Linux Journal

Clearing Out /boot

2 months 3 weeks ago
by Adam McPartlan

The /boot partition sometimes needs a bit of attention. If you enable automatic updates, it will fill up with old kernels that you'll probably never need. It also will stop you from running aptitude to install or remove anything. If you find yourself in this situation, you can use dpkg to get around it. dpkg is the higher-level package manager in Debian-based distributions, and it's very useful when aptitude has broken.

To see the status of your partitions run: df -h:

Filesystem Size Used Avail Use% Mounted on udev 3.0G 12K 3.0G 1% /dev tmpfs 597M 528K 597M 1% /run /dev/dm-0 97G 14G 78G 15% / none 4.0K 0 4.0K 0% /sys/fs/cgroup none 5.0M 0 5.0M 0% /run/lock none 3.0G 0 3.0G 0% /run/shm none 100M 0 100M 0% /run/user /dev/sda1 228M 219M 0 100% /boot

If you look in the directory /boot you will see it full of old kernels and images. it is not advisable to just delete them as you can break your system. Run the following command, this will tell you what kernel you are currently on: uname -r:

3.13.0-137-generic

Lets find out what kernels are installed and which ones can be purged from your system. To do this, run the following:

dpkg --list "linux-image*" | grep -v $(uname) | grep ii

This will use dpkg to list all linux kernel images excluding the one you are using, that is installed.

The output might still be quite big, let's refine it by piping the results in to awk. The awk command below is an instruction to print the second column from the output.

dpkg --list "linux-image*" | grep -v $(uname -r) | ↪grep ii | awk '{ print $2 }'

This gives us a list to work with. We can stick this in a script or run it from the command line to purge them all.

CAUTION: make sure that the kernel you are using is not in the list. We should have eliminated that when we specified grep -v $(uname -r). The -v part tell grep exclude anything that contains the output of uname -r.

If you are happy and have sudo privileges, go ahead:

sudo dpkg --purge $(dpkg --list "linux-image*" | grep -v ↪$(uname -r) | grep ii | awk '{ print $2 }')

To finish off run sudo update-grub2 - This will ensure grub is updated with the available kernels - otherwise you may be heading for trouble. Then fix aptitude by running: sudo apt-get -f install followed by sudo apt-get autoremove to clear the images out of aptitude.

Look at your partition you will see it has free space.

Go to Full Article
Adam McPartlan

Python 3.7.0 Released, Timesys Announces New Threat Resistance Security Technology (TRST) Product Protection, Red Hat OpenStack Platform 13 Now Available and More

2 months 3 weeks ago

News briefs for June 28, 2018.

Python 3.7.0 has been released. This is a major release of the Python language, containing many new features, including new syntax features, backwards-incompatible syntax changes, new library modules, significant improvements to the standard library and much more. See the release highlights for all the updates, and go here to download.

Timesys this morning announced a new solution, Threat Resistance Security Technology (TRST) Product Protection, that enables "developers of IoT, IIoT, ICS, and other smart devices to reduce the attack surface of their products, harden devices, and maintain security at IoT scale". Quoted in the press release, Atul Bansal, CEO of Timesys, said "As IoT deployments skyrocket in number and size, the attack surface of devices grows exponentially. Our new TRST offering enables device developers to bring products to market faster without compromising security and to maintain stronger security in production deployment."

Red Hat OpenStack Platform 13 is now available. This is a "long-life release", which comes with up to three years of standard support, and optional two years of extended life-cycle support. This release has many new features, including "fast forward upgrades", and it now supports containerization of all OpenStack services. OpenStack Platform 13 also delivers several new integrations with Red Hat OpenShift Container Platform, and it has many new hardened security services. See the Red Hat blog post for more information.

The Wi-Fi Alliance this week introduced Wi-Fi Certified WPA3, which "adds new features to simplify Wi-Fi security, enable more robust authentication, and deliver increased cryptographic strength for highly sensitive data markets". According to the press release, "As the Wi-Fi industry transitions to WPA3 security, WPA2 devices will continue to interoperate and provide recognized security." In addition, "All WPA3 networks use the latest security methods, disallow outdated legacy protocols, and require use of Protected Management Frames (PMF) to maintain resiliency of mission critical networks."

SoftMaker FreeOffice 2018 for Linux and Windows has been updated to revision 934. New features include formatting now can be transferred using the format painter, and you can add comments and footnotes documents. There's also a new tool for Linux users to help with technical problems, and support for encrypted DOCX documents also has been improved. You can download FreeOffice 2018 free of charge from here.

