Monday, 18 March

07:00

OpenXR 0.90 Released For AR/VR Standard - Monado Is An Open-Source Implementation [Phoronix]

Last year we were expecting The Khronos Group to introduce OpenXR 1.0 for this standard to address fragmentation and provide interoperability in the VR space followed by AR. That debut last year didn't happen although they did show off the first demonstration at SIGGRAPH. This week though at GDC they are announcing the OpenXR 0.90 provisional specification release...

06:49

That's Huawei I like it: Firm's cloudy arm dumps 19-inch rack for newer model [The Register]

All future cloud data centres to be designed with 21-inch Open Rack in mind

Embattled Chinese electronics giant Huawei said it will design all of its upcoming public cloud data centres around the 21-inch Open Rack standard developed by the Open Compute Project.…

06:22

UKCloud hauls Cisco reported 10% stake as biz tries to convince IT punters to buy British [The Register]

The Phil Collins-approved farmers' market of cloud computing

UKCloud today sucked up £25m in funding from Cisco-backed Digital Alpha Advisors for a 10 per cent stake in a business battling to convince buyers to use national rather than multinational cloud bringers.…

05:45

Oracle's long-running pension plan class action case: C'mon, judge, reject a jury trial – Big Red [The Register]

Wants court to decide on accusations it failed to properly police pension investments

Oracle is fighting back against tens of thousands of former staffers with pension plans who want to take the firm to a jury trial.…

05:34

Astronomers Discover 83 Supermassive Black Holes at the Edge of the Universe [Slashdot]

"A team of international astronomers have been hunting for ancient, supermassive black holes -- and they've hit the motherlode, discovering 83 previously unknown quasars," reports CNET: The Japanese team turned the ultra-powerful "Hyper Suprime-Cam", mounted to the Subaru Telescope in Hawaii, toward the cosmos' darkest corners, surveying the sky over a period of five years. By studying the snapshots, they've been able to pick potential quasar candidates out of the dark. Notably, their method of probing populations of supermassive black holes that are similar in size to the ones we see in today's universe, has given us a window into their origins. After identifying 83 potential candidates, the team used a suite of international telescopes to confirm their findings. The quasars they've plucked out are from the very early universe, about 13 billion light years away. Practically, that means the researchers are looking into the past, at objects form less than a billion years after the Big Bang. "It is remarkable that such massive dense objects were able to form so soon after the Big Bang," said Michael Strauss, who co-authored the paper, in a press release. Scientists aren't sure how black holes formed in the early universe, so being able to detect them this far back in time provides new avenues of exploration.

Read more of this story at Slashdot.

05:04

Whitepaper: Should you outsource your IT service desk? Check out this free practical guide [The Register]

Comarch tells you everything you need to know

Promo  If you have ever worried about the cost and staffing burden of providing your customers with the increasing amount of IT support they may need at all hours of the day or night, outsourcing your service desk may be the answer you are looking for.…

04:42

Apple: Group FaceTime allows up to 32 people! Skype: Hold my beer [The Register]

Plus: Builds, Teams, a bit of Xbox and other things Microsoft fiddled with last week

Roundup  It has been a bumper week at Microsoft with new builds, bigger meetings and streaming software.…

04:24

Interested In FreeSync With The RADV Vulkan Driver? Testing Help Is Needed [Phoronix]

Since the long-awaited introduction of FreeSync support with the Linux 5.0 kernel, one of the missing elements has been this variable rate refresh support within the RADV Vulkan driver...

04:04

Do Martians dream of electric Nimbys? Selling 5G needs steak, not just sizzle [The Register]

Let's talk about specs baby, let's talk about real 5G

Comment  Executive editor Andrew Orlowski was invited to share his thoughts on challenges to the uptake of 5G at a Westminster Forum event on Thursday 14 March. This is what he told the panel.

03:05

What made a super high-tech home in Victorian England? Hydroelectic witchery, for starters [The Register]

Forget the scones and gardens, Cragside house is engineery

Geek's Guide to Britain  Imagine an ageing magnate in his private retreat, and you might picture English industrialist William – first Baron – Armstrong in the luxurious wood-panelled library of his Northumberland pile: Cragside.…

02:12

Qt 3D Pairs Nicely With Vulkan & NVIDIA RTX To Make A Beautiful Path Tracer [Phoronix]

Not to be confused with Apple's Quartz graphics layer, a new open-source project called Quartz by developer Michał Siejak is producing stunningly beautiful results while being powered by the Vulkan graphics API, making use of Qt 3D, and NVIDIA RTX support within this path tracer...

02:07

College student with 'visions of writing super-cool scripts' almost wipes out faculty's entire system [The Register]

Turns out he probably wasn't smart enough to automate a Unix system update

Who, Me?  Monday has once more reared its ugly head, but brings with it the charming face of Who, Me?, El Reg's weekly look at cringeworthy events of readers' pasts.…

02:01

Let’s try dwm — dynamic window manger [Fedora Magazine]

If you like efficiency and minimalism, and are looking for a new window manager for your Linux desktop, you should try dwm — dynamic window manager. Written in under 2000 standard lines of code, dwm is extremely fast yet powerful and highly customizable window manager.

You can dynamically choose between tiling, monocle and floating layouts, organize your windows into multiple workspaces using tags, and quickly navigate through using keyboard shortcuts. This article helps you get started using dwm.

Installation

To install dwm on Fedora, run:

$ sudo dnf install dwm dwm-user

The dwm package installs the window manager itself, and the dwm-user package significantly simplifies configuration which will be explained later in this article.

Additionally, to be able to lock the screen when needed, we’ll also install slock — a simple X display locker.

$ sudo dnf install slock

However, you can use a different one based on your personal preference.

Quick start

To start dwm, choose the dwm-user option on the login screen.

After you log in, you’ll see a very simple desktop. In fact, the only thing there will be a bar at the top listing our nine tags that represent workspaces and a []= symbol that represents the layout of your windows.

Launching applications

Before looking into the layouts, first launch some applications so you can play with the layouts as you go. Apps can be started by pressing Alt+p and typing the name of the app followed by Enter. There’s also a shortcut Alt+Shift+Enter for opening a terminal.

Now that some apps are running, have a look at the layouts.

Layouts

There are three layouts available by default: the tiling layout, the monocle layout, and the floating layout.

The tiling layout, represented by []= on the bar, organizes windows into two main areas: master on the left, and stack on the right. You can activate the tiling layout by pressing Alt+t.

The idea behind the tiling layout is that you have your primary window in the master area while still seeing the other ones in the stack. You can quickly switch between them as needed.

To swap windows between the two areas, hover your mouse over one in the stack area and press Alt+Enter to swap it with the one in the master area.

The monocle layout, represented by [N] on the top bar, makes your primary window take the whole screen. You can switch to it by pressing Alt+m.

Finally, the floating layout lets you move and resize your windows freely. The shortcut for it is Alt+f and the symbol on the top bar is ><>.

Workspaces and tags

Each window is assigned to a tag (1-9) listed at the top bar. To view a specific tag, either click on its number using your mouse or press Alt+1..9. You can even view multiple tags at once by clicking on their number using the secondary mouse button.

Windows can be moved between different tags by highlighting them using your mouse, and pressing Alt+Shift+1..9. 

Configuration

To make dwm as minimalistic as possible, it doesn’t use typical configuration files. Instead, you modify a C header file representing the configuration, and recompile it. But don’t worry, in Fedora it’s as simple as just editing one file in your home directory and everything else happens in the background thanks to the dwm-user package provided by the maintainer in Fedora.

First, you need to copy the file into your home directory using a command similar to the following:

$ mkdir ~/.dwm
$ cp /usr/src/dwm-VERSION-RELEASE/config.def.h ~/.dwm/config.h

You can get the exact path by running man dwm-start.

Second, just edit the ~/.dwm/config.h file. As an example, let’s configure a new shortcut to lock the screen by pressing Alt+Shift+L.

Considering we’ve installed the slock package mentioned earlier in this post, we need to add the following two lines into the file to make it work:

Under the /* commands */ comment, add:

static const char *slockcmd[] = { "slock", NULL };

And the following line into static Key keys[]:

{ MODKEY|ShiftMask, XK_l, spawn, {.v = slockcmd } },

In the end, it should look like as follows: (added lines are highlighted)

...
/* commands */
static char dmenumon[2] = "0"; /* component of dmenucmd, manipulated in spawn() */
static const char *dmenucmd[] = { "dmenu_run", "-m", dmenumon, "-fn", dmenufont, "-nb", normbgcolor, "-nf", normfgcolor, "-sb", selbgcolor, "-sf", selfgcolor, NULL };
static const char *termcmd[]  = { "st", NULL };
static const char *slockcmd[] = { "slock", NULL };

static Key keys[] = {
/* modifier                     key        function        argument */
{ MODKEY|ShiftMask,             XK_l,      spawn,          {.v = slockcmd } },
{ MODKEY,                       XK_p,      spawn,          {.v = dmenucmd } },
{ MODKEY|ShiftMask,             XK_Return, spawn,          {.v = termcmd } },
...

Save the file.

Finally, just log out by pressing Alt+Shift+q and log in again. The scripts provided by the dwm-user package will recognize that you have changed the config.h file in your home directory and recompile dwm on login. And becuse dwm is so tiny, it’s fast enough you won’t even notice it.

You can try locking your screen now by pressing Alt+Shift+L, and then logging back in again by typing your password and pressing enter.

Conclusion

If you like minimalism and want a very fast yet powerful window manager, dwm might be just what you’ve been looking for. However, it probably isn’t for beginners. There might be a lot of additional configuration you’ll need to do in order to make it just as you like it.

To learn more about dwm, see the project’s homepage at https://dwm.suckless.org/.

01:38

Brouhaha over IBM using Flickr faces for AI training, big trouble in not-so-little China for Microsoft, and more [The Register]

Plus: It's time to take AI to school

Roundup  Hello, here's a quick lowdown on what's been going on in AI beyond what we've already reported lately.…

01:34

Wells Fargo Sued By 63-Year-Old Pastor They Wrongfully Accused of Forging Checks [Slashdot]

Wells Fargo has been hit with a lawsuit from a 63-year-old pastor at the United Methodist Church of Parsippany. Wells Fargo sent his ATM photos to the police, which he says led to false arrest, malicious prosecution -- and humiliation. NJ.com reports: In the lawsuit filed Thursday in Morris County Superior Court, attorneys for the 63-year-old pastor sought unspecified damages against Wells Fargo, which has come under fire over a series of scandals in recent years. Also named were the State Police detectives who originally brought the charges against him last year after bank security officials allegedly mistakenly identified a photo of Edwards taken at an ATM machine as a suspect in a series of fraudulent check deposits.... In the lawsuit, Edwards' attorney wrote that Wells Fargo notified the State Police when it discovered the bogus transactions, and the bank was asked to provide any still photos or video images taken from the ATM at Parsippany where some of the checks were deposited and later cashed out. The bank sent photos of Edwards, who had made his own deposit of checks at the same ATM the very same day, according to the complaint... The pastor said he first discovered he was the focus of a criminal investigation last year after a parishioner texted him a State Police Facebook posting requesting the public's help identifying a man suspected of depositing fraudulent checks at an ATM... In an interview, Edwards said after seeing the post, he called the detectives and shared a copy of his banking transactions to show he had not deposited the fraudulent checks. "I thought it would clear things up," he said. "They said all their information was from Wells Fargo..." Last September, Edwards said he was asked to come down to the State Police station in Holmdel. After he got there, he said he was shocked to find out he was being arrested and charged with third degree forgery. When he protested and said somebody made an error, he said one of the investigators asked him if the case did go to trial, who would the jury believe -- a bank security expert or him? "They fingerprinted me. Took my mug shot and gave me a court date," he said. The case fell apart, but the 63-year-old pastor says he never received an apology from the police, or from Wells Fargo. "The carelessness of both Wells Fargo and the State Police is kind of appalling, and I wonder what happens to somebody who might not have the resources to defend themselves," the pastor told NJ.com. "I told them yes that was my picture and yes I was in the bank that day. That's all they needed to arrest me." A spokesman for Wells Fargo told the reporter they'd be unable to comment "since this is a pending legal matter." But the story was submitted to Slashdot by someone claiming to be pastor Jeff Edwards. "Wells Fargo carelessly provided ATM pictures [of] me to the state police in a fraudulent check investigation that led to my arrest," reads the original submission. "The case was dismissed when it was demonstrated that Wells Fargo had been grossly irresponsible."

Read more of this story at Slashdot.

01:12

Karpeles walks, Google and Microsoft board up Windows hole, and Android AV still sucks [The Register]

Plus, BlackBerry wants to be Uncle Sam's go-to security firm, thousands of legal docs pill online, and more

Roundup  Last week we saw a conservative app exposed, the revelation of Beto's hacker past, and the rise of Slub.…

00:19

UK code breakers drop Bombe, Enigma and Typex simulators onto the web for all to try [The Register]

You have to run GCHQ code? Nice try, spy guys

UK signals intelligence agency GCHQ, celebrating its centenary, has released emulators for famed World War II-era cipher machines that can be run within its web-based educational encryption app CodeChef.…

Sunday, 17 March

23:22

The-Forge Rendering Framework Refactors Input, Adds Other New Features [Phoronix]

The-Forge, a cross-platform rendering framework that is open-source and has supported Linux and Vulkan since 2016 and worked on a variety of interesting rendering features like more advanced "Tress-FX" support, rolled out two new releases this month...

22:00

Solus 4 Officially Released With Updated Budgie Desktop, Linux 4.20 Kernel [Phoronix]

Solus 4 has officially set sail as the latest version of this popular desktop Linux distribution that is known for its "Budgie" desktop environment, borrowing some performance optimizations from the likes of Clear Linux, and various usability enhancements and more to enhance its desktop experience...

21:34

BBC Visits 'Hated and Hunted' Ransomware Expert [Slashdot]

In "Hated and hunted," a BBC reporter describes visiting a ransomware expert "who has devoted himself, at huge personal cost, to helping victims of ransomware around the world." They hate him so much that they leave him angry threats buried deep inside the code of their own viruses... "I was shocked but I also felt a real sense of pride," says Fabian. "Almost like, a little bit cocky. I'm not going to lie, yeah, it was nice...." He works remotely for a cyber security company, often sitting for hours at a time working with colleagues in different countries. When he's "in the zone", the outside world becomes even less important and his entire existence focuses on the code on his screen. He once woke up with keyboard imprints all over his face after falling asleep during a 35-hour session. All of this to create anti-ransomware programs that he and his company usually give away free. Victims simply download the tools he makes for each virus, follow the instructions and get their files back... According to research from Emsisoft, the cyber security company Fabian works for, a computer is attacked every two seconds. Their network has managed to prevent 2,584,105 infections in the past 60 days -- and that's just one anti-virus firm of dozens around the world.... "It's pretty much an arms race," says Fabian. "They release a new ransomware virus, I find a flaw in its code and build the decryption tool to reverse it so people can get their files back. Then the criminals release a new version which they hope I can't break... It escalates with them getting more and more angry with me...." Fabian accepts that moving around and restricting his life and circle of friends is just a part of the sacrifice for his hobby-turned-profession... He earns a very good salary but looking around his home and at his life it's hard to see how he spends it. He estimates that he's "upset or angered" 100 different ransomware gangs (based on his analysis of the Bitcoin wallets where they collect their ransoms.) One group had collected about $250,000 (£191,000) in three months -- until Fabian created a countering anti-ransomware program -- which is one reason he carefully hids his identity. "I know how much money they make and it would be literally nothing for them to drop 10 or 20,000 for like some Russian dude to turn up to my house and beat the living hell out of me."

Read more of this story at Slashdot.

20:34

Vaccines Can Help Fight the Rise of Drug-Resistant Microbes [Slashdot]

An anonymous reader quotes the Harvard School of Public Health: Drug-resistant strains of gonorrhea, salmonella, Escherichia coli (E. coli) and many other disease-causing agents are flourishing around the world, and the consequences are disastrous -- at least 700,000 people die globally as a result of antimicrobial resistance (AMR) annually, according to a 2016 review on antimicrobial resistance commissioned by former UK Prime Minister David Cameron. It's a perilous situation, but several new studies from researchers at Harvard T.H. Chan School of Public Health indicate that an important tool in the fight against AMR already exists: vaccines. The Proceedings of the National Academy of Sciences recently devoted a special feature section to examine the role vaccines can play in stemming the tide of antimicrobial resistance. In general terms, vaccinations can help lessen the burden in two ways: First, they can protect against the direct transmission of drug-resistant infections. Second, they can lessen the chances of someone getting sick, which in turn reduces the likelihood that he or she will be prescribed antibiotics or other medications. The fewer medications someone takes, the less likely it is that microbes will evolve resistance to the drugs.

Read more of this story at Slashdot.

