Linux Journal

Mozilla's Common Voice Project Now Multilingual, Victory at Sea Pacific Coming Soon to Linux, Thunar 1.8 Released and More

3 months 2 weeks ago

News briefs for June 7, 2018.

Mozilla yesterday announced that its Common Voice project, which is crowdsourcing a large dataset of human voices for use in speech technology, will now be multilingual. You currently can donate your voice in German, French and Welsh, and Mozilla will be adding 40+ languages soon.

Victory at Sea Pacific, a new game announced on Twitter by Evil Twin Artworks, is coming soon to Linux. The game lets you "engage in tactical search and destroy naval warfare across WWII's Pacific ocean in this huge open world Real Time Strategy." See also a story on GamingOnLinux for more details.

Thunar 1.8, the latest stable release of Xfce's desktop file manager, is now available, Phoronix reports. Thunar 1.8 is now finally running fully on GTK3, and it "also features a completely revised pathbar, GOjbect introspection support, styling updates, and a variety of other changes". See the release notes for more information.

Bugcrowd made its 2018 Bugcrowd State of Bug Bounty Report available yesterday. Bugcrowd notes that during the past year there's been "an increase of 21% in total vulnerabilities reported, and an increase of 36% in total bug bounty payouts". The report promises a "deep dive into the most common and emerging vulnerabilities found over the past year".

Drupalgeddon2 continues. Ars Technica reports that more than 115,000 university, government and media websites "remained wide open to hacker takeovers because they hadn't installed critical patches released 10 weeks ago", according to security researcher Troy Mursch earlier this week. A different researcher noted that "many of the sites were already compromised and were being used to surreptitiously mine cryptocurrencies or push malware on unsuspecting visitors".

News Mozilla gaming Desktop Security Drupal
Jill Franklin

Enter Jakarta EE: an Inoculation Against Fear, Uncertainty and Doubt in the Java Community

3 months 2 weeks ago
by Dennis Gesker

Why I stopped worrying and learned to love changes in governance and branding.

Developers can be passionate about the tools and languages they use for development. This passion is a double-edged knife. It can foster growth of the technology's adoption and inspire the direction of energy into the language that one has chosen to advocate. The passion might also scare off those who wish to use the language or are just entering the field, particularly when the opposing view is exaggerated, incorrect or out of date with the current state of the technology. This latter scenario injects (often unintentionally) into the dialogue regarding the technology in question Fear, Uncertainty and Doubt (FUD).

Java Recap

Java was introduced in the mid-1990s. Issues inherent to the technology and the governance of the technology have been numerous through the years. Many of the issues raised have been valid and significant. Others, not so much. There have been issues with speed, floating-point arithmetic, handling of unsigned numbers and so on. Most of those technical issues have been addressed as the language matured. Java recall is a catch-all for the base language, facilities that support the language (the JVM), its licensing and brand management in general. Also, the legal kerfuffle between Oracle and Google being notable and having spanned a number of years certainly opened the door for both legitimate and exaggerated FUD.

Many of the above performance and security issues have been addressed by software engineers in maintenance and full revision development releases. Indeed, the language continues to evolve, and even as version 8 of the platform seems to have hit its stride, version 9 reached general availability this past September, and the community of developers that rely on this language and facilities seem anecdotally well into experimentation and adoption. With version 9 still a pretty fresh and current release, version 10 already has reached its release candidate stage. Some Java issues have been addressed as the governance model evolved, legal issues resolved and license issues clarified. It did seem for a while various projects could have led to a fracture: IcedTea, Harmony and so on. However, these big players actively supporting and backing the OpenJDK project, bringing their side efforts, engineers and brand prestige with them, deserve a lot of credit for the acceleration and advancement of Java SE in recent years.

Recent Movement

One area that has been a recent hotbed of movement, discussion and, yes, a source for the generation of FUD, is the Enterprise Edition of Java. So, just what is all the hubbub?

