. The basic idea was simple: take pictures regularly, then each month pick the best picture of that month, collect all those twelve pictures and send that to the corner store to print a few calendars.

Simple, right?

Well, twelve pictures turned into a whopping 8000 pictures since January, not all of which were that good of course. And of course, a calendar has twelve months -- so twelve pictures -- but also a cover and a back, which means thirteen pictures and some explaining. Being critical of my own work, it turned out that finding those pictures was sometimes difficult, especially considering the medium imposed some rules I didn't think about.

For example, the US Letter paper size imposes a different ratio (1.29) than the photographic ratio (~1.5) which means I had to reframe every photograph. Sometimes this meant discarding entire ideas. Other photos were discarded because too depressing even if I found them artistically or journalistically important: you don't want to be staring at a poor kid distressed at going into school every morning for an entire month. Another advice I got was to forget about sunsets and dark pictures, as they are difficult to render correctly in print. We're used to bright screens displaying those pictures, paper is a completely different feeling. Having a good vibe for night and star photography, this was a fairly dramatic setback, even though I still did feature two excellent pictures.

Then I got a little carried away. At the suggestion of a friend, I figured I could get rid of the traditional holiday dates and replace them with truly secular holidays, which got me involved in a deep search for layout tools, which in turn naturally brought me to this LaTeX template. Those who have worked with LaTeX (or probably any professional layout tool) know what's next: I spent a significant amount of time perfecting the rendering and crafting the final document.

Slightly upset by the prices proposed by the corner store (15$CAD/calendar!), I figured I could do better by printing on my own, especially encouraged by a friend who had access to a good color laser printer. I then spent multiple days (if not weeks) looking for the right paper, which got me in the rabbit hole of paper weights, brightness, texture, and more. I'll just say this: if you ever thought lengths were ridiculous in the imperial system, wait until you find out how you find out about how paper weights work. I finally managed to find some 270gsm gloss paper at the corner store -- after looking all over town, it was right there -- and did a first print of 15 calendars, which turned into 14 because of trouble with jammed paper. Because the printer couldn't do recto-verso copies, I had to spend basically 4 hours tending to that stupid device, bringing my loathing of printers (the machines) and my respect for printers (the people) to an entirely new level.

The time spent on the print was clearly not worth it in the end, and I ended up scheduling another print with a professional printer. The first proof are clearly superior to the ones I have done myself and, in retrospect, completely worth the 15$ per copy.

I still haven't paid for my time in any significant way on that project, something I seem to excel at doing consistently. The prints themselves are not paid for, but my time in producing those photographs is not paid either, which clearly outlines my future as a professional photographer, if any, lie far away from producing those silly calendars, at least for now.

More documentation on the project is available, in french, in calendrier-2019. I am also hoping to eventually publish a graphical review of the calendar, but for now I'll leave that for the friends and family who will receive the calendar as a gift...

Archival of Brasil

Another modest project I embarked on was a mission to archive the government of Brazil following the election the infamous Jair Bolsonaro, dictatorship supporter, homophobe, racist, nationalist and christian freak that somehow managed to get elected president of Brazil. Since he threatened to rip apart basically the entire fabric of Brazilian society, comrades were worried that he might attack and destroy precious archives and data from government archives when he comes in power, in January 2019. Like many countries in Latin America that lived under dictatorships in the 20th century, Brazil made an effort to investigate and keep memory of the atrocities that were committed during those troubled times.

Since I had written about archiving websites, those comrades naturally thought I could be of use, so we embarked on a crazy quest to archive Brazil, basically. We tried to create a movement similar to the Internet Archive (IA) response to the 2016 Trump election but were not really successful at getting IA involved. I was, fortunately, able to get the good folks at Archive Team (AT) involved and we have successfully archived a significant number of websites, adding terabytes of data to the IA through the backdoor that is AT. We also ran a bunch of archival on a special server, leveraging tools like youtube-dl, git-annex, wpull and, eventually, grab-site to archive websites, social network sites and video feeds.

I kind of burned out on the job. Following Brazilian politics was scary and traumatizing - I have been very close to Brazil folks and they are colorful, friendly people. The idea that such a horrible person could come into power there is absolutely terrifying and I kept on thinking how disgusted I would be if I would have to archive stuff from the government of Canada, which I do not particularly like either... This goes against a lot of my personal ethics, but then it beats the obscurity of pure destruction of important scientific, cultural and historical data.

Miscellaneous

Considering the workload involved in the above craziness, the fact that I worked on less project than my usual madness shouldn't come as a surprise.

  • As part of the calendar work, I wrote a new tool called moonphases which shows a list of moon phase events in the given time period, and shipped that as part of undertime 1.5 for lack of a better place.