News python Timesys Embedded IOT Security Red Hat OpenStack Wi-Fi office suite
Jill Franklin

As Cloud Computing Providers Post Record Profits, One Company Wants to Make Them Obsolete

2 months 3 weeks ago
by Graham Templeton

Could the world's idle computers make the $200 billion cloud computing industry obsolete?

In the final years of the Obama administration, it seemed that the world was witnessing the emergence of an odd alliance between the largest establishment tech companies and the traditionally anti-establishment community of independent techies. The highest profile case involved Apple and other major corporations siding with civil rights organizations to advocate against weakening device encryption on behalf of law enforcement, and it it led to a hope that these companies were finally seeing the profit potential in having secure, satisfied customers. That hope has now evaporated in the face of continuous betrayals of user trust, and rather than take it lying down, tech users are looking into alternative solutions that put them in control.

The recently passed federal Clarifying Lawful Overseas Use of Data Act, or the CLOUD Act, makes it perfectly clear why this shift away from self-interested stakeholders is so necessary. The new law was motivated by a legal demand for Microsoft to hand user data to US law enforcement, even though that data was stored outside US borders and, thus, in a different legal jurisdiction. At first, it seemed that Microsoft was planning to stand up for privacy and national sovereignty by opposing the demand in court—but, predictably, the corporation rolled over just as soon as it deemed that its own interests were protected.

The goal of the CLOUD Act is for the US to be able to compel any company that does business in the country to provide information to US law enforcement, even if that information is not actually stored within the US. If it's successful, a company's willingness to fight will become essentially irrelevant. It makes all cloud computing and cloud storage companies suspect, simply by virtue of being cloud computing companies.

Groups like the Electronic Frontier Foundation and the American Civil Liberties Union believe it also could allow US law enforcement to seize information in foreign jurisdictions because those regions have more lenient privacy laws than the US itself. The reverse, in which foreign law enforcement agencies operating under more stringent rules than the US, could gain access to protected information stored in the country, is also a major concern.

Go to Full Article
Graham Templeton

Cooking with Linux (without a Net): Too Many Virtual Machines, i3 and ArcoLinux Redux

2 months 3 weeks ago

Please support Linux Journal by subscribing or becoming a patron.

On this week's "Cooking with Linux (without a Net)" show, Marcel learns, in as much as he can learn anything, that you can try to do too many things at once—especially when those things really don't all want to happen at the same time. Before I continue, let me point out that this is a recording of a live show that takes place every Tuesday at 12 noon, Eastern time. We cover lots of different ways to virtualize including VirtualBox, command-line kvm, the dangers of not getting permission, AQemu, GNOME boxes, virt-manager, Xen and lots more. We also give ArcoLinux another shot and in that process, bite off a desktop environment that Marcel knows nothing about, i3.

Cooking with Linux
Marcel Gagné

Eclipse Photon Now Available, Mercedes-Benz Vans Using Automotive Grade Linux, Enso Open-Source Project for Machine Learning, Tails 3.8 Released and More

2 months 3 weeks ago

News briefs for June 27, 2018.

Eclipse Photon, "a quantum leap for computing", launched this morning. This release "delivers native Eclipse IDE experiences for Rust and C# through Language Server based plugins". In addition, other key highlights are "support for building, debugging, running and packaging Rust applications with full Eclipse IDE user experience"; "C# editing and debug capabilities"; "support for building Java 10 and Java EE 8 based applications out of the box"; and "dark theme improvements in text colors, background color, popup dialogs, mark occurrences, and more". See the release notes for all the "new and noteworthy" details, and go here for downloads.

Tails, the amnesic incognito live system, has released version 3.8. This new version fixes several security holes that affect Tails 3.7.1, so users are urged to update as soon as possible. New features include updated Enigmail 2.0.7 and a fix for importing OpenPGP keys from email attachments. See the release notes for more details and download links.

Sailfish for Gemini Community version is now available. Sailfish teamed up with Planet Computers to bring the Sailfish OS to the Gemini PDA device, and Jolla and Planet have both tested and verified the new community edition of Sailfish OS 2.1. The announcement notes that "as it's a community initiative, the version is still somewhat limited, but essential features are supported. With this version you won't yet get software updates or support for Android apps. Also the overall support is limited to our community's efforts."

Mercedes-Benz Vans has adopted the Automotive Grade Linux open platform, automotiveIT reports. The company plans to use the OS in its upcoming commercial vehicles, the first of which will be seen in prototype later this year. Thomas Wurdig, head of onboard system architecture and IoT, Mercedes-Benz Vans, stated "Using a standardized, open operating system like AGL enables us to rapidly develop new commercial vehicle use cases such as robotic delivery, data analytics, and prediction and automation technologies."

