KDE and Necuno Solutions Partner on the Open-Source Necuno Mobile, Fedora 27 Reaches End of Life, Artifact for Linux Now Available, Linux Goes to Mars and BlackArch Linux New Release

News briefs for November 30, 2018.

KDE and Necuno Solutions are partnering to offer Plasma Mobile on the Necuno Mobile, which is a device Necuno describes as "a truly open source hardware platform". From the KDE blog post: "With a focus on openness, security and privacy, the Necuno Mobile is built around an ARM Cortex-A9 NXP i.MX6 Quad and a Vivante GPU. According to Necuno, none of the closed firmware has access to the memory."

Fedora 27 has officially reached End of Life status, and its repositories will no longer receive security or bugfix updates. If you are still running Fedora 27, you should update now to Fedora 28 or 29.

The Artifact card game from Valve has officially been released for Linux. GamingOnLinux reports that this "exciting and addictive card game" is the "first Valve game to arrive with Linux support at release".

The CubeSat satellites that confirmed the successful landing of the Mars Insight lander on Mars earlier this week contained Gumxtix's Linux-driven Overo IronStorm-Y module and Caspa VL camera. According to Linux Gizmos, "the Mars Cube One (MarCO) satellites are the first CubeSats to have traveled beyond low Earth orbit. They also likely represent the farthest distance a Linux computer has traveled into space."

BlackArch Linux, the Penetration Testing Distribution, has just released new ISOs and OVA images. This release adds more than 150 new tools, includes a new version of installer and kernel 4.19.4. See the BlackArch Linux blog for the complete ChangeLog and download links.

The High-Performance Computing Issue

December cover

Since the dawn of computing, hardware engineers have had one goal that's stood out above all the rest: speed.

Sure, computers have many other important qualities (size, power consumption, price and so on), but nothing captures our attention like the never-ending quest for faster hardware (and software to power it). Faster drives. Faster RAM. Faster processors. Speed, speed and more speed. [Insert manly grunting sounds here.]

What's the first thing that happens when a new CPU is released? Benchmarks to compare it against the last batch of processors.

What happens when a graphics card is unveiled? Reviewers quickly load up whatever the most graphically demanding video game is and see just how it stacks up to the competition in frame-rate and resolution. Power and speed captures the attention of everyone from software engineers to gamers alike.

Nowhere is this never-ending quest for speed more apparent than in the high-performance computing (HPC) space. Built to handle some of the most computationally demanding work ever conceived by man, these supercomputers are growing faster by the day—and Linux is right there, powering just about all of them.

In this issue of Linux Journal, we take a stroll through the history of supercomputers, from its beginnings (long before Linux was a gleam in Linus Torvalds' eye...heck, long before Linus Torvalds was gleam in his parents' eyes) all the way to the present day where Linux absolutely dominates the Supercomputer and HPC world.

Then we take a deep dive into one of the most critical components of computing (affecting both desktop and supercomputers alike): storage.

Petros Koutoupis, Senior Platform Architect on IBM's Cloud Object Storage, creator of RapidDisk (Linux kernel modules for RAM drives and caching) and LJ Editor at Large, gives an overview of the history of computer storage leading up to the current, ultra-fast SSD and NVMe drives.

Once you're up to speed (see what I did there?) on NVMe storage, Petros then gives a detailed—step-by-step—walk-through of how to best utilize NVMe drives with Linux, including how to set up your system to have remote access to NVMe resources over a network, which is just plain cool.

Taking a break from talking about the fastest computers the Universe has ever known, let's turn our attention to a task that almost every single one of us tackles at least occasionally.

Photography.

Professional photographer Carlos Echenique provides an answer to the age-old question: is it possible for a professional photographer to use a FOSS-based workflow? (Spoiler: the answer is yes.)

Auto-Download Linux Journal Each Month

There's an old saying, "anything worth doing, is worth automating"—or something like that. Downloading and reading Linux Journal always has been worth doing, and now you can automate it with our new autolj script, which you can get here.