  • AlternC revival: friends at Koumbit asked me for source code of AlternC projects I was working on. I was disappointed (but not surprised) that upstream simply took those repositories down without publishing an archive. Thankfully, I still had SVN checkouts but unfortunately, those do not have the full history, so I reconstructed repositories based on the last checkout that I had for alternc-mergelog, alternc-stats, and alternc-slavedns.

  • I packaged two new projects into Debian, bitlbee-mastodon (to connect to the new Mastodon network over IRC) and python-internetarchive (a command line interface to the IA upload forms)

  • my work on archival tools led to a moderately important patch in pywb: allow symlinking and hardlinking files instead of just copying was important to manage multiple large WARC files along with git-annex.

  • I also noticed the IA people were using a tool called slurm to diagnose bandwidth problems on their networks and implemented iface speed detection on Linux while I was there. slurm is interesting, but I also found out about bmon through the hilarious hollywood project. Each has their advantages: bmon has packets per second graphs, while slurm only has bandwidth graphs, but also notices maximal burst speeds which is very useful.

Debian Long Term Support (LTS)

This is my monthly Debian LTS report. Note that my previous report wasn't published on this blog but on the mailing list.

Enigmail / GnuPG 2.1 backport

I've spent a significant amount of time working on the Enigmail backport for a third consecutive month. I first published a straightforward backport of GnuPG 2.1 depending on the libraries available in jessie-backports last month, but then I actually rebuilt the dependencies as well and sent a "HEADS UP" to the mailing list, which finally got peoples' attention.

There are many changes bundled in that possible update: GnuPG actually depends on about half a dozen other libraries, mostly specific to GnuPG, but in some cases used by third party software as well. The most problematic one is libgcrypt20 which Emilio Pozuelo Monfort said included tens of thousands of lines of change. So even though I tested the change against cryptsetup, gpgme, libotr, mutt and Enigmail itself, there are concerns that other dependencies that merit more testing as well.

This caused many to raise the idea of aborting the work and simply marking Enigmail as unsupported in jessie. But Daniel Kahn Gillmor suggested this should also imply removing Thunderbird itself from jessie, as simply removing Enigmail will force people to use the binaries from Mozilla's add-ons service. Gillmor explained those builds include a OpenPGP.js implementation of dubious origin, which is especially problematic considering it deals with sensitive private key material.

It's unclear which way this will go next. I'm taking a break of this issue and hope others will be able to test the packges. If we keep on working on Enigmail, the next step will be to re-enable the dbg packages that were removed in the stretch updates, use dh-autoreconf correctly, remove some mingw pacakges I forgot and test gcrypt like crazy (especially the 1.7 update). We'd also update to the latest Enigmail, as it fixes issues that forced the Tails project to disable autocrypt because of weird interactions that make it send cleartext (instead of encrypted) mail in some cases.

Automatic unclaimer

My previous report yielded an interesting discussion around my work on the security tracker, specifically the "automatic unclaimer" designed to unassign issues that are idle for too long. Holger Levsen, with his new coordinator hat, tested the program and found many bugs and missing features, which I was happy to implement. After many patches and back and forth, it seems the program is working well, although it's ran by hand by the coordinator.

DLA website publication

I took a look at various issues surrounding the publication of LTS advisories on the main debian.org website. While normal security advisories are regularly published on debian.org/security about 500+ DLAs are missing from the website, mainly because DLAs are not automatically imported.

As it turns out, there is a script called parse-dla.pl that is designed to handle those entries but for some reason, they are not imported anymore. So I got to work to import the backlog and make sure new entries are properly imported.

Various fixes for parse-dla.pl were necessary to properly parse messages both from the templates generated by gen-DLA and the existing archives correctly. then I tested the result with two existing advisories, which resulted in two MR on the webml repo: add data for DLA-1561 and add dla-1580 advisory. I requested and was granted access to the repo, and eventually merged my own MRs after a review from Levsen.

I eventually used the following procedure to test importing the entire archive:

rsync -vPa master.debian.org:/home/debian/lists/debian-lts-announce . cd debian-lts-announce xz -d \*.xz cat \* > ../giant.mbox mbox2maildir ../giant.mbox debian-lts-announce.d for mail in debian-lts-announce.d/cur/\*; do ~/src/security-tracker/./parse-dla.pl $mail; done

This lead to 82 errors on an empty directory, which is not bad at all considering the amount of data processed. Of course, there many more errors in the live directory as many advisories were already present. In the live directory, this resulted in 2431 new advisories added to the website.

There were a few corner cases:

  • The first month or so didn't use DLA identifiers and many of those were not correctly imported even back then.

  • DLA-574-1 was a duplicate, covered by the DLA-574-2 regression update. But I only found the Imagemagick advisory - it looks like the qemu one was never published.