Indico yesterday launched the Enso open-source project for machine learning, a Python-based, open-source library package, which "simplifies the benchmarking of transfer learning methods for natural language". Enso is available from GitHub. According to the press release, Enso "provides machine learning engineers and software developers with a standard interface and useful tools for the fair comparison of varied feature representations and target task models".

News Eclipse Tails Security Automotive Sailfish Enso Machine Learning python
Jill Franklin

Embracing Snaps: an Interview with Canonical and Slack

2 months 3 weeks ago
by Petros Koutoupis

This year was a big one for companies like Canonical and Slack. It also was a big year for technologies that Canonical created to enable third-party application support—specifically, the snap package.

I'm sure most, if not all, of you have heard about this package manager. In fact, it's been around since at least 2014, but it initially was developed around Canonical's Ubuntu phone operating system. Now, although the phone operating system has since been canceled, snaps continue to dominate the operating system, in both the server and desktop space.

What Is a Snap?

A "snap" application package is a self-contained piece of software, and although it originally was designed to be hosted on Ubuntu, the package will work across a range of other Linux distributions. This isn't your traditional APT or YUM manager hosting DEB and RPM (or other) package formats.

Again, the appeal to snap packages is that they are self-contained (that is, containerized). They are designed to auto-update and are safe to run. A snap package is bundled with its dependencies, which is what allows it to run on all other major Linux distribution without any modification. It also doesn't have any dependency to any package manager or application store. But, don't misunderstand this—a package manager or application store still can host one or more snap packages; however, the snap package is not dependent to that manager.

Snapcraft is the official tool for software developers to package their software programs in a Snap format.

Sitting Down with Canonical and Slack

Earlier this year on January 18th, Canonical announced the first iteration of Slack as a snap. But, why was this announcement so important? I recently had the pleasure of sitting down with Evan Dandrea of Canonical and Felix Riesberg of Slack. They gave me the answers I was looking for.

Evan's team at Canonical builds the platform to make everyone's life easier—that is, Snapcraft. And Felix's team leverages that very same platform to bring wonderful applications, such as Slack, to your Linux desktop.

First, for those not familiar with Slack, it's an enterprise software platform that allows teams and businesses (of all sizes) to communicate effectively. It's organized, easily accessible, and more important, it allows for better and more efficient communication than email. Slack isn't limited to just professional use; it also can be adopted for more personal uses.

The Interview

Petros Koutoupis: Why snap?

Go to Full Article
Petros Koutoupis

EFF Launches STARTTLS Everywhere, GitLab Moving from Azure to Google Cloud, Firefox 61.0 Released, SUSE Linux Enterprise 15 Now Available and More

2 months 3 weeks ago

News briefs for June 26, 2018.

The EFF yesterday announced the launch of STARTTLS Everywhere, "EFF's initiative to improve the security of the email ecosystem". The goal with STARTTLS is "to do for email what we've done for web browsing: make it simple and easy for everyone to help ensure their communications aren't vulnerable to mass surveillance." You can find out how secure your current email provider is at https://www.starttls-everywhere.org, and for a more technical deep dive into STARTTLS Everywhere, go here.

GitLab announced yesterday that it is moving from Azure to Google Cloud. GitLab claims the decision to switch to Google Cloud is "because of our desire to run GitLab on Kubernetes. Google invented Kubernetes, and GKE has the most robust and mature Kubernetes support." The migration is planned for Saturday, July 28, 2018, and GitLab will utilize its Geo product for the migration.

Mozilla announced the release of Firefox version 61.0 today. New features include "faster page rendering with Quantum CSS improvements and the new retained display list feature", "faster switching between tabs on Windows and Linux", "convenient access to more search engines", improved security with "on-by-default support for the latest draft of the TLS 1.3 specification" and much more. See the release notes for all the details.

SUSE Linux Enterprise 15, "a multimodal operating system that bridges traditional data center technologies with software-defined infrastructure", was announced yesterday. Some new features include a unified intaller, installation without network using Packages media, migration from openSUSE Leap to SUSE Linux Enterprise Server. SUSE Linux Enterprise 15 also includes major updates to the software selection with Salt, Python 3 and Directory Server. See the release notes for more information.

Oracle has new patches for Spectre and the Lazy FPU issue, ZDNet reports. The fix addresses CVE-2018-3640 (Spectre variant 3a) and CVE-2018-3639 (Spectre variant 4). The fix for Spectre version 4 requires both software and microcode updates, while the fix for version 3a requires only microcode updates. In addition, "Oracle has also released updates for Red Hat Compatible Kernel (RHCK) to address CVE-2018-3665, the Lazy FPU issue that affects operating systems and VMs running on x86 microprocessors."

