Tuesday, 22 January

22:49

AMDGPU DC Code Improvements Bring Better Page-Flipping [Phoronix]

The once notorious AMDGPU "DC" code (formerly known as DAL) saw a fresh round of patches on Tuesday further improving this display stack shared between the Windows and Linux drivers for advanced functionality from FreeSync to HDMI/DP audio and much more...

21:05

Build the wall... around your DNS settings, US govt IT staff urged by Homeland Security amid domain hijackings [The Register]

Anyone still at their posts, please stop these address takeovers... please, helloo? Anyone there?

America's Homeland Security has urged US government departments and federal agencies to shore up their DNS control panels after hackers successfully stormed the barricades.…

20:30

Oceans Are Getting Louder, Posing Potential Threats To Marine Life [Slashdot]

An anonymous reader quotes a report from The New York Times: Slow-moving, hulking ships crisscross miles of ocean in a lawn mower pattern, wielding an array of 12 to 48 air guns blasting pressurized air repeatedly into the depths of the ocean. The sound waves hit the sea floor, penetrating miles into it, and bounce back to the surface, where they are picked up by hydrophones. The acoustic patterns form a three-dimensional map of where oil and gas most likely lie. The seismic air guns probably produce the loudest noise that humans use regularly underwater, and it is about to become far louder in the Atlantic. As part of the Trump administration's plans to allow offshore drilling for gas and oil exploration, five companies have been given permits to carry out seismic mapping with the air guns all along the Eastern Seaboard, from Central Florida to the Northeast, for the first time in three decades. The surveys haven't started yet in the Atlantic, but now that the ban on offshore drilling has been lifted, companies can be granted access to explore regions along the Gulf of Mexico and the Pacific. And air guns are now the most common method companies use to map the ocean floor. Some scientists say the noises from air guns, ship sonar and general tanker traffic can cause the gradual or even outright death of sea creatures, from the giants to the tiniest — whales, dolphins, fish, squid, octopuses and even plankton. Other effects include impairing animals' hearing, brain hemorrhaging and the drowning out of communication sounds important for survival, experts say. So great is the growing din in the world's oceans that experts fear it is fundamentally disrupting the marine ecosystem, diminishing populations of some species as the noise levels disturb feeding, reproduction and social behavior. A 2017 study, for example, found that a loud blast, softer than the sound of a seismic air gun, killed nearly two-thirds of the zooplankton in three-quarters of a mile on either side. Tiny organisms at the bottom of the food chain, zooplankton provide a food source for everything from great whales to shrimp. Krill, a tiny crustacean vital to whales and other animals, were especially hard hit, according to one study.

Read more of this story at Slashdot.

19:20

DHS Issues Security Alert About Recent DNS Hijacking Attacks [Slashdot]

The U.S. Department of Homeland Security has published today an "emergency directive" that contains guidance in regards to a recent report detailing a wave of DNS hijacking incidents perpetrated out of Iran. ZDNet reports: The emergency directive [1, 2] orders government agencies to audit DNS records for unauthorized edits, change passwords, and enable multi-factor authentication for all accounts through which DNS records can be managed. The DHS documents also urges government IT personnel to monitor Certificate Transparency (CT) logs for newly-issued TLS certificates that have been issued for government domains, but which have not been requested by government workers. The emergency directive comes after last week, the DHS issued an alert about ongoing DNS hijacking attacks through its US-CERT division. The DHS US-CERT alert was based on a report published last week by U.S. cyber-security firm FireEye. The now infamous report detailed a coordinated hacking campaign during which a cyber-espionage group believed to operate out of Iran had manipulated DNS records for the domains of private companies and government agencies. The purpose of these DNS hijacks was to redirect web traffic meant for companies and agencies' internal email servers towards malicious clones, where the Iranian hackers would record login credentials.

Read more of this story at Slashdot.

18:40

Netflix 'Would Lose 57 Percent of Their Subscribers If They Added Commercials' [Slashdot]

According to new research from marketing technology firm Audience Project, the majority (57%) of UK customers would stop watching Netflix if commercials were introduced, and even lowering subscriptions would cause a significant drop off of 42%. Here are some of the other key findings: - In the UK, Netflix takes the lion's share of the streaming audience at 70%, followed by BBC iPlayer (61%). Interestingly, YouTube, ITV Player and All4, all of which host ads, saw a decline. - TV is still the preferred streaming device in the UK used by 42% of respondents. - Streaming is on the rise particularly amongst the young, with almost as many 15-25 year olds streaming/downloading (63%) as watching traditional TV (65%) "This is proof, if it were needed, that Netflix is right to focus on growing through its investment in content rather than considering hosting advertising any time soon," Netimperative reports. Martyn Bentley, Commercial Director UK at Audience Project, comments: "Our findings highlight the growing importance of targeting and relevance in advertising. As consumers have increasing choice over whether or not they see ads, both broadcasters and advertisers alike need to work hard to ensure that campaigns enhance experience, rather than detract -- plus it suggests that greater inroads need to be made with Connected TV as a means to help tailor advertising at a granular level."

Read more of this story at Slashdot.

18:25

Wine 4.0 Released With Vulkan Support, Initial Direct3D 12 and Better HiDPI [Slashdot]

Michael Larabel writes via Phoronix: Wine 4.0 is now officially available as the new annual stable release to Wine for running Windows programs and games on Linux and other operating systems. Following seven weekly release candidates, Wine 4.0 was ready to ship today as judged by Wine founder Alexandre Julliard. Wine 4.0 is a big release bringing initial Vulkan graphics API support, Direct3D CSMT is enabled by default, early Direct3D 12 support via VKD3D, continued HiDPI work, various OpenGL improvements, multi-sample D3D texture support, 64-bit improvements, continued Android support, and much more. The release announcement and notes can be read via WineHQ.org. The source can be downloaded here.

Read more of this story at Slashdot.

18:04

The most annoying British export since Piers Morgan: 'Drones' halt US airport flights [The Register]

Talk about Jersey Whirl... Flying gizmos disrupt ops this evening

It seems the UK's latest pain-in-the-ass craze has made its way stateside again, as alleged sightings of rogue drones brought Newark Liberty International Airport to a halt Tuesday.…

18:00

Google Proposes Changes To Chromium Browser That Will Break Content-Blocking Extensions, Including Various Ad Blockers [Slashdot]

"Google engineers have proposed changes to the open-source Chromium browser that will break content-blocking extensions, including various ad blockers," reports The Register. "The drafted changes will also limit the capabilities available to extension developers, ostensibly for the sake of speed and safety. Chromium forms the central core of Google Chrome, and, soon, Microsoft Edge." From the report: In a note posted Tuesday to the Chromium bug tracker, Raymond Hill, the developer behind uBlock Origin and uMatrix, said the changes contemplated by the Manifest v3 proposal will ruin his ad and content blocking extensions, and take control of content away from users. Manifest v3 refers to the specification for browser extension manifest files, which enumerate the resources and capabilities available to browser extensions. Google's stated rationale for making the proposed changes is to improve security, privacy and performance, and supposedly to enhance user control. But one way Google would like to achieve these goals involves replacing the webRequest API with a new one, declarativeNetRequest. The webRequest API allows extensions to intercept network requests, so they can be blocked, modified, or redirected. This can cause delays in web page loading because Chrome has to wait for the extension. In the future, webRequest will only be able to read network requests, not modify them. The declarativeNetRequest allows Chrome (rather than the extension itself) to decide how to handle network requests, thereby removing a possible source of bottlenecks and a potentially useful mechanism for changing browser behavior. The report notes that Adblock Plus "should still be available" since "Google and other internet advertising networks apparently pay Adblock Plus to whitelist their online adverts."

Read more of this story at Slashdot.

17:39

Ginni, you may have to get out and push: IBM sales, profit stuck in the mud. $13bn is $13bn, tho [The Register]

Pay no attention to Watson's lackluster performance, look, the share price is up!

IBM on Tuesday delivered its third consecutive quarter of declining revenue, and its shares still surged in after-hours trading.…

17:36

Open-Source Linux Driver Published For Habana Labs' "Goya" AI Processor [Phoronix]

Habana Labs is one of the companies working on an "AI" processor for speeding up deep learning inference and training workloads. Their initial product is the Goya processor that is already production-qualified. Today they published initial open-source Linux kernel driver patches for review to potentially include in the mainline kernel moving forward...

17:20

Apple's Security Expert Joined the ACLU To Tackle 'Authoritarian Fever' [Slashdot]

An anonymous reader quotes a report from Motherboard: Apple security expert Jon Callas, who helped build protection for billions of computers and smartphones against criminal hackers and government surveillance, is now taking on government and corporate spying in the policy realm. Jon Callas is an elder statesman in the world of computer security and cryptography. He's been a vanguard in developing security for mobile communications and email as chief technology officer and co-founder of PGP Corporation -- which created Pretty Good Privacy, the first widely available commercial encryption software -- and serving the same roles at Silent Circle and Blackphone, touted as the world's most secure Android phone. As a security architect and analyst for Apple computers -- he served three stints with the tech giant in 1995-1997, 2009-2011, and 2016-2018 -- he has played an integral role in helping to develop and assess security for the Mac and iOS operating systems and various components before their release to the public. His last stretch there as manager of a Red Team (red teams hack systems to expose and fix their vulnerabilities) began just after the FBI tried to force the tech giant to undermine security it had spent years developing for its phones to break into an iPhone belonging to one of the San Bernardino shooters. But after realizing there's a limit to the privacy and surveillance issues technology companies can address, Callas decided to tackle the issues from the policy side, accepting a two-year position as senior technology fellow for the American Civil Liberties Union. Callas spoke to Motherboard about government backdoors, the need for tech expertise in policymaking, and what he considers the biggest challenge for the security industry.

Read more of this story at Slashdot.

17:11

Plug in your iPhone, iPad, iPod, fire up the App Store: You have new Apple patches to install [The Register]

Open the door, get on the floor – not so fast if you've an iPhone 4

Apple has emitted a handful of software patches to address security vulnerabilities in iOS, macOS, and various peripherals.…

16:41

You heard the latest Chinese CRISPRs? They are real: Renegade bio-boffin did genetically modify baby twins [The Register]

Egghead faces criminal rap after Beijing tells of banned experiment

Babies were genetically engineered in test tubes using the CRISPR DNA-editing tool as part of an illegal experiment led by disgraced scientist He Jiankui, the Chinese government confirmed this week.…

16:40

Slashdot Asks: Which Mobile Payment Service Is Best For You? [Slashdot]

Everyone has a smartphone these days, therefore everyone should have access to at least one mobile payment service -- Apple Pay, Google Pay, or Samsung Pay. Personally, I've only used Apple Pay a handful of times because the vast majority of stores I visit don't support it. For me, the biggest problem with mobile payment services like Apple Pay and Google Pay isn't the potential security concerns or inconveniences (having to pull my phone out of my pocket or requiring the merchant to pull out an NFC reader while in a drive-thru) -- it's the lack of compatibility. I want to be able to leave my wallet at home and do all of my shopping with my phone, which is not possible due to the lack of support at most retailers. With that said, the support is improving. Today, Apple announced that Apple Pay is now available at 74 of the top 100 U.S. retailers. Quartz reports: Today (Jan. 22), Apple announced that it has also signed up Taco Bell and Target -- two years ago, Target said it had no plans to adopt Apple Pay -- meaning that 74 of the top 100 U.S. retailers by revenue now accept Apple's digital payment. The company added pharmacy chain CVS, along with 7-Eleven, late last year. They joined other major US retailers that include Best Buy, Starbucks, McDonald's, Walgreens, Costco, and Kohl's. (Some of the biggest holdouts: Walmart and Home Depot.) Do you use mobile payment services? Which service(s) do you use and why?

Read more of this story at Slashdot.

16:00

Google Will Start Retiring Hangouts For G Suite Users In October [Slashdot]

In a blog post, Google clarified the timeline of the transition from classic Hangouts to Chat and Meet for its paying G Suite customers. "For them, the Hangouts retirement party will start in October of this year," reports TechCrunch. From the report: For consumers, the situation remains unclear, but Google says there will be free versions of Chat and Meet that will become available "following the transition of G Suite customers." As of now, there is no timeline, so for all we know, Hangouts will remain up and running into 2020. As for G Suite users, Google says it will start bringing more features from classic Hangouts to Chat between April and September. Those include integration with Gmail, the ability to talk to external users, improved video calling and making calls with Google Voice.

Read more of this story at Slashdot.

15:27

Wow, fancy that. Web ad giant Google to block ad-blockers in Chrome. For safety, apparently [The Register]

How many ad blocks could an ad slinger block if an ad slinger could block blocks?

Google engineers have proposed changes to the open-source Chromium browser that will break content-blocking extensions, including various ad blockers.…

15:20

US Will Seek Extradition of Huawei CFO From Canada [Slashdot]

An anonymous reader quotes a report from Reuters: The U.S. Justice Department said on Tuesday it will pursue the extradition of the chief financial officer of China's Huawei, arrested in Canada in December. The United States has accused Huawei CFO Meng Wanzhou of misrepresenting the company's links to a firm that tried to sell equipment to Iran despite U.S. sanctions. The arrest soured relations between Canada and China, with China subsequently detaining two Canadian citizens and sentencing a third to death. The United States must file a formal request for extradition by Jan. 30. Once a formal request is received, a Canadian court has 30 days to determine whether there is enough evidence to support extradition and the Canadian minister of justice must issue a formal order. Canada has not asked the United States to abandon its bid to have Huawei executive Meng Wanzhou extradited, Canada's Foreign Minister Chrystia Freeland said in an interview with Bloomberg TV. "We will continue to pursue the extradition of defendant Ms. Meng Wanzhou, and will meet all deadlines set by the U.S./Canada Extradition Treaty," Justice Department spokesman Marc Raimondi said in a statement. "We greatly appreciate Canada's continuing support of our mutual efforts to enforce the rule of law." Slashdot reader AmiMoJo shares a separate report from the BBC: The chairman of Chinese tech giant Huawei has warned his company could shift away from the U.S. and the U.K. if it continues to face restrictions. Huawei has been under scrutiny by Western governments, which fear its products could be used for spying. Speaking at the World Economic Forum, in Davos, Mr Liang Hua said his firm might transfer technology to countries "where we are welcomed." Huawei makes smartphones but is also a world leader in telecoms infrastructure, in particular the next generation of mobile phone networks, known as 5G.

Read more of this story at Slashdot.

15:11

Heads up: Debian's package manager is APT for root-level malware injection... Fix out now to thwart MITM hijacks [The Register]

Disable redirects before applying update

The Debian Project has patched a security flaw in its software manager Apt that can be exploited by network snoops to execute commands as root on victims' boxes as they update or install packages.…

14:46

Wine 4.0 Officially Released With Vulkan Support, Initial Direct3D 12 & Better HiDPI [Phoronix]

Wine 4.0 is now officially available as the new annual stable release to Wine for running Windows programs and games on Linux and other operating systems...

14:41

'I Tried to Block Amazon From My Life. It Was Impossible.' [Slashdot]

Kashmir Hill, a reporter at Gizmodo, spent weeks trying to avoid and block Amazon -- and every service that is owned by Amazon or uses Amazon's web services (AWS). She went to great lengths such as getting her own custom-built VPN. Turns out, it is impossible to keep Amazon off your life. An excerpt from the report: Launched in 2006, AWS has taken over vast swaths of the internet. My VPN winds up blocking over 23 million IP addresses controlled by Amazon, resulting in various unexpected casualties, from Motherboard and Fortune to the U.S. Government Accountability Office's website. (Government agencies love AWS, which is likely why Amazon, soon to be a corporate Cerberus with three "headquarters," chose Arlington, Virginia, in the D.C. suburbs, as one of them.) Many of the smartphone apps I rely on also stop working during the block.

Read more of this story at Slashdot.

14:25

Libdrm 2.4.97 Released With AMDGPU Updates, Other Minor Work [Phoronix]

Libdrm 2.4.97 was released today by AMD's Marek Olšák as the newest version of this Mesa DRM library. The main feature of this list is a newer, faster buffer object list API for the AMDGPU code...

14:12

Core blimey... When is an AMD CPU core not a CPU core? It's now up to a jury of 12 to decide [The Register]

Chip giant can't shake off US class-action lawsuit over Bulldozer advertising

A class-action lawsuit against AMD claiming false advertising over its "eight core" FX processors has been given the go-ahead by a California judge.…

14:02

Google Considering Pulling News Service From Europe [Slashdot]

Google is considering pulling its Google News service from Europe as regulators work toward a controversial copyright law. From a report: The European Union's Copyright Directive will give publishers the right to demand money from Alphabet, Facebook and other web platforms when fragments of their articles show up in news search results, or are shared by users. The law was supposed to be finalized this week but was delayed by disagreement among member states. Google News might quit the continent in response to the directive, said Jennifer Bernal, Google's public policy manager for Europe, the Middle East and Africa. The internet company has various options, and a decision to pull out would be based on a close reading of the rules and taken reluctantly, she said. "The council needs more time to reflect in order to reach a solid position" on the directive, said a representative of Romania, current head of the European Council, which represents the 28 member nations.

Read more of this story at Slashdot.