  • Similarly, the graphite2 regression was never assigned a real identifier.

  • Other cases include for example DLA-787-1 which was sent twice and the DLA-1263-1 duplicate, which was irrecuperable as it was never added to data/DLA/list

Those special cases will all need to be handled by an eventual automation of this process, which I still haven't quite figured out. Maybe a process similar to the unclaimer will be followed: the coordinator or me could add missing DLAs until we streamline the process, as it seems unlikely we will want to add more friction to the DLA release by forcing workers to send merge requests to the web team, as that will only put more pressure on the web team...

There are also nine advisories missing from the mailing list archive because of a problem with the mailing list server at that time. We'll need to extract those from people's email archives, which I am not sure how to coordinate at this point.

PHP CVE identifier confusion

I have investigated CVE-2018-19518, mistakenly identified as CVE-2018-19158 in various places, including upstream's bugtracker. I requested the latter erroneous CVE-2018-19158 to be retired to avoid any future confusion. Unfortunately, Mitre indicated the CVE was already in "active use for pre-disclosure vulnerability coordination", which made it impossible to correct the error at that level.

I've instead asked upstream to correct the metadata in their tracker but it seems nothing has changed there yet.

Categories: External Blogs

Android vs iOS: Which spies on you more?

Linux Journal - Fri, 12/21/2018 - 12:03

Please support Linux Journal by subscribing or becoming a patron.

Which mobile operating system spies on you the most? Android or iOS? In other words: Does a Google-powered Android phone or an Apple iPhone spend more time collecting and sending details about you (location, etc.) to company servers?

Categories: Linux News

KStars v3.0.0 Now Available, Malware Targeting IoT Devices Is Growing, Enhanced Privacy Settings for Mozilla's Latest Firefox Focus, Coreboot 4.9 Released and Pivotal Announces Pivotal Cloud Foundry Platform Version 2.4

Linux Journal - Fri, 12/21/2018 - 09:30

News briefs for December 21, 2018.

KStars v3.0.0 was released today after four months of development. Jasem's Ekosphere blog post lists all the new features including the XPlanet Solar System View developed by Robert Lancaster, significant improvements to FITS viewer GUI, scheduler improvements and more.

Malware targeting IoT devices is growing. BetaNews reports that according to McAfee Labs, "new malware targeting IoT devices grew 72 percent with total malware growing 203 percent in the last four quarters". The growth is partly attributed to devices being harnessed for cryptomining. See the McAfee Labs Threats Report, December 2018 for all the details.

Mozilla announces the latest release of Firefox Focus, introducing enhanced privacy settings. According to the Mozilla blog, "You can choose to block all cookies on a website, no cookies at all—the default so far—third party cookies or only 3rd party tracking cookies as defined by Disconnect's Tracking Protection list. If you go with the latter option, which is new to Firefox Focus and also the new default, cross-site tracking will be prevented." You can get the latest version of Firefox Focus from Google Play and in the App Store.

Coreboot 4.9 was released this week sporting more than 2,600 changes and ports to 56 new motherboards. According to Phoronix, Coreboot 4.9 "features a number of code clean-ups to the different motherboard ports and all over, the Coreboot documentation is now hosted within the repository, the Intel FSP binaries are now integrated within the build system, and a number of older boards have been deprecated". See the release notes for more details.

Pivotal yesterday announced the release of version 2.4 of its Pivotal Cloud Foundry (PCF) platform, which is a commercial distribution, based on the open-source Cloud Foundry project. New to this version, according to eWeek is "zero downtime updates for application deployments, enabling organizations to roll out upgrades without downtime. PCF 2.4 also introduces a new compliance scanner in beta that will enable organizations to validate that the configuration of PCF deployments meets best practices".

News KStars Astronomy KDE IOT Security Mozilla Privacy coreboot Cloud Cloud Foundry Pivotal
Categories: Linux News

CI/CD and the New Generation of Software Delivery: an Interview with Harness

Linux Journal - Fri, 12/21/2018 - 08:15
by Petros Koutoupis

Continuous integration and continuous delivery (CI/CD) is all the rage in the modern world of software development. But actually what is this pipeline process? It's a method or set of principles for which development teams implement and deliver code more frequently and reliably.

Continuous integration embodies a coding philosophy and set of practices propelling teams to implement small and frequent code changes into version control repositories, while the continuous delivery picks up where the CI ends and automates the application's delivery

Many platforms, such as Jenkins and CircleCI, exist to help companies and teams streamline the development and integration of their software stacks, but not much exists in the way of easing and automating the process of delivery. And with what does exist, the solutions tend to fall short with features and functionality, or they are overly complicated to configure in the first place.