Follow these few simple steps, and you can be downloading the PDF (or the .epub or the .mobi file) with the greatest of ease each month:

1) First download the script and save it somewhere; ~/bin is a good choice. You can name it whatever you like; it doesn't need to be called autolj.sh.

2) Open a terminal/shell and execute the following commands:


$ chmod +x ~/bin/autolj.sh
$ ~/bin/autolj.sh --init
Enter the email and zip/postal code associated
with your Linux Journal subscription
EMail: you@example.com    # Enter your email address
Zip  : 88888              # Enter your zip/postal code
Creating initial config file.
Change your preferences in '/home/YOU/.config/autolj.cfg'.
Sample crontab configuration is in '/home/YOU/.config/autolj.crontab'.

If you want to run the script from cron automatically each month, you can do this:


$ cp /home/YOU/.config/autolj.crontab mycrontab
$ crontab -l >>mycrontab
$ crontab 

When you first run the script, use the --init command-line option to initialize the configuration file for the script. It will prompt for the email and zip/postal code associated with your Linux Journal subscription.

It saves that information in a file named ~/.config/autolj.cfg (if you saved the script with a different name, the base name of the config file will match the name that you saved the script under).

You can edit the configuration file with any text editor that you have on hand, or you can rerun the script with the --init option to re-create the config file (any existing changes that you've made will be lost).

The config file is a bash script that is sourced by the autolj script, so maintain valid bash syntax in the file. The config file contains a few other options that you may also want to change (the default value for each is shown):

Ubuntu Touch OTA-6 Call for Testing, openSUSE T-Shirt and Poster Design Contest, RISC-V Foundation Joins The Linux Foundation, Location Tracking in Android Violates GDPR and FSF Announces 18 GNU Releases

News briefs for November 29, 2018.

UBports announces a call for testing for Ubuntu Touch OTA-6. They are asking the community for feedback and have prepared a GitHub project for OTA-6 quality assurance. See the UBports blog for more info on how you can help with the testing and also to see what's new in the OTA-6 release, which is scheduled for December 7th.

openSUSE is having a t-shirt and poster design contest for the openSUSE Conference 2019, which is being held in Nuremberg, Germany. The contest begins December 1, 2018, and the deadline for entry is January 15, 2019.

The RISC-V Foundation, a non-profit that works to encourage adoption of the RISC-V architecture for chip design, has joined the Linux Foundation to help RISC-V grow its open-source ecosystem. FossBytes reports that to start, the two foundations are "aiming at preparing helpful guides to help Linux and Zephyr users get started with RISC-V. The initial guides are expected to be unveiled at the RISC-V Summit in Santa Clara on Dec. 3."

Seven European consumer organizations have filed a complaint that Google location tracking in Android "lacks a valid legal basis in the European Union". According to The Register, "At the heart of the complaint is that the user control of location tracking falls far short of what's required by the union's General Data Protection Regulation (GDPR)—the consent controls are both deceptive and ineffective."

The Free Software Foundation announces 18 GNU releases for the month (as of November 27th). Subscribe to the GNU mailing list for new GNU release announcements, and download GNU software from the GNU mirrors.

Linux and Supercomputers

As we sit here, in the year Two Thousand and Eighteen (better known as "the future, where the robots live"), our beloved Linux is the undisputed king of supercomputing. Of the top 500 supercomputers in the world, approximately zero of them don't run Linux (give or take...zero).

The most complicated, powerful computers in the world—performing the most intense processing tasks ever devised by man—all rely on Linux. This is an amazing feat for the little Free Software Kernel That Could, and one heck of a great bragging point for Linux enthusiasts and developers across the globe.

But it wasn't always this way.

In fact, Linux wasn't even a blip on the supercomputing radar until the late 1990s. And, it took another decade for Linux to gain the dominant position in the fabled "Top 500" list of most powerful computers on the planet.

A Long, Strange Road

To understand how we got to this mind-blowingly amazing place in computing history, we need to go back to the beginning of "big, powerful computers"—or at least, much closer to it: the early 1950s.

Tony Bennett and Perry Como ruled the airwaves, The Day The Earth Stood Still was in theaters, I Love Lucy made its television debut, and holy moly, does that feel like a long time ago.