Go to Full Article
Dennis Gesker

Kubernetes, Four Years Later, and Amazon Redefining Container Orchestration

3 months 2 weeks ago
by Petros Koutoupis

Well, here we are. Kubernetes turns four years old this month—technically, on June 7, 2018—the very same platform that brings users and data center administrators scalable container technologies. Its popularity has skyrocketed since its initial introduction by Google. Celebrating the project’s birthday is not the only thing making the headlines today. Amazon recently announced the general availability of its Elastic Container Services for Kubernetes (EKS), accessible via Amazon Web Services (AWS).

Once upon a time, it wasn’t a simple task to orchestrate and manage containers in the cloud. Up until this recent EKS announcement, it was up to the administrator to spin up a virtual machine through an Elastic Cloud Compute (EC2) service, run Kubernetes on top of a traditional Linux server installation in EC2 and rely on other AWS moving components to host the container image registry. The entire process was very involved. Not any more!

The excitement doesn’t end there. Companies like Heptio (co-founded by the folks who gave us Kubernetes, Craig McLuckie and Joe Beda) have positioned themselves to enhance the user experience around the Kubernetes technology by producing products and services to simplify and scale the Kubernetes ecosystem. The Heptio Kubernetes Subscriptions (HKS) package offerings help users run Kubernetes in AWS EKS, EC2 or on-premises.

Visit Amazon's EKS product page and Heptio's company website to learn more.

Go to Full Article
Petros Koutoupis

Marcel Breaks Time, Converts Documents to Ebooks and More on Cooking with Linux (without a Net)

3 months 2 weeks ago

Please support Linux Journal by subscribing or becoming a patron.

Today on Cooking with Linux (without a Net), I do my best to break time, see what I can do about converting some difficult documents to ebooks, and show off another distribution you've never heard of. Hint: it's named after a lizard. Oh, and there's a super secret secret embedded somewhere in the video. Oooh! Aaah! For the record, this is a prerecorded video of a live show, the Tuesday live Linux Journal show, to be exact, where I do some live Linuxy and open-source stuff, live, on camera, and without the benefit of post video editing, therefore providing a high probability of falling flat on my face.

Cooking with Linux
Marcel Gagné

Streamlio Announces Apache Pulsar 2.0, Red Hat Launches Buildah 1.0, Firefox Experimenting with Two New Projects and More

3 months 2 weeks ago

News briefs for June 6, 2018.

Streamlio, "the intelligent platform for fast data", today announces the availability of Apache Pulsar 2.0, which is an "open-source distributed pub-sub messaging system originally created at Yahoo and now part of the Apache Software Foundation". This release "adds new capabilities to Apache Pulsar that support easy development and deployment of modern data-driven applications and demonstrate the maturity and enterprise-class capabilities of Pulsar while delivering significantly better performance, scalability and durability than older messaging platforms such as Apache Kafka, as verified in real-world OpenMessaging benchmark tests." For more info, see the Streamlio blog post. Streamlio will be demonstrating the new functionality in Pulsar 2.0 at booth S8 at the upcoming Data Works Summit in San Jose, CA, June 17–21.

Red Hat announced the launch of Buildah 1.0 today. Buildah is a command-line utility that "provides only the basic requirements needed to create or modify Linux container images making it easier to integrate into existing application build pipelines". The container images Buildah builds are "OCI-compliant and can even be built using Dockerfiles. Buildah is a distillation of container development to the bare necessities, designed to help IT teams to limit complexity on critical systems and streamline ownership and security workflows."

Mozilla's Firefox is launching two new projects, Firefox Color and Side View, through its Test Pilot program. According to the TechCrunch article, Firefox Color is basically a theme editor that lets you do things like choose colors in your browser and set textures for the background. Side View lets you "use your widescreen monitor and display two tabs side-by-side inside the browser without having to open a second Firefox window." Both are available here, if you'd like to try them.

Take LinuxGizmos' fourth annual reader survey of open-spec, Linux- or Android-ready single board computers priced less than $200 for a chance to win one of 15 prizes. See LinuxGizmos.com for more info, or go straight to the survey here. Last year, Raspberry Pi 3 was the winner.

Purism has reaffirmed its plan to begin shipping the Librem 5 smartphone in January, Phoronix reports. The Librem 5 will be "the world's first community-owned smartphone ecosystem that gives users complete control over their mobile device".