News eff Security GitLab Kubernetes Firefox Mozilla SUSE Oracle Spectre
Jill Franklin

Microsoft Buys GitHub: Three Weeks Later

2 months 3 weeks ago
by Marcel Gagné

I heard that Microsoft would be buying GitHub just a couple days before it happened when Carlie Fairchild at Linux Journal told me about it. I replied to the news with a solid, “Get! Out!” Needless to say, I had my doubts. As someone who remembers all too well the “Embrace, extend and extinguish" days of Microsoft, the news of this latest embrace did, however briefly, bring back those old memories. When I was asked what I thought, I answered that the optics were bad.A lot of years have passed since, back in 2001, Steve Ballmer declared Linux to be a cancer. These days, Microsoft loves Linux. It says so right on its website. Two years ago, Steve Ballmer also proclaimed his love for Linux. In 2018, Microsoft has its own distribution that it uses in its Azure cloud. Microsoft includes several different flavors of Linux in its app store (the Windows Subsystem for Linux), all of which can be installed on Windows 10. Microsoft develops for Linux. Heck, Microsoft even contributes to the Linux kernel.

The reason I felt the optics were bad is that Microsoft has spent the last few years going out of its way to paint itself as a friend to Linux and open source. This, I thought, can only be seen as a bad move. Well, it’s been three weeks, more or less, since the the acquisition became official, to the tune of $7.5 billion US. What happened?

For starters, Jim Zemlin, the Executive Director of the Linux Foundation, praised the Microsoft acquisition of GifHub, suggesting that it could be a good thing for everyone. Former open-source star and the new CEO of GitHub, Nat Friedman, did an AMA on Reddit to reassure developers of open-source software that they had nothing to fear from the new landlords.

Linus Torvalds, the creator of the Linux kernel and git itself, didn’t comment directly, but he has been critical of GitHub in the past, so perhaps it doesn’t change anything for him. Besides, the kernel is primarily housed on a private git server, and GitHub is just a public mirror for the code.

That didn’t stop some number of open-source developers from swearing off GitHub and looking for other places to host their projects. GitLab, a minor competitor to GitHub, seemed poised to be the natural beneficiary of this move. In a Twitter post dated June 3rd, it cited that its GitHub to GitLab conversion rate was running at ten times normal.

Go to Full Article
Marcel Gagné

Perl Version 5.28.0 Now Available, Linus Torvalds' "Small Rant" on rc2 Release Statement, Ubuntu's First User Data Report and More

2 months 3 weeks ago

News briefs for June 25, 2018.

Perl version 5.28.0 has been released. According to LWN.net, highlights of this release, which was 13 months in the making with approximately 730,000 lines of changes, include "Unicode 10.0 support, string- and number-specific bitwise operators, a change to more secure hash functions, and safer in-place editing." See the full list of changes here.

Linus Torvalds took issue with kernel developers this weekend regarding "fixes" in his rc2 release statement: "So please, people, the 'fixes' during the rc series really should be things that are _regressions_. If it used to work, and it no longer does, then fixing that is a good and proper fix. Or if something oopses or has a security implication, then the fix for that is a real fix." He went on to say, "But if it's something that has never worked, even if it 'fixes' some behavior, then it's new development, and that should come in during the merge window. Just because you think it's a 'fix' doesn't mean that it really is one, at least in the 'during the rc series' sense." Other than that, regarding the rc2 release, he said "Things look fairly sane, it's not really all that scary."

Systemdv239 was released last week. LWN reports that "A new system.conf setting NoNewPrivileges= is now available which may be used to turn off acquisition of new privileges system-wide (i.e. set Linux' PR_SET_NO_NEW_PRIVS for PID 1 itself, and thus also for all its children). Note that turning this option on means setuid binaries and file system capabilities lose their special powers. While turning on this option is a big step towards a more secure system, doing so is likely to break numerous pre-existing UNIX tools, in particular su and sudo."

Ubuntu started collecting user data with version 18.04 (users can opt out during the install), and the first report is now available. According to the report, 67% of users opt in, installation takes 18 minutes, most people are installing from scratch instead of upgrading and having a single CPU is most common. In addition, the report reveals that although the US has the highest concentration of users, Brazil, India, China and Russia also are big Ubuntu users.

Oracle has started charging for Java SE and support. According to The Register, the cost for the "Java subscription" is "$25 per processor per month, and $2.50 per user per month on the desktop, or less if you buy lots for a long time." The article notes that "If you like your current Java licences, Oracle will let you keep them." But also that "come January 2019 Java SE 8 on the desktop won't be updated any more...unless you buy a sub."