19:34

Bacteria Discovered In Irish Soil Kills Four Drug-Resistant Superbugs [Slashdot]

NBC News reports on how microbiologist Gerry Quinn "followed up on some folklore his family had passed on to him." Old timers insisted that the dirt in the vicinity of a nearly 1,500-year-old church in County Fermanagh in Northern Ireland, an area once occupied by the Druids, had almost miraculous curative powers.... "Here in the western fringes of Ireland there is still a tradition of having this folk cure," Quinn told NBC News. "We can look at it and see maybe it's just superstition -- or we can actually investigate and ask, 'is there anything in the soil that produces antibiotics...?'" Once Quinn and his team decided to focus on the Irish soil, they narrowed their search to a specific type of bacteria, called Streptomyces, because other strains of this bacteria have led to the development of 75 percent of existing antibiotics, Quinn said. The bacteria was discovered by a team based at Swansea University Medical School, made up of researchers from Wales, Brazil, Iraq and Northern Ireland. The researchers first tried the newly discovered strain of Streptomyces on some garden variety bacteria. In their petri dish experiment, "it knocked them out," Quinn said. "Then we thought we'd take it one step further and find some multi-resistant organisms." The bacteria in the experiment killed four out of the top six organisms that are resistant to antibiotics, including MRSA. "It's quite surprising," said Quinn... "The lesson is, some of the cures are right underneath your feet." Vaughn Cooper, an evolutionary geneticist/microbiologist at the University of Pittsburgh's School of Medicine, tells NBC that more research is needed before this yields a super-antibiotic -- but "it's a cool discovery." The World Health Organization has named antibiotic resistance as one of 2019's ten top public health threats.

Read more of this story at Slashdot.

17:34

Nevada Lawmakers Want Police To Scan Cellphones After Car Crashes [Slashdot]

An anonymous reader quotes the Associated Press: Most states ban texting behind the wheel, but a legislative proposal could make Nevada one of the first states to allow police to use a contentious technology to find out if a person was using a cellphone during a car crash... If the Nevada measure passes, it would allow police to use a device known as the "textalyzer," which connects to a cellphone and looks for user activity, such as opening a Facebook messenger call screen. It is made by Israel-based company Cellebrite, which says the technology does not access or store personal content. It has not been tested in the field and is not being used by any law enforcement agencies. The company said the device could be tested in the field if the Nevada legislation passes... Opponents air concerns that the measure violates the Fourth Amendment, which protects against unreasonable search and seizure. Jay Stanley, a senior policy analyst at the American Civil Liberties Union, also raised questions over how the software will work and if it will be open sourced so the public can ensure it doesn't access personal content... Law enforcement officials argue that distracted driving is underreported and that weak punishments do little to stop drivers from texting, scrolling or otherwise using their phones. Adding to the problem, they say there is no consistent police practice that holds those drivers accountable for traffic crashes, unlike drunken driving.

Read more of this story at Slashdot.

16:34

Before Google+ Shuts Down, The Internet Archive Will Preserve Its Posts [Slashdot]

Google+ "was an Internet-based social network. It was almost 8 years old," reports KilledByGoogle.com, which bills itself as "The Google Graveyard: A list of dead products Google has killed and laid to rest in the Google Cemetery." But before Google+ closes for good in April, its posts are being preserved by Internet Archive and the ArchiveTeam, reports the Verge: In a post on Reddit, the sites announced that they had begun their efforts to archive the posts using scripts to capture and back up the data in an effort to preserve it. The teams say that their efforts will only encompass posts that are currently available to the public: they won't be able to back up posts that are marked private or deleted... They also note that they won't be able to capture everything: comment threads have a limit of 500 comments, "but only presents a subset of these as static HTML. It's not clear that long discussion threads will be preserved." They also say that images and video won't be preserved at full resolution... They also urge people who don't want their content to be archived to delete their accounts, and pointed to a procedure to request the removal of specific content. A bit of history: Linus Torvalds launched a Google+ page in 2017 called "Gadget Reviews" -- where he made exactly six posts.

Read more of this story at Slashdot.

15:53

Linux 5.1-rc1 Kernel Released After A "Fairly Normal" Merge Window [Phoronix]

Linus Torvalds has just closed off the Linux 5.1 kernel merge window and issued 5.1-rc1 as the first test release...

15:34

Why Robo-Calls Can't Be Stopped [Slashdot]

"When your phone rings, there's about a 50 percent chance it's a spam robo-call," reports the Washington Post. Now a computer science professor who's researched robo-call technologies reveals the economics behind automatically dialing phone numbers "either randomly, or from massive databases compiled from automated Web searches, leaked databases of personal information and marketing data." It doesn't matter whether you've signed up with the federal Do Not Call Registry, although companies that call numbers on the list are supposed to be subject to large fines. The robo-callers ignore the list, and evade penalties because they can mask the true origins of their calls.... Each call costs a fraction of a cent -- and a successful robo-call scam can net millions of dollars. That more than pays for all the calls people ignored or hung up on, and provides cash for the next round. Casting an enormous net at low cost lets these scammers find a few gullible victims who can fund the whole operation... Partly that's because their costs are low. Most phone calls are made and connected via the Internet, so robo-call companies can make tens of thousands, or even millions, of calls very cheaply. Many of the illegal robo-calls targeting the United States probably come from overseas -- which used to be extremely expensive but now is far cheaper... Meanwhile, the Federal Communications Commission has been asking U.S. phone companies to filter calls and police their own systems to keep out robo-calls. It hasn't worked, mainly because it's too costly and technically difficult for phone companies to do that. It's hard to detect fake Caller ID information, and wrongly blocking a legitimate call could cause them legal problems. The professor's article suggests guarding your phone number like you guard your credit card numbers. "Don't give your phone number to strangers, businesses or websites unless it's absolutely necessary." "Of course, your phone number may already be widely known and available, either from telephone directories or websites, or just because you've had it for many years. In that case, you probably can't stop getting robo-calls."

Read more of this story at Slashdot.

14:34

Are We Getting Close To Flying Taxis? [Slashdot]

An anonymous reader quotes a report from public news station KNPR about how close weare flying taxi services: The dream of flying cars is as at least as old as the automobile itself. Bell, which makes attack helicopters for the U.S. Navy, is working on this new project with another high-profile partner, Uber. The prototype, the Bell Nexus, was unveiled earlier this year. Boeing and Airbus also have prototypes of these flying cars in the works. Uber has become the face of the aerial mobility movement as it has the most public campaign touting its work so far. Elon Musk says he'll get us to Mars. Uber says it'll get a millennial from San Francisco to San Jose in 15 minutes flat (instead of the two-hour slog in morning traffic). And its timeline for this flying taxi that does not yet exist is 2023... NASA is another Uber partner. While Jaiwon Shin, NASA's associate administrator for the Aeronautics Research Mission Directorate, thinks Uber is being a little bullish -- he'd put the timeline further out, to the mid-2020s -- Shin says it's close. "Convergence of many different technologies are maturing to the level that now aviation can benefit to put these things together," he said. The batteries that power electric cars can evolve further, to power flight. Companies can stockpile and pool data, and build artificial intelligence to take over air traffic control, managing the thousands of drones and taxis in the air. And Uber, his partner, is really well-connected. While fighting the legacy taxi industry, Uber made so many government and lobbyist contacts, that that Rolodex can help grease the wheels -- or wings. "While no flying taxi exists yet, Uber has dared to estimate the 'near-term' cost of that San Francisco to San Jose trip: $43," the article reports -- suggesting that could create a new division in society. "With flying cars, the haves can escape to the air and leave the have-nots forgotten in their potholes."

Read more of this story at Slashdot.

13:34

Texas Lawmakers Want To Stop Tesla From Fixing Its Own Cars [Slashdot]

In Texas the local car dealer lobby has blocked Tesla from selling its cars directly to customers. They're using old laws meant to prevent car manufacturers from competing with their own local dealers -- but Tesla never had any local dealers! And according to Electrek, it gets worse... Despite this issue, Texans have bought thousands of Tesla vehicles, which the automaker delivers from other states to comply with the law. Tesla has been able to service those vehicles through its own service centers, which are not subject to those same direct-sale rules, but now dealers are even going after Tesla's right to service its cars. Quartz offers some additional coverage: At issue is a battle over money. Car dealers derive much of their revenue from selling and (especially) servicing vehicles. Tesla's direct-to-customer sales and service stations are a threat to that business model since they cut dealers out of the transaction.

Read more of this story at Slashdot.

13:17

NVIDIA 418.49.04 Linux Driver Brings Host Query Reset & YCbCr Image Arrays [Phoronix]

NVIDIA has issued new Vulkan beta drivers leading up to the Game Developers Conference 2019 as well as this next week there being NVIDIA's GPU Technology Conference (GTC) nearby in California...

12:34

To Avoid Demonetization, YouTube and Twitch Streamers Sing Badly Over Copyrighted Songs [Slashdot]

To avoid copyright claims, "YouTube creators and Twitch streamers have been performing terrible a capella covers of popular songs," reports the Verge: React videos are a huge part of YouTube's current culture; people lift popular movie trailers and film their reactions to what's happening on-screen. These videos are typically monetized... In recent months, YouTube creators have run into copyright issues while making TikTok reaction videos, where they collect cringey TikTok clips and either react or provide commentary on them. [T]hose TikTok videos contain music from artists signed to labels like Sony and Warner, and those labels will issue copyright claims, preventing creators from monetizing their videos... TikTok videos include less than 10 seconds of music, yet that can still be enough to receive a copyright claim -- on TikTok itself, the music is all licensed from the labels... To work around that, creators like Danny Gonzalez and Kurtis Conner have started replacing the music with their own singing. Gonzalez and Conner half-heartedly sing songs like Linkin Park's "In The End" and Imagine Dragons' "Believer" while the corresponding TikTok video plays on screen... It's a little painful to hear, but ultimately a very fun loophole in the copyright system that YouTube has to enforce... The hope is that major labels like Sony Music or Warner Music Group can't claim copyright infringement, or at least that the singing won't trigger YouTube's automated system for finding copyrighted content.

Read more of this story at Slashdot.

11:44

Nouveau NIR Support Lands In Mesa 19.1 Git [Phoronix]

It shouldn't come as any surprise, but landing today in Mesa 19.1 Git is the initial support for the Nouveau Gallium3D code to make use of the NIR intermediate representation as an alternative to Gallium's TGSI...

11:34

'Facebook, Axios And NBC Paid This Guy To Whitewash Wikipedia Pages' [Slashdot]

The Huffington Post ran a bombshell report this week on one of a handful of people who have "figured out how to manipulate Wikipedia's supposedly neutral system to turn a profit." They're describing Ed Sussman, a former head of digital for Fast Company and Inc.com who's now paid to do damage control by relentlessly lobbying for changes to Wikipedia pages. "In just the past few years, companies including Axios, NBC, Nextdoor and Facebook's PR firm have all paid him to manipulate public perception using a tool most people would never think to check. And it almost always works." Spin reports: The benefit of hiring Sussman, aside from insulating talking heads from the humiliation of being found to have edited their own pages, is that he applies the exacting and annoying vigor of an attorney to Wikipedia's stringent editing rules. Further, because his opponents in these arguments are not opposing lawyers but instead Wikipedia's unpaid editors, he's really effective. From HuffPost: "Sussman's main strategy for convincing editors to make the changes his clients want is to cite as many tangentially related rules as possible (he is, after all, a lawyer). When that doesn't work, though, his refusal to ever back down usually will. He often replies to nearly every single bit of pushback with walls of text arguing his case. Trying to get through even a fraction of it is exhausting, and because Wikipedia editors are unpaid, there's little motivation to continue dealing with Sussman's arguments. So he usually gets his way." NBC and Axios confirmed that they hired Sussman, and an Axios spokesperson told HuffPost that the site "hired him to correct factual inaccuracies." The spokesperson added "pretty sure lots of people do this," which may or may not be true. Sussman's web site argues he's addressing "inaccurate or misleading information...potentially creating severe business problems for its subject," bragging in his FAQ that when he's finished, "the article looks exactly the same" to an outsider -- and that his success rate is 100%.

Read more of this story at Slashdot.

10:34

Some Companies Choose Microsoft's Cloud Service Because They're Afraid of Amazon [Slashdot]

"In the cloud wars, Microsoft has been able to win big business from retailers, largely because companies like Walmart, Kroger, Gap and Target are opting not to write big checks to rival Amazon," reports CNBC: The more Amazon grows, the more that calculation could start working its way into other industries -- like automotive. In a recent interview with CNBC, Volkswagen's Heiko Huttel, who runs the company's connected car division, said the carmaker chose Microsoft Azure late last year for its "Automotive Cloud" project after considering Amazon Web Services... "If I take a look at all the competitors out there, you see they have capabilities in disrupting you at the customer interface," Hüttel said. "Then you have to carefully choose who is really getting down into the car, where you open up a lot of data to these people, and then you have to carefully choose with whom you are doing business." Microsoft likes to tout the merits of its cloud technology, but the company is fully aware that taking on AWS, which has a commanding lead in the cloud infrastructure market, isn't just about offering the best services... Microsoft doesn't break out Azure revenue, but analysts at Morgan Stanley estimate that it accounted for almost 10 percent of sales in the latest quarter.

Read more of this story at Slashdot.

09:34

Sealed Cache of Moon Rocks To Be Opened By NASA [Slashdot]

"Scientists are hoping to unlock some of the universe's mysteries through 50-year-old moon rocks," reports the New York Daily News -- specifically, three samples that spent that half century sealed in airtight canisters. One Apollo 18 sample from 1972 contains 1.8 pounds of a vacuum-sealed lunar core that is a stratified layer of rock that will be studied by six research teams. About 842 pounds of lunar rocks and soil have been brought back to Earth over six missions. Although a great deal of it has found its way to science labs, technological breakthroughs should allow for a more thorough comprehension of the satellite's chemical and geological composition... "When the previous generations did Apollo, they knew the technology they had in that day was not the technology we would have in this day," said NASA Administrator Jim Bridenstine. "So they made a determination that they would preserve samples. ⦠I'd like to thank, if it's OK, the Apollo generation, for preserving these samples, so that our generation could have this opportunity." An anonymous Slashdot reader writes, "That's remarkable considering how often moon rocks were misplaced over the years."

Read more of this story at Slashdot.

08:49

Vulkan 1.1.104 Brings Native HDR, Exclusive Fullscreen Extensions [Phoronix]

With the annual Game Developers' Conference (GDC) kicking off tomorrow in San Francisco, Khronos' Vulkan working group today released Vulkan 1.1.104 that comes with several noteworthy extensions...

08:34

Massive Study Finds Apple Watch Can Detect Undiagnosed Heart Rhythm Problems [Slashdot]

An anonymous reader quotes Engadget: Researchers from Stanford University's School of Medicine presented results from a giant study sponsored by Apple Inc. that showed the Apple Watch can sometimes spot patients with undiagnosed heart-rhythm problems, without producing large numbers of false alarms. The Apple-sponsored trial enrolled 419,297 people and was one of the largest heart-screening studies ever. The study, details of which are being presented today at the American College of Cardiology conference in New Orleans, used the watch's sensors to detect possible atrial fibrillation... People who have atrial fibrillation are at risk of blood clots and strokes. In the U.S., it causes 750,000 hospitalizations a year and contributes to 130,000 deaths, according to the Centers for Disease Control and Prevention. Because it doesn't always produce outward symptoms, it can go undiagnosed. According to results presented Saturday, about 0.5 percent of patients in the study -- or almost 2,100 people -- received notices from their watch indicating that they might have a heart-rhythm problem. That relatively low number showed that the technology wasn't inundating people with worrisome alerts. People receiving a notification were asked to then wear an ECG (electrocardiography) patch, according to the Verge, adding that Stanford reports "84 percent of the time, participants who received irregular pulse notifications were found to be in atrial fibrillation at the time of the notification." The dean of Stanford's medical school says the study "opens the door to further research into wearable technologies and how they might be used to prevent disease before it strikes."

Read more of this story at Slashdot.

08:04

F5 Acquired NGINX For $670M [Slashdot]

Long-time Slashdot reader skdffff quotes ZDnet: F5 Networks on Monday announced that it will acquire NGINX, which provides popular open-source software of the same name, for $670 million. The deal advances F5's aim of capitalizing on the trend toward multi-cloud deployments. F5 plans to enhance NGINX's current offerings with F5 security solutions and will integrate F5 cloud-native technology with NGINX's software load balancing technology. This should accelerate F5's time to market of application services for containerized applications. Meanwhile, NGINX will benefit from F5's global salesforce, channel infrastructure and partner ecosystem. The acquisition adds "the power of NGINX's open source innovation to F5's ADC leadership and enterprise reach," NGINX CEO Gus Robertson said in a statement

Read more of this story at Slashdot.

08:00

The Big Features Of Linux 5.1: IO_Uring, Intel Fastboot Default, Goya AI Accelerator, New Hardware [Phoronix]

The two-week long merge window for Linux 5.1 is expected to close later today so here is a look back at all of the changes and new features coming with this next version of the Linux kernel.