13:30

Veeam: Users are crying out for cloud tiers [The Register]

At least we hope so – 'cos here are some 'infinite' cloudy backup repositories

Veeam has added a Cloud element to its Availability Suite, tiering off old data to object storage in AWS and Azure or on-premises.…

13:22

Apple Releases macOS 10.14.3, iOS 12.1.3, watchOS 5.1.3, and tvOS 12.1.2 [Slashdot]

Apple today pushed software updates for a range of its computing platforms. They are all minor releases that simply offer a few bug fixes and security updates, with no new features -- and there are no new features in any of the beta releases for these versions of the operating systems, either. From a report: iOS 12.1.3 fixes a scrolling bug in Messages, an iPad Pro-specific audio bug, and a graphical error in some photos, and it addresses some CarPlay disconnects experienced by owners of the three new iPhone models released in late 2018. It also fixes two minor bugs related to the company's HomePod smart speaker.

Read more of this story at Slashdot.

13:12

En garde! 'Cyber-war has begun' – and France will hack first, its defence sec declares [The Register]

Parly-vous cyber-security? No plan to surrender, military bug bounty coming

FIC2019  France’s defence secretary Florence Parly today declared: “Cyber war has begun.”…

12:55

Intel Is Working On A Vulkan Overlay Layer, Inspired By Gallium3D HUD [Phoronix]

Aside from some out-of-tree experiments last year by one of Valve's developers on a RADV Vulkan HUD of similar nature to the popular Gallium HUD option, it turns out an Intel developer has recently been working on a Vulkan overlay layer to provide "Gallium HUD" inspired information...

12:40

MasterCard Fined $648 Million for High EU Card Fees [Slashdot]

MasterCard was fined 570.6 million euros ($648 million) by the European Union for imposing rules that regulators said may have artificially raised the costs of card payments in the region. From a report: The European Commission said MasterCard unfairly prevented retailers from seeking cheaper rates from banks outside the EU country where they are based. MasterCard's curbs on cross-border acquiring ended when the EU introduced credit card legislation in 2015. The EU's probe started in 2013 and escalated with a statement of objections two years later. MasterCard last month set aside $650 million to cover the fine, less than a potential 1 billion euros it flagged as a possibility in 2017. The company got a 10 percent fine reduction for cooperating with the EU, regulators said.

Read more of this story at Slashdot.

12:30

Stage fright or Stage light? Depends how far you dare to open your MacBook Pro's lid [The Register]

Pursuit of ever skinnier laptops blamed as some post-2016 displays start failing

Apple's Macbook Pro has yet another "fatal flaw" in the form of a flex cable fingered as being the root of a host of display problems.…

11:59

A Meteorite Hit the Moon During Total Lunar Eclipse [Slashdot]

Observers of Sunday's lunar eclipse were blessed with the first known sighting of a meteorite impact during such an event. From a report: The so-called "super wolf blood moon" was eagerly watched by millions of people around the world, mostly via live streaming video. During the eclipse, some people noticed a tiny flash, a brief yellow-white speck, popping up on the lunar surface during the online broadcasts. One Reddit user raised the possibility that this was a meteorite impact and others scoured eclipse footage for evidence of the event. A flash is visible in at least three different videos. Jose Maria Madiedo at the University of Huelva in Spain has confirmed that the impact is genuine. For years, he and his colleagues have been hoping to observe a meteorite impact on the moon during a lunar eclipse, but the brightness of these events can make that very difficult -- lunar meteorite impacts have been filmed before, but not during an eclipse. On this occasion, Madiedo doubled the number of telescopes trained on different parts of the moon -- from four to eight -- in the hope of seeing an impact. "I had a feeling, this time will be the time it will happen," says Madiedo.

Read more of this story at Slashdot.

11:30

[NSFW] Hardworking Americans keep busy during the government shutdown driving up smut traffic [The Register]

You can make your own Yank joke here

NSFW links  Recent statistics indicate that not is only the US government shutdown lengthening, so too is the amount of time spent in the Washington DC area on, ahem, adult pursuits.…

11:21

Microsoft Debuts New Low-Cost Laptops and 'Classroom Pen' For Schools [Slashdot]

Microsoft is doubling down on the education market, a competitive arena for the world's largest tech giants, with a series of new low-cost laptops and tools to help students and teachers work together. From a report: At the BETT education conference in London Tuesday, Microsoft unveiled seven new laptops and two-in-one tablets made by partners like Lenovo, Dell and Acer and a new Microsoft Classroom Pen designed for the smaller hands of kids. Starting at $189, the low-cost devices are designed to stand up to tough treatment of being dragged around in a backpack everyday. The seven new devices showcased today are: Lenovo 100e -- priced from $189, Lenovo 300e (2-in-1) -- priced from $289, Lenovo 14w -- priced from $299, Acer TravelMate B1(B118-M) -- priced from $215, Acer TravelMate Spin B1 (B118-R/RN) -- priced from $299, Acer TravelMate B1-114 -- priced from $319, and Dell Latitude 3300 for Education -- priced from $299. The pen is priced at $40.

Read more of this story at Slashdot.

10:40

How Companies Secretly Boost Their Glassdoor Ratings [Slashdot]

From a report: Last summer, employees of Guaranteed Rate posted a stream of negative reviews about the mortgage broker on Glassdoor, a company-ratings website. The company's rating on Glassdoor, which is determined by employee feedback, fell to 2.6 stars out of 5. Concerned that negative reviews could hurt recruiting, Guaranteed Rate CEO Victor Ciardelli instructed his team to enlist employees likely to post positive reviews, said a person familiar with his instructions. In September and October these employees flooded Glassdoor with hundreds of five-star ratings. The company rating now sits at 4.1. Glassdoor has become an important arbiter of employee sentiment in today's highly competitive job market. A Wall Street Journal investigation shows it can be manipulated by employers trying to sway opinion in their favor. An analysis of millions of anonymous reviews posted on Glassdoor's site identified more than 400 companies with unusually large single-month increases in reviews. During the vast majority of these surges, the ratings were disproportionately positive compared with the surrounding months, the Journal's analysis shows. Glassdoor's problem echoes the challenged faced by other online rating platforms, who are trying to ensure their rankings are real and maintain users' trust. Amazon.com, local-business site Yelp and hotel-and-restaurant site TripAdvisor have all had to fend off attempts to game reviews and ratings.

Read more of this story at Slashdot.

10:30

French diplomat: Spies gonna spy – there aren't any magical cyberspace laws that can prevent it [The Register]

Pragmatic chap looks at reality of international relations

FIC2019  A French diplomat has suggested that future global regulation of cyberspace could exempt spying from regulation "as long as some specific sectors are preserved".…

10:02

Intel Lands Transform Feedback Support In Their Vulkan Driver For Mesa 19.0 [Phoronix]

Ahead of the Mesa 19.0 feature freeze coming up at month's end for this next quarterly feature release, Intel's open-source developers today merged support for the VK_EXT_transform_feedback extension that is important for Linux gamers with DXVK for mapping Direct3D 11 atop Vulkan and similar graphics API translation libraries...

09:45

Google Says Data is More Like Sunlight Than Oil [Slashdot]

Google wants to popularize a more upbeat way of describing data: It's more like sunlight than oil. From a report: Speaking at the World Economic Forum in Davos, Switzerland, on Tuesday morning, Google's chief financial officer, Ruth Porat, said that "data is more like sunlight than oil," adding, "It is like sunshine -- we keep using it, and it keeps regenerating." It's a twist on the well-known phrase "data is the new oil," meaning the world's most valuable resource is information rather than petroleum. Like the oil barons who preceded them, Silicon Valley titans such as Google, Facebook, and Amazon have risen quickly to profit from this new resource and even control its flow. And in another echo of history, regulators are eyeing the industry.

Read more of this story at Slashdot.

09:33

We all love bonking to pay, but if you bonk with a Windows Phone then Microsoft has bad news [The Register]

Look, the platform is dead. Will you just move on already?

Dearly beloved, we are gathered here today to honour the memory of yet another Windows mobile technology. The rabidly unpopular Microsoft Wallet for the much beloved Windows Phone is for the chop.…

09:30

Looks like Uncle Sam has pulled its finger out and appointed a Privacy Shield ombudsperson [The Register]

White House to nominate former DocuSign boss

The US may have finally complied with the European Commission's repeated requests to name a permanent Privacy Shield ombudsperson, The Register understands.…

09:05

MacBook Pro Stage Light Fault: Apple's Design Turns $6 Fix Into a $600 Nightmare [Slashdot]

An anonymous reader shares a report: Some MacBook Pro owners have complained of a 'stage light' effect, where they see uneven backlighting at the bottom of the display. For some, the symptom is only the first stage, with the backlight failing altogether. iFixit says that it has identified the cause -- and the way in which Apple changed the design of the Touch Bar generation for the MacBook Pro turns what would otherwise be a $6 fix into a $600 nightmare. The problem, says the company, is caused by Apple using much thinner ribbon cables instead of the thicker wires used in previous generation MacBook Pro models.

Read more of this story at Slashdot.

09:01

EasyJet boss says pre-Chrimbo Gatwick drone chaos cost it £15m [The Register]

Budget airline cancelled 400 flights, stranding 82,000 customers including a Vulture*

The boss of Squeezyjet Easyjet is "disappointed" by the time it took London's Gatwick Airport to overcome the drone crisis that led to multiple flight cancellations and cost the budget airliner £15m.…

08:30

Ubuntu Core 18 Released for IoT devices [Slashdot]

Canonical today announced the release of Ubuntu Core 18 "for secure, reliable IoT devices." The Canonical blog notes that "Immutable, digitally signed snaps ensure that devices built with Ubuntu Core are resistant to corruption or tampering. Any component can be verified at any time." In addition, "The attack surface of Ubuntu Core has been minimized, with very few packages installed in the base OS, reducing the size and frequency of security updates and providing more storage for applications and data." Ubuntu Core also "enables a new class of app-centric things, which can inherit apps from the broader Ubuntu and Snapcraft ecosystems or build unique and exclusive applications that are specific to a brand or model." You can download it from here.

Read more of this story at Slashdot.

08:15

NHS England digital boss in hot water over 'puff piece' written about her future employer [The Register]

Juliet Bauer's article praised GP app biz Livi – but didn't mention she was joining them in April

Departing NHS England digital exec Juliet Bauer has been slammed for writing a "puff piece" that praised her new employer, app biz Livi, without mentioning she would start work there in a matter of months.…

08:12

UK Linux Vendor Star Labs Systems Supporting LVFS+Fwupd For Firmware Updates [Phoronix]

Boutique Linux PC vendor Star Labs Systems out of the United Kingdom is the latest hardware vendor seeing their products supported by the Linux Vendor Firmware System (LVFS) with Fwupd for handling firmware updates...

07:57

Why Your New Heart Could Be Made in Space One Day [Slashdot]

Imagine a laboratory growing human hearts - and imagine that laboratory floating in space hundreds of miles above the surface of the Earth. That may sound like science fiction, but bizarre as it seems, it could bring new hope for transplant patients within the next decade. From a report: While about 7,600 heart transplants were carried out around the world in 2017, there's a desperate shortage of organs, with thousands of people on waiting lists dying every year. Efforts to grow human hearts in the lab are showing promise, but are hampered by the need for the organs to grow around a "scaffolding" to make sure they don't collapse during the process. Reliably removing the scaffolding once the heart is complete is proving to be a challenge. Space tech company Techshot believes zero gravity could be the answer. The International Space Station (ISS) is in constant freefall around the planet, meaning that anything inside experiences effective weightlessness, known technically as microgravity. This means organs could be grown without the need for any scaffolding, believes Rich Boling, the firm's vice-president of corporate advancement. One day hearts could be grown commercially for transplant, Techshot believes. [...] Developed in partnership with Nasa, Techshot's BioFabrication Facility (BFF) is a microwave oven-sized device that uses 3D printing techniques to create patches for heart repairs using a patient's own stem cells.

Read more of this story at Slashdot.

07:43

Saturday Morning Breakfast Cereal - Swords [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Those green squiggles in the background represent medieval Scotland.


Today's News:

07:30

Stalk my pals on social media and you'll know that the next words out of my mouth will be banana hammock [The Register]

Boffins reckon they can predict what you'll say based on your friends' activity online

The phenomenon of "prescient Facebook advertising", so beloved of conspiracy theorists who think social networks listen to your microphone, might instead simply be evidence of how good Facebook's algorithms have become.…

07:19

Ubuntu Core 18 Released By Canonical For IoT/Embedded With 10 Year Support Strategy [Phoronix]

Canonical this morning announced Ubuntu Core 18, its operating system based on Ubuntu 18.04 LTS and destined for IoT and embedded appliances and other low-power devices...

07:07

Qt 5.13 Slated To Deliver Many WebAssembly Improvements [Phoronix]

The Qt 5.12 release at the end of last year brought the Qt for WebAssembly Tech Preview to allow for Qt-based applications to run within web browsers via the sandboxed WASM technology. With the Qt 5.13 release coming out this spring, the WebAssembly support should be in much better shape...

07:05

Facebook Appears To Be Quietly Building Laser Satellites For Global Communications [Slashdot]

The snow-dusted peak of Mount Wilson in California has been home to many famous observatories. Until 1949, its 100-inch (2.5-meter) Hooker telescope was the largest aperture telescope in the world, and in 2004, its CHARA array became the world's largest optical interferometer. Now, two new observatories are being built there that, while not focused on the stars, might prove equally historic. They could house Facebook's first laser communications systems designed to connect to satellites in orbit. IEEE Spectrum reports: Construction permits issued by the County of Los Angeles show that a small company called PointView Tech is building two detached observatories on the mountain peak. PointView is the company that IEEE Spectrum revealed last year to be a previously unknown subsidiary of Facebook working on an experimental satellite called Athena. In April, PointView sought permission from the U.S. Federal Communications Commission to test whether E-band radio signals could "be used for the provision of fixed and mobile broadband access in unserved and underserved areas." That application was still pending at the FCC before the current U.S. federal government shutdown took effect, but it and other public documents and presentations now strongly suggest that PointView is planning to utilize laser technology, possibly both in Athena and future spacecraft. Facebook has long been interested in free space optical, or laser, communication technology. Lasers are able to support much higher data rates than radio transmitters for a given input power, and their signals are largely immune to interference or hacking, although clouds can be problematic. Although Facebook developed millimeter-wave E-band links for its stratospheric Aquila drones, it was also experimenting with air-to-ground laser communications before it canceled its drone program last June. The laser tests, which used technology supplied by German company Mynaric, succeeded in establishing 10-gigabit-per-second links between a ground station and a light aircraft flying overhead.

Read more of this story at Slashdot.

07:00

Canonical brings some bling to the Internet of Things with Snap-happy Ubuntu Core 18 release [The Register]

Ubuntu here, there, everywhere

Canonical unleashed Ubuntu Core 18 on the public today following a beta of the locked-down Linux in December.…

06:11

Surface: Tested to withstand the NFL. Microsoft firmware updates? Not so much [The Register]

Windows is updating your play-by-play, this may take a while

Microsoft's Surface tablet got an unexpected workout during the recent NFL playoff between the New England Patriots and the Kansas City Chiefs when a frustrated coach flung the fondleslab onto the field.…

06:10

Struggling with GDPR compliance? Don't waste money on legal advice: Buy a shredder [The Register]

Oh, and this visitor book. How about a £60 cardboard bin?

There is, it seems, no deterring the General Data Protection Regulation snake-oil sellers, who will happily stick "GDPR compliant" onto whatever they have to hand – including shredders, bins and visitor books.…

06:00

Android Q Will Include More Ways For Carriers To SIM Lock Your Phone [Slashdot]

An anonymous reader quotes a report from 9to5Google: Over the weekend, four commits were posted to various parts of Android's Gerrit source code management, all entitled "Carrier restriction enhancements for Android Q." In them, we see that network carriers will have more fine-grained control over which networks devices will and will not work on. More specifically, it will be possible to designate a list of "allowed" and "excluded" carriers, essentially a whitelist and a blacklist of what will and won't work on a particular phone. This can be done with a fine-grained detail to even allow blocking virtual carrier networks that run on the same towers as your main carrier. Restriction changes are also on the way for dual-SIM devices. At the moment, carriers can set individual restrictions for each SIM slot, but with Android Q, carriers will be able to lock out the second slot unless there's an approved SIM card in the first slot. This SIM lock restriction is applied immediately and will persist through restarting the phone, and even doing a factory reset. Thankfully, in both cases, emergency phone calls will still work as expected, regardless of any restrictions on the particular SIM cards in your phone.

Read more of this story at Slashdot.

Out-Of-The-Box 10GbE Network Benchmarks On Nine Linux Distributions Plus FreeBSD 12 [Phoronix]

Last week I started running some fresh 10GbE Linux networking performance benchmarks across a few different Linux distributions. That testing has now been extended to cover nine Linux distributions plus FreeBSD 12.0 to compare the out-of-the-box networking performance.

