It's been (and still is) a particularly busy few weeks for benchmarking. For those curious about the Raspberry Pi 4 performance that was announced at the end of June along with Raspbian 10, here are our initial performance benchmarks of the Raspberry Pi 4 Model B in 2GB and 4GB variants compared to various other ARM SBCs.

In case you missed the original announcement, the Raspberry Pi 4 features a quad-core Cortex-A72 CPU clocked up to 1.4GHz, new 1GB / 2GB / 4GB versions, dual HDMI outputs and can handle up to 4K displays with the new Broadcom VC4 hardware using their V3D open-source driver stack, full-throughput Gigabit Ethernet, dual-band 802.11ac WiFi, two USB 3.0 ports complementing two USB 2.0 ports, and various other improvements.

read more

The glaring omission here is any kind of micro-HDMI cable or adapter. There are still no such cables in stock at the Pi-Shop (which probably also explains why there wasn't one included in this starter kit), so I had also ordered an adapter.

There is a limitation when using the micro-HDMI adapter, which is perhaps not obvious from just looking at these pictures. Because the two micro-HDMI connectors are relatively close together on the board, it is not possible to use two adapters side by side - there's just not enough room for the HDMI heads of both of them.

read more

If you are relatively new to using Linux, Debian's design decisions will not pose obstacles to using it. If you insist on speedier application updates, you might spend excessive time grabbing newer versions from .deb repositories that are outside Buster's reach.

Get Debian 10 Buster ISO downloads here.

You will have plenty of time to resolve those issues. The developers have a long slog to the release of Debian 11, aka "Bullseye."

I can only hope that the next Debian upgrade comes a lot closer to hitting an improved bull's-eye that is less boring.

read more

In my slightly infamous email to fedora-devel I stated that I would turn off the snapd support in the gnome-software package for Fedora 31. A lot of people agreed with the technical reasons, but failed to understand the bigger picture and asked me to explain myself.

I wanted to tell a little, fictional, story:

In 2012 the ISO institute started working on a cross-vendor petrol reference vehicle to reduce the amount of R&D different companies had to do to build and sell a modern, and safe, saloon car.

read more

In the early hours of Sunday morning (my time), Debian 10 (buster) was released. It’s amazing to be a part of an organisation where so many people work so hard to pull together and make something like this happen. Creating and supporting a stable release can be tedious work, but it’s essential for any kind of large-scale or long-term deployments. I feel honored to have had a small part in this release

My primary focus area for this release was to get Debian live images in a good shape. It’s not perfect yet, but I think we made some headway. The out of box experiences for the desktop environments on live images are better, and we added a new graphical installer that makes Debian easier to install for the average laptop/desktop user. For the bullseye release I intend to ramp up quality efforts and have a bunch of ideas to make that happen, but more on that another time.

read more

In this article, I want to look at a GIS option available for Linux—specifically, a program called SAGA (System for Automated Geoscientific Analyses). SAGA was developed at the Department of Physical Geography in Germany. It is built with a plugin module architecture, where various functions are provided by individual modules. A very complete API is available to allow users to extend SAGA's functionality with newly written modules. I take a very cursory look at SAGA here and describe a few things you might want to do with it.

read more

• U.S. Coast Guard Issues Alert After Ship Heading Into Port Of New York Hit By Cyberattack

  The U.S. Coast Guard has issued an official warning to owners of ships that cybersecurity at sea needs updating, and updating urgently. In the Marine Safety Alert published June 8, the Coast Guard "strongly encourages" that cybersecurity assessments are conducted to "better understand the extent of their cyber vulnerabilities." This follows an interagency investigation, led by the Coast Guard, into a "significant cyber incident" that had exposed critical control systems of a deep draft vessel bound for the Port of New York in February 2019 to what it called "significant vulnerabilities."

• Malware on the High Seas: US Coast Guard Issues Alert [iophk: Windows TCO is not a laughing matter. Get rid of it.]

  The ship's network was mainly used for official business, including updating electronic charts, managing cargo data and communicating with shore-side facilities, pilots, agents and the Coast Guard, according to the report.

• Eurofins Scientific: Forensic services firm paid ransom after cyber-attack [iophk: Windows TCO]

  BBC News has not been told how much money was involved in the ransom payment or when it was paid.

  The National Crime Agency (NCA) said it was a "matter for the victim" as to whether a ransom had been paid.

• Eurofins Scientific Paid Up in Response to Ransomware Attack: Report [iophk: Windows TCO]

  Luxembourg-based laboratory testing services giant Eurofins Scientific reportedly paid the ransom demanded by cybercriminals following a successful ransomware attack that led to the company taking offline many of its systems and servers.