07:35

Saturday Morning Breakfast Cereal - Living Wage [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
I say everyone should be able to afford at least one dark underground labyrinth lit by flaming bones.


Today's News:

07:34

Are Large Cloud Providers a Threat To Open Source Vendors? [Slashdot]

Stephen O'Grady, co-founder of the industry analyst firm RedMonk, asks whether open source vendors are marching towards an inevitable and damaging war with big cloud providers: In the last twelve to eighteen months...a switch has been flipped. Companies have gone from regarding cloud providers like Amazon, Google or Microsoft as not even worth mentioning as competition to dreadful, existential threat. The fear of these cloud providers has become so overpowering, in fact, that commercial open source vendors have chosen -- against counsel, in many cases -- to walk down strategic paths that violate open source cultural norms, trigger massive and sustained negative PR and jeopardize relationships with developers, partners and customers. Specifically, commercial open source providers have increasingly turned to models that blur the lines between open source and proprietary software in an attempt to access the strengths of both, with the higher probability outcome of ending up with their weaknesses instead. That commercial open source providers took these actions having been advised of these and other risks in advance says everything about how these businesses view their prospects in a world increasingly dominated by massive providers of cloud infrastructure and an expanding array of services that sit on top of that. The strategic decisions inarguably have major, unavoidable negative consequences, but commercial open source providers -- or their investors, at least -- believe that a lack of action would be even more damaging.

Read more of this story at Slashdot.

05:32

Wine-Staging 4.4 Down To 770 Patch Delta, Addresses Six Year Old Bug About Silverlight [Phoronix]

Re-based off Friday's release of Wine 4.4, Wine-Staging 4.4 is now available though the delta compared to upstream is now many patches lighter thanks to some of the work being upstreamed...

05:18

You Can Now Use Your Old GameCube Controllers With SDL2 Games [Phoronix]

Linux game porter Ethan Lee has taken a break from his FNA-XNA/FAudio/Wine hacking to add support to the SDL2 library for the GameCube controller adapter intended for Nintendo's Wii U / Switch devices...

03:34

After 40 Years 'Dungeons & Dragons' is Suddenly Popular [Slashdot]

CNBC reports Dungeons and Dragons "has found something its early fans never expected: Popularity." The days of hiding away in a basement rolling dice and playing "Dungeons and Dragons" in darkness is over. More than 40 years after the first edition of "Dungeons and Dragons" hit shelves, video platforms Twitch and YouTube are leading a renaissance of the fantasy roleplaying board game -- and business is booming. "DnD has been around for 45 years and it is more popular now than it has ever been," said Greg Tito, senior communications manager, at Wizards of the Coast. In each of the last five years, sales of "Dungeons and Dragons" merchandise has grown by double digits. The company, owned by toymaker Hasbro, attributes this massive sales boom to the launch of the fifth edition of the game in 2014 and to "Critical Role," a weekly show on live streaming video platform Twitch that features voice actors from TV shows and video games playing "Dungeons and Dragons...." "When a new edition for a game like this releases, there is that flurry of activity, people get really excited about it and then, historically, that excitement has waned," he said. "The fifth edition has completely blown that model out of the water. With the release in 2014, it has grown and only continued to grow. Every kind of statistical model we've been able to to use from the history of 'Dungeons and Dragons' has been broken at this point. So, we are in uncharted territory...." "Critical Role" has become so popular that when it launched a Kickstarter last week to create an animated special based on the characters from the first campaign, it was funded within one hour. The team behind the web series had wanted $750,000 to fund the endeavor. With 33 days remaining in the crowdfunding campaign, "Critical Role" has raised more than $7.3 million from 53,000 backers. It is now the most-funded film/video project in Kickstarter history. Over the years Dungeons & Dragons -- and the people who played it -- have usually been played for laughs in TV sitcoms like Freaks and Geeks, several episodes of Community, and an episode of Big Bang Theory with William Shatner, Joe Manganiello, Kevin Smith, and Kareem Abdul-Jabbar.

Read more of this story at Slashdot.

01:23

The First Test Release Of Phoronix Test Suite 8.8 Plus Exciting New Benchmarks [Phoronix]

The first development milestone release of Phoronix Test Suite 8.8-Hvaler is now available for your open-source, automated benchmarking needs on Linux, BSD, Windows, and macOS operating systems...

00:38

The KVM Changes Aren't Too Notable For Linux 5.1, But Many x86 Cleanups [Phoronix]

Paolo Bonzini submitted the Kernel-based Virtual Machine (KVM) changes for the Linux 5.1 kernel on Friday, much later in the cycle than normal. This isn't due to some big ticket features landing but rather "some ugly factors" in the form of tracking down some bugs and ended up dropping some premature optimizations...

00:34

Are Online Activists Silencing Researchers of Chronic Fatigue Syndrome? [Slashdot]

Zorro (Slashdot reader #15,759), shares Reuters' report about Michael Sharpe, a medical researcher studying chronic fatigue syndrome, "a little-understood condition that can bring crushing tiredness and pain." Eight years after he published results of a clinical trial that found some patients with chronic fatigue syndrome can get a little better with the right talking and exercise therapies, the Oxford University professor is subjected to almost daily, often anonymous, intimidation... They object to his work, they said, because they think it suggests their illness is psychological. Sharpe, a professor of psychological medicine, says that isn't the case. He believes that chronic fatigue syndrome is a biological condition that can be perpetuated by social and psychological factors... Sharpe is one of around a dozen researchers in this field worldwide who are on the receiving end of a campaign to discredit their work. For many scientists, it's a new normal: From climate change to vaccines, activism and science are fighting it out online. Social media platforms are supercharging the battle. Reuters contacted a dozen professors, doctors and researchers with experience of analysing or testing potential treatments for chronic fatigue syndrome. All said they had been the target of online harassment because activists objected to their findings. Only two had definite plans to continue researching treatments. With as many as 17 million people worldwide suffering this disabling illness, scientific research into possible therapies should be growing, these experts said, not dwindling. What concerns them most, they said, is that patients could lose out if treatment research stalls. Sharpe says he's no longer researching treatments, because "It's just too toxic." And he tells Reuters that other researchers appear to be reaching the same conclusion. "Of more than 20 leading research groups who were publishing treatment studies in high-quality journals 10 years ago, Sharpe said, only one or two continue to do so."

Read more of this story at Slashdot.

Saturday, 16 March

22:03

KDE Plasma 5.16 Will Let You Reboot Into The UEFI Setup Screen [Phoronix]

Similar to Microsoft Windows, KDE Plasma 5.16 is picking up an option on the shutdown screen for letting users reboot into their UEFI setup screen where supported...

21:34

How Debian Almost Failed to Elect a Project Leader [Slashdot]

Five candidates now are running to be Debian's project leader for the coming year. But earlier this week, Slashdot reader Seven Spirals shared LWN's story about what a difficult election it's been: This year, the call for nominations was duly sent out by project secretary Kurt Roeckx on March 3. But, as of March 10, no eligible candidates had put their names forward... There is nobody there to do any campaigning. This being Debian, the constitution naturally describes what is to happen in this situation: the nomination period is extended for another week... Should this deadline also pass without candidates, it will be extended for another week; this loop will repeat indefinitely until somebody gives in and submits their name... In the absence of a project leader, the chair of the technical committee and the project secretary are empowered to make decisions -- as long as they are able to agree on what those decisions should be. Since Debian developers are famously an agreeable and non-argumentative bunch, there should be no problem with that aspect of things... One might well wonder, though, why there seems to be nobody who wants to take the helm of this project for a year. The fact that it is an unpaid position requiring a lot of time and travel might have something to do with it. If that were indeed to prove to be part of the problem, Debian might eventually have to consider doing what a number of similar organizations have done and create a paid position to do this work.

Read more of this story at Slashdot.

19:34

Google's Bad Data Wiped Another Neighborhood Off the Map [Slashdot]

Medium's technology publication ran a 3,600-word investigation into a mystery that began when a 66-year-old New York woman Googled directions to her neighborhood, "and found that the app had changed the name of her community..." It's just as well no one contacted Google, because Google wasn't the company that renamed the Fruit Belt to Medical Park. When residents investigated, they found the misnomer repeated on several major apps and websites including HERE, Bing, Uber, Zillow, Grubhub, TripAdvisor, and Redfin... Monica Stephens, a geographer at the University at Buffalo who studies digital maps and misinformation, immediately suspected the geographic clearinghouse Pitney Bowes. Founded in 1920 as a maker of postage meters -- the machines that stamp mail with proof it's been sent -- Pitney Bowes expanded into neighborhood data in 2016 when it bought the leading U.S. provider, Maponics. In its 15-year run, Maponics had supplied neighborhood data to companies from Airbnb to Twitter to the Houston Chronicle. And it had also just acquired a longtime competitor, Urban Mapping, which has previously supplied Facebook, Microsoft, MapQuest, Yahoo, and Apple. Though Pitney Bowes is far from a household name, the $3.4 billion data broker is "a huge company at this point," says Stephens, with enough influence to inadvertently rename a neighborhood across hundreds of sites... In the early 2000s, Urban Mapping offered new college grads $15 to $25 per hour to comb local blogs, home listings, city plans, and brochures for possible neighborhood names and locations. Maponics, meanwhile, used nascent technologies such as computer vision and natural language processing to pull neighborhoods from images and blocks of text, one former executive with the company said... I visited the Buffalo Central Library to find the source of the error... Sure enough, one of the librarians located a single planning office map that used the "Medical Park" label. It was a 1999 report on poverty and housing conditions -- long since relegated to a dusty shelf stacked with old binders and file folders... Somehow, likely in the early 2000s, this map made its way into what is now the Pitney Bowes data set -- and from there, was hoovered into Google Maps and out onto the wider internet. Buffalo published another map in 2017, with the Fruit Belt clearly marked, and broadcast on the city's open data portal. For whatever reason, Pitney Bowes and its customers never picked that map up. This is not the first time Google Maps has seemed to spontaneously rename a neighborhood. But for Fruit Belt the reporter's query eventually prompted corrections to the maps on Redfin, TripAdvisor, Zillow, Grubhub, and Google Maps. But the article argues that when it comes to how city names are represented online, "the process is too opaque to scrutinize in public. And that ambiguity foments a sense of powerlessness." Pitney Bowes doesn't even have a method for submitting corrections. Yet, "In an emailed statement, a spokesperson for Google defended its use of third-party neighborhood sources. 'Overall, this provides a comprehensive and up-to-date map,' the spokesperson said, 'but when we're made aware of errors, we work quickly to fix them.'"

Read more of this story at Slashdot.

18:01

Linux 5.1 Will Let You Treat PMEM Like 3DXPoint Optane NVDIMMs Back As System RAM [Phoronix]

With broader availability expected soon for Intel Optane NVDIMMs backed by 3DXPoint memory, which offers a new means of speedy persistent memory, patches have landed in Linux 5.1 to optionally treat this persistent memory just like system RAM...

17:34

19-Year-Old WinRAR Vulnerability Leads To Over 100 Malware Exploits [Slashdot]

"Last month it was discovered that WinRAR, software used to open .zip archive files, has been vulnerable for the last 19 years to a bug that's easily exploited by hackers and malware distributors," writes SlashGear. Slashdot reader Iwastheone quotes their report: Check Point, the security researchers that revealed the WinRAR bug, explain that the software is exploited by giving malicious files a RAR extension, so that when opened they can automatically extract malware programs. These programs are installed in a PC's startup folder, allowing them to start running anytime the computer is turned on, all without the user's knowledge. Once the bug was disclosed, however, hacker groups really began using it to their advantage, with various nations becoming the target of state-backed cyber-espionage campaigns attempting to collect intelligence. The latest comes from McAfee, the software security firm, which notes that it has identified over 100 unique exploits that use the WinRAR bug, most of them targeting the U.S. WinRar 5.70, released in late January, patches the behavior, but "it must be manually downloaded and installed from the website, leaving most users unaware of the critical update," the article warns. It also estimates that during the last 19 years WinRar has been downloaded over 500 million times.

Read more of this story at Slashdot.

16:34

Alexandria Ocasio-Cortez Says Labor Shouldn't Have To Fear Automation [Slashdot]

Munky101 tipped us off to some interesting comments from New York's activist congresswoman Alexandria Ocasio-Cortez. TechCrunch reports: It's impossible to discuss the seismic shift toward automation without a conversation about job loss. Opponents of these technologies criticize a displacement that could someday result in wide-scale unemployment among what is often considered "unskilled" roles. Advocates, meanwhile, tend to suggest that reports of that nature tend to be overstated. Workforces shift, as they have done for time immemorial. During a conversation at SXSW this week, New York congresswoman Alexandria Ocasio-Cortez offered another take entirely. "We should not be haunted by the specter of being automated out of work," she said in an answer reported by The Verge. "We should be excited by that. But the reason we're not excited by it is because we live in a society where if you don't have a job, you are left to die. And that is, at its core, our problem... We should be excited about automation, because what it could potentially mean is more time educating ourselves, more time creating art, more time investing in and investigating the sciences, more time focused on invention, more time going to space, more time enjoying the world that we live in," The Verge quoted Ocasio-Cortez as saying. "Because not all creativity needs to be bonded by wage." And Ocasio-Cortez cited Bill Gates' suggestion (first floated in a presentation on Quartz) that a robot tax might be a way to make that vision real. "What [Gates is] really talking about is taxing corporations," she reportedly said. "But it's easier to say: 'tax a robot.' " Science fiction writer William Gibson called her comments "shockingly intelligent" for a politician. Fast Company adds that robots "have put half a million people out of work in the United States, and researchers estimate that bots could take 800 million jobs by 2030" -- then quotes Ocasio-Cortez's assessment of the unfair state of labor today. "We should be working the least amount we've ever worked, if we were actually paid based on how much wealth we were producing, but we're not," she said. "We're paid by how little we're desperate enough to accept. And then the rest is skimmed off and given to a billionaire."

Read more of this story at Slashdot.

15:34

Was Venezuela's 5-Day Blackout Caused By Cyberattacks -- or Wildfires? [Slashdot]

What caused a devastating five-day blackout in Venezuela? Two engineers with expertise in geospatial technologies believe the answer lies in images from a NASA weather satellite showing thermal activity, which they superimposed onto Google Earth, the AP reports: Within hours of the attack, the government of embattled President Nicolas Maduro began accusing the U.S. of a cyberattack. Maduro has stuck to that narrative, saying hackers in the U.S. first shut down the Guri Dam and then delivered several "electromagnetic" blows. Engineers have questioned that assertion, contending that the Guri Dam's operating system is on a closed network with no internet connection. Several consulted by The Associated Press speculated that a more likely cause was a fire along one of the electrical grid's powerful 765-kilovolt lines that connect the dam to much of Venezuela. The transmission lines traverse through some of Venezuela's most remote and difficult to access regions on their way toward Caracas, making it difficult to obtain any first-hand information that could back up or pinpoint the location of a fire. Working with an expert at Texas Tech University's Geospatial Technologies Laboratory, Jose Aguilar, an expert on Venezuela's electrical grid, said satellite data indicates that on the day of the blackout there were three fires in close proximity to the 765-kilovolt lines transmitting power generated from the Guri Dam, which provides about 80 percent of Venezuela's electricity... Engineers have warned for years that Venezuela's state-run electricity corporation was failing to properly maintain power lines, letting brush that can catch fire during Venezuela's hot, dry months grow near and up the towering structures.

Read more of this story at Slashdot.

14:34

Chicago To Shutdown Composting Business Because Regulations Don't Cover Worms [Slashdot]

schwit1 shared an article from Reason's "Volokh Conspiracy" blog: Nature's Little Recyclers is a father-son business that does composting on empty residential lots, transforming organic waste into nutrient-rich soil. Last year, the business's worms processed 10 tons of banana peels and cups from the Chicago Marathon that would otherwise have gone to a landfill. But Chicago officials are going to shut the business down -- and not because the city doesn't think composting is a good thing (the city's sustainability website directs people to Nature's Little Recyclers). Rather, the city's business and zoning regulations weren't designed to accommodate small and innovative operations like Nature's Little Recyclers. "None of these operations met the criteria for garden composting or an on-site organic waste composting operation," said Anel Ruiz, spokesperson for the Department of Public Health, in a statement to Block Club Chicago, adding "Further, these sites are not properly zoned for commercial composting." But another perspective was shared by lawyer Amy Hermalik, associate director of the Institute for Justice Clinic on Entrepreneurship at the University of Chicago. "The city will unofficially imply there's wiggle room, saying it only enforces certain ordinances against 'bad operators,' but that leaves businesses subject to shifting political winds or personal whims, Hermalik said. 'They [the city] have an incredible amount of power to do as they please.'"

Read more of this story at Slashdot.