This is where Harness comes into the picture. Harness produces the industry's very first Continuous Delivery-as-a-Service platform. Using machine learning, it simplifies and automates the entire CD process. Steve Burton, VP of marketing at Harness, recently took the time to share more details with me.

Petros Koutoupis: Please introduce yourself to our readers.

Steve Burton: While officially the VP of marketing, I am a DevOps Evangelist over at Harness. What this means is that I do a little bit of everything. While most of my career has been in product management and marketing, I stepped out of the university with a bachelor's degree in computer science and an initial career in Java development (ca. 2004 at Sapient), working on large-scale enterprise J2EE implementations. Prior to Harness, I did geek stuff at AppDynamics, Moogsoft and Glassdoor. And when not knee-deep in take, I enjoy spending my time watching F1 and researching cars on the web.

PK: What is Harness?

SB: We provide Continuous Delivery as-a-Service. It's the CD bit of the CI/CD equation that helps customers automate how their software is deployed and delivered to end users in production.

We basically allow customers to move fast without breaking things, so they can increase developer velocity without the risk of downtime or failure.

PK: What problem or problems does Harness solve?

SB: Developers are under tremendous pressure to deliver applications to production, fast and with zero error. It's a constant pain, one that I personally dealt with as a former Java developer. Our founders had also seen this challenge firsthand, and that's why they started Harness.

Go to Full Article
Categories: Linux News

Qt Announces Qt for Python, All US Publications from 1923 to Enter the Public Domain in 2019, Red Hat Chooses Team Rubicon for Its 2018 Corporate Donation, SUSE Linux Enterprise 15 SP1 Released and Microsoft Announces Open-Source "Project Mu"

Linux Journal - Thu, 12/20/2018 - 10:24

News briefs for December 20, 2018.

Qt introduces Qt for Python. This new offering allows "Python developers to streamline and enhance their user interfaces while utilizing Qt's world-class professional support services". According to the press release, "With Qt for Python, developers can quickly and easily visualize the massive amounts of data tied to their Python development projects, in addition to gaining access to Qt's world-class professional support services and large global community." To download Qt for Python, go here.

As of January 1, 2019, all works published in the US in 1923 will enter the public domain. The Smithsonian reports that it's been "21 years since the last mass expiration of copyright in the U.S." The article continues: "The release is unprecedented, and its impact on culture and creativity could be huge. We have never seen such a mass entry into the public domain in the digital age. The last one—in 1998, when 1922 slipped its copyright bond—predated Google. 'We have shortchanged a generation,' said Brewster Kahle, founder of the Internet Archive. 'The 20th century is largely missing from the internet.'"

Red Hat chooses Team Rubicon for its 2018 US corporate holiday donation. The $75,000 donation will "will contribute to the organization's efforts to provide emergency response support to areas devastated by natural disasters." From Red Hat's announcement: "By pairing the skills and experiences of military veterans with first responders, medical professionals and technology solutions, Team Rubicon aims to provide the greatest service and impact possible. Since its inception following the 2010 Haiti earthquake, Team Rubicon has launched more than 310 disaster response operations in the U.S. and across the world—including 86 in 2018 alone."

SUSE Linux Enterprise 15 Service Pack 1 Beta 1 is now available. Some of the changes include Java 11 is now the default JRE, libqt was updated to 5.9.7, LLVM was updated to version 7, and much more. According to the announcement, "roughly 640 packages have been touched specifically for SP1, in addition to packages updated with Maintenance Updates since SLE 15." See the release notes for more information.

Microsoft yesterday announced "Project Mu" as an open-source UEFI alternative to TianoCore. Phoronix reports that "Project Mu is Microsoft's attempt at 'Firmware as a Service' delivered as open-source. Microsoft developed Project Mu under the belief that the open-source TianoCore UEFI reference implementation is 'not optimized for rapid servicing across multiple product lines.'" See also the Microsoft blog for details.

News qt python Copyright public domain Red Hat SUSE Microsoft UEFI
Categories: Linux News

Removing Duplicate PATH Entries: Reboot

Linux Journal - Thu, 12/20/2018 - 08:00
by Mitch Frazier

 

In my first post on removing duplicate PATH entries I used an AWK one-liner. In the second post I used a Perl one-liner, or more accurately, I tried to dissect a Perl one-liner provided by reader Shaun. Shaun had asked that if I was willing to use AWK (not Bash), why not use Perl? It occurred to me that one might also ask: why not just use Bash? So, one more time into the void.

Go to Full Article
Categories: Linux News

Lessons in Vendor Lock-in: Messaging

Linux Journal - Wed, 12/19/2018 - 09:08
by Kyle Rankin

Is messaging really so complicated that you need five different messaging apps on your phone? Discover the reasons behind messaging vendor lock-in.