• Eurofins Scientific forensics firm pays after hit with ransomware [iophk: Windows TCO]

  Eurofins didn’t disclose how much it paid to retrieve its information but the money was likely paid between June 10, when Eurofins issued a statement about the attack, and June 24 when it published an update saying it had “identified the variant of the malware used” in the attack and had strengthened its cybersecurity.

• [Old] Combating WannaCry and Other Ransomware with OpenZFS Snapshots [iophk: use FreeBSD, OpenBSD, or GNU/Linux on the desktop to avoid ransomware and servers to avoid ransomware damage]

  OpenZFS is the powerful file system at the heart of every storage system that iXsystems sells and of its many features, snapshots can provide fast and effective recovery from ransomware attacks at both the individual user and enterprise level as I talked about in 2015. As a copy-on-write file system, OpenZFS provides efficient and consistent snapshots of your data at any given point in time. Each snapshot only includes the precise delta of changes between any two points in time and can be cloned to provide writable copies of any previous state without losing the original copy. Snapshots also provide the basis of OpenZFS replication or backing up of your data to local and remote systems. Because an OpenZFS snapshot takes place at the block level of the file system, it is immune to any file-level encryption by ransomware that occurs over it. A carefully-planned snapshot, replication, retention, and restoration strategy can provide the low-level isolation you need to enable your storage infrastructure to quickly recover from ransomware attacks.

read more

AMD has just alerted us that they have released a BIOS fix to their motherboard partners that takes care of the issue around booting newer Linux distributions on the new Zen 2 processors...

It's been (and still is) a particularly busy few weeks for benchmarking. For those curious about the Raspberry Pi 4 performance that was announced at the end of June along with Raspbian 10, here are our initial performance benchmarks of the Raspberry Pi 4 Model B in 2GB and 4GB variants compared to various other ARM SBCs.

Security updates have been issued by CentOS (dbus), Debian (firefox-esr, python3.4, and redis), Mageia (ffmpeg), Oracle (firefox, libvirt, and qemu), Red Hat (firefox and virt:8.0.0), Scientific Linux (firefox), and SUSE (kernel).

Collabora's Pekka Paalanen landed another optimization this week into GNOME's Mutter for further enhancing the performance of using DisplayLink hardware and similar secondary GPUs under this Linux desktop...

F2FS is already very fast compared to the long-standing Linux file-systems when benchmarking on solid-state drives while for Linux 5.3 this file-system is getting in even better shape...

• ElectronMail – a Desktop Client for ProtonMail and Tutanota

  The majority of people on the internet have email accounts from big companies, such as Google, that do not respect your privacy. Thankfully, there are privacy conscience alternatives like Tutanota and ProtonMail. The problems is that not all of them have a desktop client. Today, we will look at a project that seeks to solve that problem for you. Let’s take a look at ElectronMail.

• fre:ac – free audio converter and CD ripper

  CD audio grabbers are designed to extract (“rip”) the raw digital audio (in a format commonly called CDDA) from a compact disc to a file or other output. This type of software enables a user to encode the digital audio into a variety of formats, and download and upload disc info from freedb, an internet compact disc database.

  I recently wrote a review of abcde, a console based CD ripping software. I’ve received a few contacts asking me to take a look at a good graphical CD ripper. fre:ac instantly sprung to mind.

  This overview looks at the latest preview release. This release adds a new component system which has aided the inclusion of additional codecs.

  fre:ac depends on the BoCA audio component framework and the smooth class library. The software is written in C++.

• Guest post: Coloring book & wall art created with Krita

  Also, being free and open source software, Krita allowed us to take time to work without the pressure of a subscription service. That accessibility is something we think is valuable to allow artists to take time to learn their craft without worry of a financial burden.

• How to Install Latest Sweet Home 3D in Ubuntu 18.04, 16.04, Higher

read more

• Deploying Kubernetes at the edge – Part I: building blocks

  What exactly is edge computing? Edge computing is a variant of cloud computing, with your infrastructure services – compute, storage, and networking – placed physically closer to the field devices that generate data. Edge computing allows you to place applications and services closer to the source of the data, which gives you the dual benefit of lower latency and lower Internet traffic. Lower latency boosts the performance of field devices by enabling them to not only respond quicker, but to also respond to more events. And lowering Internet traffic helps reduce costs and increase overall throughput – your core datacenter can support more field devices. Whether an application or service lives in the edge cloud or the core datacenter will depend on the use case.

  How can you create an edge cloud? Edge clouds should have at least two layers – both layers will maximise operational effectiveness and developer productivity – and each layer is constructed differently.

• Certifications for DevOps engineers

  DevOps teams appreciate using DevOps processes, especially in multi- and hybrid cloud infrastructures, for many reasons. For one thing, DevOps breaks down barriers and enables agile software development and continuous delivery of IT operations. It is also popular in enterprises because it helps accelerate business outcomes through digital transformation.

