• Patent Certainty Waning, But That’s Still OK for Patent Trolls
• GitHub is Microsoft’s Proprietary Software and Centralised (Monopoly) Platform, But When Canonical’s Account There Gets Compromised Suddenly It’s Ubuntu’s Fault?
• Canonical is Turning Ubuntu Into a More Proprietary Deviant of GNU/Linux
• Links 13/7/2019: Librem 5 July Update, Project Trident 19.07, KDE Frameworks 5.60.0

read more

• Inside the IT industry’s largest commercial open source software ecosystem

  At Red Hat, our vision of an open hybrid cloud is simple. We believe they should be truly open platforms across any application, environment, and cloud, with portability and operational consistency. This reaches from public and private clouds, to bare metal and virtual environments in traditional datacenters, the extended datacenter (edge), and end-user devices.

  Delivering application portability for development and operations across a diverse set of environments, without vendor lock-in, requires ubiquitous open source technologies as well as commercial offerings based on these technologies. Open source technologies can provide layers of abstraction and offer an ecosystem worth investing in for customers and vendors alike. These technologies deliver a pathway to commercial offerings as stand-alone products or as solutions that help solve customer needs.

  Standardising with open source.

  Standardising on products that use open source technologies can help protect customers by offering an exit strategy. Linux, Linux containers, Kubernetes and Kubernetes Operators are key technologies for these abstractions in modern computing environments. A closer look reveals why:

• Open Source TriggerMesh Operator Available for Red Hat OpenShift Container Platform for Hybrid Serverless Computing

  TriggerMesh, a multi-cloud serverless management platform company, and Vshn, a DevOps consultancy, have announced the availability of the TriggerMesh Operator for Red Hat OpenShift 4. OpenShift 4 was recently announced by Red Hat to bring additional automation to Kubernetes applications. The TriggerMesh Operator allows OpenShift users to install the TriggerMesh management platform and integrate serverless workloads with other clouds and legacy infrastructure. In addition, TriggerMesh enables serverless function CI/CD as well as access to multi-cloud event sources from AWS and Google Cloud.

• Are Open Source Active Path Testing Tools Viable for You?

  An open source path testing tool could be an alternative to a commercial product, but you must understand the tradeoffs.

• What Is Open-Source Software? (+The Benefits and Risks)

  Many open-source applications are also freely distributed. This is referred to as free and open-source software, or FOSS. Often, vendors only ask for donations to help keep them afloat, along with costs for additional plugins, support and services.

  These brands provide a solution they believe in without attaching a price tag or subscription plan to the product. The most successful releases usually generate a profit from a passionate community of users. But the prevalence of zero-cost software goes hand in hand with the transparency of open-source code.

  Not only do these features increase a vendor’s chances of reaching a wider audience, but they also offer opportunities to inspire innovation. It is all about paying it forward.

  There are twists and turns in the timeline of open-source technology, and there is still a substantial place in B2B for proprietary code. But the spread of free, open-source software is a defining story of the 2000s, leading to the rise of many products and careers. Popular products like Blender and MySQL remain free and open source even with millions of downloads. These success stories helped to fortify the movement and rewrite the rules of software development and usership.

• Zim is a free, open source, text editor with wiki like features

  One unusual text editor which I came across a while ago, was Zim. This isn't your average text editor. If you have used hierarchical text editors like AllMyNotes Organizer or Tree Notes (commercial), it is sort of similar.

  Zim can be used to create pages, and link to those pages, kind of like a wiki functions, hence the tagline, A Desktop Wiki. The application which is written in Python, is available for Windows and Linux. Both versions are identical in usage and features, though the PC version is a few builds behind.

  [...]

  Tip: You can use Zim as a text-editor and use it to edit TXT files using the import option. The export options can be used to save the documents to other formats like HTML, MHTML, Latex, Markdown and RST.

  The toolbar has a few navigation options, some formatting styles, and the attach files option. Opening the Calendar option creates a Journal notebook which has automatically categorized sub-pages for the selected year, month and date. The format menu has a lot more options including headings, list styles (numbered, bulleted, checkbox list), scripts, etc. This means can use the program for anything, like keeping a journal, maintaining a record of your expenses, a collection of notes, use it for note-taking in class or meetings, to-do lists, etc. It's up to you.