13:34

VR Company Co-Founder Spends an Entire Week in a VR Headset [Slashdot]

An anonymous reader quotes PC Gamer: Not too long into a 168-hour VR marathon session, Jak Wilmot admits the monotony got to him. Wilmot, who is the co-founder of Disrupt VR, also says this experiment is "quite possibly the dumbest thing" he's ever done. So, why do it? For science, of course. I can't imagine immersing myself in a virtual world for a full week, nonstop night and day. Wilmot did it, though, for the most part -- he allowed himself 30 seconds to switch VR headsets when needed, and 30 seconds without a headset on to eat, if required. Other than those small breaks, he spent every other moment in VR... There doesn't seem to be some big takeaway from this experiment (aside from, perhaps, don't drink coffee while playing VR), though one thing I also found interesting was his integration back into the real world when the experiment was over. "I have never appreciated the smell of outside air so much. One thing we cannot replicate is nature. We can do it visually and auditorally, but there is something about the energy of outside that is amazing," Wilmot observed. PC Gamer calls it "probably at least partially a publicity stunt. But it's still interesting to see how donning a VR headset for an extended period of time and essentially living in virtual worlds can mess with the mind." Wilmot wore VR gear while working -- and even while showering (with the VR gear protected by plastic), blacking out his windows so he couldn't tell day from night, calling it "a week in the future..." "I almost feel like I'm in my own 500-suare-foot spaceship," he says at one point, "and I'm really missing earth, and I'm missing nature." Early on he also reported some mild claustrophobia. You can watch the moment where after seven days he removes the headset and returns to conventional reality, joking "Oh my gosh, the graphics are so good." He reports a slight disorientation as his eyes catch up with real ilfe, and says it changed his perspective on people in the real world, seeing them as "individuals in one collection, one environment -- as avatars."

Read more of this story at Slashdot.

12:34

Las Vegas Approves The Boring Company's Underground Loop [Slashdot]

The Boring Company's tunnel project in Chicago is "in doubt" (according to the Chicago Tribune), while a project connecting Washington to Baltimore "is waylaid in the environmental-review process." But it looks like Las Vegas will officially get a tunnel from Elon Musk, CNET reports, "perhaps within this year." The billionaire's Boring Company on Tuesday got the approval from the 14-member board of the Las Vegas Convention and Visitors Authority (LVCVA) to build and operate an underground loop that would carry people in autonomous electric vehicles at the city's convention center. Musk has responded to the approval in a tweet, saying he'll make the tunnel "operational by end of year," even though the convention center's expansion won't be done until 2021, according to LVCVA's release... A LVCVA spokeswoman said in an email that the underground loop will be ready in 2021 if the contract with the Boring company is approved at LVCVA's board meeting on June 11. The Las Vegas Sun has more details, pointing out that travellers would be carried in electric vehicles moving through two parallel tunnels, one running in each direction. And that fleet of electric vehicles "could include Tesla's Model X and Model 3 and a vehicle with capacity for about 16 people â" all manufactured by Musk. All the vehicles would be fully autonomous, meaning they won't have backup drivers, and would move at speeds of up to 50 mph." The mayor of Las Vegas, also a member of the board, actually voted against the tunnel, calling the Boring Company "exploratory at this time" and warning that "we are considering handing over the reins of our most important industry."

Read more of this story at Slashdot.

11:34

Is Amazon's AWS Approaching 'War' for Control of Elasticsearch? [Slashdot]

Long-time Slashdot reader jasenj1 and Striek both shared news of a growing open source controversy. "Amazon Web Services on Monday announced that it's partnering with Netflix and Expedia to champion a new Open Distro for Elasticsearch due to concerns of proprietary code being mixed into the open source Elasticsearch project," reports Datanami. "Elastic, the company behind Elasticsearch, responded by accusing Amazon of copying code, inserting bugs into the community code, and engaging with the company under false pretenses..." In a blog post, Adrian Cockcroft, the vice president of cloud architecture strategy for AWS, says the new project is a "value added" distribution that's 100% open source, and that developers working on it will contribute any improvements or fixes back to the upstream Elasticsearch project. "The new advanced features of Open Distro for Elasticsearch are all Apache 2.0 licensed," Cockroft writes. "With the first release, our goal is to address many critical features missing from open source Elasticsearch, such as security, event monitoring and alerting, and SQL support...." Cockroft says there's no clear documentation in the Elasticsearch release notes over what's open source and what's proprietary. "Enterprise developers may inadvertently apply a fix or enhancement to the proprietary source code," he wrote. "This is hard to track and govern, could lead to breach of license, and could lead to immediate termination of rights (for both proprietary free and paid)." Elastic CEO Shay Banon responded Tuesday to AWS in a blog post, in which he leveled a variety of accusations at the cloud giant. "Our products were forked, redistributed and rebundled so many times I lost count," Banon wrote. "There was always a 'reason' [for the forks, redistributions, and rebundling], at times masked with fake altruism or benevolence. None of these have lasted. They were built to serve their own needs, drive confusion, and splinter the community." Elastic's commercial code may have provided an "inspiration" for others to follow, Banon wrote, but that inspiration didn't necessarily make for clean code. "It has been bluntly copied by various companies and even found its way back to certain distributions or forks, like the freshly minted Amazon one, sadly, painfully, with critical bugs," he wrote.

Read more of this story at Slashdot.

10:34

3-5 Degree Rise in Arctic Temperatures Called 'Inevitable' [Slashdot]

An anonymous reader quotes the Guardian: Sharp and potentially devastating temperature rises of 3C to 5C in the Arctic are now inevitable even if the world succeeds in cutting greenhouse gas emissions in line with the Paris agreement, research has found. Winter temperatures at the north pole are likely to rise by at least 3C above pre-industrial levels by mid-century, and there could be further rises to between 5C and 9C above the recent average for the region, according to the UN. Such changes would result in rapidly melting ice and permafrost, leading to sea level rises and potentially to even more destructive levels of warming. Scientists fear Arctic heating could trigger a climate "tipping point" as melting permafrost releases the powerful greenhouse gas methane into the atmosphere, which in turn could create a runaway warming effect. "What happens in the Arctic does not stay in the Arctic," said Joyce Msuya, the acting executive director of UN Environment... Even if all carbon emissions were to be halted immediately, the Arctic region would still warm by more than 5C by the century's end, compared with the baseline average from 1986 to 2005, according to the study from UN Environment. That is because so much carbon has already been poured into the atmosphere. The oceans also have become vast stores of heat, the effect of which is being gradually revealed by changes at the poles and on global weather systems, and will continue to be felt for decades to come. The findings were presented at the UN Environment assembly Wednesday, where a report written by 250 scientists and experts from over 70 countries also warned that "damage to the planet is so dire that people's health will be increasingly threatened unless urgent action is taken."

Read more of this story at Slashdot.

09:14

The Lima Gallium3D Driver Is Aiming To Be Merged In Mesa [Phoronix]

While there is the Panfrost Gallium3D driver that has been advancing rapidly within mainline Mesa for Arm's Mali newer Midgard/Bifrost architectures, the Lima driver might finally see the light of day in mainline Mesa for Mali's older 400/450 series graphics engine...

08:59

Knoppix 8.5 Live Linux Distro Released, Based On Linux 4.20, Adds Adriane Audio Desktop [Phoronix]

Knoppix, one of the first "live" Linux distributions that dates back to the year 2000 and still continues to see occasional updates, is out today with Knoppix version 8.5 in celebration of the latest Chemnitzer Linux Days event...

07:57

Saturday Morning Breakfast Cereal - Pucker Up [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
This might be the 8th meanest comic I've ever done.


Today's News:

05:34

AFS For Linux 5.1 Would Have Pleased Firefox/SQLite But Was Rejected As Untested Crap [Phoronix]

The Andrew File-System (AFS) continues to evolve as a distributed file-system. Over the past year and a half there's been a lot of activity to AFS in the mainline Linux kernel, including material slated for the in-development Linux 5.1 kernel but then Linus Torvalds ended up having to un-pull the changes...

Friday, 15 March

23:11

GTK4 Seeing Text Entry Improvements, Easier To Create Custom Entry Widgets [Phoronix]

Adding to the big list of changes to find with the yet-to-be-released GTK4 toolkit is some refactoring around the entry widgets to improve the text entry experience as well as making it easier to create custom entry widgets outside of GTK...

22:05

NetworkManager 1.16 Brings WireGuard Support, WiFi Direct/P2P [Phoronix]

NetworkManager 1.16 is now available as the newest feature release for this widely used Linux networking configuration component...

17:59

Q&A: Crypto-guru Bruce Schneier on teaching tech to lawmakers, plus privacy failures – and a call to techies to act [The Register]

'Politicians are reluctant to disrupt the enormous wealth creation machine technology has turned out to be'

RSA  Politicians are, by and large, clueless about technology, and it's going to be up to engineers and other techies to rectify that, even if it means turning down big pay packets for a while.…

16:53

Click here to see the New Zealand livestream mass-murder vid! This is the internet Facebook, YouTube, Twitter built! [The Register]

Because there's nothing that can be done and we have no moral compass

Comment  An Australian who murdered dozens in New Zealand on Friday livestreamed the deaths on Facebook, spinning a spotlight onto the abject failure of social media to control harmful content.…

15:43

Let's face it. We need to face up to facing off with face-recog tech, say US senators: Bipartisan AI privacy law proposed [The Register]

'We need guardrails to ensure this technology is implemented responsibly'

A pair of US Senators from across the aisle on Thursday introduced a bill to limit how facial recognition technology can be used.…

15:41

Scaleway's EPYC Powered Cloud Is Delivering Competitive Performance & Incredible Value [Phoronix]

Scaleway, the European cloud company we previously have talked about on Phoronix for their usage of Coreboot on servers, this week announced new "general purpose" VMs powered by AMD EPYC processors. Curious about the performance, I fired up some benchmarks.

14:57

What was that P word? Ah. Privacy. Yes, we'll think about privacy, says FCC mulling cellphone location data overhaul [The Register]

Commissioners still doing their best to ignore bounty hunter stalking scandal

Analysis  America's comms regulator has finally pinky-promised to at least consider people's privacy when it looks into how cellphone location data can be made more accurate.…

14:43

Wine 4.4 Adds More Media Foundation APIs, Tool To Manipulate MSI Databases [Phoronix]

Wine 4.4 is out this evening as the latest bi-weekly point release for allowing Windows programs and games to run on Linux and other platforms...

14:04

Welcome. You're now in a timeline in which US presidential hopeful Beto was a member of a legendary hacker crew [The Register]

From O'Dork to O'Rourke: Dem golden boy's past as BBS-dwelling l33t teen revealed

Newly minted US presidential hopeful Beto O'Rourke says he was a member of Cult of the Dead Cow, one of the most legendary hacking groups in cyber-history.…

12:53

SUSE Marks Its New Independence Under EQT Ownership [Phoronix]

It was in July of last year that Swedish private equity firm EQT Partners acquired SUSE from Micro Focus. That deal is now closed and SUSE is marking its independence today while proclaiming to be the largest independent open-source company...

12:50

Juniper grabs controller, inserts code, gets ready to play some SONiC Mania on its switch [The Register]

Welcome to El Reg: Come for the video game references, stay for the open-source networking news

US networking specialist Juniper is setting up its switches to support SONiC (Software for Open Networking in the Cloud) – an open-source toolkit developed by Microsoft to run the plumbing of its Azure cloud platform.…

11:17

Chip flinger Broadcom says its software unit's doing great. Wait, what? [The Register]

CA performing 'extremely well' under new management, says new management. As for wireless semiconductors...

CA Technologies made an indelible mark on new parent Broadcom's latest set of quarterly financials – well, it did cost $19bn to buy – as software and not semiconductors accounted for all of the growth.…

10:36

Blighty's most trusted brand? Yeah, you wish, judge tells Post Office in Horizon IT system ruling [The Register]

Ways not to win in court, no.94: 'threatening dire consequences to national business' if you lose

A High Court judge has blasted the Post Office in a long-running case over whether its Horizon IT system was to blame for alleged fraud by subpostmasters.…

10:24

What do WLinux and Benedict Cumberbatch have in common? They're both fond of Pengwin [The Register]

Distro designed for Windows Subsystem for Linux gains a snappier moniker as 1.2 looms

The team at Whitewater Foundry have waved the rebranding wand at WLinux. Behold – Pengwin.…

10:12

GameMode 1.3 Released For Optimizing Your Linux Gaming Experience [Phoronix]

Feral Interactive has released GameMode 1.3 as the newest feature release to this open-source Linux system daemon to dynamically optimize the CPU/GPU/system state when launching Linux games and to return the system to its normal state when you are done gaming...

09:13

Cloud atlas: Oh dear. Now Adobe has mapped out a slowdown [The Register]

Pricey software suite with no real rivals thinks growth will slow

Adobe, maker of pricey software for artsy types, is still growing like a weed but last night joined a list of tech titans to forecast a slowdown.…

08:22

WD spins off 300+ jobs in the US [The Register]

Revenue and profitability pain gets cost-saving beancounters to cut jobs

Western Digital will cut loose more than 300 people as part of its $800m/year cost-saving initiative starting in May.…

07:45

Mayors having a right 'mare in Florida: Acting mayor arrested weeks after boss also arrested [The Register]

Plus: Another mayor defecates on floor at swearing-in ceremony, leaves

Democracy, eh? It's all fun and games until your elected mayor allegedly opens fire on the SWAT team come to arrest him, which is precisely what cops accused him of doing in the Floridian city of Port Richey last month. And now the acting mayor has been cuffed too.…

07:13

Purism Planning For Three Hardware Kill Switches With The Librem 5 [Phoronix]

Purism has today shared some details on their planned hardware kill switches for the upcoming Librem 5 Linux smartphone...

07:13

Public spending watchdog snipes at UK.gov's £1.3bn infosec plan – but broadly nods it through [The Register]

Less hiding behind 'national security' to hush up failures, please

Britain's Cabinet Office (CO) hasn’t quite bungled the National Cyber Security Programme (NCSP) but it could certainly be doing things a lot better, the National Audit Office said today.…

06:38

Microsoft unzips Zipline, lets world+dog have a go with cloudy storage compression tech [The Register]

Zipline, George and Bungle: It's a Rainbow* of open-sourcing at Redmond

Microsoft used the Open Compute Project (OCP) Global Summit to announce the open-sourcing of the company's cloudy compression technology, Project Zipline.…

05:41

'Naut trio successfully dock at ISS after Soyuz rocket goes all the way [The Register]

Hague, Ovchinin, Koch arrived at their new home this morning

It was second time lucky for NASA astronaut Nick Hague as he and fellow crew members Aleksey Ovchinin and Christina Koch arrived at the International Space Station (ISS) this morning.…

05:07

So you need an IT security center. Fret not: Let an automated solution take the strain [The Register]

Comarch offers all-in-one infrastructure monitoring

Promo  Today's businesses are so heavily dependent on their IT infrastructure that the slightest disruption in service can incur damaging losses.…

05:03

Just look at Q! Watch out Microsoft, the next Android has a proper desktop PC mode [The Register]

Foldable support too

Google has released the first official cut of 2019's Android to developers, including a secret "desktop mode" for external displays, and support for pholdables*. Q is the 10th major platform release of the software that dominates the smartphone market (Android has a market share north of 85 per cent**).…

04:40

AMDVLK 2019.Q1.8 Enables Six More Vulkan Extensions, Fixes Bugs [Phoronix]

The AMD driver developers maintaining the AMDVLK open-source Vulkan Linux driver did a "Pi day" driver update that is quite exciting as it enables six new extensions, with the most notable being that transform feedback appears to be officially advertised...

04:18

Wayland 1.17 & Weston 6.0 Gear Up To Release Next Week [Phoronix]

If all goes well, the first stable updates to Wayland and the Weston compositor for 2019 will be released in just a few days...

04:11

It's alive! Big Switch stitches together an open-source Network Operating System [The Register]

Victor Frankenstein would be impressed

Networking software specialist Big Switch has launched a Network Operating System (NOS), cobbled together from freely available open source components.…

03:35

Brit prisoners to be kept on the straight and narrow with JavaScript and CSS [The Register]

That's the sound of the men, working on the blockchain gang

The UK's Department of Fun has gone public with plans to get prisoners skilled up for a world of code upon release rather than a life of, er, crime.…

03:03

How many Reg columnists does it take to turn off a lightbulb? [The Register]

'New technology baffles pissed old hack' (© Private Eye)

Something for the Weekend, Sir?  I became old this week.…

02:29

Yum vs. DNF Is Still Causing Headaches For Fedora Logistics [Phoronix]

While the DNF package manager as the "next-generation Yum" has been in development for over a half-decade and has been the default over traditional Yum for a number of Fedora releases, it's still causing headaches for some and a subset of users still desiring that DNF be renamed to Yum...