• SUSE YES Certification for SLE 15 SP1 Now Available
• Deploy a SUSE Enterprise Storage test environment in about 30 minutes
• MTTR is dead, long live CIRT

  The game is changing for the IT ops community, which means the rules of the past make less and less sense. Organizations need accurate, understandable, and actionable metrics in the right context to measure operations performance and drive critical business transformation.

  The more customers use modern tools and the more variation in the types of incidents they manage, the less sense it makes to smash all those different incidents into one bucket to compute an average resolution time that will represent ops performance, which is what IT has been doing for a long time.

• RHEL 8 enables containers with the tools of software craftsmanship

  With the release of the Red Hat Enterprise Linux 8, there is a new set of container tools which allow users to find, run, build, and share containers. This set of tools allows you to start simple with podman, and adopt more sophisticated tools (buildah, and skopeo) as you discover advanced use cases. They are released in two streams, fast and stable, to meet developer and operations use cases. Finally, these tools are compliant with the same Open Containers Initiative (OCI) standards, just like Docker, allowing you go build once, and run anywhere.

• IBM's big deal for Red Hat gives it a chance to reshape open source
• Cloudera Commits to 100% Open Source

  The old Cloudera developed and distributed its Hadoop stack using a mix of open source and proprietary methods and licenses. But the new Cloudera will be.

• Cloudera relents, adopts pure open-source strategy

  Although billed as a “merger of relative equals,” last fall’s combination of Cloudera Inc. and Hortonworks Inc. was by all accounts a Cloudera acquisition of its smaller big-data rival. But it now appears that Hortonworks’ open-source business model has won the day. Cloudera Wednesday quietly announced changes to its licensing policy that will make its entire product portfolio available under open-source terms, effectively adopting Hortonworks’ business model.

  The move has important implications for the industry’s ongoing debate about how business models can be built upon a foundation of free software. Although Cloudera is a major contributor to open-source projects, its decade-old business has always been based on selling licensed software.

read more

With the growing number of devices requiring loadable firmware/microcode at run-time and Linux continuing to simply support a lot more hardware, the size of /lib/firmware has ballooned in recent years while now for the upcoming Linux 5.3 kernel release is the ability to compress these firmware files for fairly significant space savings...

• Ubuntu Podcast from the UK LoCo: S12E14 – Sega Rally Championship

  This week we’ve been installing macOS and Windows on a Macbook Pro and a Dell XPS 15. We discuss Running Challenges, bring you some command line love and go over all your feedback.

  It’s Season 12 Episode 14 of the Ubuntu Podcast! Mark Johnson, Martin Wimpress and Laura Cowen are connected and speaking to your brain.

• Bad Voltage 2×55: Moaner Lisa

  Stuart Langridge, Jono Bacon, and Jeremy Garcia present Bad Voltage, in which the Mona Lisa is bobbins, it is important to have your privacy policy meet the overall goals you’re pushing, and:

• Comparing Hammers | BSD Now 306

  Am5x86 based retro UNIX build log, setting up services in a FreeNAS Jail, first taste of DragonflyBSD, streaming Netflix on NetBSD, NetBSD on the last G4 Mac mini, Hammer vs Hammer2, and more.

read more

• All Zachtronics games are now available on itch.io

  Some good news for fans of high quality puzzle games, as Zachtronics entire library is now available to purchase on itch.io.

• Valve has launched "Steam Labs", a place where Valve will show off new experiments

  Valve emailed in today to let us know about the new Steam Labs, a dedicated section on Steam for Valve to show off some experiments they're doing and for you to test and break them.

• Valve Rolls Out Steam Labs

  Steam Labs was announced today with three initial experiments: Micro Trailers, The Interactive Recommender, and The Automated Show. Micro Trailers are six-second game trailers, The Interactive Recommender uses machine learning to show game titles you might like, and The Automated Show is a showpiece for secondary displays for highlighting different games.

• Network transparency with Wayland

  I've managed to get hardware video encoding and decoding using VAAPI working with waypipe, although of course the hardware codecs are less flexible and introduce additional restrictions on the image formats and dimensions. For example, buffers currently need to have an XRGB8888 pixel format (or a standard permutation thereof), as the Intel/AMD VAAPI implementations otherwise do not appear to support hardware conversions from the RGB color space to the YUV color space used by video formats, and in the other direction. It's also best if the buffers have 64-byte aligned strides, and 16-pixel aligned widths and heights. The result of this can run significantly faster than encoding with libx264, although to maintain the same level of visual quality the bitrate must be increased.