  Tip: Though the toolbar says Strong, Emphasis, etc., the program supports universal keyboard shortcuts for Bold, Italics, Underline etc.

• ThoughtWorks Releases Taiko - A Free and Open Source Browser Automation Tool
  

  ThoughtWorks, a global software consultancy, today announced the availability of Taiko 1.0, an open source browser automation tool which is available to download for free. Taiko is sponsored by the same ThoughtWorks team that created the free and open source test automation framework Gauge.

• Open Source's Role in UC & Networking on the Rise

  Exploring the impact of the software revolution that's quietly empowering more open source networking and communications solutions.

• SD Times Open-Source Project of the Week: Qinling

  This week’s SD Times Open Source Project of the Week — OpenStack’s Qinling — allows users to run code without provisioning or managing servers and only pay for the compute time they consume. The release is still under development and the current supported release is Stein.

  According to the makers of Qinling, the project was created to provide “Functions-as-a-Service” for serverless functions such as AWS Lambda. Through plugins, Qinling supports container orchestration platforms such as Kubernetes and Swarm as well as function package storage backends.

• AMD Picasso Support For Coreboot Appears Finally Ready

  Back in April I wrote about Coreboot seeing AMD Picasso APU enablement work as the first Zen/Ryzen processor target being handled by this open-source BIOS alternative. It now looks like that Picasso support is all squared away and ready for use by future AMD-powered Google Chromebooks.

• Lessons from the GraphQL Documentary: Never Underestimate the Power of Open Source Communities

  Honeypot, a tech-focused job platform based in Europe, has produced a documentary that offers a fascinating look at the origins of GraphQL. The 28-minute video explores how quickly the project began to have an impact on the wider tech industry after Facebook publicly released it as an open source project.

  GraphQL co-founder Nick Schrock, who was interviewed along with fellow co-creators Lee Byron and Dan Schafer, said the documentary “captured both the urgency and joy of the early months of the GraphQL.” It was filmed over two months in San Francisco and Berlin, where Honeypot runs the GraphQL Conf in cooperation with Prisma.

• The Apache® Software Foundation Announces Program for ApacheCon™ Europe

  The Apache® Software Foundation (ASF), the all-volunteer developers, stewards, and incubators of more than 350 Open Source projects and initiatives, announced today the event program for the European edition of ApacheCon™, the ASF's official global conference series. ApacheCon Europe will take place 22-24 October 2019 at the Kulturbrauerei in Berlin, Germany.

read more

• OpenHMD 0.3.0 ‘Djungelvral’ Released!

  We are very happy to announce that after years of reverse engineering devices, hacking, testing and pushing, we are releasing OpenHMD version 0.3.0 (codename ‘Djungelvral’).We are very happy to announce that after years of reverse engineering devices, hacking, testing and pushing, we are releasing OpenHMD version 0.3.0 (codename ‘Djungelvral’).

  We want to thank each and every one of the 125-150 people who have contributed over the last 3.5 years. Helping out with reverse engineering, writing drivers, testing, donating/lending hardware, building applications and games, showing up at (or hosting) Hack-athons.. we are incredibly lucky to have your support. Thank you!

  The list of features bringing us from v0.2.0 to v0.3.0 is insane and that is despite not all the features and experimental drivers making the cut for this release. Since we have a really long list of changes, lets look at a couple of highlights in this release!

• OpenHMD 0.3 Released With Support For More VR/AR Devices

  OpenHMD remains focused on a free and open-source API/drivers for immersive technology devices, primarily VR headsets. OpenHMD 0.3 supports the 3Glasses D3, Oculus CV1, Windows Mixed Reality HMD, NOLO, HTC Vive, HTC Vive Pro, Deepoon E2, and GearVR Gen1. While previously supported, the PlayStation PSVR was disabled in the v0.3 release.

• Glibc's Slow Turnaround For Y2038 Fixes Is Frustrating

  While there is another nineteen years to go until the Year 2038 problem manifests, the GNU C Library "glibc" is one of the key software components still needing some fixes for this issue where this problem where storing the Unix time as a 32-bit signed integer will wrap around and become a negative number.

  Wolfgang Denk of German software engineering firm DENX put out a "desperate call for help" that even with their resources/money for trying to fix up Y2038 Glibc issues, the review/upstreaming process is taking too long for some of their customers. In particular, even few lines of code patches aren't being accepted upstream at least in any timely manner.

