Ubuntu 18.10 “Cosmic Cuttlefish” Due Out Today, Arm Launches IoT-Focused Mbed Linux, GitHub’s New Security Features, MongoDB Announces New Server Side License and Google to Charge for Apps on Android Handsets Sold in Europe

News briefs for October 18, 2018.

Ubuntu 18.10 "Cosmic Cuttlefish" expected to be released today. According to Phoronix, the biggest change for users will be the revised default theme for the GNOME Shell experience, now known as "Yaru". Ubuntu 18.10 will also have the Linux 4.18 kernel, "which means better hardware support, various performance improvements, and other optimizations compared to Ubuntu 18.04's Linux 4.15".

Arm launches the IoT-focused Mbed Linux OS and also extends Pelion IoT Platform services. According to Linux.com, Mbed Linux "combines the Linux kernel with tools and recipes from the Intel-backed Yocto Project. The distro also integrates security and IoT connectivity code from its open source Mbed RTOS". In addition, the Pelion IoT Platform "will align with Intel's Secure Device Onboard (SDO) provisioning technology to make it easier for IoT vendors and customers to onboard both x86 and Arm-based devices using a common Pelion platform. Arm also announced Pelion related partnerships with myDevices and Arduino."

GitHub updated its platform this week, which included many developer-centric changes and security features, but the most notable change is the "expansion of the Security Alerts feature, which also now supports Java and .NET projects, on top of the original JavaScript, Ruby and Python", ZDNet reports.

MongoDB recently announced it will be released under the new Server Side Public License: "The SSPL clarifies the conditions for making MongoDB publicly available as a service, to ensure we can continue to invest in building MongoDB for our users rather than in costly litigation over enforcing the AGPL. All subsequent versions and patch releases to prior versions of MongoDB made after October 16th, 2018 will be issued under the new SSPL."

Google plans to charge smartphone makers to pre-install apps like Gmail and YouTube on Android handsets sold in Europe. The Verge quotes Android leader Hiroshi Lockheimer, "Since the pre-installation of Google Search and Chrome together with our other apps helped us fund the development and free distribution of Android, we will introduce a new paid licensing agreement for smartphones and tablets shipped into the [European Economic Area]."

Code Review–an Excerpt from VM Brasseur’s New Book Forge Your Future with Open Source

Forge Your Future with Open Source Book Cover

Excerpt from Forge Your Future with Open Source by VM (Vicky) Brasseur, Copyright © 2018 The Pragmatic Programmers LLC. Reproduced with the permission of the publisher.

Even new programmers can provide a lot of value with their code reviews. You don't have to be a Rockstar Ninja 10x Unicorn Diva programmer with years and years of experience to have valuable insights. In fact, you don't even have to be a programmer at all. You just have to be knowledgable enough to spot patterns. While you won't be able to do a complete review without programming knowledge, you may still spot things that could use some work or clarification.

If you're not a Rockstar Ninja 10x Unicorn Diva programmer, not only is your code review feedback still valuable, but you can also learn a great deal in the process: Code layout, programming style, domain knowledge, best practices, neat little programming tricks you'd not have seen otherwise, and sometimes antipatterns (or "how not to do things"). So don't let the fact that you're unfamiliar with the code, the project, or the language hold you back from reviewing code contributions. Give it a go and see what there is to learn and discover.

"But," you may wail, "how is that even possible?! I don't know how to program very well! How could I ever do anything valuable on a code review?" Calm yourself, friend. You have a lot to offer here. Earlier I mentioned pattern-spotting, and that's a good place to start. If the contribution you're reviewing looks a lot more complicated than everything around it, you've just spotted a potential problem. Does the code use different indentations or variable naming than elsewhere in the file? That's another potential problem. Is the code contribution really long, when everything else in the file is much shorter? That could be a sign something is wrong. You don't have to be that Rockstar Ninja 10x Unicorn Diva programmer to spot these things; you only have to be familiar with programming and—most importantly—you only have to be looking at the code.

Do be careful as you start code review for a project with which you're not very familiar. Some projects would rather not receive reviews from people who aren't yet skilled in the code in question, as those reviews often can contain errors or inconsistencies with how the project typically operates. Inexperienced reviewers also can confuse inexperienced contributors, who might not know that the person providing feedback to them is not very familiar with the code or the project. Always check the CONTRIBUTING file or ask a core contributor before you start reviewing code contributions, rather than risk stepping on toes or providing feedback when none is wanted.

elementary OS Juno Released, Plasma 5.14.1 Is Out, Chrome 70 Now Available, Docker Raises New Funding and New Badges for Firefox Users

News briefs for October 17, 2018.

elementary OS Juno is now available. This new major version sports a ton of updates and improvements with three major goals: 1) "provide a more refined user experience; 2) "improve productivity for new and seasoned users alike"; and 3) "take our developer platform to the next level".