News Apache Pulsar Big Data Red Hat Containers Mozilla Firefox Embedded Single-Board Computers Purism Mobile
Jill Franklin

FOSS Project Spotlight: WallpaperDownloader

3 months 2 weeks ago
by Eloy Garcia Almaden

Are you bored with the look of your desktop? Are the wallpapers that come with your distro enough for you? WallpaperDownloader is a graphical application that will help you customize your desktop and find wallpapers automatically.

WallpaperDownloader allows you to download, manage and change your favorite wallpapers from the internet. It is open source (GPL3) and totally free. Simply type in some keywords, enable the providers to include (up to six), select the download policy, and WallpaperDownloader does the rest.

WallpaperDownloader's main features include:

  • Users can select keywords for matching desired wallpapers across different sources.
  • Currently, six providers are implemented for searching.
  • Different download policies are implemented.
  • Preferred resolution for the search can be defined.
  • The maximum size for downloaded directories can be changed.
  • Wallpapers can be classified as favorites or not favorites.
  • Favorite wallpapers can be moved to another location with a single click. This is very nice if you have a directory for storing images (for example, a directory in Dropbox).
  • WallpaperDownloader is translated into English and Spanish so far.
  • It implements an automated "changer" for changing the wallpaper randomly every X minutes. You can define as many directories as you want.
  • A system tray icon is implemented (for desktop environments that support this feature) with quick actions.

Figure 1. Selecting Providers

Figure 2. WallpaperDownloader's Changer

Figure 3. Wallpaper Manager

Figure 4. WallpaperDownloader Info and Changelog

WallpaperDownloader supports several Desktop Environments: MATE, GNOME Shell, Cinnamon, Budgie, Pantheon, Unity, KDE Plasma 5.8 or greater and XFCE.

Installation

You can install WallpaperDownloader using different methods depending on your distribution.

Arch Linux

It is in the AUR repository. Just install it from there:

Go to Full Article
Eloy Garcia Almaden

THRONES OF BRITANNIA Coming to Linux June 7, Google Brings Linux App Support to Samsung's Chromebook Plus, Jailhouse v. 0.9 Now Available and More

3 months 2 weeks ago

News briefs for June 5, 2018.

Feral Interactive announced this morning that Thrones of Britannia is coming to Linux on June 7, 2018. Linux system requirements are as follows: OS = Ubuntu 18.04; processor = Intel Core i3-2100 or AMD equivalent; memory = 8GB of RAM; graphics = 2GB AMD R9 285 (GCN 3rd Gen and above), 2GB Nvidia 680 or better; storage = 15GB available space; in addition, it requires Vulkan AMD graphics cards; Mesa 18.0.0 or later (Mesa 18.0.4 is recommended); and Nvidia graphics cards require driver version 390.59 or later. You can pre-order it now from the Feral Store for $39.99, and you can watch the trailer here.

Google is now bringing Linux app support to Samsung's Chromebook Plus, The Verge reports. The story notes that "You'll have to opt-in to the developer-only build of Chrome OS, enable things labeled as beta and experimental, and then use the Terminal to install Linux apps." See also the quick How-To on Reddit to get started.

The Privacy Awareness Academy announced its "sponsorship of a new social media awareness campaign that is designed to educate business owners about the European Union's new GDPR". Dale Penn, Privacy Awareness Academy President, says "Our privacy awareness insights, combined with our web-based interactive employee training content will help businesses fortify their own human firewall."

The new version of partitioning hypervisor Jailhouse, version 0.9, was released yesterday. New features include introducing unit infrastructure to the hypervisor, simplifying build-time additions of complex features and improving the Linux loader command with better control over kernel vs. initramfs distance and more. You can download it from here.

Ubuntu's new server installer soon will support RAID and LAN bonding, Phoronix reports. The next point release is expected end of July.

News gaming Google Chromebook Ubuntu Hypervisor Servers Privacy GDPR
Jill Franklin

Data Privacy: Why It Matters and How to Protect Yourself

3 months 2 weeks ago
by Petros Koutoupis

When it comes to privacy on the internet, the safest approach is to cut your Ethernet cable or power down your device. But, because you can't really do that and remain somewhat productive, you need other options. This article provides a general overview of the situation, steps you can take to mitigate risks and finishes with a tutorial on setting up a virtual private network.