• Weekly Python StackOverflow Report: (clxxxvi) stackoverflow python report
• Udemy Class Review: Python For Beginners Complete Python Programming

  Learning to program software can be an exceedingly difficult task, but one that has great rewards if you are successful. If you’ve never heard of Python before, it’s a versatile programming language that is known for being relatively easy to learn. Numerous websites and tools are available online that aim to make learning Python programming easier, but Udemy’s Python for Beginners: Complete Python Programming course ($11.99) doesn’t live up to its promise.

read more

Epic Games released the first public preview this week of Unreal Engine 4.23...

• Microsoft Discreetly Drops ‘Telemetry’ As Part Of Larger ‘Security Cumulative Update’ Without First Informing Windows 7 Users? [Ed: Microsoft being Microsoft and backporting surveillance; With Windows Update any piece of software can become more malicious overnight.]

  Microsoft appears to have once again attempted to sneak telemetry components. The company released security updates for all supported operating systems on the July 2019 Patch Day. However, this month’s cumulative updates, which were supposed to contain only security-related components, contain an unexpected compatibility/telemetry component.

  The suspicious components were hidden in plain sight. Incidentally, this is the second time Microsoft has attempted to insert telemetry components. However, during the first attempt the Windows OS maker had openly mentioned the inclusion of the telemetry components, whereas this time, the company didn’t offer any indication. This methodology appears to an attempt to garner more accurate data about usage and installation patterns of the Windows operating system as Microsoft will soon phase out Windows 7.

  Windows Update delivered several packages of security and reliability fixes for Windows 7 earlier this week. The packages are different for each of the Windows operating system’s versions that Microsoft officially supports. However, the ‘cumulative update’ package contained a rather suspicious component. The security update in question was intended for Microsoft Windows 7 Operating System (OS) which was released as part of the July 2019 Patch Day.

• Swimlane research team open sources pyattack

  As security teams adopt the Mitre ATT&CK Framework to help them identify gaps in their defenses, having a way to identify what malware and tools are being used by specific actors or groups becomes more critical. Additionally, having a way to identify these relationships programatically is even more critical.

  Today, we are excited to announce the Swimlane research team has released pyattck—a Python package to interact with the Mitre ATT&CK Framework. There are many different open-source projects being released on a daily basis, but we wanted to provide a straightforward Python package that allows the user to identify known relationships between all verticals of the Mitre ATT&CK Framework.

• Strongbox Password Safe is a free, open-source KeePass client for iOS [Ed: iOS from Apple has back doors (see Vault 7 from Wikileaks for instance), so you should not put any passwords in it]
• Research Finds Loads of Container Vulnerabilities

  Docker containers are great in that it’s easy to get started building an application using frameworks and components that others have made available via open source projects. The challenge, however, is not all those projects are current in terms of their cybersecurity patches. In fact, a developer of a framework may not even be actively supporting it anymore.

  A new report from vulnerability management platform vendor Kenna Security highlights the extent of the problem in the Docker community. Via the VulnerabilitiesContainer.org site, Kenna Security is sharing the results of analyses of containers being reused widely that find some of these open source projects have hundreds of unresolved Common Vulnerabilities and Exposure (CVE) issues.

• A World of Infinite Choice in Open Source Software

  We recently released the fifth annual State of the Software Supply Chain Report in London. This year, we worked with Gene Kim and Dr. Stephen Magill to examine our largest data sample ever. Our goal? To qualify and quantify how exemplary development teams operate.

  As part of the research we identified the top 3% of DevOps teams using exemplary practices. (Take the quiz to see how your team stacks up.)

  Before we could truly understand these practice, we had to have the right context. The report’s first goal was to compare the use of open source in 2019 - to that of years past - and understand the broader environment developers are working in. As anticipated, open source component use continues to rocket upward.

• In memoriam – Corby Corbató, MIT computer science pioneer, dies at 93

  Almost everyone’s heard of Linux – it’s the operating system kernel that’s behind a significant proportion of servers on the internet, including most of Google, Facebook, Amazon and many other contemporary online juggernauts.

  In its Android flavour, Linux powers the majority of smartphones out there, and in one form or another it’s also the kernel of choice for many so-called IoT devices such as bike computers, home Wi-Fi routers, webcams, baby monitors and even doorlocks.