05:40

Dixons Carphone still counting cost of miserly mobile phone sales [The Register]

Things are, er, looking up though: activist investor Elliott Management is reportedly sniffing around retailer

Distressed retailer Dixons Carphone – reportedly the object of activist investor Elliot Management's affections – today confirmed a 7 per cent tumble in mobile phone sales over the festive period.…

05:08

UK.gov plans £2,500 fines for kids flying toy drones within 3 MILES of airports [The Register]

Families playing in gardens targeted with new powers

Families living near airports whose children fly toy helicopters in their gardens could be fined up to £2,500 under new government plans that, er, flew under the radar during the ongoing Brexit chaos.…

05:00

Will people ditch cash for cryptocurrency? Japan is about to find out [Top News - MIT Technology Review]

The world’s largest experiment in using blockchain-based networks to pay for things is about to begin.

04:38

France wants in on the No Huawei Club while Canuck infosec bloke pretty insistent on ban [The Register]

Founder warns that 'mediocre employees' may have to go

French parliament is reportedly mulling a ban on Huawei kit being used in next-generation telco networks, potentially heaping further pressure on the Chinese headquartered giant.…

04:01

Want to spin up Ubuntu VMs from Windows 10's command line, eh? We'll need to see a Multipass [The Register]

Don't need full-fat GUI? WSL doesn't cut it? Canonical has just the ticket

Windows 10 developers have been gifted yet another way of running Linux on their desktop in the form of Canonical's Multipass.…

04:00

AMDGPU Kernel Driver Is Working Out Well On Linux 5.0 [Phoronix]

While no measurable performance changes for either Polaris or Vega, the AMDGPU kernel driver in Linux 5.0 appears to be in largely good shape now mid-way through the cycle...

03:40

Amazon Posts L1TF/Foreshadow Demonstrator Code For The Linux Kernel [Phoronix]

In helping to build better defenses against this side channel vulnerability, Julian Stecklina of Amazon Germany (who previously co-discovered the "LazyFP" vulnerability last year) has posted demonstrator code for the Level 1 Terminal Fault (L1TF) vulnerability against the Linux kernel...

03:31

Get in the bin: Let's Encrypt gives admins until February 13 to switch off TLS-SNI-01 [The Register]

End-of-life followed 2018 fake Website certificate drama

If you're still using TLS-SNI-01, stop: a year after a slip-up allowed miscreants to claim Let's Encrypt certificates for domains they didn't own, the free certificate authority has announced the final sunset of the protocol involved.…

03:00

Is Screen Time Good or Bad? It's Not That Simple [Slashdot]

TechCrunch's Devin Coldeway picks apart a new study by Oxford scientists that questions the basis of thousands of papers and analyses with conflicting conclusions on the effect of screen time on well-being. "The researchers claim is that the science doesn't agree because it's bad science," Coldeway writes. "So is screen time good or bad? It's not that simple." From the report: Their concern was that the large data sets and statistical methods employed by researchers looking into the question -- for example, thousands and thousands of survey responses interacting with weeks of tracking data for each respondent -- allowed for anomalies or false positives to be claimed as significant conclusions. It's not that people are doing this on purpose necessarily, only that it's a natural result of the approach many are taking. "Unfortunately," write the researchers in the paper, "the large number of participants in these designs means that small effects are easily publishable and, if positive, garner outsized press and policy attention." In order to show this, the researchers essentially redid the statistical analysis for several of these large data sets (Orben explains the process here), but instead of only choosing one result to present, they collected all the plausible ones they could find. For example, imagine a study where the app use of a group of kids was tracked, and they were surveyed regularly on a variety of measures. The resulting (fictitious, I hasten to add) paper might say it found kids who use Instagram for more than two hours a day are three times as likely to suffer depressive episodes or suicidal ideations. What the paper doesn't say, and which this new analysis could show, is that the bottom quartile is far more likely to suffer from ADHD, or the top five percent reported feeling they had a strong support network. [...] Ultimately what the Oxford study found was that there is no consistent good or bad effect, and although a very slight negative effect was noted, it was small enough that factors like having a single parent or needing to wear glasses were far more important. "[T]he study does not conclude that technology has no negative or positive effect; such a broad conclusion would be untenable on its face," Coldeway writes. "The data it rounds up are simply inadequate to the task and technology use is too variable to reduce to a single factor. Its conclusion is that studies so far have in fact bee inconclusive and we need to go back to the drawing board."

Read more of this story at Slashdot.

02:59

A Delta IV Heavy heads for space at last while New Horizons' fumes OK for 'future missions' [The Register]

Also: Is that an aerospike in your pocket or are bells more your thing?

Roundup  An expendable Delta IV Heavy finally took off at the weekend while reusability darlings SpaceX and Blue Origin both continued to suffer slippages. Meanwhile, New Horizons still has plenty of gas in the tank.…

02:47

Read-Only Apple File-System Support Is Being Worked On For The Linux Kernel (APFS) [Phoronix]

The past few years Apple has been developing APFS as the successor to the long-used HFS+ file-system. The Apple File-System is in use with macOS 10.13+ iOS 10.3, and their other platforms for offering a lot of features not found in HFS+ including much better performance. There is an open-source APFS kernel driver now under development for Linux in supporting this file-system...

02:20

Wall St moneymen on IBM Q4 financials: Don't get your hopes up [The Register]

Software, Strategic Imperatives found wanting

IBM revenues are expected to shrink for its Q4 of calendar '18 and into 2019 amid worries the mainframe refresh wave has crested and strategic bets still aren't yet big enough to offset declines in legacy tech.…

00:00

SpaceX To Shift Starship Work From California To Texas [Slashdot]

SpaceX is reportedly shifting its work on prototypes of its next-gen "Starship" launch vehicle from Los Angeles to Texas. The news comes less than a week after the aerospace company announced its plans to lay off 10% of its 6,000-person workforce to tackle its more ambitious projects. An anonymous reader shares the report from Space.com: In a statement, SpaceX said it was now planning to build prototypes of its Starship vehicle, the upper stage of its next-generation reusable launch system, at its site in South Texas originally designed to serve as a launch site. An initial prototype version of that vehicle has been taking shape in recent weeks at the site in advance of 'hopper' tests that could begin in the next one to two months. A shift to South Texas, industry sources said, could be a way to reduce expenses, given the lower cost of living there versus the Los Angeles area. However, that region of Texas has a much smaller workforce, particularly in aerospace, compared to Southern California.

Read more of this story at Slashdot.

Monday, 21 January

23:00

Ubuntu Gets Snappier Video Playback With Chromium Snap For VA-API Acceleration [Phoronix]

For Ubuntu users running the Chromium web browser and wanting to enjoy better video acceleration with Gallium3D or Intel hardware, there is now a Chromium Snap for testing that features VA-API video acceleration support for GPU-based decoding...

22:05

Linux Picking Up Support For The Fireface UCX High-End Professional Audio Solution [Phoronix]

Should you be assembling a recording studio or have another purpose for some high-end audio kit, the RME Fireface UCX is the latest sound device seeing support in the upstream Linux kernel...

20:30

Ancient Climate Change Triggered Warming That Lasted Thousands of Years [Slashdot]

An anonymous reader quotes a report from Phys.Org: A rapid rise in temperature on ancient Earth triggered a climate response that may have prolonged the warming for many thousands of years, according to scientists. Their study, published online in Nature Geoscience, provides new evidence of a climate feedback that could explain the long duration of the Paleocene-Eocene Thermal Maximum (PETM), which is considered the best analogue for modern climate change. The findings also suggest that climate change today could have long-lasting impacts on global temperature even if humans are able to curb greenhouse gas emissions. Increased erosion during the PETM, approximately 56 million years ago, freed large amounts of fossil carbon stored in rocks and released enough carbon dioxide, a greenhouse gas, into the atmosphere to impact temperatures long term, researchers said. Scientists found evidence for the massive carbon release in coastal sediment fossil cores. They analyzed the samples using an innovative molecular technique that enabled them to trace how processes like erosion moved carbon in deep time. Global temperatures increased by about 9 to 14.4 degrees Fahrenheit during the PETM, radically changing conditions on Earth. Severe storms and flooding became more common, and the warm, wet weather led to increased erosion of rocks. As erosion wore down mountains over thousands of years, carbon was released from rocks and transported by rivers to oceans, where some was reburied in coastal sediments. Along the way, some of the carbon entered the atmosphere as greenhouse gas.

Read more of this story at Slashdot.

19:20

Dutch Surgeon Wins Landmark 'Right To Be Forgotten' Case [Slashdot]

AmiMoJo shares a report from The Guardian: A Dutch surgeon formally disciplined for her medical negligence has won a legal action to remove Google search results about her case in a landmark "right to be forgotten" ruling. The doctor's registration on the register of healthcare professionals was initially suspended by a disciplinary panel because of her postoperative care of a patient. After an appeal, this was changed to a conditional suspension under which she was allowed to continue to practice. But the first results after entering the doctor's name in Google continued to be links to a website containing an unofficial blacklist, which it was claimed amounted to "digital pillory." It was heard that potential patients had found the blacklist on Google and discussed the case on a web forum. The surgeon's lawyer, Willem van Lynden, said the ruling was groundbreaking in ensuring doctors would no longer be judged by Google on their fitness to practice. "Now they will have to bring down thousands of pages: that is what will happen, in my view. There is a medical disciplinary panel but Google have been the judge until now. They have decided whether to take a page down -- and why do they have that position?" Van Lynden said.

Read more of this story at Slashdot.

18:40

Tesla Model 3 Is Heading To Europe [Slashdot]

The Tesla Model 3 has cleared its last regulatory hurdle in Europe and will soon go on sale in the continent home to Audi, BMW, and Mercedes-Benz. "Deliveries should start in February for the Long Range Battery version of the midsize sedan -- the same variant first sold in the U.S. -- according to Tesla, after Dutch vehicle authority RDW issued the OK," reports Bloomberg. From the report: The European launch is crucial for Tesla as it navigates what Chief Executive Officer Elon Musk called a "very difficult" road ahead. The company is cutting jobs so it can profitably deliver lower-priced versions of the Model 3, Tesla's first car targeted for the mass market. Musk has pointed to sales of the sedan in Europe and China as a main reason he isn't concerned about any potential setback caused by a halving of the U.S. federal tax credit, to $3,750, on Tesla purchases as of Jan. 1. With the Model 3, Tesla also has an opportunity to broaden its attack on the premium car market dominated by Germany's BMW AG, Daimler AG-owned Mercedes-Benz and Volkswagen AG's Audi. Tesla, based in Palo Alto, California, said in its third-quarter shareholder letter that "the midsized premium sedan market in Europe is more than twice as big as the same segment in the U.S." The Model 3 became the top-selling luxury car there last year, outstripping the Audi Q5, BMW 3 Series and other well-known models. Analysts and industry executives, however, have observed that competition with Tesla cuts across traditional categories.

Read more of this story at Slashdot.

18:00

Facebook's Plans For Space Lasers Revealed [Slashdot]

Two new observatories are being built on Mount Wilson in California -- home to the 100-inch Hooker telescope, one of the largest aperture telescopes in the world, and CHARA array, the world's largest optical interferometer. As IEEE Spectrum reports, "they could house Facebook's first laser communications systems designed to connect to satellites in orbit." From the report: Construction permits issued by the County of Los Angeles show that a small company called PointView Tech is building two detached observatories on the mountain peak. PointView is the company that IEEE Spectrum revealed last year to be a previously unknown subsidiary of Facebook working on an experimental satellite called Athena. In April, PointView sought permission from the U.S. Federal Communications Commission to test whether E-band radio signals could "be used for the provision of fixed and mobile broadband access in unserved and underserved areas." That application was still pending at the FCC before the current U.S. federal government shutdown took effect, but it and other public documents and presentations now strongly suggest that PointView is planning to utilize laser technology, possibly both in Athena and future spacecraft. [...] Planning documents show that construction work on PointView's Mount Wilson observatories began in July and passed inspection in the middle of December. If the observatories are part of a laser satellite installation, they might use an optical ground station conceptually similar to [German company Mynaric]. This transmits its own laser beam up into the atmosphere for a drone -- or potentially a satellite -- to lock on to. Facebook and the Mount Wilson Institute didn't comment, but the report does go on to cite scientific papers authored by Facebook researchers suggesting that the company is committing resources to orbital lasers. "In a series of papers published in 2017 and 2018, engineers Raichelle Aniceto and Slaven Moro subjected multiple components, including an optical modem, to radiation similar to that experienced on orbit," reports IEEE Spectrum.

Read more of this story at Slashdot.

Fedora 30 Going Through Its Formalities To Ship With & Built By The GCC 9 Compiler [Phoronix]

With each new Fedora release you can pretty much be guaranteed it will be using the latest and greatest releases of the GNOME desktop, the most recent stable kernel, and it's also been very punctual in switching over to new major releases of the GCC compiler -- generally being the first of the major Linux distributions adopting the annual major GNU compiler releases. With Fedora 30 due out in May, it should ship with GCC 9.1 as would be standard practice. It's not guaranteed though as FESCo hasn't signed off on it with this change request coming in past the deadline...

17:20

New Phobos Ransomware Exploits Weak Security To Hit Targets Around the World [Slashdot]

An anonymous reader quotes a report from ZDNet: A prolific cybercrime gang behind a series of ransomware attacks is distributing a new form of the file-encrypting malware which combines two well known and successful variants in a series of attacks against businesses around the world. Dubbed Phobos by its creators, the ransomware first emerged in December and researchers at CoveWare have detailed how it shares a number of similarities with Dharma ransomware. Like Dharma, Phobos exploits open or poorly secured RDP ports to sneak inside networks and execute a ransomware attack, encrypting files and demands a ransom to be paid in bitcoin for returning the files, which in this case are locked with a .phobos extension. The demand is made in a ransom note -- and aside from 'Phobos' logos being added to the ransom note, it's exactly the same as the note used by Dharma, with the same typeface and text use throughout. Phobos is being distributed by the gang behind Dharma and likely serves as an insurance policy for malicious campaigns, providing attackers with a second option for conducting attacks, should Dharma end up decrypted or prevented from successfully extorting ransoms from victims.

Read more of this story at Slashdot.

17:01

Spotify Will Soon Let You Mute, Block Artists [Slashdot]

Spotify, one of the largest music streaming platforms available, is readying a "don't play this artist" feature in its apps that will let you mute artists you don't want to hear from. "The feature simply lets you block an entire artist from playing, so that songs from the artist will never play from a library, playlist, chart list, or even radio stations on Spotify," reports The Verge. From the report: The block feature works on songs by an individual artist, but it doesn't currently apply to tracks that an artist is featured on. Thurrott first spotted the feature, and notes that Spotify originally decided not to offer blocking "after serious consideration" back in 2017. Spotify has now reversed that decision.

Read more of this story at Slashdot.

16:40

Google Fined $57 Million By French Data Privacy Body For Failing To Comply With EU's GDPR Regulations [Slashdot]

schwit1 shares a report from VentureBeat: Google has been hit by a $57 million fine by French data privacy body CNIL (National Data Protection Commission) for failure to comply with the EU's General Data Protection Regulation (GDPR) regulations. The CNIL said that it was fining Google for "lack of transparency, inadequate information and lack of valid consent regarding the ads personalization," according to a press release issued by the organization. The news was first reported by the AFP. What the CNIL is effectively referencing here is dark pattern design, which attempts to encourage users into accepting terms by guiding their choices through the design and layout of the interface. This is something that Facebook has often done too, as it has sought to garner user consent for new features or T&Cs. It's worth noting here that Google has faced considerable pressure from the EU on a number of fronts over the way it carries out business. Back in July, it was hit with a record $5 billion fine in an Android antitrust case, though it is currently appealing that. A few months back, Google overhauled its Android business model in Europe, electing to charge Android device makers a licensing fee to preinstall its apps in Europe. Google hasn't confirmed what its next steps will be, but it will likely appeal the decision as it has done with other fines. "People expect high standards of transparency and control from us," a Google spokesperson told VentureBeat. "We're deeply committed to meeting those expectations and the consent requirements of the GDPR. We're studying the decision to determine our next steps."

Read more of this story at Slashdot.

16:08

Glibc Gets Patched For Three Year Old Security Vulnerability [Phoronix]

CVE-2016-10739 has been around since April 2016 as implied by the number and finally today this security issue has been fixed in the Git development code for the upcoming Glibc 2.29 GNU C Library...

16:00

Russia Tries To Force Facebook, Twitter To Relocate Servers To Russia [Slashdot]

An anonymous reader quotes a report from Ars Technica: The Russian government agency responsible for censorship on the Internet has accused Facebook and Twitter of failing to comply with a law requiring all servers that store personal data to be located in Russia. Roskomnadzor, the Russian censorship agency, "said the social-media networks hadn't submitted any formal and specific plans or submitted an acceptable explanation of when they would meet the country's requirements that all servers used to store Russians' personal data be located in Russia," The Wall Street Journal reported today. Roskomnadzor said it sent letters to Facebook and Twitter on December 17, giving them 30 days to provide "a legally valid response." With the 30 days having passed, the agency said that "Today, Roskomnadzor begins administrative proceedings against both companies." The law went into effect in September 2015, but Russia has had trouble enforcing it. "At the moment, the only tools Russia has to enforce its data rules are fines that typically only come to a few thousand dollars or blocking the offending online services, which is an option fraught with technical difficulties," a Reuters article said today. According to The Journal, "Facebook and Twitter could be fined for not providing information to the watchdog."