News Perl kernel Linus Torvalds systemd Ubuntu Oracle Java
Jill Franklin

Building a Voice-Controlled Front End to IoT Devices

2 months 3 weeks ago
by Michael J. Hammel

Apple, Google and Amazon are taking voice control to the next level. But can voice control be a DIY project? Turns out, it can. And, it isn't as hard as you might think.

Siri, Alexa and Google Home can all translate voice commands into basic activities, especially if those activities involve nothing more than sharing digital files like music and movies. Integration with home automation is also possible, though perhaps not as simply as users might desire—at least, not yet.

Still, the idea of converting voice commands into actions is intriguing to the maker world. The offerings from the big three seem like magic in a box, but we all know it's just software and hardware. No magic here. If that's the case, one might ask how anyone could build magic boxes?

It turns out that, using only one online API and a number of freely available libraries, the process is not as complex as it might seem. This article covers the Jarvis project, a Java application for capturing audio, translating to text, extracting and executing commands and vocally responding to the user. It also explores the programming issues related to integrating these components for programmed results. That means there is no machine learning or neural networks involved. The end goal is to have a selection of key words cause a specific method to be called to perform an action.

APIs and Messaging

Jarvis started life several years ago as an experiment to see if voice control was possible in a DIY project. The first step was to determine what open-source support already existed. A couple weeks of research uncovered a number of possible projects in a variety of languages. This research is documented in a text document included in the docs/notes.txt file in the source repository. The final choice of a programming language was based on the selection of both a speech-to-text API and a natural language processor library.

Since Jarvis was experimental (it has since graduated to a tool in the IronMan project), it started with a requirement that it be as easy as possible to get working. Audio acquisition in Java is very straightforward and a bit simpler to use than in C or other languages. More important, once audio is collected, an API for converting it to text would be needed. The easiest API found for this was Google's Cloud Speech REST API. Since both audio collection and REST interfaces are fairly easy to handle in Java, it seemed that would be the likely choice of programming language for the project.

Go to Full Article
Michael J. Hammel

Weekend Reading: FOSS Projects

3 months ago
by Carlie Fairchild

FOSS Project Spotlights provide an opportunity for free and open-source project team members to show Linux Journal readers what makes their project compelling. 

 

FOSS Project Spotlight: LinuxBoot

by David Hendricks

Linux as firmware.

The more things change, the more they stay the same. That may sound cliché, but it's still as true for the firmware that boots your operating system as it was in 2001 when Linux Journal first published Eric Biederman's "About LinuxBIOS". LinuxBoot is the latest incarnation of an idea that has persisted for around two decades now: use Linux as your bootstrap.

 

FOSS Project Spotlight: CloudMapper, an AWS Visualization Tool

by Scott Piper

Duo Security has released CloudMapper, an open-source tool for visualizing Amazon Web Services (AWS) cloud environments.

When working with AWS, it's common to have a number of separate accounts run by different teams for different projects. Gaining an understanding of how those accounts are configured is best accomplished by visually displaying the resources of the account and how these resources can communicate. This complements a traditional asset inventory.

 

FOSS Project Spotlight: Ravada

by Francesc Guasch

Ravada is an open-source project that allows users to connect to a virtual desktop.

Currently, it supports KVM, but its back end has been designed and implemented in order to allow future hypervisors to be added to the framework. The client's only requirements are a web-browser and a remote viewer supporting the spice protocol.

 

FOSS Project Spotlight: WallpaperDownloader

by Eloy Garcia Almaden

Go to Full Article
Carlie Fairchild

Ubuntu 16.04 LTS Now Certified on Select Intel NUC Mini PCs and Boards for IoT Development, LibreOffice 6.0.5 Now Available, Git 2.8 Released and More

3 months ago

News briefs for June 22, 2018.

Canonical yesterday announced that Ubuntu 16.04 LTS is certified on select Intel NUC Mini PCs and boards for IoT development. According to the Ubuntu blog post, this pairing "provides benefits to device manufacturers at every stage of their development journey and accelerates time to market." You can download the certified image from here.

In other Canonical news, yesterday the company released a microcode firmware update for Ubuntu users with AMD processors to address the Spectre vulnerability, Softpedia reports. The updated amd64-microcode packages for AMD CPUs are available for Ubuntu 18.04 LTS (Bionic Beaver), Ubuntu 17.10 (Artful Aardvark), Ubuntu 16.04 LTS (Xenial Xerus), and Ubuntu 14.04 LTS (Trusty Tahr), "all AMD users are urged to update their systems."

The Document Foundation announces the release of LibreOffice 6.0.5 this morning. This release "still represents the bleeding edge in terms of features—and as such is targeted at early adopters, tech-savvy and power users—but is also ready for mainstream users and enterprise deployments." You can download LibreOffice here.