Sometimes when you're not too careful, you increase your risk of exposing more information than you should, and often to the wrong recipients—Facebook is a prime example. The company providing the social-media product of the same name has been under scrutiny recently and for good reason. The point wasn't that Facebook directly committed the atrocity, but more that a company linked to the previous US presidential election was able to access and inappropriately store a large trove of user data from the social-media site. This data then was used to target specific individuals. How did it happen though? And what does that mean for Facebook (and other social-media) users?

In the case of Facebook, a data analysis firm called Cambridge Analytica was given permission by the social-media site to collect user data from a downloaded application. This data included users' locations, friends and even the content the users "liked". The application supposedly was developed to act as a personality test, although the data it mined from users was used for so much more and in what can be considered not-so-legal methods.

At a high level, what does this all mean? Users allowed a third party to access their data without fully comprehending the implications. That data, in turn, was sold to other agencies or campaigns, where it was used to target those same users and their peer networks. Through ignorance, it becomes increasingly easy to "share" data and do so without fully understanding the consequences.

Getting to the Root of the Problem

For some, deleting your social-media account may not be an option. Think about it. By deleting your Facebook account, for example, you may essentially be deleting the platform that your family and friends choose to share some of the greatest events in their lives. And although I continue to throw Facebook in the spotlight, it isn't the real problem. Facebook merely is taking advantage of a system with zero to no regulations on how user privacy should be handled. Honestly, we, as a society, are making up these rules as we go along.

Go to Full Article
Petros Koutoupis

Back Up GitHub and GitLab Repositories Using Golang

3 months 2 weeks ago
by Amit Saha

Want to learn Golang and build something useful? Learn how to write a tool to back up your GitHub and GitLab repositories.

GitHub and GitLab are two popular Git repository hosting services that are used to host and manage open-source projects. They also have become an easy way for content creators to be able to invite others to share and collaborate without needing to have their own infrastructure setup.

Using hosted services that you don't manage yourself, however, comes with a downside. Systems fail, services go down and disks crash. Content hosted on remote services can simply vanish. Wouldn't it be nice if you could have an easy way to back up your git repositories periodically into a place you control?

If you follow along with this article, you will write a Golang program to back up git repositories from GitHub and GitLab (including custom GitLab installations). Being familiar with Golang basics will be helpful, but not required. Let's get started!

Hello Golang

The latest stable release of Golang at the time of this writing is 1.8. The package name is usually golang, but if your Linux distro doesn't have this release, you can download the Golang compiler and other tools for Linux. Once downloaded, extract it to /usr/local:

$ sudo tar -C /usr/local -xzf $ export PATH=$PATH:/usr/local/go/bin

Opening a new terminal and typing $ go version should show the following:

$ go version go version go1.8 linux/amd64

Let's write your first program. Listing 1 shows a program that expects a -name flag (or argument) when run and prints a greeting using the specified name. Compile and run the program as follows:

$ go build listing1.go $ ./listing1 -name "Amit" Hello Amit $ ./listing1 ./listing1 2017/02/18 22:48:25 Please specify your name using -name $ echo $? 1

If you don't specify the -name argument, it exits printing a message with a non-zero exit code. You can combine both compiling and running the program using go run:

$ go run listing1.go -name Amit 2017/03/04 23:08:11 Hello Amit

Listing 1. Example Program listing1.go

Go to Full Article
Amit Saha

Linux Mint 19 "Tara" Cinnamon Beta Released, GNU Linux-libre 4.17-gnu Kernel Now Available, NVIDIA Isaac Launches and More

3 months 2 weeks ago

News briefs for June 4, 2018.

Linux Mint 19 "Tara" Cinnamon BETA released today. Version 19 is a long-term release with support until 2023. New features include Timeshift, a new welcome screen and a revamped software manager. See the Release Notes for more info about the release and important links. And remember, this is a BETA release, so use it only for testing and be sure to report bugs to the Linux Mint team.

GNU Linux-libre 4.17-gnu kernel, which removes all non-free components from Linux, is now available. See the announcement for all the details.