In this time, which we've established was a long, long time ago, a gentleman named Seymour Cray—whom I assume commuted to work on his penny-farthing and rather enjoyed a rousing game of hoop and stick—designed a machine for the Armed Forces Security Agency, which, only a few years before (in 1949), was created to handle cryptographic and electronic intelligence activities for the United States military. This new agency needed a more powerful machine, and Cray was just the man (hoop and stick or not) to build it.

Figure 1. Seymour Cray, Father of the Supercomputer (from http://www.startribune.com/minnesota-history-seymour-cray-s-mind-worked-at-super-computer-speed/289683511

This resulted in a machine known as the Atlas II.

Weighing a svelte 19 tons, the Atlas II was a groundbreaking powerhouse—one of the first computers to use Random Access Memory (aka "RAM") in the form of 36 Williams Tubes (Cathode Ray Tubes, like the ones in old CRT TVs and monitors, capable of storing 1024 bits of data each).

RHEL for ARM Now Supported on AWS, Malicious Code Discovered in JavaScript Library to Steal Cryptocurrency, Red Hat Purchases NooBaa, Users Reporting EXT4 Filesystem Corruption Issues with Linux 4.19 and Rust’s 2018 Survey

News briefs for November 28, 2018.

AWS announced Amazon EC2 A1 instances this week, the first AWS instances based on Arm architecture. And, yesterday Red Hat announced that Red Hat Enterprise Linux for ARM AMIs are now available for Amazon EC2 A1: "this means that customers seeking to use a multi-architecture approach across the hybrid cloud can use the world's leading enterprise Linux platform to fuel their mission-critical workloads, even on Arm instances in AWS Cloud." Red Hat plans to make Red Hat Enterprise Linux 8 Beta for ARM accessible soon as well.

Malicious code that infected the Event-stream JavaScript library to steal cryptocurrency from digital wallets was discovered recently. FossBytes reports that the researchers investigating the code found that the "targets are libraries linked to Copay Bitcoin wallet app that is available for mobile as well as desktop users. The harmful code steals the coins in the Copay wallet and then tries to connect to copayapi.host with 111.90.151.134 IP address located in Malaysia." However, an updated version without the malicious code was posted about two months ago.

Red Hat purchases NooBaa, a hybrid-cloud, data-storage company. According to ZDNet, NooBaa provides "multi-cloud storage management, which enables allows you to manage, deploy, and migrate data storage across private and major public clouds. This includes Alibaba, AWS, Azure, and Google Cloud."

Users are reporting EXT4 filesystem corruption problems with Linux 4.19. According to Phoronix, "There was initially some belief it could have been due to the multi-queue block code (BLK MQ) code in Linux 4.19, but that appears to be ruled out. Unfortunately, EXT4 file-system maintainer Ted Ts'o has been unable to reproduce this corruption issue on his own hardware."

The Rust Team's 2018 Survey is now available. The survey shows a steady stream of new users to the Rust programming language (~23% started using it in the past three months) and also that 40% of users felt productive in Rust with less than one month of use. Python ranks number one as the language users are most familiar with. See the Rust 2018 Survey for all the results.

Everything You Need to Know about Containers, Part III: Orchestration with Kubernetes

Kubernetes

A look at using Kubernetes to create, deploy and manage thousands of container images.

If you've read the first two articles in this series, you now should be familiar with Linux kernel control groups (Part I), Linux Containers and Docker (Part II). But, here's a quick recap: once upon a time, data-center administrators deployed entire operating systems, occupying entire hardware servers to host a few applications each. This was a lot of overhead with a lot to manage. Now scale that across multiple server hosts, and it increasingly became more difficult to maintain. This was a problem—a problem that wasn't easily solved. It would take time for technological evolution to reach the moment where you are able to shrink the operating system and launch these varied applications as microservices hosted across multiple containers on the same physical machine.

In the final part of this series, I explore the method most people use to create, deploy and manage containers. The concept is typically referred to as container orchestration. If I were to focus on Docker, on its own, the technology is extremely simple to use, and running a few images simultaneously is also just as easy. Now, scale that out to hundreds, if not thousands, of images. How do you manage that? Eventually, you need to step back and rely on one of the few orchestration frameworks specifically designed to handle this problem. Enter Kubernetes.