  For games, using video compression with waypipe is probably worth the tradeoffs now. In some instances, it can even be faster. A 1024 by 768 SuperTuxKart window during a race, running with linear-format DMABUFs, losslessly replicated without compression via ssh on localhost, requires about 130MB/s of bandwidth and runs at about 40 FPS. (Using LZ4 or Zstd for compression would reduce bandwidth, but on localhost or a very fast network would take more time than would be saved by the bandwidth reduction.)

• Ubuntu LTS releases (and so derivatives too) to get updated NVIDIA drivers without PPAs

  Good news everyone! Canonical will now be offering NVIDIA users up to date graphics drivers without the need to resort to a PPA or anything else.

  Since this will be for the Ubuntu LTS releases, this means other Linux distributions based on Ubuntu like Linux Mint, elementary OS, Zorin OS and probably many others will also get these updated NVIDIA drivers too—hooray!

  This is really great, as PPAs are not exactly user friendly and sometimes they don't get the testing they truly need when serving so many people. Having the Ubuntu team push out NVIDIA driver updates via an SRU (Stable Release Update), which is the same procedure they use to get you newer Firefox version, is a good way to do it.

read more

• Google ‘eavesdropping on your PRIVATE conversations’ with Android phones and smart speakers
• The Android Police Podcast is live on Twitch
• Is Android getting the drop on AirDrop?
• LG G7 ThinQ Android Pie (9.0) update arrives in UK on both carrier & unlocked models
• Xiaomi Starts Testing New MIUI 10 Version Based on Android Q

read more

• Adventures with Ansible: challenges, solutions and… Subversion?
• Get started with Red Hat CodeReady Studio 12.12.0.GA and JBoss Tools 4.12.0.Final for Eclipse 2019-06
• A muggle's guide to AWK arrays: 2
• Fedora Linux install vnstat network traffic monitor
• Using Git and GitHub to safely store your code [Ed: Use Git, not GitHub (which is proprietary)]
• Visual alert with keyboard LEDs Using seq, sleep
• Linux/UNIX: Move File Starting With A Dash
• A New Update Infrastructure For The Public Cloud

read more

• Linux 5.3 Is Another Busy Kernel Merge Window Even For The Summer Months

  While just being a few days into the two-week long merge window for Linux 5.3, it's certainly another busy cycle even when considering the summer months tend to be a bit slower for developers. 

• Kernel Address Space Isolation Aims To Prevent Leaking Data From Hyper Threading Attacks

  Kernel Address Space Isolation is an experimental feature in development by Oracle in aiming to prevent leaking sensitive data from Intel Hyper Threading due to speculative execution attacks like L1TF. 

  While disabling Intel Hyper Threading has become recommended for fending off newer speculative execution attacks, obviously many don't want to lose out on those extra threads. In particular, data centers and public cloud providers certainly don't want to give up on Hyper Threading as it will hurt their margins hard. Oracle began working on address space isolation for the Kernel-based Virtual Machine (KVM) but now that has evolved into Kernel Address Space Isolation as a generic address-space isolation framework and KVM simply being one of the consumers of this framework. 

• AMD "GFX908" Additions Land In LLVM 9.0 For New Workstation GPU

  Weeks ahead of SIGGRAPH and days ahead of the LLVM 9.0 code branching, a number of big "GFX908" commits have been landing in the AMDGPU LLVM shader compiler back-end over the past day.

  GFX908 is an unreleased product we haven't seen much driver activity on to date. Yes, GFX9 is Vega, but AMD has previously communicated that Vega will live on for select workstation/compute products and that was also reiterated back during the Navi media briefings last month.

• AMD's GPU Performance API 3.4 Adds Navi Support, Other Features

  The GPU Performance API is their cross-platform library for accessing the hardware's performance counters and being able to analyze performance/execution characteristics. GPA pairs nicely with their other open-source tooling like CodeXL and the Compute Profiler for finding bottlenecks and other areas for optimization.

• RADV Picks Up Geometry Shader Support For Navi/GFX10

  It's on a daily basis we are seeing improvements to the newly-added Radeon RX 5700 "Navi" support with the open-source Linux graphics driver stack. Today brings geometry shader support for the Mesa RADV Vulkan driver.

  AMD's official Vulkan driver, AMDVLK, has yet to publish its (open-source) Navi support but that is hopefully just days away. Meanwhile RADV is off to the races in aiming for good Navi/GFX10 support with the Mesa 19.2 release due out at the end of next month.

• Wayland's Weston Gets Option To Enable HDCP Support Per-Output

  An Intel open-source developer contributed support to Wayland's reference Weston compositor for enabling HDCP support on a per-output basis using a new allow_hdcp option.

  From the weston.ini configuration file, High-bandwidth Digital Content Protection can be enabled per-output via the "allow_hdcp" option within each output section. HDCP otherwise is always enabled by default for the display outputs.

read more