01:56

All good, leave it with you...? Chap is roped into tech support role for clueless customer [The Register]

'He was definitely invoiced'

On Call  Have you got that Friday feeling? Well if not, there's only one way to get it: reading this week's instalment of On Call, where readers share tech support triumphs and frustrations.…

01:02

Bombs Huawei... Smartphone exploded in my daughter's pocket, seriously burning her, claims dad in lawsuit [The Register]

Yet another legal brouhaha for Chinese giant, this time nothing to do with equipment bans

Huawei Technologies USA, the Plano, Texas-based arm of the Chinese telecom giant, was sued in Missouri on Thursday over an alleged phone explosion.…

00:04

Yes! Pack your bags! Blossoming planetary system strikingly similar to ours found by boffins [The Register]

It may have an asteroid belt, worlds similar to Earth and Neptune – and only 470 light years away

If, like us, you're dying to get off this ridiculous little rock, here's some hope* to cling onto.…

00:03

A Big Patch Could Yield Big Performance Benefits For GPU Offloading With LLVM [Phoronix]

LLVM has a new patch for at least some benchmarks can yield big performance benefits for GPU offloading...

Thursday, 14 March

23:02

Forget that rare-earth element crunch – we can now just extract them from industrial waste [The Register]

It's a match made in heaven for erm, glucunobacter and phosphogypsum

Bacteria could help scientists mine rare-earth elements, a critical component in modern electronic devices, from the chemical waste produced from the process of manufacturing fertilizers.…

22:09

ZRAM Will See Greater Performance On Linux 5.1 - It Changed Its Default Compressor [Phoronix]

For those relying upon ZRAM to provide a compressed block device in RAM for cases like using it for SWAP or /tmp, with Linux 5.1 you might find it performing better than earlier kernels...

20:34

GNOME 3.32 released & coming to Fedora 30 [Fedora Magazine]

Today, the GNOME project announced the release of GNOME 3.32.

The release of the GNOME desktop is the default desktop environment in the upcoming release of Fedora 30 Workstation. GNOME 3.32 includes a wide range of enhancements, including: new default application icons, a new emoji chooser in the on screen keyboard, and improved per-app permissions control.

GNOME 3.32

New Icons

GNOME 3.32 features a range of UI tweaks and improvements. Notably, the entire default icon library has been updated and refreshed, featuring more vibrant colours.

Some of the new icons in GNOME 3.32

Additionally, the colours of the desktop are tweaked to the brighter colour palette to match the new icons.

App Menus deprecated

In GNOME 3. the App Menu is the dropdown that appeared in the top left of the panel next to the Activities hotspot. As of GNOME 3.32, this UI feature is deprecated, and all core GNOME default applications now no longer have App Menus.

Fractional Scaling

Previously, the GNOME UI could only scale in increments of 1. With the wide range of different DPI screens available this may cause a strange middle ground on some displays, where the UI is either too small or too large when scaled. GNOME 3.32 provides experimental support for scaling the UI by more granular amounts.

Better emoji input

GNOME 3.32 features an updated on-screen keyboard implementation. Most notably, this includes the ability to easily “type” emoji with the on-screen keyboard

Emoji on-screen keyboard in GNOME 3.32

Improved App permissions control

The new “Application Permissions” in the main settings dialog allows users to view and change permissions for applications.

Read more about this release

There are many more changes and enhancements in this major version of GNOME. Check out the release announcement and the release notes from the GNOME Project for more information.


Screenshots in this post are from the GNOME 3.32 release notes

17:59

We'll help you get your next fix... maybe, we'll think about it, says FTC: 'Right to repair' mulled [The Register]

Federal Trade Commission will turn Fault-finder, Tinker, Customize this summer

America's trade watchdog says it will soon mull over and potentially propose rules to protect folks' right to repair their phones, tablets, and PCs, among other things, without voiding warranties or breaking the things.…

17:41

F2FS Continues Getting More Fixes As It Rolls Out To More Devices [Phoronix]

The Flash-Friendly File-System (F2FS) continues being supported by more Android-powered mobile devices and with this uptick in user activity is resulting in more fixes and low-level improvements to the file-system...

17:19

Following 'stellar' flat sales growth, operating profit dip, Oracle says it has 1,000 Autonomous Database customers [The Register]

Ellison insists Oracle Cloud is less expensive, more secure than AWS – which is why, er, so many people are flocking to it

Oracle on Thursday reported revenues of $9.6bn for fiscal Q3 2019 – which is about what analysts anticipated and prompted the stock to bounce up and down indecisively in after-hours trading.…

15:26

Can't do it the US way? Then we'll do it Huawei – and roll our own mobile operating system [The Register]

Just a plan B, claims Chinese giant, in case we get cut off from Android, Windows

Huawei is building its own proprietary operating system platform in case the United States tries to isolate the manufacturer by cutting off access to Windows, Android, and other American-built software ecosystems.…

13:59

Samsung slings the skinny on its 12GB GötterDRAMmerung for next-gen smartmobes [The Register]

Get ready for handhelds with notebook-beating RAM chips

Samsung has unveiled a 12GB cellphone DRAM module it hopes will be part of next-generation smartphones.…

13:49

DXVK 1.0.1 Released With Various Game Fixes For Direct3D On Vulkan [Phoronix]

DXVK lead developer Philip Rebohle has released version 1.0.1 of this popular project that enhances Wine-based Linux gaming by allowing Direct3D 10/11 to be re-routed atop Vulkan drivers...

13:33

Facebook blames 'server config change' for 14-hour outage. Someone run that through the universal liar translator [The Register]

Is a single tweet enough when millions of people's communications are affected?

Facebook has said a "server configuration change" was to blame for an 14-hour outage of its services, which took down the Facebook social media service, its Messenger and WhatsApp apps, Instagram, and Oculus.…

12:40

Cloudera shakes off Hortonworks fixation, realises AWS was the big baddie all along [The Register]

Plans to squeeze out enterprise data cloud in next two quarters

Cloudera and former open-source database rival Hortonworks may have merged in a defensive manoeuvre but CEO Tom Reilly seems to have spied a bigger existential threat – AWS.…

12:02

Don't be a WordPress RCE-hole and patch up this XSS vuln, pronto [The Register]

Not on 5.1.1? You should be

A newly revealed vuln in the open-source CMS WordPress allows an unauthenticated website attacker to remotely execute code – potentially letting naughty folk delete or edit blog posts.…

11:15

Brit rocket wranglers get Reaction they wanted after rattling SABRE [The Register]

Euro space agencies approve air-breathing engine testing

Britain's Reaction Engines has been given the greenlight to press ahead with an ambitious testing programme for its SABRE air-breathing rocket engine.…

10:30

Overhyped 5G is being 'rushed', Britain's top comms boffin reckons [The Register]

The technology's not ready – but they won't wait

If anyone knows the state of play in 5G, it's Regius Professor Rahim Tafazolli, director and founder at the Institute of Communication Systems and 5G Innovation Centre at the University of Surrey, and the government's go-to man for mobile technology. But he warned today that the industry was being too hasty in proclaiming the revolution.…

10:00

The 2019 Laptop Performance Cost To Linux Full-Disk Encryption [Phoronix]

I certainly recommend that everyone uses full-disk encryption for their production systems, especially for laptops you may be bringing with you. In over a decade of using Linux full-disk encryption on my main systems, the overhead cost to doing so has fortunately improved with time thanks to new CPU instruction set extensions, optimizations within the Linux kernel, and faster SSD storage making the performance penalty even less noticeable. As it's been a while since my last look at the Linux storage encryption overhead, here are some fresh results using a Dell XPS laptop running Ubuntu with/without LUKS full-disk encryption.

09:45

Keeping a low profile, NVMe: Toshiba sticks out XD5 2.5-inch gumstick [The Register]

Pint-sized drive in quart bottle

Toshiba has pushed out its 2.5-inch XD5, a physically smaller gumstick format with a waspy 7mm thickness slotted into a larger case so that it can slip into standard drive bays.…

09:12

Capita: B is for Brexit, C is for cutting costs. Stock exchange: Yay! You guys are awesome [The Register]

What do you think A is for, staffers? Oh yeah, no one asked you...

Capita today did what Capita does best: confirmed yet another round of "cost competitiveness initiatives" to chop out even more people, cut real estate, and squeeze suppliers. Predictably, the stock exchange loved them for it.…

09:01

Reg webcast: The Internet of Things can only get better [The Register]

Make smarter decisions about IoT

Promo  More and more organisations are realising it can make sense to process data and make decisions using smart devices at the edge rather than in the cloud.…

08:46

Saturday Morning Breakfast Cereal - Dogs [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
I am prepared to be the first investor in a form of social media where you're only allowed to make dog noises at each other.


Today's News:

08:36

Protip: If you'd rather cyber-scoundrels didn't know the contents of your comp, don't apply for a Pakistani passport [The Register]

Compromised government website slurps buttload of data about applicants

A Pakistani government website was compromised with a keylogger and other malware that hoovered up a whole host of information about people checking on their passport application status.…

08:00

Hackers cop a FILA thousands of UK card deets after slinking onto clothing brand's servers [The Register]

Pesky JavaScript harvester strikes again

Updated  Sportswear brand FILA is the latest outfit to fall victim to card-stealing JavaScript of the kind that menaced British Airways and Ticketmaster last year.…

07:30

NVIDIA GeForce GTX 1660 Launches - Linux Benchmarks Coming [Phoronix]

NVIDIA has introduced its latest RTX-less, lower-tier Turing GPU... The GeForce GTX 1660 is now available starting at $219 USD...

07:02

That's Numberwang! Google Cloud staffer breaks record for most accurate Pi calculation [The Register]

Four months to arrive at 31,415,926,535,897 digits

Emma Haruka Iwao, a developer advocate at Google Cloud, has celebrated Pi Day (3/14) by setting a new Guinness World Record for calculations of the beautiful mathematical constant, reaching a number with more than 31.4 trillion (ha!) digits.…

06:32

Latest Fast Ring build grazes big red button, unintentionally ejects some Windows Insiders [The Register]

Meanwhile, Skip-Ahead testers glimpse Notepad of the future

Some excited Windows Insiders, breathlessly awaiting the first 19H2 build of the operating system, instead found themselves booted off the programme after installing the latest Fast Ring emission.…

06:00

Radeon/AMDGPU X.Org Drivers Add TILE Property Support For Tiled Monitors [Phoronix]

It's coming a bit late considering the X.Org Server bits were added back in 2015 along with the xf86-video-modesetting support, but within xf86-video-amdgpu Git and pending for xf86-video-ati is support for the TILE property in dealing with tiled displays...

05:19

NASA admin: What if we switched one delayed SLS for two commercial launchers? [The Register]

Bridenstine reckons the agency should try sticking to its dates

Fresh from a budget that has deferred the future of NASA's mega-rocket, the Space Launch System (SLS), the agency's own administrator has hinted that the present is looking iffy as well.…

05:04

Libinput 1.13 Is Coming But High-Resolution Scrolling & Dell Totem Support Delayed [Phoronix]

Libinput is fairly mature at this stage for offering a unified input handling library for use on both X.Org and Wayland Linux desktops. Libinput has largely reached a feature plateau with new releases no longer coming out so often and no glaring gaps in support. With it already being a half-year since the last major release, libinput 1.13 is now being buttoned up for release and available today is the first release candidate...

04:41

AMDGPU For Linux 5.1 Tweaks The Golden Settings For Vega, Corrects Fiji Power Reading [Phoronix]

Since last week the big set of DRM driver changes has been part of the mainline kernel for Linux 5.1 while working its way to mainline now are a couple of early fixes to the AMDGPU driver...

04:19

L2TP Tunnel Support Added To Systemd [Phoronix]

The newest feature addition for systemd is supporting L2TP, the Layer 2 Tunneling Protocol, as part of its networking code...

03:56

Year 1 of GDPR: Over 200,000 cases reported, firms fined €56 meeelli... Oh, that's mostly Google [The Register]

2019 just a transition year, says French watchdog

European data protection agencies have issued fines totalling €56m for GDPR breaches since it was enforced last May, from more than 200,000 reported cases – but watchdogs have said they're just warming up.…

03:18

If you're worried that quantum computers will crack your crypto, don't be – at least, not for a decade or so. Here's why [The Register]

Quantum solace: Encryption to die another day

Special report  Quantum computing has been portrayed as a threat to current encryption schemes, but the ability of finicky vaporware to overthrow the current security regime looks like it's massively overstated.…

02:01

Science says death metal fans delightful and intelligent people, great at dinner parties [The Register]

Music's violent subject matter has little effect on the listener

In a shocking turn of events, boffins have used the power of science to determine that, generally speaking, death metal fans don't actually want to rip off your head and shit down your neck.…

01:29

Never thought we'd ever utter these words, but... can anyone recommend a spin doctor for NASA? [The Register]

Boffins baffled by Bennu: We're due to visit asteroid but it's whirling faster and faster

Bennu, the asteroid targeted by NASA for its OSIRIS-Rex mission, is spinning at increasing rate and scientists aren’t quite sure why.…

00:58

What do sexy selfies, search warrants, tax files have in common? They've all been found on resold USB sticks [The Register]

You do know just dragging stuff to the delete folder doesn't wipe stuff, right? Apparently not

About two-thirds of USB memory sticks bought secondhand in the US and UK have recoverable and sometimes sensitive data, and in one-fifth of the devices studied, the past owner could be identified.…

00:07

Let's see. Translation, facial recognition, running people over... What else can AI do? Ah yes, predict planet mass [The Register]

It's quicker and easier than solving maths equations at least

Boffins bored of time-consuming mathematics are turning to machine-learning code to predict the mass of exoplanets that aren't yet fully formed.…

Wednesday, 13 March

22:18

Intel Sends Out Initial Linux Graphics Driver Support For "Elkhart Lake" [Phoronix]

It's busy as ever for the open-source Intel Linux graphics driver developers bringing up support for upcoming hardware like the recently published driver patches for Comet Lake, continuing to tweak the maturing Icelake "Gen 11" graphics, and also plotting the necessary re-engineering of the driver needed to bring-up Intel's in-development "Xe" discrete graphics. And Intel developers this evening sent out their initial enablement work for Elkhart Lake...

19:58

The HeirPod? Samsung Galaxy Buds teardown finds tiny wireless cans 'surprisingly repairable' [The Register]

It is easy to make itsy-bitsy tech without spaffing glue all over the place

Having previously flung scorn at the Apple AirPods, the iFixit team has turned its spudgers on Samsung's wireless earpieces.…

18:51

Thought you were done patching this week? Not if you're using an Intel-powered PC or server [The Register]

Here comes Chipzilla with a big bunch of security fixes for graphics drivers, server and workstation firmware, and more

Hot on the heels of this month's security updates from Microsoft, Adobe, and SAP, Intel has kicked out a batch of its own bug patches.…

16:20

Don't be too shocked, but it looks as though these politicians have actually got their act together on IoT security [The Register]

Actual bipartisan legislation in the US, with industry backing, reemerges

Analysis  In an all-too-rare sign of Congress doing its job, on Wednesday US lawmakers introduced a new law bill aimed at improving the security of the internet-of-things.…

09:05

Saturday Morning Breakfast Cereal - Heartbreak [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
The real asshole is the Renewed Hope Fairy. They do a good-cop bad-cop routine together.


Today's News:

03:00

Libravatar has a new home [Fedora Magazine]

Libravatar is a free and open source service that anyone can use to host and share an avatar (profile picture) to other websites. Read on for some news about the service and its relevance to the Fedora Project.

As defined in the project’s blog, The Libravatar project is part of a movement working to give control back to people, away from centralized services and the organizations running them. It addresses a simple problem: putting a face on an email address.

The project originated from the will to have a free, as in freedom, service alternative to Gravatar, giving the users the possibility to use a hosted service or to run their own instance of the service and have full control of their data.

In April 2018 the Libravatar project announced that the service will be shutting down. The service is/was being used by many communities like Fedora, Mozilla and the Linux Kernel to name a few. The announcement triggered a big response from the community, of people interested and willing to help to keep it running.

After some coordination, and a complete rewrite of the application the launch of the new service was announced Tuesday 19th February 2019. The Fedora Project is proud to sponsor Libravatar by providing the infrastructure needed to run the service.

Tuesday, 12 March

08:03

Saturday Morning Breakfast Cereal - Computer [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Sadly, that burrito was filled with inhabited universes before God microwaved it.


Today's News:

Half of BAHFest MIT tickets are gone! Buy soon, geekwads!

Monday, 11 March

09:26

Saturday Morning Breakfast Cereal - Sexy [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Just kidding. It's really the socks and sandals combo.


Today's News:

02:00

Discuss everything Fedora [Fedora Magazine]

Are you interested in how Fedora is being developed? Do you want to get involved, or see what goes into making a release? You want to check out Fedora Discussion. It is a relatively new place where members of the Fedora Community meet to discuss, ask questions, and interact. Keep reading for more information.

Note that the Fedora Discussion system is mainly aimed at contributors. If you have questions on using Fedora, check out Ask Fedora (which is being migrated in the future).