Kubernetes

Kubernetes, or k8s (k + eight characters), originally was developed by Google. It's an open-source platform aiming to automate container operations: "deployment, scaling and operations of application containers across clusters of hosts". Google was an early adopter and contributor to the Linux Container technology (in fact, Linux Containers power Google's very own cloud services). Kubernetes eliminates all of the manual processes involved in the deployment and scaling of containerized applications. It's capable of clustering together groups of servers hosting Linux Containers while also allowing administrators to manage those clusters easily and efficiently.

Kubernetes makes it possible to respond to consumer demands quickly by deploying your applications within a timely manner, scaling those same applications with ease and seamlessly rolling out new features, all while limiting hardware resource consumption. It's extremely modular and can be hooked into by other applications or frameworks easily. It also provides additional self-healing services, including auto-placement, auto-replication and auto-restart of containers.

Episode 8: Nostalgia, Security, and Shawn

Tor’s Strength in Numbers Campaign, New ask.krita.org Site, Kodi Announces Limited-Edition Raspberry Pi Case, IPFire 2.21 Core Update 125 Released, and Chrome and Firefox Developers Plan to End Support for FTP

News briefs for November 27, 2018.

Tor announces its Strength in Numbers campaign: "Stand up for the universal human rights to privacy and freedom and help keep Tor robust and secure." For #GivingTuesday, another donor will match first-time donations to the project—this is in addition to the existing matching donations from Mozilla, so if you donate, your gift will be matched twice. Go here to donate.

Scott Petrovic and the KDE sysadmin team have launched ask.krita.org—the "Krita Question and Answers Site". The new ask.krita.org "is a place where it's simple to find out if your question has been asked before, simple to ask a question, and simple to answer a question. It's a central place where, we hope, Krita users will get together and help each other. Like a stackoverflow site, or like ask.libreoffice.org.

Kodi recently released a new limited-edition "Kodi Edition" Raspberry Pi case. This version 2 of the case Kodi released two years ago is newly designed, aluminum, but it's "now gone to the dark side with a metallic, jet black coating for that cool Vader look". In addition, "the second-generation case features better access to the SD card, a better built-in heatsink, precision manufacturing, and subtle details that make a great case amazing." A percentage of every sale of this case goes to the USC Norris Comprehensive Cancer Center. You can order one from FLIRC for $19.95.

IPFire 2.21 Core Update 125 was released yesterday. This update has various bug and security fixes, along with new features, such as "the IPFire Access Point add-on now supports 802.11ac WiFi if the chipset supports it" and the dehydrated "lightweight client to retrieve certificates from Let's Encrypt written in bash". You can download it from here.

Chrome and Firefox developers plan to end support for FTP. BleepingComputer reports that "an upcoming change in how files stored on FTP servers are rendered in the browser may be the first step in its ultimate removal", and also that "Google developers have advocated for the removal of FTP support in Chrome for over 4 years" due to its low usage and the additional attack surface it creates that Chrome is unable to secure properly, compared to offering the same files over an HTTPS connection.

Testing Your Code with Python’s pytest

Don't test your code? pytest removes any excuses.

Software developers don't just write software; they also use software. So, they're the first to recognize, and understand, that software is complex and inevitably contains bugs.

But, just because bugs are inevitable doesn't mean that developers can or should try to prevent them. And, thus, during the past few decades, there's been rapid growth in software testing. Testing is no longer seen as an optional or "nice to have" part of software development; it's considered an absolute must—part of the software development process. In many cases, the people in the Python courses I teach at various companies aren't developers per se, but instead testers—people with the full-time job of writing tests to ensure that the company's software is robust.

I must admit that even though I've been writing software for a long time, I have rarely been as good about testing as I'd like to be. Sure, when I'm working on a large, complex app, I'll write tests, but it always seemed to be a bit of a burden. I know that it's good for me, will save tons of time in the future, will make the software more robust and maintenance easier, but really, if I just want to get my program out the door, why test? And besides, the various test frameworks I've used through the years never struck me as very impressive or easy to use.