Git 2.18 was released yesterday, Phoronix reports. Besides several other improvements and bug fixes, the most significant new feature is the introduction of the wire protocol (protocol_v2), which is "designed to be much faster and is already being used at Google and elsewhere due to the significant performance benefits". See the release announcement for all the details.

Google's Measure recently received a much needed update, and the app is now available for all ARCore-compatible phones running Android 7.0 and up. According to the Engadget post, "Measure enables you to estimate the length, width and areas of items in the natural word (by dragging specially designed tools) and save images of them for future reference."

News Canonical Ubuntu Spectre IOT LibreOffice git Google Android
Jill Franklin

Drawing Feynman Diagrams for Fun and Profit with JaxoDraw

3 months ago
by Joey Bernard

I've been covering chemistry software in my last few articles, so this time, I decided to move to physics and introduce a package called JaxoDraw. In physics, there's a powerful technique for visualizing particle interactions at the quantum level. This technique uses something called Feynman diagrams, invented by physicist Richard Feynman. These diagrams help visualize what happens when one or more particles have some kind of interaction. I say one or more because a single particle could spontaneously kick out other particle/anti-particle pairs and then swallow them back up again. Needless to say, quantum physics is weird.

When first developed, theoretical physics was mostly done either with pen and paper or on a chalkboard. Not much thought was given as to how you could render these drawings within a document being written on a computer. JaxoDraw is meant to help fill in that gap in document layout and provide the ability to render these drawings correctly and give output you can use in your own documents.

JaxoDraw is written in Java, so it should run under almost any operating system. Unfortunately, it isn't likely to be in the package repository for most distributions, so you'll need to download it from the project's website. But, because it's packaged as a jar file, it's relatively easy to run.

Download the binary package, unpack it on your machine, and then you'll want to open a terminal and change directory to the location where you unpacked JaxoDraw. You can start it simply by typing the following:

java -jar jaxodraw-2.1.0.jar

This opens a blank workspace where you can start your diagram. On the left-hand side of the window, you'll see a palette of all of the available drawing elements that you can use to generate your diagram.

Figure 1. When you first open JaxoDraw, you see a blank workspace where you can start diagramming your quantum particle interaction.

To see what's involved, let's draw an electron interacting with a photon. This happens when energy is absorbed or emitted by an electron. Since you're looking at an interaction, you'll want to start by selecting the vertex button from the palette and then draw one in the window. Coming into this vertex will be a fermion line for the electron and a photon line for the incoming electromagnetic energy. The interaction happens at the vertex, with a second fermion line coming out the other end. You can continue adding more elements, including loops or bezier lines, and you also have the choice of other particle types, such as scalar particles, ghost particles or gluons.

Go to Full Article
Joey Bernard

The EU Parliament Legal Affairs Committee Vote on Directive on Copyright, David Clark Cause and IBM's Call for Code, Equus' New WHITEBOX OPEN Server Platform and More

3 months ago

News briefs for June 21, 2018.

Yesterday the European Parliament Legal Affairs Committee voted in favor of "the most harmful provisions of the proposed Directive on Copyright in the Digital Single Market", Creative Commons reports. The provisions include the Article 11 "link tax", which requires "anyone using snippets of journalistic content to first get a license or pay a fee to the publisher for its use online." The committee also voted in favor of Article 13, which "requires online platforms to monitor their users' uploads and try to prevent copyright infringement through automated filtering." There are still several steps to get through before the Directive is completely adopted. See EDRi for more information.

This week IBM and creator David Clark Cause announced the Call for Code, which "aims to unleash the collective power of the global open source developer community against the growing threat of natural disasters." See also here for more information on how to answer the Call for Code and "create applications that improve disaster preparedness, build resilient communities, and safeguard the health and well-being of individuals and institutions."

Equus Compute Solutions recently announced the release of its new WHITEBOX OPEN family of servers and storage solutions that are "custom, cost-optimized open-hardware platforms". The WHITEBOX OPEN servers use OpenBMC (the open-source implementation of the Baseboard Management Controller firmware stack), coreboot and LinuxBoot to customize the server BIOS and OCP slots that accommodate multi-vendor network cards.

Google added a Guest app to its Fuchsia OS. According to the Linux.com post, the app enables Linux apps to run within Fuchsia as a virtual machine, using a library called Machina "that permits closer integration with the OS than is available with typical emulators."

Crate.io launched a commercial Machine Data Platform, as well as a new version of its open-source SQL database for the Internet of Things and machine data, Linux Insider reports. CrateDB 3.0 features faster performance, enhanced security and "gives mainstream SQL developers access to machine data applications that previously were available only with NoSQL solutions."