One of the saddest stories of vendor lock-in is the story of messaging. What makes this story sad is that the tech industry has continued to repeat the same mistakes and build the same proprietary systems over the last two decades, and we as end users continue to use them. In this article, I look at some of the history of those mistakes, the lessons we should have learned and didn't, and the modern messaging world we find ourselves in now. Along the way, I offer some explanations for why we're in this mess.

The First Wave

My first exposure to instant messaging was in the late 1990s. This was the era of the first dotcom boom, and it seemed like every internet company wanted to be a portal—the home page for your browser and the lens through which you experienced the web and the rest of the internet. Each of these portals created instant messengers of their own as offshoots of group chat rooms, such as AOL Instant Messenger (AIM), Yahoo Chat and MSN chat among others. The goal of each of them was simple: because you had to register an account with the provider to chat with your friends, once a service had a critical mass of your friends, you were sure to follow along so you wouldn't be left out.

My friends ended up using ICQ, so I did too. Unlike some of the others, ICQ didn't have a corresponding portal or internet service. It focused only on instant messaging. This service had its heyday, and for a while, it was the main instant messenger people used unless they were already tied in to another IM service from their internet portal.

The nice thing about ICQ, unlike some of the other services at the time, was that it didn't go to great effort to obscure its API and block unauthorized clients. This meant that quite a few Linux ICQ clients showed up that worked pretty well. Linux clients emerged for the other platforms too, but it seemed like once or twice a year, you could count on an outage for a week or more because the upstream messaging network decided to change the API to try to block unauthorized clients.

Proprietary APIs

Why did the networks want to block unauthorized clients? Simple: instant-messaging networks always have been about trends. One day, you're the popular IM network, and then the next day, someone else comes along. Since the IM network tightly controlled the client, it meant that as a user, you had to make sure all of your friends had accounts on that network. If a new network cropped up that wanted to compete, the first thing it had to do was make it easy for users to switch over. This meant offering compatibility with an existing IM network, so you could pull over your existing buddy list and chat with your friends, knowing that eventually some of them might move over to this new network.

Go to Full Article
Categories: Linux News

Linux Mint 19.1 "Tessa" Cinnamon Now Available, VirtualBox 6.0 Officially Released, Facebook's Data-Sharing Deals, Purism's Librem 5 Dev Kits Shipping and Open Compute Project's Future Technologies Symposium Call for Poster Submissions

Linux Journal - Wed, 12/19/2018 - 08:33

News briefs for December 19, 2018.

Linux Mint 19.1 "Tessa" Cinnamon was released today. This is a long-term support release, which will be supported until 2023. New features include a brand-new panel layout, the Nemo file manager is three times faster than before, a "huge number of upstream changes were ported from the GNOME project" and much more. Read about all the new features here and download here.

VirtualBox 6.0 has been officially released. This is a major update with tons of new features including support for exporting a virtual machine to Oracle Cloud Infrastructure, a major rework of the user interface, a new file manager, major update of 3D graphics support for Windows guests and much more. See the Changelog for the full list of new features and fixes, and visit the Downloads page for links to VirtualBox binaries and source code.

Facebook provided other companies—such as Microsoft, Amazon and Spotify—far greater access to its users' private data than it previously has disclosed. The New York Times obtained hundreds of pages of records showing the extent of the data-sharing practices. NYT reports that "Facebook allowed Microsoft's Bing search engine to see the names of virtually all Facebook users' friends without consent, the records show, and gave Netflix and Spotify the ability to read Facebook users' private messages." The Times article also notes that the deals benefited more than 150 companies, and that the applications "sought the data of hundreds of millions of people a month, the records show. The deals, the oldest of which date to 2010, were all active in 2017. Some were still in effect this year."

Purism's Librem 5 dev kits are shipping, and backers should receive their dev kits before the end of the year. The Purism blog post notes that "Our backers who are receiving the dev kits will also have access to a Matrix channel for dev kit owners. This channel will be staffed by our engineering team who will be on hand to answer questions, work with the community on merge requests, and be available for those who are using the dev kits. But by no means is this an exclusive channel and all of you are welcome to join in as well! Please reach out to info@puri.sm if you are interested in being added to the group." In addition, the Librem 5's early-bird price of $599 ends January 7th, and the preorder price will increase to $699 to help fund further engineering of the phone and upstream projects.

The Open Compute Project announces Future Technologies Symposium to be held at the 2019 OCP Global Summit in San Jose, California and invites students and researchers from around the world to submit posters. Draft submissions are due January 31, 2019. The theme for this year is "Open Together" and the announcement says "We welcome submissions in computer storage, networking, or any of the OCP project tracks; as well as those which are multi-disciplinary and cover leading technology solutions, such as edge computing." See the OCP Symposium website for more information.