So for the past few years, I've been in a bit of a holding pattern. I want to test more, but testing is annoying, so I don't test, which makes it seem like even more of a burden, because it's not part of my regular process.

All of this has changed for me recently, thanks to my discovery (long after other people, I admit) of the pytest library for Python. pytest turns out to be easy to use, easy to work with and easy to integrate into my work. Part of the reason for this is that pytest abandons the Python idea of "there's only one way to do it", giving developers a great degree of flexibility and freedom in choosing how to write tests.

So in this article, I provide an introduction to pytest, showing how to start integrating it into your development process today. I plan to expand on this in my next article and describe some more advanced pytest features that you might need to use.

Basic pytest

The idea behind pytest is that if you want to test a function, you'll write a separate function to test it. Actually, you'll probably want to write more than one test function, but that's in addition.

For example, let's assume you have the following function that sums numbers:

The Linux Foundation Is Having a Cyber Monday Sale on Certification Bundles, Vulkan 1.1.94 Released, Creative Commons 2019 Global Summit Registration Now Open, Ohio Businesses Can Use Bitcoin to Pay Taxes and Linux Kernel 4.20-rc4 Is Out

News briefs for November 26, 2018.

The Linux Foundation is having a Cyber Monday sale on certification and training bundles. From now through December 3, best-selling certification and prep course bundles are $179, and the purchase of any bundle will get you a free limited-edition T-shirt. Sale bundles include Linux Foundation Certified SysAdmin Bundle, Certified Kubernetes Administrator Bundle and more. Go here to shop.

Vulkan 1.1.94 was released today. According to Phoronix, this latest release of the graphics and compute API includes two new extensions: VK_KHR_swapchain_mutable_format, which allows the windowing system to use different formats of swap chain images, and VK_EXT_fragment_density_map, which lets you specify areas of the render target where the shader can be invoked few times, so you can reduce rendering quality in areas of the screen that are less important. For more details, see Vulkan-Docs.

Registration is now open for Creative Commons 2019 Global Summit, May 9–11 in Lisbon, Portugal. The deadline for proposals is December 10, 2018.

Businesses in the state of Ohio can now use bitcoin to pay taxes. Tech Crunch reports that businesses in Ohio can begin making tax payments today by registering at OhioCrypto.com to pay taxes for anything "from cigarette sales taxes to employee withholding taxes".

Linux 4.20-rc4 is out. Of this week's release, Linus says "Nothing looks particularly odd or scary, although we do have some known stuff still pending. For example, the STIBP fixes are still being discussed and fine-tuned and haven't been merged yet. And there's a few mm fixes being talked about. Nothing that should keep people from testing the 4.20 rc's, though, so go out and test."

Roman Numerals and Bash

Fun with retro-coding a Roman numeral converter—I head back to my college years and solve me homework anew!

I earned a bachelor's degree in computer science back in the dawn of computing. Well, maybe it wasn't quite that long ago, but we did talk about Ada and FORTRAN in class. As a UCSD alumnus, however, it's no surprise that UCSD Pascal was the programming language of choice. Don't worry; no punch cards and no paper tape were involved in my educational endeavors.

As with modern computer science study, we spent a lot of time coding algorithms and solving problems and puzzles. I'm a board-gamer, so I was quite happy to try to solve the "dining philosophers problem", the "four color problem" or the "traveling salesman problem". You might well have tried to solve the same darn problems.

One coding problem that has stuck with me is a Roman numeral conversion program. As part of my first programming class, I recall it being a pretty tricky problem, but we didn't have the internet or GitHub to scrounge around for smart solutions or inspiration.

So, in the spirit of retro-coding, let's build a script that can convert Roman numerals into regular decimal equivalent values.

Roman Numerals

I know, you're saying "um, remind me, what are Roman numerals?", even though you see them all the time in movies and books. You just ignore the MCMLXIII that shows up as a copyright notice. What's funny is that the general industry consensus is that studios use those Roman numerals instead of the more understandable "Copyright 1963" to obfuscate the age of the film (by the way, MCMLXIII = 1963).