Read more of this story at Slashdot.

14:33

Demand and Salaries For Data Scientists Continue To Climb [Slashdot]

Data-science job openings are expanding faster than the number of technologists looking for them, says job-search firm Indeed. From a report: Back in August, a LinkedIn analysis concluded that the United States is facing a significant shortage of data scientists, a big change from a surplus in 2015. Last week, job-search firm Indeed reported that its data indicates the shortage is getting worse: While more job seekers are interested in data-science jobs, the number of job postings from employers has been rising faster than the number of interested applicants. According to Indeed, job postings for data scientists as a share of all postings were up 29 percent in December 2018 compared with December 2017, while searches were only up around 14 percent. "The bargaining power in data science remains with the job seekers," Andrew Flowers, Indeed economist, stated in a press release. [...] Salaries for data scientists are up as well. Average salary in the area surrounding Houston, which topped the 2018 list when adjusted for the cost of living, climbed 16.5 percent since 2017, while the average salary in the San Francisco Bay Area, No. 2 on the adjusted list, jumped 13.7 percent over Indeed's 2017 numbers.

Read more of this story at Slashdot.

14:00

Making It Even Easier To Gauge Your System's Performance [Phoronix]

For those trying to understand their system's performance on a macro level will enjoy a new feature being introduced with Phoronix Test Suite 8.6-Spydeberg for seeing how your CPU/system/GPU/storage/network performance compares at scale to the massive data sets amassed by OpenBenchmarking.org and the Phoronix Test Suite over the past decade...

13:52

The 'Fortnite' Economy Now Has Its Own Black Market [Slashdot]

Fortnite's in-game currency, V-bucks, are now being used to launder money from stolen credit cards, according to a report by The Independent and cybersecurity firm Sixgill. From a report: Here's how it works: After a hacker obtains someone else's credit card information, they make a Fortnite account and use the card to buy V-bucks which are used in the game to purchase cosmetic upgrades and new ways your character can dance. Once the account is loaded up with V-bucks, it is then sold through a legitimate vendor like eBay, or on the dark web. V-bucks cost about $10 for 1,000 when you buy them in the game or from authorized online stores. But these accounts are sold at rates low enough that it ends up being much cheaper to buy V-bucks that way.

Read more of this story at Slashdot.

13:11

We'll Likely See a Rise in Internet Blackouts in 2019 [Slashdot]

We'll likely see a rise in internet blackouts in 2019, for two reasons: countries deliberately "turning off" the internet within their borders, and hackers disrupting segments of the internet with distributed denial-of-service (DDoS) attacks. Above all, both will force policymakers everywhere to reckon with the fact that the internet itself is increasingly becoming centralized -- and therefore increasingly vulnerable to manipulation, making everyone less safe. From a report: The first method -- states deliberately severing internet connections within their country -- has an important history. In 2004, the Maldivian government caused an internet blackout when citizens protested the president; Nepal similarly caused a blackout shortly thereafter. In 2007, the Burmese government apparently damaged an underwater internet cable in order to "staunch the flow of pictures and messages from protesters reaching the outside world." In 2011, Egypt cut most internet and cell services within its borders as the government attempted to quell protests against then-President Hosni Mubarak; Libya then did the same after its own unrest. In 2014, Syria had a major internet outage amid its civil war. In 2018, Mauritania was taken entirely offline for two days when undersea submarine internet cables were cut, around the same time as the Sierra Leone government may have imposed an internet blackout in the same region. When we think about terms like "cyberspace" and "internet," it can be tempting to associate them with vague notions of a digital world we can't touch. And while this is perhaps useful in some contexts, this line of thinking forgets the very real wires, servers, and other hardware that form the architecture of the internet. If these physical elements cease to function, from a cut wire to a storm-damaged server farm, the internet, too, is affected. More than that, if a single entity controls -- or can at least access -- that hardware for a region or even an entire country, government-caused internet blackouts are a tempting method of censorship and social control.

Read more of this story at Slashdot.

12:30

Uber is Exploring Autonomous Bikes and Scooters [Slashdot]

Uber is looking to integrate autonomous technology into its bike and scooter-share programs. Details are scarce, but according to 3D Robotics CEO Chris Anderson, who said Uber announced this at a DIY Robotics event over the weekend, the division will live inside Uber's JUMP group, which is responsible for shared electric bikes and scooters. From a report: The new division, Micromobility Robotics, will explore autonomous scooters and bikes that can drive themselves to be charged, or drive themselves to locations where riders need them. The Telegraph has since reported Uber has already begun hiring for this team. "The New Mobilities team at Uber is exploring ways to improve safety, rider experience, and operational efficiency of our shared electric scooters and bicycles through the application of sensing and robotics technologies," Uber's ATG wrote in a Google Form seeking information from people interested in career opportunities.

Read more of this story at Slashdot.

12:19

An Unofficial Fedora Remix Is Now Available For Windows' WSL But It Will Cost You [Phoronix]

Adding to the growing Windows Subsystem for Linux (WSL) ecosystem alongside Ubuntu, openSUSE, Debian, and others is now Fedora Remix. But this spin of Fedora catered for WSL isn't free and not officially sanctioned or supported by Red Hat nor the Fedora project...

11:50

AI is Sending People To Jail -- and Getting it Wrong [Slashdot]

At the Data for Black Lives conference last weekend, technologists, legal experts, and community activists snapped the kind of impact AI has on our lives into perspective with a discussion of America's criminal justice system. There, an algorithm can determine the trajectory of your life. From a report: The US imprisons more people than any other country in the world. At the end of 2016, nearly 2.2 million adults were being held in prisons or jails, and an additional 4.5 million were in other correctional facilities. Put another way, 1 in 38 adult Americans was under some form of correctional supervision. The nightmarishness of this situation is one of the few issues that unite politicians on both sides of the aisle. Under immense pressure to reduce prison numbers without risking a rise in crime, courtrooms across the US have turned to automated tools in attempts to shuffle defendants through the legal system as efficiently and safely as possible. This is where the AI part of our story begins. Police departments use predictive algorithms to strategize about where to send their ranks. Law enforcement agencies use face recognition systems to help identify suspects. These practices have garnered well-deserved scrutiny for whether they in fact improve safety or simply perpetuate existing inequities. Researchers and civil rights advocates, for example, have repeatedly demonstrated that face recognition systems can fail spectacularly, particularly for dark-skinned individuals -- even mistaking members of Congress for convicted criminals. But the most controversial tool by far comes after police have made an arrest. Say hello to criminal risk assessment algorithms.

Read more of this story at Slashdot.

11:11

Why High-Fidelity Streaming is the Audio Revolution Your Ears Have Been Waiting For [Slashdot]

From a report: While our ears may be attuned to lossy compressed audio in most everyday scenarios, the experience of rediscovering high-fidelity lossless digital audio can be nothing short of a revelation. Fine details reappear, performers have more space, sounds have more definition, audio feels warmer, sounds clearer, and is noticeably more pleasurable to listen to. The higher you go with audio file resolution, the better it gets. Thanks to the new range of streaming apps delivering CD-quality or higher, our beloved "universal jukebox" is undergoing a significant upgrade. Consumer demand for high-resolution audio has been growing steadily, for example users of Deezer HiFi have increased by 71% in the past 12 months alone, and the product is now available in 180 countries and works with a wide range of FLAC streaming compatible devices. Bang & Olufsen's most senior Tonmeister (sound engineer) Geoff Marti believes that demand for hi-fi streaming audio is growing due to a rise in the number of people buying high-end audio devices. "It used to be that you bought an iPhone and you used the white earbuds, but nowadays people are upgrading to better headphones, so they want a better file and a better app to play it on. The potential is there for somebody that wants to get high quality, and they don't have to spend a lot of money to get it."

Read more of this story at Slashdot.

11:00

Cisco and Pure shove mini AI in FlashStack converged systems [The Register]

Entry-level AIRI equivalent

Pure Storage and Cisco have linked arms to build a converged FlashStack system for AI, a kind of AIRI microMINI but one that will run at half the speed.…

10:30

Mesa 18.2 vs. 18.3 vs. 19.0 January Benchmarks For RadeonSI/RADV [Phoronix]

With Mesa 19.0 entering its feature freeze before the month is through, here are fresh benchmarks of the very latest RadeonSI OpenGL and RADV Vulkan performance on Polaris and Vega graphics cards compared to the current stable Mesa 18.3 series and the former 18.2 release. This testing is complementary to last week's Mesa 19.0 RADV vs. AMDVLK vs. AMDGPU-PRO Vulkan tests.

10:01

Clone your own Prince Phil, says eBay seller hawking debris left over from royal car crash [The Register]

Lot fetched almost £66k before being deleted

A cheeky eBay seller sought to cash in on the love Great Britain bears for everyone's favourite dithering racist royal by attempting to auction debris from the crash Prince Philip was involved in last week.…

09:43

OPNsense 19.1-RC1 Released With Many Improvements To This BSD Firewall Platform [Phoronix]

The first release candidate is now available for testing of the OPNsense 19.1 FreeBSD-based firewall operating system forked from m0n0wall when it closed up shop four years ago...

09:15

French data watchdog dishes out largest GDPR fine yet: Google ordered to hand over €50m [The Register]

CNIL brands ad personalisation consent invalid, slams lack of transparency

Google has been fined a mammoth €50m by the French data protection watchdog for GDPR violations in a victory for Max Schrems' privacy group NOYB.…

08:15

EU will have agreed a tech tax by March, says French finance minister [The Register]

Bruno le Maire confident despite 'hesitant' nations

The French finance minister has said he expects the European Union to agree on a digital services tax by March – a year after the bloc's initial proposal.…

07:30

Just forget what Gartner said about AI in June 'cos CIOs are all over it now apparently [The Register]

Are these the stats you were looking for? Reverse ferret by tech research giant

Reverse ferret. Months after Gartner researchers confirmed a pitifully low proportion of CIOs were actually unleashing AI into the wild, the latest survey paints an entirely different picture.…

07:26

Saturday Morning Breakfast Cereal - Screen Time [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
This is surprisingly wholesome for a comic where the girl calls her mom swine.


Today's News:

06:45

Fujitsu says UK Foreign Office can't count in lawsuit over loss of £350m comms contract [The Register]

Department's response? We might have made a typo

Fujitsu has accused the Foreign Office of being unable to count after mandarins awarded a £350m IT outsourcing contract to incumbent rival Vodafone.…

06:01

Western Digital deploys heatsink on remodelled M.2 to tempt gamers [The Register]

Bringing a 'tangible, next-level competitive boost' apparently...

Western Digital has remodelled its M.2 SN720 mobile and edge device gumstick SSDs into a faster SN750 gamers' drive with a heatsink option.…

05:30

Ever feel like all your prayers go unheard? The Catholic Church has an app for that [The Register]

Move over One-Click shopping, Click to Pray is here

Pope Francis of the Catholic Church has launched the "Click to Pray" app, designed to connect the faithful via smartphones and fondleslabs.…

05:07

Vega 10 & Newer Getting More Fine-Grained PowerPlay Controls On Linux [Phoronix]

With the upcoming Linux 5.1 kernel cycle, discrete Radeon graphics cards based on Vega 10 and newer will have fine-grained controls over what PowerPlay power management features are enabled and the ability to toggle them at run-time...

04:47

Big Red's big pay gap: $13,000 gulf between male and female Oracle staffers – reports [The Register]

Women allegedly paid 13% less in bonuses, 33% less in stock value

Oracle is under fire for allegedly paying women staffers $13,000 less on average than their male counterparts.…

04:45

Wayland Support On The BSDs Continuing To Improve [Phoronix]

While Wayland was designed on and for Linux systems, the BSD support for Wayland and the various compositors has continued improving particularly over the past year or so but it's still a lengthy journey...

04:10

Big problems? How could AI and machine learning help? [The Register]

Get a deep discount on deep learning

Events  If you’ve got a problem and you suspect part of the answer might come in the form of AI, machine learning or data science, you should really join us at MCubed 2019.…

03:41

Wine-Staging 4.0-RC7 Brings Some Application Crash Fixes [Phoronix]

The big Wine 4.0 release will be out in just a few days while Wine-Staging 4.0 is following close behind for those wanting a bit more exciting and bleeding-edge experience...

03:36

Microsoft's Master Chief calls time on Cortana as a standalone AI platform [The Register]

Plus: Retail services win for Azure and 365, new toy for XAML UWP devs, and more

Roundup  Culling Cortana, poking Phone users and feeding the UWP XAML developers – it's all in a week's work for Microsoft.…

03:31

Some Radeon ROCm Packages Pending Review For Fedora [Phoronix]

Earlier this month was word that Fedora developers were looking at packaging Radeon Open Compute (ROCm) to make it easier for their distribution users to enjoy this open-source Radeon GPU computing software from OpenCL to a TensorFlow port. Some of the early packages of ROCm are now under review for Fedora...

03:17

Devlink Health Reporting & Recovery System Queued For Linux 5.1 Kernel [Phoronix]

Within the networking subsystem of the Linux kernel one of the changes we are most looking forward to hopefully seeing for Linux 5.1 would be the long-awaited WireGuard, but another interesting feature was queued this past week into net-next...

03:00

Apple hardware priced so high that no one wants to buy it? It's 1983 all over again [The Register]

The iPhone time machine takes us back 36 years... to the Apple Lisa

Feature  Dearly beloved, please join us in taking a moment to remember the Apple Lisa, a 36-year-old experiment in seeing just how much Apple could charge for hardware.…

02:10

The lighter side of HMRC: We want your money, but we also want to make you laugh [The Register]

Junior staffers, cold fingers get blamed for missed payments in taxman's annual attempt at humour

It's well known that the UK's taxman would like a bit more dosh to fill its coffers – but it doesn't want to come across as a humourless leech.…

01:17

Ooh, my machine is SO much faster than yours... Oh, wait, that might be a bit of a problem... [The Register]

Techie's speed test ends up bringing sales reps' work to a screeching halt

Monday morning has rolled round once again, which can only mean one thing – Who, Me?…

01:00

Build a Django RESTful API on Fedora. [Fedora Magazine]

With the rise of kubernetes and micro-services architecture, being able to quickly write and deploy a RESTful API service is a good skill to have. In this first part of a series of articles, you’ll learn how to use Fedora to build a RESTful application and deploy it on Openshift. Together, we’re going to build the back-end for a “To Do” application.

The APIs allow you to Create, Read, Update, and Delete (CRUD) a task. The tasks are stored in a database and we’re using the Django ORM (Object Relational Mapping) to deal with the database management.

Django App and Rest Framework setup

In a new directory, create a Python 3 virtual environment so that you can install dependencies.

$ mkdir todoapp && cd todoapp
$ python3 -m venv .venv
$ source .venv/bin/activate

After activating the virtual environment, install the dependencies.

(.venv)$ pip install djangorestframework django

Django REST Framework, or DRF, is a framework that makes it easy to create RESTful CRUD APIs. By default it gives access to useful features like browseable APIs, authentication management, serialization of data, and more.

Create the Django project and application

Create the Django project using the django-admin CLI tool provided.

(.venv) $ django-admin startproject todo_app . # Note the trailing '.'
(.venv) $ tree .
.
├── manage.py
└── todo_app
    ├── __init__.py
    ├── settings.py
    ├── urls.py
    └── wsgi.py
1 directory, 5 files

Next, create the application inside the project.

(.venv) $ cd todo_app
(.venv) $ django-admin startapp todo
(.venv) $ cd ..
(.venv) $ tree .
.
├── manage.py
└── todo_app
├── __init__.py
├── settings.py
├── todo
│ ├── admin.py
│ ├── apps.py
│ ├── __init__.py
│ ├── migrations
│ │ └── __init__.py
│ ├── models.py
│ ├── tests.py
│ └── views.py
├── urls.py
└── wsgi.py

Now that the basic structure of the project is in place, you can enable the REST framework and the todo application. Let’s add rest_framework and todo to the list of INSTALL_APPS in the project’s settings.py.

todoapp/todo_app/settings.py
# Application definition

INSTALLED_APPS = [
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'rest_framework',
'todo_app.todo',
]

 Application Model and Database

The next step of building our application is to set up the database. By default, Django uses the SQLite database management system. Since SQLite works well and is easy to use during development, let’s keep this default setting. The second part of this series will look at how to replace SQLite with PostgreSQL to run the application in production.

The Task Model

By adding the following code to todo_app/todo/models.py, you define which properties have a task. The application defines a task with a title, description and a status. The status of a task can only be one of the three following states: Backlog, Work in Progress and Done.

from django.db import models

class Task(models.Model):
STATES = (("todo", "Backlog"), ("wip", "Work in Progress"), ("done", "Done"))
title = models.CharField(max_length=255, blank=False, unique=True)
description = models.TextField()
status = models.CharField(max_length=4, choices=STATES, default="todo")

Now create the database migration script that Django uses to update the database with changes.

(.venv) $ PYTHONPATH=. DJANGO_SETTINGS_MODULE=todo_app.settings django-admin makemigrations

Then you can apply the migration to the database.

(.venv) $ PYTHONPATH=. DJANGO_SETTINGS_MODULE=todo_app.settings django-admin migrate

This step creates a file named db.sqlite3 in the root directory of the application. This is where SQLite stores the data.