The KDE Project yesterday announced the first point release of the KDE Plasma 5.14 desktop series. Plasma 5.14.1 adds new translations and some important bugfixes. See the changelog for further details.

Chrome 70 is now available. This release removes the controversial change from the last version, and now allows users to stop the browser from automatically signing in to their Google accounts after logging in to one of its apps, The Verge reports. You still need to opt-out and specifically change this setting, however. Other changes include support for progressive web apps on Windows. See the "New in Chrome 70" post for more information on this release.

Docker has raised $92 million in new funding. According to TechCrunch, "the new funding is a signal that while Docker may have lost its race with Google's Kubernetes over whose toolkit would be the most widely adopted, the San Francisco-based company has become the champion for businesses that want to move to the modern hybrid application development and information technology operations model of programming."

Mozilla has created badges for Firefox users who want to show their support. You can grab the code for the badges here. Mozilla notes that the "images are hosted on a Mozilla CDN for convenience and performance only. We do no tracking of traffic to the CDN".

Keeping Control in the Hands of the User

Various efforts always are underway to implement Secure Boot and to add features that will allow vendors to lock users out of controlling their own systems. In that scenario, users would look helplessly on while their systems refused to boot any kernels but those controlled by the vendors.

The vendors' motivation is clear—if they control the kernel, they can then stream media on that computer without risking copyright infringement by the user. If the vendor doesn't control the system, the user might always have some secret piece of software ready to catch and store any streamed media that could then be shared with others who would not pay the media company for the privilege.

Recently, Chen Yu and other developers tried to submit patches to enhance Secure Boot so that when the user hibernated the system, the kernel itself would encrypt its running image. This would appear to be completely unnecessary, since as Pavel Machek pointed out, there is already uswsusp (userspace software suspend), which encrypts the running image before suspending the system. As Pavel said, the only difference was that uswusp ran in userspace and not kernel space.

Perhaps in an effort to draw Chen into admitting the deeper motives behind the patch submission, Pavel asked Chen to elucidate exactly what security hole his patches addressed and how they would deal with them. Pavel would ask that question over and over again before the end of the discussion, and he would not receive an answer.

Chen offered a variety of justifications for the patch, including letting users do less work, but none of them answered the fundamental question: why was this patch needed as a security enhancement in the first place? And eventually, Pavel called it like he saw it. He said, "Purpose here is to prevent the user from reading/modifying kernel memory content on machine he owns. Strange as it may sound, that is what 'secure' boot requires (and what Disney wants)."

The discussion ended inconclusively, but not utterly. It's clear that Pavel, and a group of core kernel developers including Linus Torvalds, will continue to guard against allowing vendors to control user systems. This seems to be one of the fundamental values of the Linux kernel—to prevent the reemergence of the kind of situation we had in the 1980s, where vendors had ultimate control over virtually all software, while users were at the mercy of business decisions they didn't agree with but could do nothing about.

Note: if you're mentioned above and want to post a response above the comment section, send a message with your response text to ljeditor@linuxjournal.com.

Canonical Announces Partnership with Eurotech, the Big Four to End Support of TLS 1.0 and 1.1, Sony Using Blockchain for DRM, NETWAYS Web Services Launches IaaS OpenStack, Grey Hat Patching MikroTik Routers and Paul Allen Dies at 65

News briefs for October 16, 2018.

Canonical announced a partnership with Eurotech to help organizations advance in the IoT realm. In connection with this partnership, Canonical "has published a Snap for the Eclipse Kura project—the popular, open-source Java-based IoT edge framework. Having Kura available as a Snap—the universal Linux application packaging format—will enable a wider availability of Linux users across multiple distributions to take advantage of the framework and ensure it is supported on more hardware. Snap support will also extend on Eurotech's commercially supported version; the Everywhere Software Framework (ESF)."

Apple, Google, Microsoft and Mozilla all announce the end of support for TLS 1.0 and 1.1 standards starting in 2020, ZDNet reports. Chrome and Firefox already support TLS 1.3, and Microsoft and Apple will soon follow suit.