Fedora Discussion is a forum and discussion site that uses the Discourse open source discussion platform.

There are already several categories useful for Fedora users, including Desktop (covering Fedora Workstation, Fedora Silverblue, KDE, XFCE, and more) and the Server, Cloud, and IoT category . Additionally, some of the Fedora Special Interest Groups (SIGs) have discussions as well. Finally, the Fedora Friends category helps you connect with other Fedora users and Community members by providing discussions about upcoming meetups and hackfests.

Sunday, 10 March

08:05

Saturday Morning Breakfast Cereal - Accurate [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
The key to comedy is putting as many words as possible in the final panel.


Today's News:

01:00

Contribute at the Kernel and Fedora IoT Edition Test Days [Fedora Magazine]

Fedora test days are events where anyone can help make sure changes in Fedora work well in an upcoming release. Fedora community members often participate, and the public is welcome at these events. If you’ve never contributed to Fedora before, this is a perfect way to get started.

There are two upcoming test days this week. The first, on Tuesday March 12, is to test the Kernel 5.0. Wednesday March 13, the test day is focusing on Fedora IoT Edition. Come and test with us to make the upcoming Fedora 30 even better.

Kernel test day

The kernel team is working on final integration for kernel 5.0. This version was just recently released and will arrive soon in Fedora. This version will also be the shipping kernel for Fedora 30. As a
result, the Fedora kernel and QA teams have organized a test day for
Tuesday, March 12. Refer to the wiki page for links to the test images you’ll need to participate.

Fedora IoT Edition test day

Fedora Internet of Things is a variant of Fedora focused on IoT ecosystems. Whether you’re working on a home assistant, industrial gateways, or data storage and analytics, Fedora IoT provides a trusted open source platform to build on. Fedora IoT produces a monthly rolling release to help you keep your ecosystem up-to-date. The IoT and QA teams will have this test day for on Wednesday, March 13. Refer to the wiki page for links and resources to test the IoT Edition.

How do test days work?

A test day is an event where anyone can help make sure changes in Fedora work well in an upcoming release. Fedora community members often participate, and the public is welcome at these events. If you’ve never contributed before, this is a perfect way to get started.

To contribute, you only need to be able to download test materials (which include some large files) and then read and follow directions step by step.

Detailed information about both test days are on the wiki pages above. If you’re available on or around the days of the events, please do some testing and report your results.

Saturday, 09 March

08:37

Saturday Morning Breakfast Cereal - Salad [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Just kidding. Negative mass is real but Big Physics doesn't want to harm the oil lobby. It's all in my 87 part youtube series about...


Today's News:

Still a month out, and 45% of BAHFest East tickets are already sold! Buy soon or dwell in sorrow.

Friday, 08 March

07:26

Saturday Morning Breakfast Cereal - Anger [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
'I'll show this guy! Wait till I share a link to his latest article with all my friends! He'll be so mad!'


Today's News:

Geeks! Matt Parker, the funniest person in nerd comedy, has a novel out. Please give it a peek!

06:30

Start a Fedora 29 installation from the GRUB menu [Fedora Magazine]

Many VPS (or cloud) providers offer a Fedora image; if yours doesn’t, ask them to consider doing so. Fedora 29 cloud images are available here https://alt.fedoraproject.org/cloud/. However, in that case this article gives you an alternative to try.

In some cases the provider will allow you to load a custom image (raw or QCOW format). They may even let you mount an ISO and perform an installation from scratch. Another use case for booting into an installation from the GRUB menu is a remote server without physical access (or via some out of band remote management console). In this case you cannot insert an USB key or an installation DVD to boot. What if you want to use your preferred distribution in any case, and not be forced to use what is provided?

The solution

One possible way to solve this is to start the Fedora installer using GRUB2. As a prerequisite to the following steps, you’ll need a VM (or baremetal machine) running CentOS 7, with a working network and internet connection.

Be aware that the following instructions come with caveats such as noted. It depends on:

  • The kind of virtualization used by the provider (KVM or VMWare should be fine), and
  • Whether they allow to start the installed system from the disk volume, or if they use some alternative method to load a different kernel that is not the one shipped by the distribution.

Also, whenever you are modifying the GRUB menu with grub2-mkconfig there is the potential to end up booting into the GRUB shell if the menuentry ends up with an error.

Downloading vmlinuz and initrd

To get the initrd.img and the vmlinuz files issue the following commands one after the other.

curl -L -o /boot/initrd-fedora.img https://download.fedoraproject.org/pub/fedora/linux/releases/29/Server/x86_64/os/isolinux/initrd.img 

curl -L -o /boot/vmlinuz-fedora https://download.fedoraproject.org/pub/fedora/linux/releases/29/Server/x86_64/os/isolinux/vmlinuz

Take some notes

Take note of the current IP address, the MAC address, and the default gateway.

ip a 
ip route

And take note of the UUID of the boot partition using the command

blkid 

In some cases /boot could be a directory inside the root partition, so you need its UUID.

Add a new menu entry to GRUB

Edit this file /etc/grub.d/40_custom and add this entry (similar to other entries you can find in /etc/grub2.cfg):

menuentry 'FedoraNetInstall' {     
load_video
set gfxpayload=keep #Keep gfxmode
insmod gzio #Load the gzio module
insmod part_msdos #Load the MS DOS partition module
insmod ext2 #Load the ext2 partition module
set root='hd0,msdos1' #Set Grub root
if [ x$feature_platform_search_hint = xy ];
then
search --no-floppy --fs-uuid --set=root --hint='hd0,msdos1' <UUID>
else
search --no-floppy --fs-uuid --set=root <UUID>
fi
linux16 /vmlinuz-fedora ip=<IP>::<Gateway>:<Netmask>:eth0:none nameserver=<DNS> ifname=eth0:<MAC address> inst.repo=https://download.fedoraproject.org/pub/fedora/linux/releases/29/Server/x86_64/os inst.lang=en_US inst.keymap=en
initrd16 /initrd-fedora.img
}

Change the values (UUID, IP, gateway and so on) accordingly to reflect your configuration. If you are using DHCP for networking, you don’t need to enter any networking information. If /boot is not a separate partition, you will have to prepend /boot to /vmlinuz-fedora, and also to /initrd-fedora.img in the menuentry.

Generate the new GRUB configuration file

Before generating your grub.cfg file with grub2-mkconfig it is strongly recommended to copy the original grub.cfg file to another name, such as grub.cfg.bak. Also in the /etc/grub.d directory any files not being used to generate the menuentry should be made non-executable with chmod a-x <filename>. CentOS 7 uses 00_header, 00_tuned, 01_users, and 10_linux when generating grub.cfg. Those files and 40_custom need to remain executable for grub2-mkconfig to work as expected.

To make a new grub.cfg file in /boot/grub2 issue the following command as root or preferably with sudo:https://fedoramagazine.org/howto-use-sudo/

grub2-mkconfig -o /boot/grub2/grub.cfg

Then set up the default menu entry that will be selected upon reboot.

grub2-reboot FedoraNetInstall

Reboot into your new GRUB menu

After reboot, you should see the typical web console that cloud providers usually offer in their management dashboard. If the boot is successful, you should find yourself following a regular Fedora installation.

By adding inst.text here:

linux16 /vmlinuz-fedora inst.text ip=<IP>::<Gateway>:<Netmask>:eth0:none [...] 

You could perform the installation in text mode instead of graphical mode.

If GRUB2 is not installed

If the machine is running grub legacy, edit /etc/grub.conf and add these lines:

title Fedora Inst
root (hd0,0)
kernel /boot/vmlinuz-fedora
ip=<IP>::<Gateway>:<Netmask>::eth0:none nameserver=<DNS> ifname=eth0:<MAC address>
inst.repo=https://download.fedoraproject.org/pub/fedora/linux/releases/29/Server/x86_64/os inst.lang=en_US inst.keymap=en
initrd /boot/initrd-fedora.img

Then issue the following command, where vdX is the VM primary disk.

grub-install /dev/vdX

If you get an error stating No suitable drive was found in the generated device map, try to install GRUB manually. Issue the grub command, then run these commands:

grub> find /boot/grub/stage1 find /boot/grub/stage1  (hd0,0) 
grub> root (hd0,0)
root (hd0,0)
Filesystem type is ext2fs, partition type 0x83
grub> setup (hd0)
setup (hd0)
Checking if "/boot/grub/stage1" exists... yes
Checking if "/boot/grub/stage2" exists... yes
Checking if "/boot/grub/e2fs_stage1_5" exists... yes
Running "embed /boot/grub/e2fs_stage1_5 (hd0)"... 27 sectors are embedded. succeeded
Running "install /boot/grub/stage1 (hd0) (hd0)1+27 p (hd0,0)/boot/grub/stage2 /boot/grub/grub.conf"... succeeded
Done.
grub> quit

Final notes and troubleshooting

This installation method works best with the VM (or baremetal machine) equipped with at least 2GB of RAM. The CentOS installation should be a default install to begin with, and is expected to use the ext2 filesystem as per the examples.

Pay special attention when partitioning the disk, leave the partition table as is, and format the existing partitions.

For more information on grub2 and how to use the tools provided to better customize your GRUB boot experience, check out this Fedora documentation on the GRUB boot loader.

If you do find yourself in the GRUB shell, you can boot from the backup you made earlier (grub.cfg.bak), by doing something like the following:

grub> ls (hd0), (hd0,msdos1), (hd0,gpt2) 
grub> ls (hd0,msdos1)/ efi/ grub2/ initramfs.img vmlinuz
grub> ls (hd0,msdos1)/grub2 device.map grub.cfg grub.cfg.bak
grub> configfile (hd0,msdos1)/grub2/grub.cfg.bak
grub> boot

Thursday, 07 March

07:35

Saturday Morning Breakfast Cereal - Real Life [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Real life is where you figure out that none of the stuff you wanted at age 16 will make you happy.


Today's News:

Wednesday, 06 March

08:25

Saturday Morning Breakfast Cereal - Frog Prince [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Fortunately, most of my children will be eaten by salmon come spring.


Today's News:

03:54

Get cooking with GNOME Recipes on Fedora [Fedora Magazine]

Do you love to cook? Looking for a better way to manage your recipes using Fedora? GNOME Recipes is an awesome application available to install in Fedora to store and organize your recipe collection.

GNOME Recipes is an recipe management tool from the GNOME project. It has the visual style of a modern GNOME style application, and feels similar to GNOME Software, but for food.

Installing GNOME Recipes

Recipes is available to install from the 3rd party Flathub repositories. If you have never installed an application from Flathub before, set it up using the following guide:

Install Flathub apps on Fedora

After correctly setting up Flathub as a software source, you will be able to search for and install Recipes via GNOME Software.

Recipe management

Recipes allows you to manually add your own collection of recipes, including photos, ingredients, directions, as well as extra metadata like preparation time, cuisine style, and spiciness.

When entering in a new item, GNOME Recipes there are a range of different measurement units to choose from, as well as special tags for items like temperature, allowing you to easily switch units.

Community recipes

In addition to manually entering in your favourite dishes for your own use, it also allows you to find, use, and contribute recipes to the community. Additionally, you can mark your favourites, and search the collection by the myriad of metadata available for each recipe.

Step by step guidance

One of the awesome little features in GNOME Recipes is the step by step fullscreen mode. When you are ready to cook, simply activate this mode, move you laptop to the kitchen, and you will have a full screen display of the current step in the cooking method. Futhermore, you can set up the recipes to have timers displayed on this mode when something is in the oven.

Tuesday, 05 March

07:28

Saturday Morning Breakfast Cereal - Where [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
There's a really excellent thinkpiece to be written and posted to medium.com about how Where's Waldo prepared us all to accept the surveillance state.


Today's News:

Boston area dorkwads! Check out our BAHFest MIT lineup.

Tickets are going fast, especially the student discount ones, so buy soon!


Monday, 04 March

07:32

Saturday Morning Breakfast Cereal - Scandinavia [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Also salted black licorice. Honestly, what the hell is the matter with twins separated at birth?


Today's News:

06:50

China’s Huawei has big ambitions to weaken the US grip on AI leadership [Top News - MIT Technology Review]

In spite of tensions with the US and its allies, Huawei is rapidly building a suite of AI offerings unmatched by any other company on the planet.

Sunday, 03 March

17:00

Tech Intersections Conference [Yelp Engineering and Product Blog]

This year Yelp sponsored the second annual Tech Intersections conference in Oakland, CA. It was a great opportunity to celebrate womxn of color in tech and to come together and learn from each other’s successes, challenges, and experiences. The conference, which featured ALL womxn speakers and attendees, highlighted topics ranging from tech entrepreneurship to self-care and career skills. Kelly Greenia, Engineering Recruiter, with some Yelp Swag! Two members of Yelp’s Awesome Women in Engineering (AWE) group attended the conference and below are some of their takeaways. This past weekend, we had the opportunity to attend the Tech Intersections conference at...

08:30

Saturday Morning Breakfast Cereal - Cosmology [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
I think Feynman did the path integral stuff AFTER becoming a dad, right?


Today's News:

Saturday, 02 March

07:18

Saturday Morning Breakfast Cereal - Logic [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
In fact, the chance of any particular second being the one where you die is vanishingly small.


Today's News:

Friday, 01 March

01:00

Fedora 30 supplemental wallpapers [Fedora Magazine]

Each release, the Fedora Design team works with the community on a set of 16 additional wallpapers. Users can install and use these to supplement the standard wallpaper. The Fedora Design team encourages submissions from the whole community. Contributors then use the Nuancier app to vote on the top 16 to include.

Voting has closed on the extra wallpapers for Fedora 30. Voters chose from among 56 submissions. A total of 128 Fedora contributors voted, choosing the following 16 backgrounds to include in Fedora 30:

(Editors’ note: Thank you to Sirko Kemter, who authored this article and conducted the voting process.)

Thursday, 28 February

08:30

So excited to finally share the news that Andy Weir’s latest... [Sarah's Scribbles]



So excited to finally share the news that Andy Weir’s latest graphic novel, Cheshire Crossing (illustrated by me!) is going to be released in book form on July 9th and is now available for preorder here!
This is the story of Alice, Wendy, and Dorothy together as teenagers, learning to harness their supernatural abilities.

Check out the first chapter online here!

01:00

JDK Mission Control is now in Fedora 29 [Fedora Magazine]

JDK Mission Control (JMC) is now available as a module in Fedora 29. JDK Mission Control is a powerful profiling application for HotSpot JVMs. It has an advanced set of tools that enables efficient and detailed analysis of the extensive data collected by JDK Flight Recorder (JFR). JMC requires JDK 8 or later.

JFR is part of the JVM, and is available in OpenJDK 11 or Oracle JDK 7u4 or later. Therefore, to generate a flight recording to be loaded into JMC for analysis, the target application needs to run on OpenJDK 11 or OracleJDK 7u4 or later.

This article is a guide to install and run JMC on Fedora 29 Workstation. Then you’ll learn how to use it to solve a common problem with Java programs called hot methods.

Installing JMC on Fedora 29

Using Java 11 will allow JMC to record JFR data for itself. Install Java 11 via:

$ sudo dnf install java-11-openjdk

Enable and install the JMC module with the default profile via:

$ sudo dnf module install jmc:latest/default

Run JMC targeting the Java 11 JRE via:

$ jmc -vm /usr/lib/jvm/jre-11/bin

Using JMC and JFR to explore hot methods

JDK Mission Control can be used to deeply analyze Java applications. In this example, we will take a look at hot methods. Hot methods are methods where a high proportion of time is spent during execution. These are good places to start investigating when trying to reduce overall execution time.

To demonstrate, here is a portion of code for a Java application.

Initiator Sample Code

In practice, there are multiple methods of analyzing Java applications in JDK Mission Control. As an example, you can run the application with Flight Recording enabled and set to dump on JVM exit. This generates a Flight Recording (.jfr) file when the application exits, which can be opened by JDK Mission Control. Note that Flight Recorder is available in OpenJDK 11+ and OracleJDK 7u4+.

For example, for OpenJDK 11+ use this command to run the class with Flight Recorder:

$ java -XX:+FlightRecorder -XX:StartFlightRecording=dumponexit=true,filename=initiator.jfr Initiator

After the application has completed execution, open the resulting Flight Recording with JMC. Below is the automated analysis results.

Automated Analysis Results

The automated Method Profiling analysis already indicates a potential optimization area in the calls to Integer.equals(Object). Going to the Method Profiling tab, select that method and check the Stack Trace for it as shown below.

Method Profiling View

In this Stack Trace, you can follow the calls to the method Initiator.countIntersection(Initiator). Checking the Initiator class, shown below, note that counting intersections between two Integer collections would be better done using HashSet collections instead of LinkedLists collections.

After making this change, you can see the execution improve in the follow-up Flight Recording.