  Most people who use Linux know that the name is a sort-of pun on Unix, the operating system that Linux most resembles.

  And Unix, of course, is the operating system behind a significant proportion of the devices out there that don’t run Linux, being at the heart of Apple’s macOS and iOS systems, as well as the various and widely-used open source BSD distributions.

read more

• Cloudera is making all of its software open-source, one month after its CEO's abrupt resignation

  Palo Alto-based cloud data provider Cloudera, Inc. plans to open-source all of its software, and focus on providing value-added services on top of its platform...

• Cloudera flips the open source switch in search of consistency, innovation

  A post-acquisition Cloudera, one that is looking to regain its footing after a disappointing earnings report and a CEO departure, sees open source as a silver bullet.

  Making its software products available through open source can help boost adoption amid a Hadoop market contraction, while helping retain customers in the aftermath of its acquisition.

  In turn, broader Cloudera adoption will mean a bigger pool of potential customers that can pay for additional services like dedicated support or consulting.

  This strategy has worked for Amazon Web Services, Microsoft and others. Most recently, IBM finalized a $34 billion move aimed at expanding its presence in the open source space: the acquisition of enterprise software company Red Hat.

• Cloudera will open source all its software, run business like Red Hat

  In June, Cloudera CEO Tom Reilly announced he would resign. Now, Cloudera is announcing a plan it's worked on since its merger with Hortonworks.

read more

• Valve's Latest Linux Gaming Work Is Boosting AMD Vulkan Performance By Up To 44 Percent

  Phoronix has also shown both framerate improvements, reduced loading times and reduced stutter in a heaping helping of benchmarks, but Valve developer Pierre-Loup Griffais recently emailed me a fascinating result that originated from DXVK developer Philip Rebohle. And it's definitely a mic drop moment.

  It centers around the game NieR: Automata, which works well under Linux via Steam Play using Valve's Proton. The three images below depict the game running at 1440p with maximum quality settings, on a Ryzen 7 2700X and Radeon RX 480 system. In the tests, Valve compared the framerates in the same scene using Windows (DirectX 11), RADV + LLVM, and RADV + ACO.

• Weston 7.0 release schedule Hi all, Here is the release schedule for Weston 7.0, the next major version: - Alpha: July 19th, in one week - Beta: August 2nd - RC1: August 16th - First possible release: August 23th Package maintainers are encouraged to pick up the pre-releases to make sure packaging can be tested (and fixed) before the stable release. This will be the first release to drop completely autotools support, replacing it with Meson. A Wayland release hasn't been planned yet. Weston and Wayland releases are not combined anymore. Please let me know if you have any objections. Thanks,
• Wayland's Weston 7.0 Compositor Aiming To Release Next Month

  Simon Ser who has been serving as the Wayland/Weston release manager has laid out a schedule for getting out the next major release of Wayland's reference compositor.

  Simon's planned release schedule involves the Weston 7.0 Alpha release next week, a beta in early August, the release candidate around mid-August, and the possible release around the end of August barring any major issues. Such timing would ideally get the updated Weston 7.0 compositor within autumn 2019 Linux distribution releases.

read more

The input and HID subsystem updates were sent in this week with various hardware support additions and improvements...

WordPress launched in 2003 as a blogging platform. Today, WordPress is a sophisticated content management system, built on PHP and MySQL and running much of the websites worldwide, from hobby blogs to the biggest news portals. Over 54,000 plugins and themes help customize WordPress installations — including robust ecommerce functionality, galleries, mailing lists, forums, and analytics. Price: Free.

Also: WordPress vs. Wix vs. Squarespace for SEO: An Interview with Pam Aungst

read more

• Dota Underlords gains a prototype Battle Pass in the latest Early Access update

  Valve continue to push out some more interesting updates to their auto-battler Dota Underlords, with it now having the first version of their prototype Battle Pass.

  All beta testers during Early Access are granted it for free and like everything else in Underlords, Valve will be using it as a "learning experience". With it you can unlock banners, emotes, new board types along with a mix of daily and weekly challenges. You can earn XP (experience points) by playing online against others or against Hardcore level bots.