News Linux Mint VirtualBox Facebook Privacy Purism Librem Open Compute Project
Categories: Linux News

Purism Introduces "It's a Secure Life" Bundle Sale, Wave Computing Open-Sourcing MIPS, Red Hat Announces Long-Term Commercial Support for OpenJDK on Microsoft Windows, ArchLabs 2018.12 Now Available and RawTherapee 5.5 Released

Linux Journal - Tue, 12/18/2018 - 09:50

News briefs for December 18, 2018.

Purism is introducing "It's a Secure Life" bundles from now until January 6. The bundles are 15%–18& off, and they can be made up of different combinations of the Librem 5 smartphone (preorder), the Librem 15 laptop and the Librem Key.

Wave Computing announced yesterday it plans to open-source its MIPS instruction set architecture to "accelerate the ability for semiconductor companies, developers and universities to adopt and innovate using MIPS for next-generation system-on-chip (SoC) designs". According to the announcement, "Under the MIPS Open program, participants will have full access to the most recent versions of the 32-bit and 64-bit MIPS ISA free of charge—with no licensing or royalty fees. Additionally, participants in the MIPS Open program will be licensed under MIPS' hundreds of existing worldwide patents."

Red Hat this morning announced long-term commercial support for OpenJDK on Microsoft Windows. In addition to supporting OpenJDK builds on RHEL, this support will further enable "organizations to standardize the development and deployment of Java applications throughout the enterprise with a flexible, powerful and open alternative to proprietary Java platforms".

The ArchLabs 2018.12 release is now available. It's been six months since the last release, and this version has done away with the live environment, so when you start the USB install, you are thrown straight into the installer. According to the announcement, "Instructions on how to start the installer are right there. No need for passwords with this live USB either." Other changes include Aurman has been replaced with a new homegrown AUR helper called Baph, the package repo has been updated and installing ArchLabs should be easier than ever. You can download it from here.

RawTherapee 5.5 has been released. This new version of the open-source RAW photo editor has several new features, including a new Shadows/Highlights tool, improved support for Canon mRaw format variants, unbounded processing, new color toning methods and more. You can get the new version via your package manager or visit the download page.

News Purism Librem MIPS open source Red Hat Windows OpenJDK Java ArchLabs Linux Photography RawTherapee
Categories: Linux News

Sharing Docker Containers across DevOps Environments

Linux Journal - Tue, 12/18/2018 - 08:00
by Todd A. Jacobs

Docker provides a powerful tool for creating lightweight images and containerized processes, but did you know it can make your development environment part of the DevOps pipeline too? Whether you're managing tens of thousands of servers in the cloud or are a software engineer looking to incorporate Docker containers into the software development life cycle, this article has a little something for everyone with a passion for Linux and Docker.

In this article, I describe how Docker containers flow through the DevOps pipeline. I also cover some advanced DevOps concepts (borrowed from object-oriented programming) on how to use dependency injection and encapsulation to improve the DevOps process. And finally, I show how containerization can be useful for the development and testing process itself, rather than just as a place to serve up an application after it's written.

Introduction

Containers are hot in DevOps shops, and their benefits from an operations and service delivery point of view have been covered well elsewhere. If you want to build a Docker container or deploy a Docker host, container or swarm, a lot of information is available. However, very few articles talk about how to develop inside the Docker containers that will be reused later in the DevOps pipeline, so that's what I focus on here.

Figure 1. Stages a Docker Container Moves Through in a Typical DevOps Pipeline

Container-Based Development Workflows

Two common workflows exist for developing software for use inside Docker containers:

  1. Injecting development tools into an existing Docker container: this is the best option for sharing a consistent development environment with the same toolchain among multiple developers, and it can be used in conjunction with web-based development environments, such as Red Hat's codenvy.com or dockerized IDEs like Eclipse Che.
  2. Bind-mounting a host directory onto the Docker container and using your existing development tools on the host: this is the simplest option, and it offers flexibility for developers to work with their own set of locally installed development tools.

Both workflows have advantages, but local mounting is inherently simpler. For that reason, I focus on the mounting solution as "the simplest thing that could possibly work" here.

How Docker Containers Move between Environments

A core tenet of DevOps is that the source code and runtimes that will be used in production are the same as those used in development. In other words, the most effective pipeline is one where the identical Docker image can be reused for each stage of the pipeline.

Go to Full Article
Categories: Linux News

Episode 10: Hydrants and Sirens

Linux Journal - Mon, 12/17/2018 - 12:14
Your browser does not support the audio element. Reality 2.0 - Episode 10: Hydrants and Sirens

Katherine Druckman and Doc Searls talk to David Egts (@davidegts), Chief Technologist North America for the Public Sector at Red Hat (@redhatgov) about open source enthusiasm.