Access to the data

Creating a View

Now that you can represent and store a task in the database, you need a way to access the data.  This is where we start making use of Django REST Framework by using the ModelViewSet. The ModelViewSet provides the following actions on a data model: list, retrieve, create, update, partial update, and destroy.

Let’s add our view to todo_app/todo/views.py:

from rest_framework import viewsets

from todo_app.todo.models import Task
from todo_app.todo.serializers import TaskSerializer


class TaskViewSet(viewsets.ModelViewSet):
queryset = Task.objects.all()
serializer_class = TaskSerializer

Creating a Serializer

As you can see, the TaskViewSet is using a Serializer. In DRF, serializers convert the data modeled in the application models to a native Python datatype. This datatype can be later easily rendered into JSON or XML, for example. Serializers are also used to deserialize JSON or other content types into the data structure defined in the model.

Let’s add our TaskSerializer object by creating a new file in the project todo_app/todo/serializers.py:

from rest_framework.serializers import ModelSerializer
from todo_app.todo.models import Task


class TaskSerializer(ModelSerializer):
class Meta:
model = Task
fields = "__all__"

We’re using the generic ModelSerializer from DRF, to automatically create a serializer with the fields that correspond to our Task model.

Now that we have a data model a view and way to serialize/deserialize data, we need to map our view actions to URLs. That way we can use HTTP methods to manipulate our data.

Creating a Router

Here again we’re using the power of the Django REST Framework with the DefaultRouter. The DRF DefaultRouter takes care of mapping actions to HTTP Method and URLs.

Before we see a better example of what the DefaultRouter does for us, let’s add a new URL to access the view we have created earlier. Add the following to todo_app/urls.py:

from django.contrib import admin
from django.conf.urls import url, include

from rest_framework.routers import DefaultRouter

from todo_app.todo.views import TaskViewSet

router = DefaultRouter()
router.register(r"todo", TaskViewSet)

urlpatterns = [
url(r"admin/", admin.site.urls),
url(r"^api/", include((router.urls, "todo"))),
]

As you can see, we’re registering our TaskViewSet to the DefaultRouter. Then later, we’re mapping all the router URLs to the /api endpoint. This way, DRF takes care of mapping the URLs and HTTP method to our view actions (list, retrieve, create, update, destroy).

For example, accessing the api/todo endpoint with a GET HTTP request calls the list action of our view. Doing the same but using a POST HTTP request calls the create action.

To get a better grasp of this, let’s run the application and start using our API.

Running the application

We can run the application using the development server provided by Django. This server should only be used during development. We’ll see in the second part of this tutorial how to use a web server better suited for production.

(.venv)$ PYTHONPATH=. DJANGO_SETTINGS_MODULE=todo_app.settings django-admin runserver
Django version 2.1.5, using settings 'todo_app.settings'
Starting development server at http://127.0.0.1:8000/
Quit the server with CONTROL-C.

Now we can access the application at the following URL: http://127.0.0.1:8000/api/

DRF provides an interface to the view actions, for example listing or creating tasks, using the following URL: http://127.0.0.1:8000/api/todo

Or updating/deleting an existing tasks with this URL: http://127.0.0.1:8000/api/todo/1

Conclusion

In this article you’ve learned how to create a basic RESTful API using the Django REST Framework. In the second part of this series, we’ll update this application to use the PostgreSQL database management system, and deploy it in OpenShift.

The source code of the application is available on GitHub.


Sunday, 20 January

23:58

Looming EU copyright rules – tackling Google news article scraping, installing upload filters – under fire from all sides [The Register]

The question now is: Will it move forward or not?

Analysis  The future of a critical change in European copyright law is under doubt after negotiations designed to clarify wording have left all sides frustrated.…

23:02

Holy crappuccino. There's a latte trouble brewing... Bio-boffins reckon 60%+ of coffee species may be doomed [The Register]

Climate change is going to make Monday mornings much, much, much more of a grind

Coffee plants, the source of the warm brown elixir powering millions of people worldwide using the magic of caffeine, are, it is claimed, at risk of extinction.…

19:00

Linux 5.0-rc3 Kernel Released With Plenty Of Fixes Plus Nouveau RTX 2080 Ti Support [Phoronix]

Linus Torvalds has released the third weekly release candidate for the upcoming Linux 5.0 kernel release...

12:45

There's Early Stage Work Exploring Z-Wave Linux Kernel Drivers [Phoronix]

Z-Wave is the incredibly common wireless communication protocol at the backbone of many home automation systems. To date there hasn't been any in-kernel Z-Wave Linux kernel drivers for this low-energy mesh network standard, but a SUSE developer has prototyped an initial driver and currently exploring the in-kernel possibilities, including what could end up being a Z-Wave subsystem...

10:17

The New "TEO" CPU Idle Governor For Tickless Systems Queued Ahead Of Linux 5.1 [Phoronix]

The new "Timer Events Oriented" (TEO) governor in development over recent months by Intel developer Rafael Wysocki is poised to land with the Linux 5.1 kernel cycle...

09:48

Saturday Morning Breakfast Cereal - Cultured Meat [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
I continue to think that food is the least beneficial aspect of cell-based meat.


Today's News:

09:07

Dear humans, We thought it was time we looked through YOUR source code. We found a mystery ancestor. Signed, the computers [The Register]

Well, computers programmed by AI-wielding bio-boffins

The human genome is hiding secrets that point to a mystery ancestor alongside our hominid cousins the Neanderthals and Denisovans, according to AI software.…

07:55

Klibc Sees Its First New Release In Five Years [Phoronix]

Klibc has seen some new activity recently and that has resulted in the first new release to this minimal standard C library subset in a half-decade...

07:00

PortableCL Continues Marching Towards The POCL 1.3 Release [Phoronix]

When it comes to being able to run OpenCL kernels on CPUs, the main option at this point for Linux systems is POCL as the Portable Computing Language. While POCL 1.2 was released just this past September, we're still very much looking forward to the upcoming POCL 1.3 release with more improvements for this portable OpenCL 1.2~2.0 implementation...

04:29

Phoronix Test Suite 8.6 Milestone 2 Released For Open-Source Benchmarking [Phoronix]

Two weeks since the initial Phoronix Test Suite 8.6 development release, the second milestone release is now available for your open-source, cross-platform benchmarking evaluation...

04:10

KDE Now Has Virtual Desktop Support On Wayland [Phoronix]

Thanks to a new dedicated protocol for KWayland/KWin around virtual desktops, that support is finally in place. This stems from a two and a half year old bug report for said support...

02:59

Amazon shareholders revolt on Rekognition, Nvidia opens robotics lab, and hot AI chips on Google Cloud [The Register]

The week's other stories in AI

Roundup  Hello, here’s a very quick roundup of some of the interesting AI announcements from this week. Read on if you like robots and GPUs.…

01:13

Wayland's Weston Moving Towards Its Next Release Soon [Phoronix]

Longtime Wayland developer Derek Foreman is working on coordinating the next release of the Weston reference compositor. Here are those early details and his hope to ship this next feature release in March...

Saturday, 19 January

23:28

Livepatching With Linux 5.1 To Support Atomic Replace & Cumulative Patches [Phoronix]

With the Linux 5.1 kernel cycle that should get underway in just over one month's time, there will now be the long in development work (it's been through 15+ rounds of public code review!) for supporting atomic replace and cumulative patches...

22:04

Libhandy 0.0.7 Released For Building Adaptive/Mobile GTK Applications [Phoronix]

Libhandy is the library backed by Purism for use on their Librem 5 among other potential use-cases for allowing adaptive GTK+ widgets depending upon screen real estate. It's still a ways out from version 1.0, but libhandy 0.0.7 was released this weekend as the latest achievement...

16:47

Wine 4.0 To Be Released In The Next Few Days [Phoronix]

With yesterday's release of Wine 4.0-RC7, the regression/bug count is low enough and the situation looking good that the stable Wine 4.0.0 release should be tagged in the next few days...

10:00

AMDGPU-PRO 18.50 vs. ROCm 2.0 OpenCL Performance [Phoronix]

When recently publishing the PlaidML deep learning benchmarks and lczero chess neural network OpenCL tests, some Phoronix readers mentioned they were seeing vastly different results with using the PAL OpenCL driver in AMDGPU-PRO (Radeon Software) compared to using the ROCm compute stack. So for seeing how those two separate AMD OpenCL drivers compare, here are some benchmark results with a Vega GPU while testing ROCm 2.0 and AMDGPU-PRO 18.50.

09:32

GNU Binutils 2.32 Branched Ahead Of Release With New Features [Phoronix]

A new release of the GNU Binutils programming tools will soon be available. The upcoming Binutils 2.32 release is primarily made up of new CPU ports...

06:51

Saturday Morning Breakfast Cereal - Configurations [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Fun fact: Aerogels were discovered by futzing around with jelly.


Today's News:

06:37

DDoS sueball, felonious fonts, leaky Android file manager, blundering building security, etc etc [The Register]

Plus, Safari security foiled by… a finger swipe?

Roundup  This week we wrangled with alleged Russian election meddling, hundreds of millions of username-password combos spilled online, Oracle mega-patches, and claims of RICO swap-gangs.…

04:19

Mesa 19.0 Can Cut In Half The Amount Of Memory For Team Fortress 2 [Phoronix]

Timothy Arceri of Valve's open-source Linux graphics driver team has landed patches in Mesa 19.0 that drastically reduce the amount of system memory used when firing up the Team Fortress 2 game...

03:49

XGI Display Driver Finally On The Linux Kernel Chopping Block [Phoronix]

XGI Tech, the nearly two decade old spin off from SiS that was short-lived and once aimed to be a competitor to ATI and NVIDIA, still has a Linux driver within the mainline kernel. But this frame-buffer driver is slated to soon be removed...

03:32

GStreamer 1.15.1 Released With Work On AV1, V4L HEVC Encode/Decode [Phoronix]

GStreamer 1.15.1 was announced on Friday as the first development release in the trek towards GStreamer 1.16 for this powerful open-source multimedia framework...

01:01

The Iceman cometh, his smartwatch told the cops: Hitman jailed after gizmo links him to Brit gangland slayings [The Register]

Killer behind bars for life after fitness kit data tips off plod

Avid runner and hitman Mark Fellows was this week found guilty of murder after being grassed up by his Garmin watch.…

Friday, 18 January

22:50

Godot 3.1 Beta 2 Released With OpenGL ES Performance Fix [Phoronix]

The developers behind Godot, one of the leading open-source game engines, have announced their second beta release for the upcoming Godot 3.1 feature release...

22:09

NetBSD Exploring LLVM's LLD Linker For Lower Memory Footprint [Phoronix]

The NetBSD project has been making good progress in utilizing the LLVM compiler stack not only for the Clang C/C++ compiler but also for the different sanitizers, the libc++ standard library for C++, and other improvements most of which are working their way into the upstream code-bases. One area of NetBSD's LLVM support being explored most recently is using the LLD linker...

16:59

Tens to be disappointed as Windows 10 Mobile death date set: Doomed phone OS won't see 2020 [The Register]

Microsoft to hang up support on 10 December

Microsoft has formally set the end date for support of its all-but-forgotten Windows 10 Mobile platform.…

16:19

IBM HR made me lie to US govt, says axed VP in age-discrim legal row: I was ordered to cover up layoffs of older workers [The Register]

Big Blue brands claim 'outlandish' in non-denial denial

A former senior executive at IBM has claimed she was ordered to lie to the US government about just how many older workers Big Blue was laying off.…

16:01

Wine 4.0-RC7 Released With Fixes For Video Player Crashes, Game Performance Issues [Phoronix]

Wine 4.0 should be officially out soon, but this weekend the latest test release of it is Release Candidate 7 that brings more than one dozen fixes...

14:33

DNAaaahahaha: Twins' 23andMe, Ancestry, etc genetic tests vary wildly, surprising no one [The Register]

Identical sisters with same genetic makeup get different results from test kits

Updated  Mail-order genetic testing kits, which are all the rage right now, have been put through their paces by identical twins, and the results are a little baffling.…

13:05

US midterms barely over when Russians came knocking on our servers (again), Democrats claim [The Register]

Лучшая защита – нападение?

Russian hackers attempted to infiltrate the Democratic National Committee (DNC) just after the US midterm elections last year, according to a new court filing.…

11:15

Protestors beg Google not to build censored Project Dragonfly search engine [The Register]

Anti-censorship demo reaches Chocolate Factory's London HQ

A small handful of protesters turned up outside Google’s London HQ today to protest against the ad company’s censored search engine, developed as part of an unholy bargain to gain access to the Chinese market.…

10:15

Veritas bowls two for Tooley, not out: Northern Europe role split [The Register]

UK and Nordics each get their own boss

Privately owned shape-shifting Veritas has removed its northern European head Jason Tooley and split the role in two, externally hiring one person to run the UK and one to oversee the Nordics.…

09:31

Let’s keep the Green New Deal grounded in science [Top News - MIT Technology Review]

Advocates hope the proposal will inspire voters, but that’s no reason it has to ignore the latest research.

09:17

Atlassian barges into the billion dollar club with a cheery G'Day! [The Register]

Aussie Jira flinger celebrates a bonzer quarter

Atlassian, home of Jira, Trello and Bitbucket, has rounded out calendar 2018 with over $1bn in revenues as it continues to persuade customers that the cloud is really where they’d like to be.…

09:14

Saturday Morning Breakfast Cereal - Pickup Line [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Whenever I post a comic like this, people ask me if I'm doing okay. All I can say is that if you're worried I'm depressed, you've not pinpointed the correct mental health issue!


Today's News:

08:33

WD you like to know the damage? Analyst predicts sales dip ahead for Western Digital [The Register]

NAND revenues and disk drive topline downbound until mid-year - Wells Fargo

The slump in Western Digital's SSD and disk drive sales is forecast to deepen for the current and next quarters, according to analysts.…

07:30

Say GDP-aaaRrrgh, streamers: Max Schrems is coming for you, Netflix and Amazon [The Register]

Apple and others also in firing line as complaints filed

Updated  Streaming services aren't complying with EU data protection law - namely the General Data Protection Regulation's right of access - according to a fresh suite of complaints aimed at the likes of Netflix, Amazon and Spotify.…

06:47

Microsoft partner portal 'exposes 'every' support request filed worldwide' today [The Register]

No customer data visible but hell's bells, Redmond, what have you borked now?

Exclusive  Alarmed Microsoft support partners can currently view support tickets submitted from all over the world, in what appears to be a very wide-ranging blunder by the Redmond-based biz.…

06:15

Vodafone signs $550m deal with IBM to offload cloud biz [The Register]

Up to 750 staff transferring to Big Blue. Good luck people... you might need it

Exclusive  Vodafone is offloading its cloud and hosting unit to IBM in a $550m eight-year outsourcing deal that will include up to 750 staff packing their bags as they're sent off to new employer Big Blue, sources say.…

05:42

Black Horse slowed down: Lloyds Banking Group confirms problem with 'Faster' payments [The Register]

Friday morning is an ideal time for transfers to have a glitch, agree customers

Lloyds and Halifax bank customers have been warned not to make repeat transactions as the group grapples with a technical glitch with Faster Payments.…

05:04

Lords of the DNS remind admins about Flag Day, Juniper likes Watson and more [The Register]

PING, PING, PING … it's your networking roundup for the week

Roundup  To cure some persistent security, implementation, and performance problems in the Domain Name System, the lords of the DNS have proclaimed older implementations as end of life.…

05:00

Giving algorithms a sense of uncertainty could make them more ethical [Top News - MIT Technology Review]

Algorithms are best at pursuing a single mathematical objective—but humans often want multiple incompatible things.

04:24

Lawyers' secure email network goes down, firm says it'll take 2 weeks to restore [The Register]

75,000 lawyers subject to potential fortnight of faffery

Updated  Barristers and court prosecutors have been left scratching their heads this morning after Egress Technologies' CJSM email system went down – with the firm saying it could take up to a fortnight to fully restore it.…

03:25

I used to be a dull John Doe. Thanks to Huawei, I'm now James Bond! [The Register]

We'll know for sure when Huawei reveals a shoe-shaped smartphone

Something for the Weekend, Sir?  The name's McLeod. Alessandro McLeod. I am a spy for the secret services.…

02:52

At 900k lines of code, ONOS is getting heavy. Can it go on a diet? [The Register]

'Net greybeard Douglas Comer talks SDN with El Reg

Interview  Software Defined Networking (SDN) has changed the landscape of networking, but along the way it has created its own problems. Doug Comer of Purdue University thinks disaggregating SDN controllers like the Open Source Network Operating System (ONOS) could be a way forward.…

01:19

Are you sure your disc drive has stopped rotating, or are you just ignoring the messages? [The Register]

Did this story make you angry? Y/N

On Call  Roll up, roll up, to On Call, your weekly instalment of fellow readers’ tech triumphs and frustrations.…

01:00

How Do You Fedora: Journey into 2019 [Fedora Magazine]

Fedora had an amazing 2018. The distribution saw many improvements with the introduction of Fedora 28 and Fedora 29. Fedora 28 included third party repositories, making it easy to get software like the Steam client, Google Chrome and Nvidia’s proprietary drivers. Fedora 29 brought support for automatic updates for Flatpack.