• DXVK 1.3 is out with some fun sounding new features for this Vulkan translation layer

  Developer Philip Rebohle just released DXVK 1.3, a fun sounding version of the Vulkan-based D3D11 and D3D10 implementation for Wine with some new features.

  Using the new "VK_EXT_shader_demote_to_helper_invocation" extension from Vulkan version 1.1.113 (released on June 30th), DXVK can use it to "implement the discard instruction in shaders, which may improve performance in some games".

• DXVK 1.3 Released With Discard Optimization, Async Presentation

  Philip Rebohle released version 1.3 of DXVK today, the widely-used Direct3D 10/11 to Vulkan translation layer for accelerating Windows gaming on Linux under Wine and most known with Steam Play.

  DXVK 1.3 adds optional support for VK_EXT_shader_demote_to_helper_invocation to implement the discard instruction within shaders and may help the performance of some games. DXVK 1.3 also adds asynchronous presentation support as another performance optimization. There are also resource upload changes to help different games but currently only working with the AMDVLK and NVIDIA drivers.

read more

• How to fix Ubuntu not detecting Windows 10 partition during install
• Debian 10 Set Up OpenVPN Server In 5 Minutes
• Find Linux / UNIX Kernel Version Command
• Extract tar.gz File in Linux or Unix using tar
• How to Install and Configure Squid Proxy on CentOS 7
• How to create jenkins job step by step
• [From Arch] libbloom>=1.6-2 update requires manual intervention

read more

I got into Linux in two steps, first, in 2007 but I was the only one among my friends to use it so I ended up sticking to the shitty OS I had. My next re-discovery of Linux was later in 2012 when I started professional training in system administration.

read more

Philip Rebohle released version 1.3 of DXVK today, the widely-used Direct3D 10/11 to Vulkan translation layer for accelerating Windows gaming on Linux under Wine and most known with Steam Play...

• 20 new and notable Android apps from the last two weeks including Shoelace, 321FIT, and ruff (6/29/19 - 7/13/19)
• Flutter 1.7 brings AndroidX support for new Android apps, Android App Bundles, and more
• Huawei Harmony Could Be the Highly-Anticipated Chinese Android Rival
• YouTube Launched Topic Filter For Android to Give More Control to the Viewer
• Hoping for a BlackBerry Passport running on Android? The Unihertz Titan could be the next best thing
• LG G6 (H870) gets an early leaked Android Pie beta build

read more

It has been revealed that a threat actor once best known for cyber bank robbery in Russia has made a move to espionage. The highly targeted attacks against government institutions in Eastern Europe, which took place during June 2019, employed the use of a Microsoft Windows zero-day exploit. In and of itself this isn't unusual as there have been plenty of Windows zero-days discovered. However, this is the first time that researchers had seen the Buhtrap group using a zero-day attack, although the group has been involved in the cyber-spying business for some years now across Eastern Europe and Central Asia.

Anton Cherepanov, a senior malware researcher at security vendor ESET, explained how the zero-day exploit abused a local privilege escalation vulnerability in Microsoft Windows in order to run arbitrary code and install applications, and view or change data on the compromised systems. As soon as the researchers had properly analyzed the exploit, it was reported to the Microsoft Security Response Center, and a fix was included in the July 9 "Patch Tuesday" update.

The vulnerability itself only impacted older versions of Windows, specifically variations of Windows and Windows Server 2008. This is because, as Cherepanov explained, "since Windows 8 a user process is not allowed to map the NULL page. Microsoft back-ported this mitigation to Windows 7 for x64-based systems." The advice, predictably, is to upgrade to a newer version of the operating system if possible. Especially as critical security updates will disappear soon when extended support for Windows 7 Service Pack 1 ends in January 2020. Gavin Millard, vice-president of intelligence at Tenable, warns users not to be complacent seeing as the vulnerability is "now being actively exploited in the wild," advising that "patches should be deployed as soon as possible."

read more

Zakaj je internet minuli teden klecnil

• Matej Huš :: 13. jul 2019 ob 22:45
• Omrežja / internet

vir: CloudflareCloudflare - V začetku meseca so imele številne popularne spletne strani težave z dosegljivostjo. Nevšečnosti je zakuhal Cloudflare, ki ponuja gostovanje številnim stranem in skrbi za njihovo zaščito pred napadi DDoS. Toda če se zalomi Cloudflaru, so posledice globalne. Ko je 2. julija Cloudflare napravil napako, smo to občutili po vsem svetu. John Graham-Cumming iz Cloudflara v odkritem opisu pojasnjuje, kaj je šlo napak in kako so se odzvali. To je bil prvi globalni Cloudflarov izpad v zadnjih šestih letih. Več na Slo-Techu.