Links Mentioned: 

Categories: Linux News

Linux 4.20 rc7 Is Out, the Skrooge Team Announces the 2.17.0 Release of Its Personal Finance Manager, Confluent Has a New Confluent Community License, Pixel Wheels Racing Game has a New Release and Debian Installer Buster Alpha 4 Is Now Available

Linux Journal - Mon, 12/17/2018 - 09:33

News briefs for December 17, 2018.

Linux 4.20 rc7 was released yesterday. Linus Torvalds writes "This is a *tiny* rc7, just how I like it. Maybe it's because everybody is too busy prepping for the holidays, and maybe it's because we simply are doing well. Regardless, it's been a quiet week, and I hope the trend continues." And, he says he still plans to release 4.20 right before Christmas.

The Skrooge Team announced the 2.17.0 release of its personal finance manager, which is based on KDE Frameworks. This release fixes several bugs and includes a few new features, such as a progress bar in the taskbar, and it supports only Qt >= 5.7.0. You can get it from your distro's package management system, or download it from here.

Confluent, founded by the creators of the open-source Kafka project, has announced a new license called the Confluent Community License, "which would limit the ability of vendors to take its open source software and sell it, in the same way that Amazon did with the core Kafka". According to the Business Insider story, "AWS took Kafka and repackaged it as a paid cloud service—something completely legal, as open source software is free for anyone to use as they wish." Business Insider also notes that the new license applies only to specialized add-ons to Kafka that are developed in-house.

There's a new release of the Pixel Wheels racing game. It now "remembers the best lap and best total time for each track and shows you a congratulation message when you reach the top 3 in either categories", countdown now has sound and has several other new features. The game is available for Linux, Android, Windows and Mac, and you can get it from here.

Debian Installer Buster Alpha 4 was released over the weekend. This release has many improvements and hardware support changes, and it now supports 76 languages. Go here to install.

News kernel Skrooge KDE Confluent licensing AWS gaming Debian
Categories: Linux News

Photography and Linux

Linux Journal - Mon, 12/17/2018 - 09:31
by Carlos Echenique

Is it possible for a professional photographer to use a FOSS-based workflow?

I'm a professional photographer based out of Miami, Florida. I learned photography on my own, starting at age 12, with a Yashica TL Electro 35mm film SLR. In college, I discovered I also had quite an affinity for computers and programming, so I got my degrees in that field. I landed an IT job in county government, and photography took a back seat in my life until two things happened: I became a father, and the digital revolution came to the world of photography.

I dove into digital photography as it made practicing my art economical in the extreme. Having a child meant plenty of opportunities to take photos. All of my photographer friends suddenly needed someone who could understand both computers and photography, and I was conveniently placed to help them.

I turned pro in 2008, when a local ballet troupe asked me to photograph their performance of The Nutcracker. Other performances followed, and my skills were further honed. I later was asked by the late Pedro Pablo Peña to photograph his International Ballet Festival, which I did for two years.

Fast-forward to 2014 when I started a photography club at my day job and offered free photography lessons, once a month, to any fellow employees willing to listen.

In 2017, at the behest of my club members, I was asked to assemble a low-cost photography laptop configuration, as many of my students wanted to expand their photographic skills in the post-processing side of digital photography. I completed my task, assembling a reasonable portable digital darkroom for less than $700 USD that included all necessary photo-editing software with no recurring monthly fees, an upgraded hard drive and a colorimeter.

The laptop turned out so well, I decided to take the plunge myself and converted my Windows 10 workstation (custom-built by me) to a dedicated FOSS photography workstation.

Go to Full Article
Categories: Linux News

Epic Games' Free Cross-Platform Service Coming in 2019, Harness Announces New 24-7 Service Guard, Vivaldi Version 2.2 Released, KDE Applications 18.2 Are Out and Valve's Steam Link App for RPi Officially Available

Linux Journal - Fri, 12/14/2018 - 09:59

News briefs for December 14, 2018.

Epic Games recently announced it's working on a free cross-platform service for 2019: "Throughout 2019, we'll be launching a large set of cross-platform game services originally built for Fortnite, and battle-tested with 200,000,000 players across 7 platforms. These services will be free for all developers, and will be open to all engines, all platforms, and all stores. As a developer, you're free to choose mix-and-match solutions from Epic and others as you wish." Epic also noted that "all services will be operated in a privacy-friendly, GDPR-compliant manner".

Harness yesterday announced the release of 24x7 Service Guard, a new "Machine Learning-based capability that empowers and protects developers who practice Continuous Delivery". According to the press release, "With 24x7 Service Guard, engineering teams now have the equivalent of a dedicated bodyguard to watch all production services and observe the end user experience across all APM, monitoring, and log tools. When a service is impacted, 24x7 Service Guard can proactively roll back code changes automatically—the equivalent of a 'safety net' for production applications."