It turns out that Roman numerals are interesting because they are essentially grouped into logical segments. At its most basic, each letter has a specific decimal value, so let's start there (see Table 1 for the values).

Table 1. Roman Numerals and Their Values

Symbol I V X L C D M
Value 1 5 10 50 100 500 1000

If you wanted to write the value 60 as Roman numerals, that's easy: LX. Reverse the two values, however, and it's a completely different value: XL = 40. Why? Because when a lower value symbol appears before a higher value symbol, it's considered a reduction of that value. The fancy name for this is subtractive notation.

In other words, LX = 50 + 10, but XL = L – X = 50 – 10.

Now you can see how the earlier value breaks into clusters of values based on whether a subsequent value is higher or lower than the current value. Here's the logic:

MCMLXIII = M + CM + L + X + III = 1000 + 900 + 50 + 10 + 3

Weekend Reading: Do-It-Yourself Projects

DIY

Join us this weekend as we bring the DIY movement back. Not only is it a chance to start working on those ideas you've been putting off for months, but it's also a great way to learn while playing.

Why You Should Do It Yourself

by Kyle Rankin

Bring back the DIY movement and start with your own Linux servers.

It wasn't very long ago that we lived in a society where it was a given that average people would do things themselves. There was a built-in assumption that you would perform basic repairs on household items, do general maintenance and repairs on your car, mow your lawn, cook your food and patch your clothes. The items around you reflected this assumption with visible and easy-to-access screws, spare buttons sewn on the bottom of shirts and user-replaceable parts. Through the years though, culture has changed toward one more focused on convenience.

Building a Voice-Controlled Front End to IoT Devices

by Michael J. Hammel

Apple, Google and Amazon are taking voice control to the next level. But can voice control be a DIY project? Turns out, it can. And, it isn't as hard as you might think.

This article covers the Jarvis project, a Java application for capturing audio, translating to text, extracting and executing commands and vocally responding to the user. It also explores the programming issues related to integrating these components for programmed results. That means there is no machine learning or neural networks involved. The end goal is to have a selection of key words cause a specific method to be called to perform an action.

Two Portable DIY Retro Gaming Consoles

by Kyle Rankin

A look at Adafruit's PiGRRL Zero vs. Hardkernel's ODROID-GO.

If you enjoy retro gaming, there are so many options, it can be tough to know what to get. The choices range from officially sanctioned systems from Nintendo all the way to homemade RetroPie projects like I've covered in Linux Journal in the past. Of course, those systems are designed to be permanently attached to a TV. But, what if you want to play retro games on the road?

Build a Custom Minimal Linux Distribution from Source

by Petros Koutoupis

Follow along with this step-by-step guide to build your own distribution from source and learn how it installs, loads and runs.

12 Holiday Gifts for Your Linux Loved Ones (All Under $59)

Santa Tux

We rounded up 12 great gifts (all priced under $59) to make shopping for your Linux friends and loved ones a little easier this season. You may even want to hold on to some of these for yourself.

Raspberry Pi 3 Model A+

Just in time for the holidays, the Raspberry Pi 3 Model A+ is now available: "you can now get the 1.4GHz clock speed, 5GHz wireless networking and improved thermals of Raspberry Pi 3B+ in a smaller form factor, and at the smaller price of $25."

raspberry pi 3

Image courtesy of RaspberryPi.org.

Stickers

For a limited time, unixstickers is offering this Pro Pack of 10 stickers for just $1 (plus free shipping!). Stickers include Vim, Git, Python, Official Bash, Linux Tux, Debian, Arch Linux, Linux Inside and GoLang, and a sticker badge of Arch Linux, Git, Vim and Python.

stickers

Image courtesy of unixstickers.com.  

Tux Cufflinks, Earrings and Bracelets

Etsy seller ArtfireSupplies offers a variety of jewelry featuring Tux the Penguin. You can choose from cufflinks, tie clips, earrings, bracelets or even necklace pendants. Prices start just under $15.

Tux the penguin cufflinks

Image courtesy of ArtfireSupplies.  