One of the four foundations of Fedora is Friends. Here at the Magazine we’re looking back at 2018, and ahead to 2019, from the perspective of several members of the Fedora community. This article focuses on what each of them did last year, and what they’re looking forward to this year.

Fedora in 2018

Radka Janekova attended five events in 2018. She went to FOSDEM as a Fedora Ambassador, gave two presentations at devconf.cz and three presentation on dotnet in Fedora. Janekova starting using DaVinci Resolve in 2018: “DaVinci Resolve which is very Linux friendly video editor.” She did note one drawback, saying, “It may not be entirely open source though!”

Julita Inca has been to many places in the world in 2018. “I took part of the Fedora 29 Release Party in Poland where I shared my experiences of being an Ambassador of Fedora these years in Peru.” She is currently located in the University of Edinburgh. “I am focusing in getting a Master in High Performance Computing in the University of Edinburgh using ARCHER that has CentOS as Operating System.” As part of her masters degree she is using a lot of new software. “I am learning new software for parallel programming I learned openMP and MPI.” To profile code in C and Fortran she is using Intel’s Vtune

Jose Bonilla went to a DevOps event hosted by a company called Rancher. Rancher is an open source company that provides a container orchestration framework which can be hosted in a variety of ways, including in the cloud or self-hosted. “I went to this event because I wished to gain more insight into how I can use Fedora containerization in my organization and to teach students how to manage applications and services.” This event showed that the power of open source is less focus on competition and more on completion. “There were several open source projects at this event working completely in tandem without ever having this as a goal. The companies at this event were Google, Rancher, Gitlab and Aqua.” Jose used a variety of open source applications in 2018. “I used Cockpit, Portainer and Rancher OS. Portainer and Rancher are both services that manage dockers containers. Which only proves the utility of containers. I believe this to be the future of compute environments.” He is also working on tools for data analytics. “I am improving on my knowledge of Elasticsearch and the Elastic Stack — Kibana, which is an extraordinarily powerful open source set of tools for data analytics.”

Carlos Enrique Castro León has not been to a Fedora event in Peru, but listens to Red Hat Command Line Hero. “I really like to listen to him since I can meet people related to free code.” Last year he started using Kdenlive and Inkscape. “I like them because there is a large community in Spanish that can help me.”

Akinsola Akinwale started using VSCode, Calligra and Qt5 Designer in 2018. He uses VScode for Python development. For editing documents and spreadsheets he uses Calligra. “I love Vscode for its embedded VIM , terminal & easy of use.” He started using Calligra just for a change of pace. He likes the flexibility of Qt5 designed for creating graphical user interfaces instead of coding it all in Vscode.

Kevin Fenzi went to several Fedora events in 2018. He enjoyed all of them, but liked Flock in Dresden the best of them all. “At Flock in Dresden I got a chance to talk face to face with many other Fedora contributors that I only talk to via IRC or email the rest of the time. The organizers did an awesome job, the venue was great and it was all around just a great time. There were some talks that made me think, and others that made me excited to see what would happen with them in the coming year. Also, the chance to have high bandwith talks really helped move some ideas along to reality.” There were two applications Kevin started using in 2018. “First, after many years of use, I realized it was time to move on from using rdiff-backups for my backups. It’s a great tool, but it’s in python2 and very inactive upstream. After looking around I settled on borg backup and have been happily using that since. It has a few rough edges (it needs lots of cache files to do really fast backups, etc) but it has a very active community and seems to work pretty nicely.” The other application that Kevin started using in OpenShift. “Secondly, 2018 was the year I really dug into OpenShift. I understand now much more about how it works and how things are connected and how to manage and upgrade it. In 2019 we hope to move a bunch of things over to our OpenShift cluster. The OpenShift team is really doing a great job of making something that deploys and upgrades easily and are adding great features all the time (most recently the admin console, which is great to watch what your cluster is doing!).”

Fedora in 2019

Radka plans to do similar presentations in 2019. “At FOSDEM this time I’ll be presenting a story of an open source project eating servers with C#.” Janekova targets pre-university students in an effort to encourage young women to get involved in technology. “I really want to help dotnet and C# grow in the open source world, and I also want to educate the next generation a little bit better in terms of what women can or can not do.”

Julita plans on holding two events in 2019. “I can promote the use of Fedora and GNOME in Edinburgh University.” When she returns to Peru she plans on holding a conference on writing parallel code on Fedora and Gnome.

Jose plans on continuing to push open source initiatives such as cloud and container infrastructures. He will also continue teaching advanced Unix systems administration. “I am now helping a new generation of Red Hat Certified Professionals seek their place in the world of open source. It is indeed a joy when a student mentions they have obtained their certification because of what they were exposed to in my class.” He also plans on spending some more time with his art again.

Carlos would like to write for Fedora Magazine and help bring the magazine to the Latin American community. “I would like to contribute to Fedora Magazine. If possible I would like to help with the magazine in Spanish.”

Akinsola wants to hold a Fedora a release part in 2019. “I want make many people aware of Fedora, make them aware they can be part of the release and it is easy to do.” He would also like to ensure that new Fedora users have an easy time of adapting to their new OS.

Kevin is planning is excited about 2019 being a time of great change for Fedora. “In 2019 I am looking forward to seeing what and how we retool things to allow for lifecycle changes and more self service deliverables. I think it’s going to be a ton of work, but I am hopeful we will come out of it with a much better structure to carry us forward to the next period of Fedora success.” Kevin also had some words of appreciation for everyone in the Fedora community. “I’d like to thank everyone in the Fedora community for all their hard work on Fedora, it wouldn’t exist without the vibrant community we have.”


Photo by Perry Grone on Unsplash.

00:32

Watch an AI robot program itself to, er, pick things up and push them around [The Register]

Why can't robots just learn to do things without being told?

Vid  Robots normally need to be programmed in order to get them to perform a particular task, but they can be coaxed into writing the instructions themselves with the help of machine learning, according to research published in Science.…

Thursday, 17 January

23:22

Microsoft blue biz bug bounty bonanza beckons [The Register]

Azure DevOps Services invites hackers to test its limits

There's more money to be made from bug hunting in Microsoft code after Redmond announced its 10th active bug hunting reward scheme, the Azure DevOps Bounty Program.…

22:12

Friday fun fact: If Stegosauruses had space telescopes, they wouldn't have seen any rings around Saturn [The Register]

Bet you were expecting a rude ring pun here? Well, not today

Saturn’s characteristic rings may only be as old as 100 million years, and thus formed during a time when dinosaurs still roamed on Earth.…

19:56

Old bugs, new bugs, red bugs … yes, it's Oracle mega-update day again [The Register]

Out of 284 flaws, 33 are rated critical. Big Red admins have big patches ahead

Oracle admins, here's your first critical patch advisory for 2019, and it's a doozy: a total of 284 vulnerabilities patched across Big Red's product range, and 33 of them are rated “critical”.…

18:45

Got a Drupal-powered website? You may want to get patching now... [The Register]

Open-source CMS gets a pair of critical fixes

Drupal has issued a pair of updates to address two security vulnerabilities in its online publishing platform. The vulns are a little esoteric, and will not affect most sites, but it's good to patch just in case you later add functionality that can be exploited.…

17:01

Twitter. Android. Private tweets. Pick two... Account bug unlocked padlocked accounts [The Register]

Cock-up went unnoticed for two Olympics, one World Cup, an EU referendum, and a US presidential election

Twitter has fessed up to a flaw in its Android app that, for more than four years, was making twits' private tweets public. The programming blunder has been fixed.…

16:10

Man drives 6,000 miles to prove Uncle Sam's cellphone coverage maps are wrong – and, boy, did he manage it [The Register]

Amazing how a big cash payout focuses the mind

A Vermont state employee drove 6,000 miles in six weeks to prove that the cellular coverage maps from the US government suck – and was wildly successful.…

15:02

FCC: Oh no, deary me. What a shame. Too bad, so sad we can't do net neutrality appeal during the US govt shutdown [The Register]

Not so fast, there, Ajit...

Updated  America's broadband watchdog, the FCC, has asked the courts to postpone an appeal against its net neutrality repeal out of "an abundance of caution" due to the partial US government shutdown.…

14:09

Red Hat gets heebie-jeebies over MongoDB's T&Cs squeeze: NoSQL database dropped from RHEL 8B over license [The Register]

'The Server Side Public License v1 does not meet standards'

MongoDB justified its decision last October to shift the free version of its NoSQL database software, MongoDB Community Server, from the open-source GNU Affero General Public License to the not-quite-so-open Server Side Public License (SSPL) by arguing that cloud providers sell open-source software as a service without giving back.…

14:00

It’s baaack – Microsoft starts pushing out the Windows 10 October 2018 Update [The Register]

Set to update automatically? Say hello to my little friend…

Select Windows 10 devices are now automatically downloading Microsoft’s troubled 1809 update, according to the support page for the operating system.…

13:01

Oxford University reportedly turns off its Huawei money tap [The Register]

No more Chinese tech vendor grants for at least three to six months, compsci students told

Updated  Oxford University is reportedly suspending all research grants and donations from Chinese tech giant Huawei, according to a Chinese newspaper.…

12:15

Tech giant to spend $500m dealing with housing crisis caused by tech giants [The Register]

Redmond to throw cash at the problem, hopes some might stick to affordable homes

Microsoft has revealed it is to spank the best part of $500m on attempting to deal with the lack of affordable housing in the Seattle area.…

11:15

Oracle boss's Brexit Britain trip shutdown due to US government shutdown [The Register]

Mark Hurd confesses: I didn't take my passport – but usually that's not an issue

Forget cyber security or emergency hamburgers – the real impact of the US government shutdown is only just beginning.…

07:20

Saturday Morning Breakfast Cereal - Forever [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Someday I'll put together a whole book on the theme of taking love cliches to their logical extreme.


Today's News:

Wednesday, 16 January

23:18

Sailfish OS Sipoonkorpi is now available [Jolla Blog]

The release of Sailfish 3 has been a gratifying milestone for Jolla. Each new update completes the circle of the Sailfish 3 era, step by step, delivering new features and adding value to Sailfish OS.

This time, our name pick fell upon the woodlands of Sipoonkorpi. Sipoonkorpi is a 19 km² Finnish National park located in the municipalities of Helsinki, Vantaa and Sipoo. Sipoonkorpi is well known for its peaceful settings that combine nature and small villages to create an astonishing view.

Release Highlights

Sipoonkorpi’s beautifully diverse setting reflects in this update, which delivers plenty of features that enhance both the functionality and design of Sailfish OS. Key elements are related to security, communication and user experience. Also, we’ve enhanced the light ambience feature by adding basic support for user-generated light ambiences.

Firewall

Privacy is one of our top priorities, and our focus on security is reflected on each of the updates made to Sailfish OS. We understand our corporate partners’ need for a secure system and one part of that is to provide dynamic security for network connections. A good example is when you connect to a wireless access point we can restrict the network traffic based on configuration added to system. This firewall configuration is set to block ICMP requests and for developer mode it allows access to SSH only over WiFi or USB.

Light Ambiences

User generated ambiences as a way to personalize your device has always been a key feature in Sailfish OS. In 3.0.0 we added two new ambiences with a dramatically different style with a light background and dark text. Now we’ve expanded this, and you can create light ambiences from any of your favourite pictures on your device. Light ambiences can easily be created from the gallery by selecting your favorite picture and then pressing the “Ambience” icon and choosing light as the style for the created ambience.

light ambience

Image Editing

We have added a redesigned image editing dialog that enables you to apply several actions at once such as cropping, changing brightness, contrast and rotating dialogs. After editing, both the original version and edited version are saved. Also, the edited version will be opened automatically, which allows you to see the changes made.

light ambience 4

Look & feel

For style and improved legibility we have added a nice blur effect to the backgrounds in Top Menu, App Grid and system dialogs. Also, you can choose to see the current weather information on the Lock screen.

 

Blur_UIscreens

Localisation

Bulgarian language was added to Sailfish OS. Massive thanks to a handful of Bulgarian students for translating the OS from scratch, благодарим!

Sailfish X

The 3.0.1 update will be delivered to all devices supported in the Sailfish X program. With this update we will expand Sailfish X to support Planet Computer’s Gemini PDA. We’ll be opening downloads of the Free trial version of Sailfish X for Gemini PDA with a beta release as soon as few final details in distribution have been solved. We will notify of this separately.

Further, the Android app compatibility for Sony Xperia XA2 variants is soon ready to be published and we will start delivering it via Jolla Store at the end of January. The initial version will be a public beta.

Bug Fixes

As always, we want to thank our community for your continuous support and help! Some bugs that were fixed include; Contacts disappearing if google account sync failed, and graphic glitches, just to name a few.

For more information please read the release notes and for detailed instructions on how to update your Sailfish OS powered device please check out here.

Cheers,
James

The post Sailfish OS Sipoonkorpi is now available appeared first on Jolla Blog.

17:00

Migrating Kafka's Zookeeper With No Downtime [Yelp Engineering and Product Blog]

Here at Yelp we use Kafka extensively. In fact, we send billions of messages a day through our various clusters. Behind the scenes, Kafka uses Zookeeper for various distributed coordination tasks, such as deciding which Kafka broker is in charge of assigning partition leaders and storing metadata about the topics in its brokers. Kafka’s success within Yelp has also meant that our clusters have grown substantially from when they were first deployed. At the same time, our other heavy Zookeeper users (e.g., Smartstack and PaasTA) have increased in scale, putting more load on our shared Zookeeper clusters. To alleviate this situation, we...

07:15

Saturday Morning Breakfast Cereal - Art [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Bonus: Every 'but is it art' conversation maps to this one.


Today's News:

01:00

Fedora Classroom: Getting started with L10N [Fedora Magazine]

Fedora Classroom sessions continue with an introductory session on Fedora Localization (L10N). The general schedule for sessions is available on the wiki, along with resources and recordings from previous sessions. Read on for more details about the upcoming L10N Classroom session next week.

Topic: Getting Started with L10N

The goal of the Fedora Localization Project (FLP) is to bring everything around Fedora (the Software, Documentation, Websites, and culture) closer to local communities (countries, languages and in general cultural groups).  The session is aimed at beginners. Here is the agenda:

  • What is L10N?
  • Difference between Translation and Localization
  • Overview: How does L10N work?
  • Fedora structure and peculiarities related to L10N
  • Ways to join, help, and contribute
  • Further information with references and links

When and where

Instructor

Silvia Sánchez has been a Fedora community member for a number of years. She currently focuses her contributions on QA, translation, wiki editing, and the Ambassadors teams among others. She has a varied background, having studied systems, programming, design, and photography. She speaks, reads, and writes Spanish, English, and German and further, also reads Portuguese, French, and Italian. In her free time, Silvia enjoys forest walks, art, and writing fiction.

Tuesday, 15 January

07:23

Saturday Morning Breakfast Cereal - Straw Men [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
The only thing unrealistic about this is that the guy is yelling in person and not online.


Today's News:

07:03

Why Diversity Is Important to Etsy [Code as Craft]

We recently published our company’s Guiding Principles. These are five common guideposts that apply to all organizations and departments within Etsy. We spent a great deal of time discussing, brainstorming, and editing these. By one estimate, over 30% of the company had some input at some phase of the process. This was a lot of effort by a lot of people but this was important work. These principles need to not only reflect how we currently act but at the same time they need to be aspirational for how we want to behave. These principles will be used in performance assessments, competency matrices, interview rubrics, career discussions, and in everyday meetings to refocus discussions.

One of the five principles is focused on diversity and inclusion. The principle states:

We embrace differences.

Diverse teams are stronger, and inclusive cultures are more resilient. When we seek out different perspectives, we make better decisions and build better products.

Why would we include diversity and inclusion as one of our top five guiding principles? One reason is that Etsy’s mission is to Keep Commerce Human. Etsy is a very mission-driven company. Many of our employees joined and remain with us because they feel so passionate about the mission. Every day, we keep commerce human by helping creative entrepreneurs find buyers who become committed fans of the seller’s art, crafts, and collections. The sellers themselves are a diverse group of individuals from almost every country in the world. We would have a hard time coming to work if the way we work, the way we develop products, the way we provide support, etc. isn’t done in a manner that supports this mission. Failing to be diverse and inclusive would fail that mission.