News EU IBM Community Servers Hardware Google IOT
Jill Franklin

The LJ Password Generator Tool

3 months ago
by Dave Taylor

Mnemonic passwords generally stink. A random sequence of letters, digits and punctuation is more secure—just don't write down your passwords, like the knucklehead antagonist does in Ready Player One!

In the password generating tool from my last article, at its most simple, you specify the number of characters you want in the password, and each is then chosen randomly from a pool of acceptable values. With the built-in RANDOM in the Linux shell, that's super easy to do:

okay="abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ" okay="${okay}0123456789<>/?,>;:[{]}\|=+-_)(^%$#@!~ length=10 ltrs=${#okay} while [ $length -ge 0 ] do letter="${okay:$RANDOM % $ltrs:1}" result="$result$letter" length=$(( $length - 1 )) done echo "Result: $result"

In the actual script, I set okay to a single value rather than build it in two steps; this is just for formatting here online. Otherwise, ltrs is set to the length of $okay as a speedy shortcut, and the result is built up by using the string slicing syntax of:

${variable:indexlocation:length}

To extract just the fourth character of a string, for example, ${string:4:1}, this works fine and is easy. The result speaks for itself:

$ sh lazy-passwords.sh Result: Ojkr9>|}dMr

And, a few more:

Result: Mi8]TfJKVaH Result: >MWvF2D/R?r Result: h>J6\p4eNPH Result: KixhCFZaesr

Where this becomes a more complex challenge is when you decide you don't want to have things randomly selected but instead want to weight the results so that you have more letters than digits, or no more than a few punctuation characters, even on a 15–20 character password.

Which is, of course, exactly what I've been building.

I have to admit that there's a certain lure to making something complex, if nothing else than just to see if it can be done and work properly.

Adding Weight to Letter Choices

As a result, the simple few lines above changed to this in my last article:

Go to Full Article
Dave Taylor

Facebook Open-Sources BOLT, Google Introduces VR180 Creator for Linux, 2018 Open Source Job Report Now Available and More

3 months ago

News briefs for June 20, 2018.

Facebook yesterday announced it is open-sourcing BOLT, its "binary optimization and layout tool that accelerates large-scale applications". According to the Facebook post, "BOLT optimizes placement of instructions in memory, thereby reducing CPU execution time by 2 percent to 15 percent. Unlike previous tools to address instruction starvation, BOLT works with applications built by any compiler, including GCC or Clang. Today, we are open-sourcing BOLT so that engineers everywhere can use it alongside complementary technologies like AutoFDO to achieve performance gains for their apps."

Google recently introduced VR180 Creator for Mac and Linux. This new tool makes it easy to create and edit high-quality VR videos. To learn more about VR180 Creator, visit here, and to download, go here.

The 2018 Open Source Job Report is now available from The Linux Foundation and Dice. Some key findings include: "Linux is back on top as the most in-demand open source skill category, making it required knowledge for most entry-level open source careers" and "Containers are rapidly growing in popularity and importance, with 57% of hiring managers seeking that expertise, up from only 27% last year."

openSUSE Tumbleweed has three new snapshots this week, adding a bunch of improvements for KDE users—most notably, the update to Plasma 5.13. In addition, the Linux kernel updated from 4.16.12 to 4.17.1 and fixed some btrfs and KVM issues. See the openSUSE blog post for a description of all the updates.

Keepsafe yesterday launched a privacy-focused mobile browser. According to the TechCrunch post, you can lock the browser with a PIN or use Touch ID, Face ID or Android Fingerprint. You also can block social, advertising and analytics trackers, but still allow caching and cookies, or you can open a private tab, which erases everything as soon as you close it. The browser is available for free on Android or iOS.

News Facebook Application Development Google Audio/Video openSUSE KDE Plasma Privacy Mobile Android
Jill Franklin

Open Hardware: Good for Your Brand, Good for Your Bottom Line

3 months ago
by VM Brasseur

With the rise of IoT, we're inside a short window where "open" is a strong differentiator for hardware products. Is your company ready to take advantage of it?

I don't know how to put this, but Hardware is kind of a Big Deal, and thanks to the Internet of Things (aka IoT), it's getting bigger every year. The analyst firm IDC expects spending on IoT to reach nearly $800 billion USD by the end of 2018. A study by Intel shows that by 2025, the global worth of IoT technology might be as high as more than $6 trillion USD; whereas Forbes reports that the global market could be nearly $9 trillion USD in 2020.