Stuffed Tux

ZaReason, better known for their popular line of Linux desktops, laptops and servers, brings us the elusive stuffed Tux. At a little more than 12" tall, this Tux is a bargain at only $19.

Pioneers in Open Source–Eren Niazi, Part II: the Untold Story

eren headshot

It was 2014, and everything seemed fine with Eren Niazi and the company he founded, Open Source Storage or OSS, although at the time, both the industry and the market were changing. Not only were open-source technologies used in every form and fashion to enable what has become the cloud, its users also were connecting in droves to take advantages of the many services it offered. We matured into an always connected society.

As markets evolved and consumer needs evolved, OSS needed to do something to continue to be relevant. Eren and his team came up with a solution to enable more involvement within the Open Source community by building a never-done-before social platform that closed the gap between file sharing and social networking. It also added a gamification component to help encourage participation on top of quality.

Note: gamification is the process of taking something that already exists, be it a website, enterprise application or online community, and integrating it with game mechanics to motivate participation, engagement and loyalty.

A patent was filed to capture this unique new platform: US15073028. Its status is now considered Abandoned (you'll learn why shortly). From the patent description:

Embodiments of the inventive concept provide a system and method for gamifying community driven open source software development projects, thereby spurring innovation and quality open source and freely available products. Embodiments of the inventive concept not only incentivizes the most desired tasks, such as coding, but also the less desirable actions like code review, documentation, quality assurance, testing, security analysis, and the like. In this manner, all steps along the software development path can be incentivized. Even scheduling and meeting deadlines for enhancements, bug fixes, and security auditing can benefit from an award system. Embodiments include a development gamification system including a user interface logic section to provide a development gamification interface to incentivize a community of users to develop open source software projects.

Figure 1. A General Illustrated Overview of US15073028

But in order to build this promising new platform, OSS needed outside investment to fund it. Eren approached numerous investors, all of which decided to participate. With this new funding, Open Source Storage decided to move its operations to a new location in Campbell, California.

Figure 2. Open Source Storage Headquarters (2014–2016)

UserLAnd Now Available on F-Droid, New Darktrace Cybersecurity Company, France Is Dumping Google, KDE Bug Day Focusing on Okular November 27th and SuperTux Alpha Release

News briefs for November 21, 2018.

UserLAnd is now available on F-Droid. With UserLAnd, you can run full Linux distributions or specific apps on top of Android, and you can install and uninstall it like a regular app—you don't need root. This version requires Android 5.0 or newer, and UserLAnd recommends that you install the F-Droid client to build it rather than download the APK.

A new cybersecurity company called Darktrace has developed a tool in collaboration with the University of Cambridge that uses machine learning to detect internal security breaches. According to FossBytes, Darktrace created an algorithm that "recognizes new instances of unusual behavior". This technique is "based on unsupervised learning, which doesn't require humans to specify what to look for. The system works like the human body's immune system."

France is dumping Google. Wired reports that to "avoid becoming a digital colony of the US or China", the French National Assembly and the French Army Ministry "declared that their digital devices would stop using Google as their default search engines. Instead, they will use Qwant, a French and German search engine that prides itself for not tracking its users."

KDE is holding a Bug Day November 27, 2018 that will focus on Okular. You can join the event at any time that day. See the Bug Triaging Guide to learn how to confirm and triage bugs, and join the #kde-bugs IRC channel on Freenode to chat with KDE in real time. For more information, go here.

Classic open-source game SuperTux is heading toward a new release. GamingOnLinux reports that the game is on the third alpha release of the 0.6.0 update. The game features several new highlights, including a "complete revamp of the rendering engine"; it now "supports OpenGL 3.3 Core as well as OpenGL ES 2.0, thus allowing SuperTux to be run on the Raspberry Pi, and potentially WebGL"; and the forest worldmap has been redesigned. You can download it from GitHub.

Travel Laptop Tips in Practice

It's one thing to give travel advice; it's another to follow it.

In past articles, I've written about how to prepare for a vacation or other travel when you're on call. And, I just got back from a vacation where I put some of those ideas into practice, so I thought I'd write a follow-up and give some specifics on what I recommended, what I actually did and how it all worked.