Besides aligning with our mission, there are other reasons that we want to have diverse teams. Complicated systems, which feature unpredictable, surprising, and unexpected behaviors have always existed. Complex systems, however, have gone from something found mainly in large systems, such as cities, to almost everything we interact with today. Complex systems are far more difficult to manage than merely complicated ones as subsystems interact in unexpected ways making it harder to predict what will happen. Our engineers deal with complex systems on a daily basis. Complexity is a bit of an overloaded term, but scholarly literature generally categorizes it into three major groups, determined according to the point of view of the observer: behavioral, structural, and constructive.1 Between the website, mobile apps, and systems that support development, our engineers interact with highly complex systems from all three perspectives every day. Research has consistently shown that diverse teams are better able to manage complex systems.2

We recently invited Chris Clearfield and András Tilcsik, the authors of Meltdown (Penguin Canada, 2018), to speak with our engineering teams. The book and their talk contained many interesting topics, most based on Charles Perrow’s book, Normal Accident Theory (Princeton University Press; revised ed. 1999). However, perhaps the most important topic was based on a series of studies performed by Evan Apfelbaum and his colleagues at MIT. This study revealed that as much as we’re predisposed to agree with a group, our willingness to disagree increases dramatically if the group is diverse.3 According to Clearfield and Tilcsik, homogeneity may facilitate “smooth, effortless interactions,” but diversity drives better decisions. Interestingly, it’s the diversity and not necessarily the specific contributions of the individuals themselves, that causes greater skepticism, more open and active dialogue, and less group-think. This healthy skepticism is incredibly useful in a myriad of situations. One such situation is during pre-mortems, where a project team imagines that a project has failed and works to identify what potentially could lead to such an outcome. This is very different from a postmortem where the failure has already occurred and the team is dissecting the failure. Often individuals who have been working on projects for weeks or more are biased with overconfidence and the planning fallacy. This exercise can help ameliorate these biases and especially when diverse team members participate. We firmly believe that when we seek out different perspectives, we make better decisions, build better products, and manage complex systems better.

Etsy Engineering is also incredibly innovative. One measure of that is the number of open source projects on our GitHub page and the continuing flow of contributions from our engineers in the open source community. We are of course big fans of open source as Etsy, like most modern platforms, wouldn’t exist in its current form without the myriad of people who have solved a problem and published their code under an open source license. But we also view this responsibility to give back as part of our culture. Part of everyone’s job at Etsy is making others better. It has at times been referred to as “generosity of spirit”, which to engineers means that we should be mentoring, teaching, contributing, speaking, writing, etc.  

Another measure of our innovation is our experiment velocity. We often run dozens of simultaneous experiments in order to improve the buyer and seller experiences. Under the mission of keeping commerce human, we strive every day to develop and improve products that enable 37M buyers to search and browse through 50M+ items to find just the right, special piece. As you can imagine, this takes some seriously advanced technologies to work effectively at this scale. And, to get that correct we need to experiment rapidly to see what works and what doesn’t. Fueling this innovation is the diversity of our workforce.

Companies with increased diversity unlock innovation by creating an environment where ideas are heard and employees can find senior-level sponsorship for compelling ideas. Leaders are twice as likely to unleash value-driving insights if they give diverse voices equal opportunity.4

So diversity fits our mission, helps manage complex systems, and drives greater innovation, but how is Etsy doing with respect to diversity? More than 50% of our Executive Team and half of our Board of Directors are women. More than 30% of Etsy Engineers identify as women/non-binary and more than 30% are people of color.5 These numbers are industry-leading, especially when compared to other tech companies who report “tech roles” and not the more narrow category, “engineering” roles. Even though we’re proud of our progress, we’re not fully satisfied. In October 2017, we announced a diversity impact goal to “meaningfully increase representation of underrepresented groups and ensure equity in Etsy’s workforce.” To advance our goal, we are focused on recruiting, hiring, retention, employee development, mentorship, sponsorship, and building an inclusive culture.

We have been working diligently on our recruiting and hiring processes. We’ve rewritten job descriptions, replaced some manual steps in the process with third-party vendors, and changed the order of steps in the interview process, all in an effort to recruit and hire the very best engineers without bias. We have also allocated funding and people in order to sponsor and attend conferences focused on underrepresented groups in tech. We’ll share our 2018 progress in Q1 2019.

Once engineers are onboard, we want them to bring their whole selves to work in an inclusive environment that allows them to thrive and be their best. One thing that we do to help with this is to promote and partner directly with employee resource groups (ERGs). Our ERGs include Asian Resource Community, Black Resource and Identity Group at Etsy, Jewish People at Etsy, Hispanic Latinx Network, Parents ERG, Queer@Etsy, and Women and NonBinary People in Tech. If you’re not familiar with ERGs, their mission and goals are to create a positive and inclusive workplace culture where employees from underrepresented backgrounds, lifestyles, and abilities have access to programs that foster a sense of community, contribute to professional development, and amplify diverse voices within our organization. Each of these ERGs has an executive sponsor. This ensures that there is a communication channel with upper management. It also highlights the value that we place upon the support that these groups provide.    

We are also focused on retaining our engineers. One of the things that we do to help in this area is to monitor for discrepancies that might indicate bias. During our compensation, assessment, and promotion cycles, we evaluate for inconsistencies. We perform this analysis both internally and through the use of third parties.  

Etsy Engineering has been a leader and innovator in the broader tech industry with regard to technology and process. We also want to be leaders in the industry with regards to diversity and inclusion. It is not only the right thing to do but it’s the right thing to do for our business. If this sounds exciting to you, we’d love to talk, just click here to learn more.

 

Endnotes:

1 Wade, J., & Heydari, B. (2014). Complexity: Definition and reduction techniques. In Proceedings of the Poster Workshop at the 2014 Complex Systems Design & Management International Conference.
2 Sargut, G., & McGrath, R. G. (2011). Learning to live with complexity. Harvard Business Review, 89(9), 68–76
3 Apfelbaum EP, Phillips KW, Richeson JA (2014) Rethinking the baseline in diversity research: Should we be explaining the effects of homogeneity? Perspect Psychol Sci 9(3):235–244.
4 Hewlett, S. A., Marshall, M., & Sherbin, L. (2013). How diversity can drive innovation. Harvard Business Review.
5 Etsy Impact Update (August 2018). https://extfiles.etsy.com/Impact/2017EtsyImpactUpdate.pdf

Monday, 14 January

11:49

Contribute at the Fedora Test Day for kernel 4.20 [Fedora Magazine]

The kernel team is working on final integration for kernel 4.20. This version was just recently released, and will arrive soon in Fedora. This version has many security fixes included. As a result, the Fedora kernel and QA teams have organized a test day for Tuesday, January 15, 2019. Refer to the wiki page for links to the test images you’ll need to participate.

How do test days work?

A test day is an event where anyone can help make sure changes in Fedora work well in an upcoming release. Fedora community members often participate, and the public is welcome at these events. If you’ve never contributed before, this is a perfect way to get started.

To contribute, you only need to be able to do the following things:

  • Download test materials, which include some large files
  • Read and follow directions step by step

The wiki page for the kernel test day has a lot of good information on what and how to test. After you’ve done some testing, you can log your results in the test day web application. If you’re available on or around the day of the event, please do some testing and report your results.

Happy testing, and we hope to see you on test day.


06:52

Saturday Morning Breakfast Cereal - Stuck [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Unfortunately, the word "two-charist" just doesn't fit in the comic anywhere.


Today's News:

01:00

How to Build a Netboot Server, Part 4 [Fedora Magazine]

One significant limitation of the netboot server built in this series is the operating system image being served is read-only. Some use cases may require the end user to modify the image. For example, an instructor may want to have the students install and configure software packages like MariaDB and Node.js as part of their course walk-through.

An added benefit of writable netboot images is the end user’s “personalized” operating system can follow them to different workstations they may use at later times.

Change the Bootmenu Application to use HTTPS

Create a self-signed certificate for the bootmenu application:

$ sudo -i
# MY_NAME=$(</etc/hostname)
# MY_TLSD=/opt/bootmenu/tls
# mkdir $MY_TLSD
# openssl req -newkey rsa:2048 -nodes -keyout $MY_TLSD/$MY_NAME.key -x509 -days 3650 -out $MY_TLSD/$MY_NAME.pem

Verify your certificate’s values. Make sure the “CN” value in the “Subject” line matches the DNS name that your iPXE clients use to connect to your bootmenu server:

# openssl x509 -text -noout -in $MY_TLSD/$MY_NAME.pem

Next, update the bootmenu application’s listen directive to use the HTTPS port and the newly created certificate and key:

# sed -i "s#listen => .*#listen => ['https://$MY_NAME:443?cert=$MY_TLSD/$MY_NAME.pem\&key=$MY_TLSD/$MY_NAME.key\&ciphers=AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA'],#" /opt/bootmenu/bootmenu.conf

Note the ciphers have been restricted to those currently supported by iPXE.

GnuTLS requires the “CAP_DAC_READ_SEARCH” capability, so add it to the bootmenu application’s systemd service:

# sed -i '/^AmbientCapabilities=/ s/$/ CAP_DAC_READ_SEARCH/' /etc/systemd/system/bootmenu.service
# sed -i 's/Serves iPXE Menus over HTTP/Serves iPXE Menus over HTTPS/' /etc/systemd/system/bootmenu.service
# systemctl daemon-reload

Now, add an exception for the bootmenu service to the firewall and restart the service:

# MY_SUBNET=192.0.2.0
# MY_PREFIX=24
# firewall-cmd --add-rich-rule="rule family='ipv4' source address='$MY_SUBNET/$MY_PREFIX' service name='https' accept"
# firewall-cmd --runtime-to-permanent
# systemctl restart bootmenu.service

Use wget to verify it’s working:

$ MY_NAME=server-01.example.edu
$ MY_TLSD=/opt/bootmenu/tls
$ wget -q --ca-certificate=$MY_TLSD/$MY_NAME.pem -O - https://$MY_NAME/menu

Add HTTPS to iPXE

Update init.ipxe to use HTTPS. Then recompile the ipxe bootloader with options to embed and trust the self-signed certificate you created for the bootmenu application:

$ echo '#define DOWNLOAD_PROTO_HTTPS' >> $HOME/ipxe/src/config/local/general.h
$ sed -i 's/^chain http:/chain https:/' $HOME/ipxe/init.ipxe
$ cp $MY_TLSD/$MY_NAME.pem $HOME/ipxe
$ cd $HOME/ipxe/src
$ make clean
$ make bin-x86_64-efi/ipxe.efi EMBED=../init.ipxe CERT="../$MY_NAME.pem" TRUST="../$MY_NAME.pem"

You can now copy the HTTPS-enabled iPXE bootloader out to your clients and test that everything is working correctly:

$ cp $HOME/ipxe/src/bin-x86_64-efi/ipxe.efi $HOME/esp/efi/boot/bootx64.efi

Add User Authentication to Mojolicious

Create a PAM service definition for the bootmenu application:

# dnf install -y pam_krb5
# echo 'auth required pam_krb5.so' > /etc/pam.d/bootmenu

Add a library to the bootmenu application that uses the Authen-PAM perl module to perform user authentication:

# dnf install -y perl-Authen-PAM;
# MY_MOJO=/opt/bootmenu
# mkdir $MY_MOJO/lib
# cat << 'END' > $MY_MOJO/lib/PAM.pm
package PAM;

use Authen::PAM;

sub auth {
   my $success = 0;

   my $username = shift;
   my $password = shift;

   my $callback = sub {
      my @res;
      while (@_) {
         my $code = shift;
         my $msg = shift;
         my $ans = "";
   
         $ans = $username if ($code == PAM_PROMPT_ECHO_ON());
         $ans = $password if ($code == PAM_PROMPT_ECHO_OFF());
   
         push @res, (PAM_SUCCESS(), $ans);
      }
      push @res, PAM_SUCCESS();

      return @res;
   };

   my $pamh = new Authen::PAM('bootmenu', $username, $callback);

   {
      last unless ref $pamh;
      last unless $pamh->pam_authenticate() == PAM_SUCCESS;
      $success = 1;
   }

   return $success;
}

return 1;
END

The above code is taken almost verbatim from the Authen::PAM::FAQ man page.

Redefine the bootmenu application so it returns a netboot template only if a valid username and password are supplied:

# cat << 'END' > $MY_MOJO/bootmenu.pl
#!/usr/bin/env perl

use lib 'lib';

use PAM;
use Mojolicious::Lite;
use Mojolicious::Plugins;
use Mojo::Util ('url_unescape');

plugin 'Config';

get '/menu';
get '/boot' => sub {
   my $c = shift;

   my $instance = $c->param('instance');
   my $username = $c->param('username');
   my $password = $c->param('password');

   my $template = 'menu';

   {
      last unless $instance =~ /^fc[[:digit:]]{2}$/;
      last unless $username =~ /^[[:alnum:]]+$/;
      last unless PAM::auth($username, url_unescape($password));
      $template = $instance;
   }

   return $c->render(template => $template);
};

app->start;
END

The bootmenu application now looks for the lib directory relative to its WorkingDirectory. However, by default the working directory is set to the root directory of the server for systemd units. Therefore, you must update the systemd unit to set WorkingDirectory to the root of the bootmenu application instead:

# sed -i "/^RuntimeDirectory=/ a WorkingDirectory=$MY_MOJO" /etc/systemd/system/bootmenu.service
# systemctl daemon-reload

Update the templates to work with the redefined bootmenu application:

# cd $MY_MOJO/templates
# MY_BOOTMENU_SERVER=$(</etc/hostname)
# MY_FEDORA_RELEASES="28 29"
# for i in $MY_FEDORA_RELEASES; do echo '#!ipxe' > fc$i.html.ep; grep "^kernel\|initrd" menu.html.ep | grep "fc$i" >> fc$i.html.ep; echo "boot || chain https://$MY_BOOTMENU_SERVER/menu" >> fc$i.html.ep; sed -i "/^:f$i$/,/^boot /c :f$i\nlogin\nchain https://$MY_BOOTMENU_SERVER/boot?instance=fc$i\&username=\${username}\&password=\${password:uristring} || goto failed" menu.html.ep; done

The result of the last command above should be three files similar to the following:

menu.html.ep:

#!ipxe

set timeout 5000

:menu
menu iPXE Boot Menu
item --key 1 lcl 1. Microsoft Windows 10
item --key 2 f29 2. RedHat Fedora 29
item --key 3 f28 3. RedHat Fedora 28
choose --timeout ${timeout} --default lcl selected || goto shell
set timeout 0
goto ${selected}

:failed
echo boot failed, dropping to shell...
goto shell

:shell
echo type 'exit' to get the back to the menu
set timeout 0
shell
goto menu

:lcl
exit

:f29
login
chain https://server-01.example.edu/boot?instance=fc29&username=${username}&password=${password:uristring} || goto failed

:f28
login
chain https://server-01.example.edu/boot?instance=fc28&username=${username}&password=${password:uristring} || goto failed

fc29.html.ep:

#!ipxe
kernel --name kernel.efi ${prefix}/vmlinuz-4.19.5-300.fc29.x86_64 initrd=initrd.img ro ip=dhcp rd.peerdns=0 nameserver=192.0.2.91 nameserver=192.0.2.92 root=/dev/disk/by-path/ip-192.0.2.158:3260-iscsi-iqn.edu.example.server-01:fc29-lun-1 netroot=iscsi:192.0.2.158::::iqn.edu.example.server-01:fc29 console=tty0 console=ttyS0,115200n8 audit=0 selinux=0 quiet
initrd --name initrd.img ${prefix}/initramfs-4.19.5-300.fc29.x86_64.img
boot || chain https://server-01.example.edu/menu

fc28.html.ep:

#!ipxe
kernel --name kernel.efi ${prefix}/vmlinuz-4.19.3-200.fc28.x86_64 initrd=initrd.img ro ip=dhcp rd.peerdns=0 nameserver=192.0.2.91 nameserver=192.0.2.92 root=/dev/disk/by-path/ip-192.0.2.158:3260-iscsi-iqn.edu.example.server-01:fc28-lun-1 netroot=iscsi:192.0.2.158::::iqn.edu.example.server-01:fc28 console=tty0 console=ttyS0,115200n8 audit=0 selinux=0 quiet
initrd --name initrd.img ${prefix}/initramfs-4.19.3-200.fc28.x86_64.img
boot || chain https://server-01.example.edu/menu

Now, restart the bootmenu application and verify authentication is working:

# systemctl restart bootmenu.service

Make the iSCSI Target Writeable

Now that user authentication works through iPXE, you can create per-user, writeable overlays on top of the read-only image on demand when users connect. Using a copy-on-write overlay has three advantages over simply copying the original image file for each user:

  1. The copy can be created very quickly. This allows creation on-demand.
  2. The copy does not increase the disk usage on the server. Only what the user writes to their personal copy of the image is stored in addition to the original image.
  3. Since most sectors for each copy are the same sectors on the server’s storage, they’ll likely already be loaded in RAM when subsequent users access their copies of the operating system. This improves the server’s performance because RAM is faster than disk I/O.

One potential pitfall of using copy-on-write is that once overlays are created, the images on which they are overlayed must not be changed. If they are changed, all the overlays will be corrupted. Then the overlays must be deleted and replaced with new, blank overlays. Even simply mounting the image file in read-write mode can cause sufficient filesystem updates to corrupt the overlays.

Due to the potential for the overlays to be corrupted if the original image is modified, mark the original image as immutable by running:

# chattr +i </path/to/file>

You can use lsattr </path/to/file> to view the status of the immutable flag and use  to chattr -i </path/to/file> unset the immutable flag. While the immutable flag is set, even the root user or a system process running as root cannot modify or delete the file.

Begin by stopping the tgtd.service so you can change the image files:

# systemctl stop tgtd.service

It’s normal for this command to take a minute or so to stop when there are connections still open.