NVIDIA today announced the availability of NVIDIA Isaac. Isaac is "a new platform to power the next generation of autonomous machines, bringing artificial intelligence capabilities to robots for manufacturing, logistics, agriculture, construction and many other industries." At the heart of Isaac is NVIDIA Jetson Xavier, "an AI computer for autonomous machines, delivering the performance of a GPU workstation in an embedded module under 30W."

Helm became its own standalone project last week, TechCrunch reports. Previously, it was a subproject of Kubernetes, but it's now a separate program as it doesn't always follow the same release schedule as Kubernetes. Helm allows you to package up a set of requirements into "charts", so you can repeat the installation process in a consistent way, this helps developers "benefit from the community, who could build Charts for common installation scenarios".

FreeBSD 11.2-RC1 is now available. This is the first RC build of the 11.2 release cycle, it includes a "fix to flush caches before initiating a microcode update on Intel CPUs", "Wake On LAN features for Ice Lake and Cannon Lake devices has been activated" and more.

News Distributions Linux Mint GNU Linux NVIDIA AI Kubernetes Cloud FreeBSD
Jill Franklin

Loading Arbitrary Executables as Kernel Modules

3 months 2 weeks ago
by Zack Brown

Alexei Starovoitov posted some patches to allow the kernel to load regular ELF binaries (aka plain executables) as kernel modules. These modules would be able to run user-mode helper routines instead of being absolutely confined to kernel space.

Alexei listed a variety of benefits for this. For one thing, as a user process, an ELF-based module could crash without bringing down the rest of the kernel. And although the ELF modules would run with root privileges, he said that a security breach would not lead directly into accessing the kernel's inner workings, but at least initially would be confined to userspace. The ELF module also could be terminated by the out-of-memory (OOM) killer, in case of need, or ended directly by a human administrator. It additionally would be feasible to subject ELF-based modules to regular userspace debugging and profiling, using the vast array of tools available for that.

Initially there were various technical questions and criticisms, but no one spoke out immediately against it. Linus Torvalds said he liked the feature, but he wanted one change: to make the type of module visible in the system logs. He said:

When we load a regular module, at least it shows in lsmod afterwards, although I have a few times wanted to really see module load as an event in the logs too. When we load a module that just executes a user program, and there is no sign of it in the module list, I think we *really* need to make that event show to the admin some way.

And he said specifically, "I do *not* want this to be a magical way to hide things."

Andy Lutomirski raised a pertinent question: why not just retool the modprobe program to handle ELF binaries as desired, rather than doing anything with kernel code at all? In other words, why couldn't this feature be implemented entirely outside the kernel?

But Linus replied:

The less we have to mess with user-mode tooling, the better.

We've been *so* much better off moving most of the module loading logic to the kernel, we should not go back in the old broken direction.

I do *not* want the kmod project that is then taken over by systemd, and breaks it the same way they broke firmware loading.

Keep modprobe doing one thing, and one thing only: track dependencies and mindlessly just load the modules. Do *not* ask for it to do anything else.

Right now kmod is a nice simple project. Lots of testsuite stuff, and a very clear goal. Let's keep kmod doing one thing, and not even have to care about internal kernel decisions like "oh, this module might not be a module, but an executable".

Go to Full Article
Zack Brown

Microsoft Reportedly Acquires GitHub

3 months 2 weeks ago
Image

Today Bloomberg reports GitHub was acquired by Microsoft, the announcement being made as early as Monday. "GitHub preferred selling the company to going public and chose Microsoft partially because it was impressed by Chief Executive Officer Satya Nadella, said one of the people, who asked not to be identified discussing private information." Bloomberg goes on to say, "Terms of the agreement weren’t known on Sunday. GitHub was last valued at $2 billion in 2015."

Microsoft, who was once generally opposed to open-source development, is now one of the biggest contributors to GitHub. 

Story developing.

Updated 4:48am GMT June 3, 2018

For those interested, we're compiling a list of some open-source GitHub alternatives. Please write others in the comment section. We'll update the story as verified alternatives come in.

Updated 3:37pm GMT June 4, 2018

Microsoft Acquires GitHub For $7.5 Billion.

 

 

Microsoft GitHub
Carlie Fairchild