We are happy to announce the release of bzip2 1.0.8.

This is a fixup release because the CVE-2019-12900 fix in bzip2 1.0.7 was too strict and might have prevented decompression of some files that earlier bzip2 versions could decompress. And it contains a few more patches from various distros and forks.

bzip2 1.0.8 contains the following fixes:

Accept as many selectors as the file format allows. This relaxes the fix for CVE-2019-12900 from 1.0.7 so that bzip2 allows decompression of bz2 files that use (too) many selectors again.
Fix handling of large (> 4GB) files on Windows.
Cleanup of bzdiff and bzgrep scripts so they don’t use any bash extensions and handle multiple archives correctly.
There is now a bz2-files testsuite at https://sourceware.org/git/bzip2-tests.git
Patches by Joshua Watt, Mark Wielaard, Phil Ross, Vincent Lefevre, Led and Kristýna Streitová.

read more

FTP (File Transfer Protocol) is as its name suggests a file transferring protocol between two computers, a local computer, and a remote server. FTP servers is a web server that runs on web-servers and uses FTP protocol at the server side to manage file transfers, connections, & users. Some of them come with a modular architecture, security-focused features, and several options designed for the enterprise.

The FTP server allows users to store their files on the server, through FTP, and access it later. The basic features of usable FTP servers are to manage the file transfers, the connections, the rate limits, the user's accounts, user groups, & user permissions. Some of the projects on this list do, even more, some of them are built with modular architecture allowing developers to extend their functionalities throw custom developed modules and plugins.

To connect to the FTP server, you require a client (FTP client), that provide the client-ready interface to connect through FTP and similar protocols. We have covered the best FTP clients in this article for Windows users, Linux (Ubuntu, Debian, macOS). Here is our list of: 10 Recommended Free, Open source FTP Clients for Windows, Linux, and macOS.

read more

• Top GUI Tools for Linux System Administrators

  Let’s have a look into the list of top GUI tools for Linux system administrators. If you are tired of running command and need some change then this post is for you.

• Millan Castro Vilariño: GSoC: First month working in Pitivi

  Pitivi is a video editor, free and open source. Targeted at newcomers and professional users, it is minimalist and powerful. This summer I am fortunate to collaborate in Pitivi development through Google Summer of Code.

  My goal is to implement an interval time system, with the support of Mathieu Duponchell, my menthor, and other members of the Pitivi community.

  An interval time system is a common tool in many video editors. It will introduce new features in Pitivi. The user will be able to set up a range of time in the timeline editor, playback specific parts of the timeline, export the selected parts of the timeline, cut or copy clips inside the interval and zoom in/out the interval.

  Mi proposal also includes the design of a marker system to store information at a certain time position.

• Foliate – A Simple & Modern New GTK eBook Viewer

  Foliate is an open-source GTK eBook viewer built with GJS and Epub.js.

read more

Manjaro is a totally bi-polar distro. Utterly genius and silly at the same time. It does some things so well, it offers so much innovation, it has some rather unique features you don't get to see elsewhere, and then it spoils it with some visual inconsistencies, glitches with its bundled apps and very cumbersome package management. No AUR, fine, but what other options do common users have? How can ordinary non-CLI folks enjoy the likes of Chrome or Skype or whatnot on their boxen? There's a lot of progress - just read my Manjaro diaries over the years - but it's still all fragile balance, and the distro still needs to fully figure out its identity and direction.

The nonfree aspect of the live session should be highlighted. All in all, I'm pleased with the easy availability of everyday conveniences, the installer was neat, and there's a lot of original goodness in Manjaro, more than most other distros. But the network support needs some rework, there should be better identification or auto-configuration with hardware issues on so-called unfriendly platform, and the package management feels neglected. All in all, this is a very promising system. Manjaro 18.0.4 Illyria deserves something like 8/10, and I'll be following up with some customization tricks, plus maybe a review of another edition. That would be all for this rather lengthy review.

read more