Vivaldi, the ultra-customizable browser with a do-not-track policy, released a new version yesterday. Version 2.2 "improves accessibility, navigation and media". The Vivaldi blog post notes that "the update introduces more unique ways to manage tabs, makes Access Keys easier to use, integrates Pop Out video, and makes the browser's toolbars more configurable." You can download Vivaldi from here.

KDE Applications 18.12 are out. This release resolves more than 140 issues and features several improvements including practical file management with Dolphin, Okular enhancements, full support for emojis in Konsole, usability improvements for everyone and more. See the full list of changes here.

Valve's Steam link app for Raspberry Pi 3B and 3B+ is now officially available. Phoronix reports that "This app provides similar functionality to the low-cost Steam Link dedicated device that's been available the past few years for allowing in-home streaming of games on Steam from your personal PC(s) to living room / HTPC type setups using Steam Link." You can get the app here.

News gaming Harness Machine Learning Monitoring Vivaldi Privacy KDE Valve Raspberry Pi Steam
Categories: Linux News

FOSS Project Spotlight: Appaserver

Linux Journal - Fri, 12/14/2018 - 08:00
by Tim Riley

An introduction to an application server that allows you to build MySQL user interfaces without programming.

Assume you are tasked to write a browser-based, MySQL user interface for the table called CITY. CITY has two columns. The column names are city_name and state_code—each combined are the primary key.

Your user interface must enable users to execute the four main SQL operations: select, insert, update and delete. The main characteristics for each operation are:

  • The select operation needs an HTML prompt form to request a query. It also needs a where clause generator to select from CITY. After forking MySQL and retrieving the raw rows, it needs to translate them into an HTML table form.
  • The HTML table form needs to be editable, and user edits need to be translated into update statements.
  • Each resulting row following the execution of a query is a candidate for deletion.
  • The insert operation needs a blank form. It also needs to translate Apache's common gateway interface (CGI) into insert statements.

So, you might create the source file called city.c and type in all the required code. Of course, relational databases have relations. One city has many persons residing in it. Assume the PERSON table has the column names of full_name, street_address, city_name and state_code. full_name and street_address combined are the primary key (Figure 1).

Figure 1. Database Schema of Many Persons Residing in One City

Are you going to create the source file called person.c too? What about customer.c, inventory.c, order.c, ...?

Alternatively, you might create the source files called select.c, insert.c, update.c and delete.c. Then each of these modules would need as input:

  • A single table name.
  • The table's additional attributes.
  • The table's column names and additional attributes.
  • A recursive list of related tables.
  • Apache's CGI dictionary output.

The principle behind Appaserver is this multi-module approach. Appaserver stores table names in a table. Each table's column names and relations are also stored in tables. Taking the table-driven concept to the nth degree forms a database of a database. You can glean a detailed understanding of how the Appaserver database is modeled from https://appahost.com/appaserver_database_schema.pdf.

Go to Full Article
Categories: Linux News

Opera Launches Built-in Cryptocurrency Wallet for Android, ManagedKube Partners with Google Cloud to Provide a Monitoring App for Kubernetes Cluster Costs, QEMU 3.1 Released, IoT DevCon Call for Presentations and GNOME 3.31.3 Is Out

Linux Journal - Thu, 12/13/2018 - 09:46

News briefs for December 13, 2018.

Opera announced today the launch of a built-in cryptocurrency wallet for Android. According to The Verge, "The wallet will first support ethereum, with support for other coins likely to come later. Ether investors using Opera would potentially be able to more easily access their tokens using the feature." You can get Opera for Android here.

ManagedKube, a Kubernetes software development tool company, announced yesterday it is collaborating with Google Cloud to "launch a monitoring application that provides companies with visibility into their Kubernetes cluster costs". The press release notes that "ManagedKube provides an easy-to-read dashboard that gives insights on how much is being spent on each pod, node, and persistent volume across multiple time dimensions. This visibility allows companies to forecast budgets, understand product margins, and quickly identify optimization opportunities for reducing Kubernetes cloud costs."

QEMU 3.1 has been released. Phoronix reports that this update of the QEMU emulator adds "multi-threaded Tiny Code Generator support, display improvements, adds the Cortex-A72 model and other ARM improvements, and various other enhancements". For more details, see the QEMU ChangeLog.

IoT DevCon call for presentations is now open. Deadline for proposals is February 28, 2019. The conference is being held June 5–6 in Santa Clara, California.

GNOME 3.31.3 is out, and this will be the last snapshot of 2018. Note that this is development code meant for testing and hacking purposes. For a list of changes, go here, and the source packages are here.

News Opera Android Cryptocurrency Kubernetes Google Qemu IOT GNOME
Categories: Linux News
Syndicate content