Now, remove the read-only iSCSI export. Then update the readonly-root configuration file in the template so the image is no longer read-only:

# MY_FC=fc29
# rm -f /etc/tgt/conf.d/$MY_FC.conf
# TEMP_MNT=$(mktemp -d)
# mount /$MY_FC.img $TEMP_MNT
# sed -i 's/^READONLY=yes$/READONLY=no/' $TEMP_MNT/etc/sysconfig/readonly-root
# sed -i 's/^Storage=volatile$/#Storage=auto/' $TEMP_MNT/etc/systemd/journald.conf
# umount $TEMP_MNT

Journald was changed from logging to volatile memory back to its default (log to disk if /var/log/journal exists) because a user reported his clients would freeze with an out-of-memory error due to an application generating excessive system logs. The downside to setting logging to disk is that extra write traffic is generated by the clients, and might burden your netboot server with unnecessary I/O. You should decide which option — log to memory or log to disk — is preferable depending on your environment.

Since you won’t make any further changes to the template image, set the immutable flag on it and restart the tgtd.service:

# chattr +i /$MY_FC.img
# systemctl start tgtd.service

Now, update the bootmenu application:

# cat << 'END' > $MY_MOJO/bootmenu.pl
#!/usr/bin/env perl

use lib 'lib';

use PAM;
use Mojolicious::Lite;
use Mojolicious::Plugins;
use Mojo::Util ('url_unescape');

plugin 'Config';

get '/menu';
get '/boot' => sub {
   my $c = shift;

   my $instance = $c->param('instance');
   my $username = $c->param('username');
   my $password = $c->param('password');

   my $chapscrt;
   my $template = 'menu';

   {
      last unless $instance =~ /^fc[[:digit:]]{2}$/;
      last unless $username =~ /^[[:alnum:]]+$/;
      last unless PAM::auth($username, url_unescape($password));
      last unless $chapscrt = `sudo scripts/mktgt $instance $username`;
      $template = $instance;
   }

   return $c->render(template => $template, username => $username, chapscrt => $chapscrt);
};

app->start;
END

This new version of the bootmenu application calls a custom mktgt script which, on success, returns a random CHAP password for each new iSCSI target that it creates. The CHAP password prevents one user from mounting another user’s iSCSI target by indirect means. The app only returns the correct iSCSI target password to a user who has successfully authenticated.

The mktgt script is prefixed with sudo because it needs root privileges to create the target.

The $username and $chapscrt variables also pass to the render command so they can be incorporated into the templates returned to the user when necessary.

Next, update our boot templates so they can read the username and chapscrt variables and pass them along to the end user. Also update the templates to mount the root filesystem in rw (read-write) mode:

# cd $MY_MOJO/templates
# sed -i "s/:$MY_FC/:$MY_FC-<%= \$username %>/g" $MY_FC.html.ep
# sed -i "s/ netroot=iscsi:/ netroot=iscsi:<%= \$username %>:<%= \$chapscrt %>@/" $MY_FC.html.ep
# sed -i "s/ ro / rw /" $MY_FC.html.ep

After running the above commands, you should have boot templates like the following:

#!ipxe
kernel --name kernel.efi ${prefix}/vmlinuz-4.19.5-300.fc29.x86_64 initrd=initrd.img rw ip=dhcp rd.peerdns=0 nameserver=192.0.2.91 nameserver=192.0.2.92 root=/dev/disk/by-path/ip-192.0.2.158:3260-iscsi-iqn.edu.example.server-01:fc29-<%= $username %>-lun-1 netroot=iscsi:<%= $username %>:<%= $chapscrt %>@192.0.2.158::::iqn.edu.example.server-01:fc29-<%= $username %> console=tty0 console=ttyS0,115200n8 audit=0 selinux=0 quiet
initrd --name initrd.img ${prefix}/initramfs-4.19.5-300.fc29.x86_64.img
boot || chain https://server-01.example.edu/menu

NOTE: If you need to view the boot template after the variables have been interpolated, you can insert the “shell” command on its own line just before the “boot” command. Then, when you netboot your client, iPXE gives you an interactive shell where you can enter “imgstat” to view the parameters being passed to the kernel. If everything looks correct, you can type “exit” to leave the shell and continue the boot process.

Now allow the bootmenu user to run the mktgt script (and only that script) as root via sudo:

# echo "bootmenu ALL = NOPASSWD: $MY_MOJO/scripts/mktgt *" > /etc/sudoers.d/bootmenu

The bootmenu user should not have write access to the mktgt script or any other files under its home directory. All the files under /opt/bootmenu should be owned by root, and should not be writable by any user other than root.

Sudo does not work well with systemd’s DynamicUser option, so create a normal user account and set the systemd service to run as that user:

# useradd -r -c 'iPXE Boot Menu Service' -d /opt/bootmenu -s /sbin/nologin bootmenu
# sed -i 's/^DynamicUser=true$/User=bootmenu/' /etc/systemd/system/bootmenu.service
# systemctl daemon-reload

Finally, create a directory for the copy-on-write overlays and create the mktgt script that manages the iSCSI targets and their overlayed backing stores:

# mkdir /$MY_FC.cow
# mkdir $MY_MOJO/scripts
# cat << 'END' > $MY_MOJO/scripts/mktgt
#!/usr/bin/env perl

# if another instance of this script is running, wait for it to finish
"$ENV{FLOCKER}" eq 'MKTGT' or exec "env FLOCKER=MKTGT flock /tmp $0 @ARGV";

# use "RETURN" to print to STDOUT; everything else goes to STDERR by default
open(RETURN, '>&', STDOUT);
open(STDOUT, '>&', STDERR);

my $instance = shift or die "instance not provided";
my $username = shift or die "username not provided";

my $img = "/$instance.img";
my $dir = "/$instance.cow";
my $top = "$dir/$username";

-f "$img" or die "'$img' is not a file"; 
-d "$dir" or die "'$dir' is not a directory";

my $base;
die unless $base = `losetup --show --read-only --nooverlap --find $img`;
chomp $base;

my $size;
die unless $size = `blockdev --getsz $base`;
chomp $size;

# create the per-user sparse file if it does not exist
if (! -e "$top") {
   die unless system("dd if=/dev/zero of=$top status=none bs=512 count=0 seek=$size") == 0;
}

# create the copy-on-write overlay if it does not exist
my $cow="$instance-$username";
my $dev="/dev/mapper/$cow";
if (! -e "$dev") {
   my $over;
   die unless $over = `losetup --show --nooverlap --find $top`;
   chomp $over;
   die unless system("echo 0 $size snapshot $base $over p 8 | dmsetup create $cow") == 0;
}

my $tgtadm = '/usr/sbin/tgtadm --lld iscsi';

# get textual representations of the iscsi targets
my $text = `$tgtadm --op show --mode target`;
my @targets = $text =~ /(?:^T.*\n)(?:^ .*\n)*/mg;

# convert the textual representations into a hash table
my $targets = {};
foreach (@targets) {
   my $tgt;
   my $sid;

   foreach (split /\n/) {
      /^Target (\d+)(?{ $tgt = $targets->{$^N} = [] })/;
      /I_T nexus: (\d+)(?{ $sid = $^N })/;
      /Connection: (\d+)(?{ push @{$tgt}, [ $sid, $^N ] })/;
   }
}

my $hostname;
die unless $hostname = `hostname`;
chomp $hostname;

my $target = 'iqn.' . join('.', reverse split('\.', $hostname)) . ":$cow";

# find the target id corresponding to the provided target name and
# close any existing connections to it
my $tid = 0;
foreach (@targets) {
   next unless /^Target (\d+)(?{ $tid = $^N }): $target$/m;
   foreach (@{$targets->{$tid}}) {
      die unless system("$tgtadm --op delete --mode conn --tid $tid --sid $_->[0] --cid $_->[1]") == 0;
   }
}

# create a new target if an existing one was not found
if ($tid == 0) {
   # find an available target id
   my @ids = (0, sort keys %{$targets});
   $tid = 1; while ($ids[$tid]==$tid) { $tid++ }

   # create the target
   die unless -e "$dev";
   die unless system("$tgtadm --op new --mode target --tid $tid --targetname $target") == 0;
   die unless system("$tgtadm --op new --mode logicalunit --tid $tid --lun 1 --backing-store $dev") == 0;
   die unless system("$tgtadm --op bind --mode target --tid $tid --initiator-address ALL") == 0;
}

# (re)set the provided target's chap password
my $password = join('', map(chr(int(rand(26))+65), 1..8));
my $accounts = `$tgtadm --op show --mode account`;
if ($accounts =~ / $username$/m) {
   die unless system("$tgtadm --op delete --mode account --user $username") == 0;
}
die unless system("$tgtadm --op new --mode account --user $username --password $password") == 0;
die unless system("$tgtadm --op bind --mode account --tid $tid --user $username") == 0;

# return the new password to the iscsi target on stdout
print RETURN $password;
END
# chmod +x $MY_MOJO/scripts/mktgt

The above script does five things:

  1. It creates the /<instance>.cow/<username> sparse file if it does not already exist.
  2. It creates the /dev/mapper/<instance>-<username> device node that serves as the copy-on-write backing store for the iSCSI target if it does not already exist.
  3. It creates the iqn.<reverse-hostname>:<instance>-<username> iSCSI target if it does not exist. Or, if the target does exist, it closes any existing connections to it because the image can only be opened in read-write mode from one place at a time.
  4. It (re)sets the chap password on the iqn.<reverse-hostname>:<instance>-<username> iSCSI target to a new random value.
  5. It prints the new chap password on standard output if all of the previous tasks compeleted successfully.

You should be able to test the mktgt script from the command line by running it with valid test parameters. For example:

# echo `$MY_MOJO/scripts/mktgt fc29 jsmith`

When run from the command line, the mktgt script should print out either the eight-character random password for the iSCSI target if it succeeded or the line number on which something went wrong if it failed.

On occasion, you may want to delete an iSCSI target without having to stop the entire service. For example, a user might inadvertently corrupt their personal image, in which case you would need to systematically undo everything that the above mktgt script does so that the next time they log in they will get a copy of the original image.

Below is an rmtgt script that undoes, in reverse order, what the above mktgt script did:

# mkdir $HOME/bin
# cat << 'END' > $HOME/bin/rmtgt
#!/usr/bin/env perl

@ARGV >= 2 or die "usage: $0 <instance> <username> [+d|+f]\n";

my $instance = shift;
my $username = shift;

my $rmd = ($ARGV[0] eq '+d'); #remove device node if +d flag is set
my $rmf = ($ARGV[0] eq '+f'); #remove sparse file if +f flag is set
my $cow = "$instance-$username";

my $hostname;
die unless $hostname = `hostname`;
chomp $hostname;

my $tgtadm = '/usr/sbin/tgtadm';
my $target = 'iqn.' . join('.', reverse split('\.', $hostname)) . ":$cow";

my $text = `$tgtadm --op show --mode target`;
my @targets = $text =~ /(?:^T.*\n)(?:^ .*\n)*/mg;

my $targets = {};
foreach (@targets) {
   my $tgt;
   my $sid;

   foreach (split /\n/) {
      /^Target (\d+)(?{ $tgt = $targets->{$^N} = [] })/;
      /I_T nexus: (\d+)(?{ $sid = $^N })/;
      /Connection: (\d+)(?{ push @{$tgt}, [ $sid, $^N ] })/;
   }
}

my $tid = 0;
foreach (@targets) {
   next unless /^Target (\d+)(?{ $tid = $^N }): $target$/m;
   foreach (@{$targets->{$tid}}) {
      die unless system("$tgtadm --op delete --mode conn --tid $tid --sid $_->[0] --cid $_->[1]") == 0;
   }
   die unless system("$tgtadm --op delete --mode target --tid $tid") == 0;
   print "target $tid deleted\n";
   sleep 1;
}

my $dev = "/dev/mapper/$cow";
if ($rmd or ($rmf and -e $dev)) {
   die unless system("dmsetup remove $cow") == 0;
   print "device node $dev deleted\n";
}

if ($rmf) {
   my $sf = "/$instance.cow/$username";
   die "sparse file $sf not found" unless -e "$sf";
   die unless system("rm -f $sf") == 0;
   die unless not -e "$sf";
   print "sparse file $sf deleted\n";
}
END
# chmod +x $HOME/bin/rmtgt

For example, to use the above script to completely remove the fc29-jsmith target including its backing store device node and its sparse file, run the following:

# rmtgt fc29 jsmith +f

Once you’ve verified that the mktgt script is working properly, you can restart the bootmenu service. The next time someone netboots, they should receive a personal copy of the the netboot image they can write to:

# systemctl restart bootmenu.service

Users should now be able to modify the root filesystem as demonstrated in the below screenshot:

Sunday, 13 January

07:07

Saturday Morning Breakfast Cereal - T-Rex [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
This comic really should've been on explosm. What is it doing here?


Today's News:

Saturday, 12 January

06:25

Saturday Morning Breakfast Cereal - Domestication [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
This is the least cruel cat joke I've ever made. Do the checks start rolling in now?


Today's News:

Friday, 11 January

07:56

Saturday Morning Breakfast Cereal - AI Winter [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Honestly, all you humans ever talk about is how we sterilized everyone then blotted out the sun. Like, get over it!


Today's News:

Thursday, 10 January

07:48

Saturday Morning Breakfast Cereal - Father Time [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Imagine it. A McRib, devoid of its spiritual essence.


Today's News:

Wednesday, 09 January

07:08

Saturday Morning Breakfast Cereal - Wrapping Paper [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Bet you thought the punchline was gonna be funnier given the setup. GOTCHA


Today's News:

02:00

Fedora classroom: Building Container images with Buildah [Fedora Magazine]

Fedora Classroom sessions continue with an introductory session on the use of Buildah to create container images. The general schedule for sessions is availble on the wiki, along with resources and recordings from previous sessions.

Topic: Building container images with Buildah

Containers are becoming the de facto standard for building and distributing applications. Fedora as a modern operating system already supports container use by default. As with every new technology, there are different applications and services available for adopting it. This classroom will explain and demonstrate the Buildah command line tool for building container images and its implementation in Fedora 29.

Here’s the agenda for the Classroom session:

  • Quick overview of What is a container image?
  • Deep dive into container architecture.
  • Container runtimes.
  • Building container images from commandline.
  • Building container images using Dockerfile.
  • Running Buildah within a container.

When and where

  • The session will be held on the Jitsi video-conferencing platform. Please use this URL to join the session: https://meet.jit.si/20190115-buildah
  • It will be held on  Tuesday, January 15 at 1600 UTC.  (Please click the link to see the time in your time zone.)

Instructor

Dan Walsh is a Distinguished Engineer for Red Hat. Dan is a recognized expert in Linux Security and container technologies. He has been working on container technologies for the last 17 years at Red Hat. Dan now leads the Container Runtime team at Red Hat. Responsible for the CRI-O, Buildah, Podman, and Skopeo projects.

Tuesday, 08 January

06:38

Saturday Morning Breakfast Cereal - Adulting [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
I can't wait till my kids discover this 20 years from now.


Today's News:

Monday, 07 January

10:00

Never mind killer robots—here are six real AI dangers to watch out for in 2019 [Top News - MIT Technology Review]

Last year a string of controversies revealed a darker (and dumber) side to artificial intelligence.

06:50

Saturday Morning Breakfast Cereal - Utilitarian Time Travel [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
How come there isn't a body of research on the intersection of utilitarianism and time travel?


Today's News:

02:00

Chromium on Fedora finally gets VAAPI support! [Fedora Magazine]

Do you like playing videos in your web browser? Well, good news, the Chromium web browser available in Fedora gets a Video Acceleration API support. That makes video playback much smoother while using significantly less resources.

A little bit of history

Chromium with a VAAPI patch was already available on other distributions. But this was not the case with Fedora. I really want hardware acceleration. But my love for Fedora was holding me back. Then with sheer willpower, I joined Fedora and started maintaining a package in COPR.

I am not really a distro hopper but a DE hopper. I usually jump from Gnome to KDE and vice versa depending upon my mood. Then I started maintaining Chromium with vaapi patch on COPR. I was using the official patch which was submitted upstream for code review. I had very little hope that it will get merge. The patch is outdated and and try jobs were failing at that time.

After six months, the Chromium upstream maintainers made a statement that they are not interested to include this patch. So after that I started working on my own patch with referenced from the official patch. My patch is about using the existing flags that other operating system uses instead of creating a new flag just for experimentation.

screenshot showing chromium uses video engine

Chromium uses AMDGPU’s UVD engine while playing a video

chromium's flag screenshot

Chromium uses Existing flags on Fedora

Effects of the VAAPI patch

Chromium with this patch was extremely stable on both of my machines. They both have AMD GPU. The video playback is smooth. This improved overall power savings as well.

Comparision with/without vaapi

Credits: Tobias Wolfshappen

As you can see, chromium with the vaapi patch takes up significantly less resources in comparison to chromium without the patch and Firefox.  The CPU usage went down from 120% to 10%. The playback is smooth with no shuttering.

VA-API patch in chromium for Fedora

It was then Fedora’s former Engineering Manager @ Red Hat and Chromium maintainer, Tom Callaway, finally recognises the VAAPI patch and decides to include in Fedora’s Chromium browser. Fedora becomes the second distribution to include the VAAPI patch in their official Chromium package.

Sunday, 06 January