Planning for the Vacation

The first thing to point out is that this was one of the first vacations in a long time where I was not on call, directly or indirectly. In my long career as a sysadmin responsible for production infrastructure, I've almost always been on call (usually indirectly) when on vacation. Even if someone else was officially taking over on-call duties while I was away, there always was the risk that a problem would crop up where they would need to escalate up to me. Often on my vacations something did blow up to the point that I needed to get involved. I've now transitioned into more of a management position, so the kinds of emergencies I face are much different.

I bring up the fact that I wasn't on an on-call rotation not because it factored into how I prepared for the trip, but because, generally speaking, it didn't factor in except that I didn't have to go to as extreme lengths to make sure everyone knew how to contact me in an emergency. Even though I wasn't on call, there still was a chance, however remote, that some emergency could pop up where I needed to help. And, an emergency might require that I access company resources, which meant I needed to have company credentials with me at a minimum. I imagine for most people in senior-enough positions that this would also be true. I could have handled this in a few ways:

  1. Hope that I could access all the work resources I might need from my phone.
  2. Carry a copy of my password manager database with me.
  3. Put a few select work VMs on my travel laptop.

I chose option number 3, just to be safe. Although I'm not superstitious, I still figured that if I were prepared for an emergency, there was a better chance one wouldn't show up (and I was right). At the very least, if I were well prepared for a work emergency, if even a minor problem arose, I could respond to it without a major inconvenience instead of scrambling to build some kind of MacGyver-style work environment out of duct tape and hotel computers.

Selecting the Travel Computer

As I've mentioned in previous articles, I recommend buying a cheap, used computer for travel. That way, if you lose it or it gets damaged, confiscated or stolen, you're not out much money. I personally bought a used Acer Parrot C710 for use as a travel computer, because it's small, cheap and runs QubesOS pretty well once you give it enough RAM.

Spectre Mitigation Causing Significant Slowdown in 4.20 Kernel, Shadow of the Tomb Raider Coming to Linux in 2019, Kdenlive Bug-Squashing Day December 2, Diskio Pi Kickstarter Campaign and Phones to Receive Android Pie

News briefs for November 20, 2018.

Mitigation for Spectre variant 2 is causing significant slowdowns in the new 4.20 kernel, and Linus Torvalds posted to the LKML, "When performance goes down by 50 percent on some loads, people need to start asking themselves whether it was worth it. It's apparently better to just disable SMT entirely, which is what security-conscious people do anyway". See Phoronix, which originally posted the benchmarks showing the slowdown, and this ZDNet article for more info on this issue.

Feral Interactive announced this morning that Shadow of the Tomb Raider is coming to Linux in 2019. Shadow of the Tomb Raider is the conclusion of Laura Croft's origin story; the previous two installments are available for Linux now from Feral Interactive. You can view the Shadow of the Tomb Raider trailer here.

Kdenlive is holding a bug-squashing day on December 2, 2018 in preparation for an April 2019 major release. A list of proposed bugs to solve is available here. Contact Kdenlive via IRC: #kdenlive on Freenode.

Guillaume Debray has launched a Kickstarter campaign for a Diskio Pi, "the Ultimate Open Source Tablet". Diskio Pi is a kit tablet that you assemble with your nano computer of choice. According to the project description, it's an "ideal open solution" to use as an extra computer, a learning code machine, a media center, for home automation or for your vehicle.

Android Central reports on which phones will receive Android Pie. Android Pie is slated to come to the Asus ZenFone 5 series in early 2019, and in some markets, the Motorola One and One Power already have received it. See the post on Android Central for the full roundup.

What’s New in Bash Parameter Expansion


The bash man page is close to 40K words. It's not quite War and Peace, but it could hold its own in a rack of cheap novels. Given the size of bash's documentation, missing a useful feature is easy to do when looking through the man page. For that reason, as well as to look for new features, revisiting the man page occasionally can be a useful thing to do.

The sub-section of interest today is Parameter Expansion—that is, $var in its many forms. Don't be confused by the name though, it's really about parameter and variable expansion.