Method Profiling View of ‘After’ Code

JDK Mission Control and JDK Flight Recorder gives you a highly detailed view of your Java application behavior. You can use it to diagnose issues with hot methods, deadlocks, lock contention, memory leaks and more. Try it out via the JMC module in Fedora 29!

Wednesday, 27 February

08:04

05:05

05:00

The race to make a lab-grown steak [Top News - MIT Technology Review]

Meat production spews tons of greenhouse gas and uses up too much land and water. Is there an alternative that won’t make us do without?

A simple blood test to predict premature births could save babies’ lives [Top News - MIT Technology Review]

Complications from preterm birth are the leading cause of death worldwide in children under five.

Bill Gates explains why we should all be optimists [Top News - MIT Technology Review]

We sat down to talk about breakthrough technologies, China, and reasons to be cheerful with this issue’s guest editor.

10 Breakthrough Technologies 2019, curated by Bill Gates [Top News - MIT Technology Review]

We asked Gates to choose this year’s list of inventions that will change the world for the better.

Tuesday, 26 February

09:21

Saturday Morning Breakfast Cereal - Longitude [Saturday Morning Breakfast Cereal]



Click here to go see the bonus panel!

Hovertext:
Found while reading Augustus de Morgan's narcotic 'Budget of Paradoxes' Volume 1.


Today's News:

03:00

Why AI is a threat to democracy—and what we can do to stop it [Top News - MIT Technology Review]

Futurist and NYU professor Amy Webb on an impending artificial intelligence catastrophe—and why there’s still hope it can be averted.

Monday, 25 February

03:08

Netboot a Fedora Live CD [Fedora Magazine]

Live CDs are useful for many tasks such as:

  • installing the operating system to a hard drive
  • repairing a boot loader or performing other rescue-mode operations
  • providing a consistent and minimal environment for web browsing
  • …and much more.

As an alternative to using DVDs and USB drives to store your Live CD images, you can upload them to an iSCSI server where they will be less likely to get lost or damaged. This guide shows you how to load your Live CD images onto an iSCSI server and access them with the iPXE boot loader.

Download a Live CD Image

$ MY_RLSE=27
$ MY_LIVE=$(wget -q -O - https://dl.fedoraproject.org/pub/archive/fedora/linux/releases/$MY_RLSE/Workstation/x86_64/iso | perl -ne '/(Fedora[^ ]*?-Live-[^ ]*?\.iso)(?{print $^N})/;')
$ MY_NAME=fc$MY_RLSE
$ wget -O $MY_NAME.iso https://dl.fedoraproject.org/pub/archive/fedora/linux/releases/$MY_RLSE/Workstation/x86_64/iso/$MY_LIVE

The above commands download the Fedora-Workstation-Live-x86_64-27-1.6.iso Fedora Live image and save it as fc27.iso. Change the value of MY_RLSE to download other archived versions. Or you can browse to https://getfedora.org/ to download the latest Fedora live image. Versions prior to 21 used different naming conventions, and must be downloaded manually here. If you download a Live CD image manually, set the MY_NAME variable to the basename of the file without the extension. That way the commands in the following sections will reference the correct file.

Convert the Live CD Image

Use the livecd-iso-to-disk tool to convert the ISO file to a disk image and add the netroot parameter to the embedded kernel command line:

$ sudo dnf install -y livecd-tools
$ MY_SIZE=$(du -ms $MY_NAME.iso | cut -f 1)
$ dd if=/dev/zero of=$MY_NAME.img bs=1MiB count=0 seek=$(($MY_SIZE+512))
$ MY_SRVR=server-01.example.edu
$ MY_RVRS=$(echo $MY_SRVR | tr '.' "\n" | tac | tr "\n" '.' | cut -b -${#MY_SRVR})
$ MY_LOOP=$(sudo losetup --show --nooverlap --find $MY_NAME.img)
$ sudo livecd-iso-to-disk --format --extra-kernel-args netroot=iscsi:$MY_SRVR:::1:iqn.$MY_RVRS:$MY_NAME $MY_NAME.iso $MY_LOOP
$ sudo losetup -d $MY_LOOP

Upload the Live Image to your Server

Create a directory on your iSCSI server to store your live images and then upload your modified image to it.

For releases 21 and greater:

$ MY_FLDR=/images 
$ scp $MY_NAME.img $MY_SRVR:$MY_FLDR/

For releases prior to 21:

$ MY_FLDR=/images 
$ MY_LOOP=$(sudo losetup --show --nooverlap --find --partscan $MY_NAME.img)
$ sudo tune2fs -O ^has_journal ${MY_LOOP}p1
$ sudo e2fsck ${MY_LOOP}p1
$ sudo dd status=none if=${MY_LOOP}p1 | ssh $MY_SRVR "dd of=$MY_FLDR/$MY_NAME.img"
$ sudo losetup -d $MY_LOOP

Define the iSCSI Target

Run the following commands on your iSCSI server:

$ sudo -i 
# MY_NAME=fc27
# MY_FLDR=/images
# MY_SRVR=`hostname`
# MY_RVRS=$(echo $MY_SRVR | tr '.' "\n" | tac | tr "\n" '.' | cut -b -${#MY_SRVR})
# cat << END > /etc/tgt/conf.d/$MY_NAME.conf
<target iqn.$MY_RVRS:$MY_NAME>
backing-store $MY_FLDR/$MY_NAME.img
readonly 1
allow-in-use yes
</target>
END
# tgt-admin --update ALL

Create a Bootable USB Drive

The iPXE boot loader has a sanboot command you can use to connect to and start the live images hosted on your iSCSI server. It can be compiled in many different formats. The format that works best depends on the type of hardware you’re running. As an example, the following instructions show how to chain load iPXE from syslinux on a USB drive.

First, download iPXE and build it in its lkrn format. This should be done as a normal user on a workstation:

$ sudo dnf install -y git 
$ git clone http://git.ipxe.org/ipxe.git $HOME/ipxe
$ sudo dnf groupinstall -y "C Development Tools and Libraries"
$ cd $HOME/ipxe/src
$ make clean
$ make bin/ipxe.lkrn
$ cp bin/ipxe.lkrn /tmp

Next, prepare a USB drive with a MSDOS partition table and a FAT32 file system. The below commands assume that you have already connected the USB drive to be formatted. Be careful that you do not format the wrong drive!

$ sudo -i 
# dnf install -y parted util-linux dosfstools
# echo; find /dev/disk/by-id ! -regex '.*-part.*' -name 'usb-*' -exec readlink -f {} \; | xargs -i bash -c "parted -s {} unit MiB print | perl -0 -ne '/^Model: ([^(]*).*\n.*?([0-9]*MiB)/i && print \"Found: {} = \$2 \$1\n\"'"; echo; read -e -i "$(find /dev/disk/by-id ! -regex '.*-part.*' -name 'usb-*' -exec readlink -f {} \; -quit)" -p "Drive to format: " MY_USB
# umount $MY_USB?
# wipefs -a $MY_USB
# parted -s $MY_USB mklabel msdos mkpart primary fat32 1MiB 100% set 1 boot on
# mkfs -t vfat -F 32 ${MY_USB}1

Finally, install syslinux on the USB drive and configure it to chain load iPXE:

# dnf install -y syslinux-nonlinux 
# syslinux -i ${MY_USB}1
# dd if=/usr/share/syslinux/mbr.bin of=${MY_USB}
# MY_MNT=$(mktemp -d)
# mount ${MY_USB}1 $MY_MNT
# MY_NAME=fc27
# MY_SRVR=server-01.example.edu
# MY_RVRS=$(echo $MY_SRVR | tr '.' "\n" | tac | tr "\n" '.' | cut -b -${#MY_SRVR})
# cat << END > $MY_MNT/syslinux.cfg
ui menu.c32
default $MY_NAME
timeout 100
menu title SYSLINUX
label $MY_NAME
menu label ${MY_NAME^^}
kernel ipxe.lkrn
append dhcp && sanboot iscsi:$MY_SRVR:::1:iqn.$MY_RVRS:$MY_NAME
END
# cp /usr/share/syslinux/menu.c32 $MY_MNT
# cp /usr/share/syslinux/libutil.c32 $MY_MNT
# cp /tmp/ipxe.lkrn $MY_MNT
# umount ${MY_USB}1

You should be able to use this same USB drive to netboot additional iSCSI targets simply by editing the syslinux.cfg file and adding additional menu entries.

This is just one method of loading iPXE. You could install syslinux directly on your workstation. Another option is to compile iPXE as an EFI executable and place it directly in your ESP. Yet another is to compile iPXE as a PXE loader and place it on your TFTP server to be referenced by DHCP. The best option depends on your environment.

Final Notes

  • You may want to add the –filename \EFI\BOOT\grubx64.efi parameter to the sanboot command if you compile iPXE in its EFI format.
  • It is possible to create custom live images. Refer to Creating and using live CD for more information.
  • It is possible to add the –overlay-size-mb and –home-size-mb parameters to the livecd-iso-to-disk command to create live images with persistent storage. However, if you have multiple concurrent users, you’ll need to set up your iSCSI server to manage separate per-user writeable overlays. This is similar to what was shown in the “How to Build a Netboot Server, Part 4” article.
  • The live images support a persistenthome option on their kernel command line (e.g. persistenthome=LABEL=HOME). Used together with CHAP-authenticated iSCSI targets, the persistenthome option provides an interesting alternative to NFS for centralized home directories.

Photo by Chris Yates on Unsplash.

Sunday, 24 February

Friday, 22 February

01:46

Sailfish OS: Security and Data Privacy [Jolla Blog]

Mobile World Congress is back again! Like every single year during the Jolla journey, we are excited to take part in this event. We have had great experiences in the past MWC’s, our main drivers for attending are the current and relevant topics discussed during the congress. One of this year’s core themes is Digital Trust; “Digital trust analyses the growing responsibilities required to create the right balance with consumers, governments and regulators.” It makes us happy that these topics are being discussed, especially since several scandals have recently affected trust in digital solutions.

At Jolla we work constantly towards providing a secure and transparent solution. Our value towards our customer’s privacy is reflected in our values and actions. Back in May of 2018 our CEO Sami Pienimäki wrote a blog post on the GDPR laws passed within the European Union and stated the cornerstones on how Jolla views data privacy. This stand on privacy is not rocket science – the core idea is to respect our customers’ privacy and allow them to be in control of their data.

 Jolla’s Stand on Privacy

  1. We collect only a minimum amount of information, only what is needed to run our services.
  2. We do not monetize your data, or give your data to third parties without your express consent: we only use it to provide our services to you.
  3. We do not collect any data without your consent.
  4. And last but not least: we care are about privacy on all levels

To support our Stand on Privacy we recently attended the Computers, Privacy & Data Protection (CPDP) 2019 conference in Brussels. CPDP is a “world-leading multidisciplinary conference that offers the cutting edge in legal, regulatory, academic and technological development in privacy and data protection.”  The event took place right after the celebration of International Data Privacy Day on the 28th of January. During the event, Jolla was invited to attend a panel focused on privacy and design in mobile development.

Here are a few insights from Vesa-Matti Hartikainen, Program Manager at Jolla, who was the speaker at the panel:

“Jolla was invited to attend the panel titled “Implementing Privacy by Design into mobile development, obstacles and opportunities. A developer perspective on data protection by design” at CPDP2019 conference. As I co-ordinated the work of Jolla’s GDPR project I was chosen to represent our company.

In the panel there were representatives from academia, other companies and data protection authorities. During the panel an interesting question came up: “What else (than GDPR) is necessary to finally get these solutions (Privacy by Design) into broad deployment?” The answer I gave came from my experience while developing Sailfish OS. It is very difficult to compete against “free” when the competitor OS is essentially free for the device vendors. At the same time the OS vendor gets its investment back by having their apps and services being prominently present in the device, which allows them to profile the users, collect data and in the end mostly monetise from the ads on the app and from the ads on their other services. GDPR has already had some impact on the situation as it severely limits what organisations are able to do with the data and exposes what data they are collecting. It is valuable to have regulations in place and having better visibility on what information is collected from the users. The fines and controls are slowly impacting the big players. GDPR has shown some promise here in Europe, but it would be very good for privacy if other major markets should follow the lead.

After the panel I had several interesting discussions with conference delegates and it’s nice to see that privacy is a big concern here and actions are taken to protect peoples’ privacy. This concern was shown not only through the discussion but also by the reports presented during the event. A clear example is the report “Every Step you take: How deceptive design let’s Google track users 24/7”  presented by the Norwegian Consumer Council and funded by the Norwegian Government. This report analyses  how Google gets permissions to track the location using different technologies and through deceptive design practices.

Data privacy has always been in the core of Sailfish OS and in the way Jolla operates, and we believe this is one of the main reasons why our corporate customers and community believe in us. In our latest release, Sailfish 3, security has been a special focus and it incorporates several features to improve device security and keeping the user data and communications private. The security related features we’ve been developing into Sailfish 3 include among other things: encrypted user data and communication, new security architecture, remote lock and wipe, fingerprint support, VPN and specifically for corporate users: Mobile Device Management.”

As Vesa-Matti already mentions above, it is important to discuss about privacy and security. Awareness is growing, and governments are taking action into protecting the privacy and security of their citizens and businesses. As from our trench, we continue working on providing privacy for our customers and constantly improving the security in our solutions. We hope to have good discussions in Mobile World Congress 2019.

If you are interested in our solution you can still book a meeting with us through partners@jolla.com. If you are part of the community in Barcelona we hope to see you in our Community Meet Up hosted with Planet Computers on Sunday 24th at 5pm, in restaurant Bodega La Puntual.

The post Sailfish OS: Security and Data Privacy appeared first on Jolla Blog.

01:29

Using the NetworkManager’s DNSMasq plugin [Fedora Magazine]

The dnsmasq plugin is a hidden gem of NetworkManager. When using the plugin, instead of using whatever DNS nameserver is doled out by DHCP, NetworkManager will configure a local copy of dnsmasq that can be customized.

You may ask, why would you want to do this? For me personally, I have two use cases:

First, on my laptop, I run a full OpenShift installation for testing purposes. In order to make this work, I really need to be able to add DNS records. I can run a local dnsmasq without NetworkManager, but this config is easier than managing my own.

Second, when I’m at home, I still want to use my home network’s DNS while on VPN. Many VPNs are configured to only route specific traffic through the VPN tunnel and leave my default route in place. This means I can access my local network’s printer and still connect to resources on the VPN.

This is very nice, as it means I can still access my network printer or listen to music from my media server while doing work. However, the VPN connection overwrites my resolv.conf with DNS servers from the VPN network. Therefore, my home network’s DNS is no longer accessible.

The dnsmasq plugin solves this by running a local dnsmasq server that is controlled by NetworkManager. My resolv.conf always points to localhost. For records defined locally (e.g. for my OpenShift Cluster), dnsmasq resolves these correctly. Using more advanced dnsmasq config, I can selectively forward requests for certain domains to specific servers (e.g. to always correctly resolve my home network hosts). And for all other requests, dnsmasq will forward to the DNS servers associated with my current network or VPN.

Here’s how to configure it in Fedora 29:

For some context, my domain on my laptop is called ‘laplab’ and my home domain is ‘.homelab’. At home my DNS server is 172.31.0.1. For DNS entries in laplab, most of those are defined in /etc/hosts. dnsmasq can then slurp them up. I also have some additional DNS entries defined for a wildcard DNS and some aliases.

Below are the five files that need to be added. The files in dnsmasq.d could be combined, but are split up to hopefully better show the example.

  • /etc/NetworkManager/conf.d/00-use-dnsmasq.conf
  • /etc/NetworkManager/dnsmasq.d/00-homelab.conf
  • /etc/NetworkManager/dnsmasq.d/01-laplab.conf
  • /etc/NetworkManager/dnsmasq.d/02-add-hosts.conf
  • /etc/hosts
# /etc/NetworkManager/conf.d/00-use-dnsmasq.conf
#
# This enabled the dnsmasq plugin.
[main]
dns=dnsmasq
# /etc/NetworkManager/dnsmasq.d/00-homelab.conf
#
# This file directs dnsmasq to forward any request to resolve
# names under the .homelab domain to 172.31.0.1, my 
# home DNS server.
server=/homelab/172.31.0.1
# /etc/NetworkManager/dnsmasq.d/01-laplab.conf
# This file sets up the local lablab domain and 
# defines some aliases and a wildcard.
local=/laplab/

# The below defines a Wildcard DNS Entry.
address=/.ose.laplab/192.168.101.125

# Below I define some host names.  I also pull in   
address=/openshift.laplab/192.168.101.120
address=/openshift-int.laplab/192.168.101.120
# /etc/NetworkManager/dnsmasq.d/02-add-hosts.conf
# By default, the plugin does not read from /etc/hosts.  
# This forces the plugin to slurp in the file.
#
# If you didn't want to write to the /etc/hosts file.  This could
# be pointed to another file.
#
addn-hosts=/etc/hosts
# /etc/hosts
#  
# The hostnames I define in that will be brought in and resolvable
# because of the config in the 02-add-hosts.conf file. 
#
127.0.0.1   localhost localhost.localdomain 
::1         localhost localhost.localdomain 

# Notice that my hosts be in the .laplab domain, like as configured 
# in 01-laplab.conf file
192.168.101.120  ose-lap-jumphost.laplab
192.168.101.128  ose-lap-node1.laplab

# Name not in .laplab will also get picked up.  So be careful 
# defining items here.
172.31.0.88     overwrite.public.domain.com

After all those files are in place, restart NetworkManager with systemctl restart NetworkManager. If everything is working right, you should see that your resolv.conf points to 127.0.0.1 and a new dnsmasq process spawned.