These statistics are based on the traditional model of closed design and development of the chips, boards and objects that will make these devices a reality. However, what if hardware developers were to learn from and leverage the popularity of free and open-source software (aka FOSS)? What if the future of IoT were Open? It's my belief that the device developers who apply the lessons of FOSS to hardware development will be those best positioned to become the powerhouses of that $9 trillion market. Similarly to software, open hardware will be seen first as a differentiator (rather than an eccentricity) and later, as the industry matures, as the default operating mode for hardware development.

Go to Full Article
VM Brasseur

Cooking with Linux (without a Net): Video editing on Linux using Kdenlive and ArcoLinux, too!

3 months ago

Please support Linux Journal by subscribing or becoming a patron.

It's another Tuesday and another excuse to sip some red while doing some live Linux and open-source experimentation. Yes, it's time for Cooking with Linux (without a Net), and on today's show, I'll show you how to edit a video using the Kdenlive video editor, how to trim said video, adjust audio, fade between clips and apply all sorts of fun effects. Then, I'll show you how to turn that masterpiece into a video format suitable for uploading to YouTube! All of it live, on camera, and without the benefit of post video editing—therefore providing a high probability of falling flat on my face. Once we're done doing art, I'll try out ArcoLinux, another distribution you've probably never heard of, and I'll go through the installation for you. If it wasn't already obvious, this is a pre-recorded video of a live show.

Cooking with Linux Audio/Video Distributions
Marcel Gagné

Red Hat Launches Process Automation Manager 7, Brackets Editor Releases Version 1.13, Qt Announces New Patch Release and More

3 months ago

News briefs for June 19, 2018.

Red Hat today launched Red Hat Process Automation Manager 7, which is "a comprehensive, cloud-native platform for developing business automation services and process-centric applications across hybrid cloud environments". This new release expands some key capabilities including cloud native application development, dynamic case management and low-code user experience. You can learn more and get started here.

The free, open-source Brackets editor, which focuses on web development/design, released version 1.13 of its code editor this week. Linux Uprising reports that the new release features "the ability to opening remote files, drag and drop support for the FileTreeFiew, an option to automatically update Brackets, and bug fixes". See also the release notes on GitHub for more info.

Qt announced the release of version 5.11.1 today. This release is the first patch release for the 5.11 series and doesn't include any new functionality, but it does provide more than 150 bug fixes and 700 important changes. See the Change Files page for details.

Today, June 19th, has been declared FreeBSD Day. Visit the website for information on ways you can help them celebrate this 25th anniversary.

Happy Birthday to It's FOSS! Visit the website for giveaways and more details on It's FOSS's 6th birthday celebration.

News Red Hat Cloud Web Development qt FreeBSD
Jill Franklin

Removing All Syscall Invocations from Kernel Space

3 months ago
by Zack Brown

There's an effort under way to reduce and ultimately remove all system call invocations from within kernel space. Dominik Brodowski was leading this effort, and he posted some patches to remove a lot of instances from the kernel. Among other things, he said, these patches would make it easier to clean up and optimize the syscall entry points, and also easier to clean up the parts of the kernel that still needed to pretend to be in userspace, just so they could keep using syscalls.

The rationale behind these patches, as expressed by Andy Lutomirski, ultimately was to prevent user code from ever gaining access to kernel memory. Sharing syscalls between kernel space and user space made that impossible at the moment. Andy hoped the patches would go into the kernel quickly, without needing to wait for further cleanup.

Linus Torvalds had absolutely no criticism of these patches, and he indicated that this was a well desired change. He offered to do a little extra housekeeping himself with the kernel release schedule to make Dominik's tasks easier. Linus also agreed with Andy that any cleanup effort could wait—he didn't mind accepting ugly patches to update the syscall calling conventions first, and then accept the cleanup patches later.

Ingo Molnar predicted that with Dominik's changes, the size of the compiled kernel would decrease—always a good thing. But Dominik said no, and in fact he ran some quick numbers for Ingo and found that with his patches, the compiled kernel was actually a few bytes larger. Ingo was surprised but not mortified, saying the slight size increase would not be a showstopper.

This project is similar—although maybe smaller in scope—to the effort to get rid of the big kernel lock (BKL). In the case of the BKL, no one could figure out for years even how to begin to replace it, until finally folks decided to convert all BKL instances into identical local implementations that could be replaced piecemeal with more specialized and less heavyweight locks. After that, it was just a question of slogging through each one until finally even the most finicky instances were replaced with more specialized locking code.

Dominik seems to be using a similar technique now, in which areas of the kernel that still need syscalls can masquerade as user space, while areas of the kernel that are easier to fix get cleaned up first.

Note: if you're mentioned above and want to post a response above the comment section, send a message with your response text to ljeditor@linuxjournal.com.

Go to Full Article
Zack Brown