$ ps -ef | grep dnsmasq
dnsmasq   1835  1188  0 08:01 ?        00:00:00 /usr/sbin/dnsmasq --no-resolv 
--keep-in-foreground --no-hosts --bind-interfaces --pid-file=/var/run/NetworkManager/dnsmasq.pid 
--listen-address=127.0.0.1 --cache-size=400 --clear-on-reload --conf-file=/dev/null 
--proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq 
--conf-dir=/etc/NetworkManager/dnsmasq.d
$ cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 127.0.0.1
$ host ose-lap-jumphost.laplab
ose-lap-jumphost.laplab has address 192.168.101.120

This configuration will survive reboots and, in my testing, works with almost every network and VPN I’ve tried it with.

Thursday, 21 February

08:20

China’s CRISPR twins might have had their brains inadvertently enhanced [Top News - MIT Technology Review]

New research suggests that a controversial gene-editing experiment to make children resistant to HIV may also have enhanced their ability to learn and form memories.

Wednesday, 20 February

11:45

The first privately funded trip to the moon is about to launch [Top News - MIT Technology Review]

After failing to claim the Lunar X Prize (which, to be fair, everyone did), the Israeli firm SpaceIL could have a rover on lunar soil in a little over a month.

01:00

Set up two-factor authentication for SSH on Fedora [Fedora Magazine]

Every day there seems to be a security breach reported in the news where our data is at risk. Despite the fact that SSH is a secure way to connect remotely to a system, you can still make it even more secure. This article will show you how.

That’s where two-factor authentication (2FA) comes in. Even if you disable passwords and only allow SSH connections using public and private keys, an unauthorized user could still gain access to your system if they steal your keys.

With two-factor authentication, you can’t connect to a server with just your SSH keys. You also need to provide the randomly generated number displayed by an authenticator application on a mobile phone.

The Time-based One-time Password algorithm (TOTP) is the method shown in this article. Google Authenticator is used as the server application. Google Authenticator is available by default in Fedora.

For your mobile phone, you can use any two-way authentication application that is compatible with TOTP. There are numerous free applications for Android or IOS that work with TOTP and Google Authenticator. This article uses FreeOTP as an example.

Install and set up Google Authenticator

First, install the Google Authenticator package on your server.

$ sudo dnf install -y google-authenticator

Run the application.

$ google-authenticator

The application presents you with a series of questions. The snippets below show you how to answer for a reasonably secure setup.

Do you want authentication tokens to be time-based (y/n) y
Do you want me to update your "/home/user/.google_authenticator" file (y/n)? y

The app provides you with a secret key, verification code, and recovery codes. Keep these in a secure, safe location. The recovery codes are the only way to access your server if you lose your mobile phone.

Set up mobile phone authentication

Install the authenticator application (FreeOTP) on your mobile phone. You can find it in Google Play if you have an Android phone, or in the iTunes store for an Apple iPhone.

A QR code is displayed on the screen. Open up the FreeOTP app on your mobile phone. To add a new account, select the QR code shaped tool at the top on the app, and then scan the QR code. After the setup is complete, you’ll have to provide the random number generated by the authenticator application every time you connect to your server remotely.

Finish configuration

The application asks further questions. The example below shows you how to answer to set up a reasonably secure configuration.

Do you want to disallow multiple uses of the same authentication token? This restricts you to one login about every 30s, but it increases your chances to notice or even prevent man-in-the-middle attacks (y/n) y
By default, tokens are good for 30 seconds. In order to compensate for possible time-skew between the client and the server, we allow an extra token before and after the current time. If you experience problems with poor time synchronization, you can increase the window from its default size of +-1min (window size of 3) to about +-4min (window size of 17 acceptable tokens).
Do you want to do so? (y/n) n
If the computer that you are logging into isn't hardened against brute-force login attempts, you can enable rate-limiting for the authentication module. By default, this limits attackers to no more than 3 login attempts every 30s.
Do you want to enable rate-limiting (y/n) y

Now you have to set up SSH to take advantage of the new two-way authentication.

Configure SSH

Before completing this step, make sure you’ve already established a working SSH connection using public SSH keys, since we’ll be disabling password connections. If there is a problem or mistake, having a connection will allow you to fix the problem.

On your server, use sudo to edit the /etc/pam.d/sshd file.

$ sudo vi /etc/pam.d/sshd

Comment out the auth substack password-auth line:

#auth       substack     password-auth

Add the following line to the bottom of the file.

auth sufficient pam_google_authenticator.so

Save and close the file. Next, edit the /etc/ssh/sshd_config file.

$ sudo vi /etc/ssh/sshd_config

Look for the ChallengeResponseAuthentication line and change it to yes.

ChallengeResponseAuthentication yes

Look for the PasswordAuthentication line and change it to no.

PasswordAuthentication no

Add the following line to the bottom of the file.

AuthenticationMethods publickey,password publickey,keyboard-interactive

Save and close the file, and then restart SSH.

$ sudo systemctl restart sshd

Testing your two-factor authentication

When you attempt to connect to your server you’re now prompted for a verification code.

[user@client ~]$ ssh user@example.com
Verification code:

The verification code is randomly generated by your authenticator application on your mobile phone. Since this number changes every few seconds, you need to enter it before it changes.

If you do not enter the verification code, you won’t be able to access the system, and you’ll get a permission denied error:


[user@client ~]$ ssh user@example.com
Verification code:
Verification code:
Verification code:
Permission denied (keyboard-interactive).
[user@client ~]$

Conclusion

By adding this simple two-way authentication, you’ve now made it much more difficult for an unauthorized user to gain access to your server.

Tuesday, 19 February

Monday, 18 February

17:00

Autoscaling Mesos Clusters with Clusterman [Yelp Engineering and Product Blog]

Here at Yelp, we host a lot of servers in the cloud. In order to make our website more reliable—yet cost-efficient during periods of low utilization—we need to be able to autoscale clusters based on usage metrics. There are quite a few existing technologies for this purpose, but none of them really meet our needs of autoscaling extremely diverse workloads (microservices, machine learning jobs, etc.) at Yelp’s scale. In this post, we’ll describe our new in-house autoscaler called Clusterman (the “Cluster Manager”) and its magical ability to unify autoscaling resource requests for diverse workloads. We’ll also describe the Clusterman simulator,...

02:10

Building Flatpak apps in Gnome Builder on Fedora Silverblue [Fedora Magazine]

If you are developing software using Fedora Silverblue, and especially if what you are developing is a Gnome application, Gnome Builder 3.30.3 feels like an obvious choice of IDE.

In this article, I will show you how you can create a simple Gnome application, and how to build it and install it as a Flatpak app on your system.

Gnome and Flatpak applications

Builder has been a part of Gnome for a long time. It is a very mature IDE to me in terms of consistency and completeness.

The Gnome Builder project website offers extensive documentation regarding Gnome application development — I highly recommend spending some time there to anyone interested.

Editor’s note: Getting Builder

Because the initial Fedora Silverblue installation doesn’t include Builder, let’s walk through the installation process first.

Starting with a freshly installed system, the first thing you’ll need to do is to enable a repository providing Builder as a Flatpak — we’ll use Flathub which is a popular 3rd-party repository with many desktop apps.

To enable Flathub on your system, download the repository file from the Fedora Quick Setup page, and double-click it which opens Gnome Software asking you to enable this repository on your system.

After you’re done with that, you can search for Builder in Gnome Software and install it.

Creating a new project

So let’s walk through the creation of a new project for our Gnome app. When you start Gnome Builder, the first display is oriented towards project management.

To create a new project, I clicked on the New… button at the top-left corner which showed me the following view.

You’ll need to fill out the project name, choose your preferred language (I chose C, but other languages will work for this example as well), and the license. Leave the version control on, and select Gnome Application as your template.

I chose gbfprtfsb as the name of my project which means Hello from Gnome 3 on Fedora SilverBlue.

The IDE creates and opens the project once you press create.

Tweaking our new project

The newly created project is opened in the Builder IDE and on my system looks like the following.

This project could be run from within the IDE right now and would give you the ever popular “Hello World!” titled gnome windowed application with a label that says, yup “Hello World!”.

Let’s get a little disruptive and mess up the title and greeting a bit. Complacency leads to mediocrity which leads to entropy overcoming chaos to enforce order, stasis, then finally it all just comes to a halt. It’s therefore our duty to shake it up at every opportunity, if only to knock out any latent entropy that may have accumulated in our systems. Towards such lofty goals, we only need to change two lines of one file, and the file isn’t even a C language file, it’s an XML file used to describe the GUI named gbfprtfsb-window.ui. All we have to do is open it and edit the title and label text, save and then build our masterpiece!

Looking at the screenshot below, I have circled the text we are going to replace. The window is a GtkApplicationWindow, and uses a GtkHeaderBar and GtkLabel to display the text we are changing. In the GtkHeaderBar we will type GBFPRTFSB for the title property. In the GtkLabel we will type Hello from Gnome 3 on Fedora SilverBlue in the label property. Now save the file to record our changes.

Building the project

Well, we have made our changes, and expressed our individualism (cough) at the same time. All that is left is to build it and see what it looks like. The build panel is located near the top of the IDE, middle right, and is represented by the icon that appears to be a brick wall being built as shown on the following picture.

Press the button, and the build process completes. You can also preview your application by clicking on the “play” button next to it.

Building a Flatpak

When we’re happy with our creation, the next step will be building it as a Flatpak. To do that, click on the title in the middle of the top bar, and then on the Export Bundle button.

Once the export has successfully completed, Gnome Builder will open a Nautilus file browser window showing the export directory, with the Flatpak bundle already selected.

To install the app on your system, simply double-click the icon which opens Gnome Software allowing you to install the app. On my system I had to enter my user password twice, which I take to be due to the fact we had no configured GPG key for the project. After it was installed, the application was shown alongside all of the other applications on my system. It can be seen running below.

I think this has successfully shown how easy it is to deploy an application as a Flatpak bundle for Gnome using Builder, and then running it on Fedora Silverblue.

Sunday, 17 February

Saturday, 16 February

06:00

The technology behind OpenAI’s fiction-writing, fake-news-spewing AI, explained [Top News - MIT Technology Review]

The language model can write like a human, but it doesn’t have a clue what it’s saying.

Friday, 15 February

05:00

AI is reinventing the way we invent [Top News - MIT Technology Review]

The biggest impact of artificial intelligence will be to help humans make discoveries we couldn’t make on our own.

01:00

How to watch for releases of upstream projects [Fedora Magazine]

Do you want to know when a new version of your favorite project is released? Do you want to make your job as packager easier? If so, this article is for you. It introduces you to the world of release-monitoring.org. You’ll see how it can help you catch up with upstream releases.

What is release-monitoring.org?

The release-monitoring.org is a combination of two applications: Anitya and the-new-hotness.

Anitya is what you can see when visiting release-monitoring.org. You can use it to add and manage your projects. Anitya also checks for new releases periodically.

The-new-hotness is an application that catches the messages emitted by Anitya. It creates a Bugzilla issue if the project is mapped to a Fedora package.

How to use release-monitoring.org

Now that you know how it works, let’s focus on how you can use it.

Index page of release-monitoring.org

First think you need to do is to log in. Anitya provides a few options you can use to log in, including the Fedora Account System (FAS), Yahoo!, or a custom OpenID server.

Login page

When you’re logged in, you’ll see new options in the top panel.

Anitya top panel

Add a new project

Now you can add a new project. It’s always good to check whether the project is already added.

Add project form

Next, fill in the information about the project:

  • Project name – Use the upstream project name
  • Homepage – Homepage of the project
  • Backend – Backend is simply the web hosting where the project is hosted. Anitya offers many backends you can chose from. If you can’t find a backend for your project, you can use the custom backend. Every backend has its own additional fields. For example, BitBucket has you specify owner/project.
  • Version scheme – This is used to sort received versions. Right now, Anitya only supports RPM version scheme.
  • Version prefix – This is the prefix that is stripped from any received version. For example, if the tag on GitHub is version_1.2.3, you would use version_ as version prefix. The version will then be presented as 1.2.3. The version prefix v is stripped automatically.
  • Check latest release on submit – If you check this, Anitya will do an initial check on the project when submitted.
  • Distro – The distribution in which this project is used. This could be also added later.
  • Package – The project’s packaged name in the distribution. This is required when the Distro field is filled in.

When you’re happy with the project, submit it. Below you can see how your project may look after you submit.

Project page

Add a new distribution mapping

If you want to map the project to a package on a specific distribution, open up the project page first and then click on Add new distribution mapping.

Add distribution mapping form

Here you can chose any distribution already available in Anitya, fill in the package name, and submit it. The new mapping will show up on the project page.

Automatic filing of Bugzilla issues

Now you created a new project and created a mapping for it. This is nice, but how does this help you as a packager? This is where the-new-hotness comes into play.

Every time the-new-hotness sees a new update or new mapping message emitted by Anitya, it checks whether this project is mapped to a package in Fedora. For this to work, the project must have a mapping to Fedora added in Anitya.

If the package is known, the-new-hotness checks the notification setting for this package. That setting can be changed here. The last check the-new-hotness does is whether the version reported by Anitya is newer than the current version of this package in Fedora Rawhide.

If all those checks are positive, the new Bugzilla issue is filed and a Koji scratch build started. After the Koji build is finished, the Bugzilla is updated with output.

Future plans for release-monitoring.org

The release-monitoring.org system is pretty amazing, isn’t it? But this isn’t all. There are plenty of things planned for both Anitya and the-new-hotness. Here’s a short list of future plans:

Anitya

  • Add libraries.io consumer – automatically check for new releases on libraries.io, create projects in Anitya and emit messages about updates
  • Use Fedora package database to automatically guess the package name in Fedora based on the project name and backend
  • Add semantic and calendar version scheme
  • Change current cron job to service: Anitya checks for new versions periodically using a cron job. The plan is to change this to a service that checks projects using queues.
  • Support for more than one version prefix

the-new-hotness

  • File Github issues for Flathub projects when a new version comes out
  • Create pull requests in Pagure instead of filing a Bugzilla issue
  • Move to OpenShift – this should make deployment much easier than how it is now
  • Convert to Python 3 (mostly done)

Both

  • Conversion to fedora-messaging – This is already in progress and should make communication between Anitya and the-new-hotness more reliable.

Photo by Alexandre Debiève on Unsplash.

Thursday, 14 February

Wednesday, 13 February

16:42

Python 3.8 alpha in Fedora [Fedora Magazine]

The Python developers have released the first alpha of Python 3.8.0 and you can already try it out in Fedora! Test your Python code with 3.8 early to avoid surprises once the final 3.8.0 is out in October.

Install Python 3.8 on Fedora

If you have Fedora 29 or newer, you can install Python 3.8 from the official software repository with dnf:

$ sudo dnf install python38

As more alphas, betas and release candidates of Python 3.8 will be released, the Fedora package will receive updates. No need to compile your own development version of Python, just install it and have it up to date. New features will be added until the first beta.

Test your projects with Python 3.8

Run the python3.8 command to use Python 3.8 or create virtual environments with the builtin venv module, tox or with pipenv. For example:

$ git clone https://github.com/benjaminp/six.git
Cloning into 'six'...
$ cd six/
$ tox -e py38
py38 runtests: commands[0] | python -m pytest -rfsxX
================== test session starts ===================
platform linux -- Python 3.8.0a1, pytest-4.2.1, py-1.7.0, pluggy-0.8.1
collected 195 items

test_six.py ...................................... [ 19%]
.................................................. [ 45%]
.................................................. [ 70%]
..............................................s... [ 96%]
....... [100%]
========= 194 passed, 1 skipped in 0.25 seconds ==========
________________________ summary _________________________
py38: commands succeeded
congratulations 🙂

What’s new in Python 3.8

So far, only the first alpha was released, so more features will come. You can however already try out the new walrus operator:

$ python3.8
Python 3.8.0a1 (default, Feb 7 2019, 08:07:33)
[GCC 8.2.1 20181215 (Red Hat 8.2.1-6)] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> while not (answer := input('Say something: ')):
... print("I don't like empty answers, try again...")
...
Say something:
I don't like empty answers, try again...
Say something: Fedora
>>>

And stay tuned for Python 3.8 as python3 in Fedora 31!