Sony announced it's planning to use the blockchain for digital rights management (DRM). According to the story on Engadget, the company plans to begin with the Sony Global Education written educational materials. This blockchain system is "built on Sony's pre-existing DRM tools, which keep track of the distribution of copyrighted materials, but will have advantages that come with blockchain's inherent security."

NETWAYS Web Services launches IaaS OpenStack. According to the press release, "the Open Source experts from 'NETWAYS Web Services' (NWS) add with OpenStack a customizable, fully managed Infrastructure as a Service (Iaas) to their platform." Customers can choose between SSD or Ceph based packages, and in addition to OpenStack, the platform offers "a diverse selection of Open Source applications for various purposes". If you're interested, you can try NWS OpenStack 30 days for free. For more information and to get started, go here.

A grey-hat hacker is breaking into MikroTik routers and patching them so they can't be compromised by cryptojackers or other attackers. According to ZDNet, the hacker, who goes by Alexey, is a system administrator and claims to have disinfected more then 100,000 MikroTik routers. He told ZDNet that he added firewall rules to block access to the routers from outside the local network, and then "in the comments, I wrote information about the vulnerability and left the address of the @router_os Telegram channel, where it was possible for them to ask questions." Evidently, a few folks have said "thanks", but many are outraged.

Paul Allen—"co-founder of Microsoft and noted technologist, philanthropist, community builder, conservationist, musician and supporter of the arts"—passed away yesterday. See the statements released on behalf of the Allen Family, Vulcan Inc. and the Paul G. Allen network at the Vulcan Inc. website.

Have a Plan for Netplan

Ubuntu changed networking. Embrace the YAML.

If I'm being completely honest, I still dislike the switch from eth0, eth1, eth2 to names like, enp3s0, enp4s0, enp5s0. I've learned to accept it and mutter to myself while I type in unfamiliar interface names. Then I installed the new LTS version of Ubuntu and typed vi /etc/network/interfaces. Yikes. After a technological lifetime of entering my server's IP information in a simple text file, that's no longer how things are done. Sigh. The good news is that while figuring out Netplan for both desktop and server environments, I fixed a nagging DNS issue I've had for years (more on that later).

The Basics of Netplan

The old way of configuring Debian-based network interfaces was based on the ifupdown package. The new default is called Netplan, and although it's not terribly difficult to use, it's drastically different. Netplan is sort of the interface used to configure the back-end dæmons that actually configure the interfaces. Right now, the back ends supported are NetworkManager and networkd.

If you tell Netplan to use NetworkManager, all interface configuration control is handed off to the GUI interface on the desktop. The NetworkManager program itself hasn't changed; it's the same GUI-based interface configuration system you've likely used for years.

If you tell Netplan to use networkd, systemd itself handles the interface configurations. Configuration is still done with Netplan files, but once "applied", Netplan creates the back-end configurations systemd requires. The Netplan files are vastly different from the old /etc/network/interfaces file, but it uses YAML syntax, and it's pretty easy to figure out.

The Desktop and DNS

If you install a GUI version of Ubuntu, Netplan is configured with NetworkManager as the back end by default. Your system should get IP information via DHCP or static entries you add via GUI. This is usually not an issue, but I've had a terrible time with my split-DNS setup and systemd-resolved. I'm sure there is a magical combination of configuration files that will make things work, but I've spent a lot of time, and it always behaves a little oddly. With my internal DNS server resolving domain names differently from external DNS servers (that is, split-DNS), I get random lookup failures. Sometimes ping will resolve, but dig will not. Sometimes the internal A record will resolve, but a CNAME will not. Sometimes I get resolution from an external DNS server (from the internet), even though I never configure anything other than the internal DNS!

KDE e.V Receives Generous Handshake Donation, Ubuntu Touch OTA-5 Is Out, Geoclue 2.5 Now Available and Asking for Help, New Code of Conduct Proposal and Internet Freedom Festival

News briefs for October 15, 2018.

KDE e.V. announces it received a $300,000 USD donation from the Handshake Foundation. According to the KDE blog post, it plans to use $100,000 USD of the donation specifically toward development of the Calligra office suite. Also, KDE celebrated its 22nd anniversary yesterday—Happy Birthday KDE!

UBports announces Ubuntu Touch OTA-5 is out. This over the air update of version 16.04 includes a more stable experience and new features, such as the Morph QtWeb Engine browser, Qt automatic scaling, Kirigami 2 and community art used for wallpapers, notification tones and ringtones.

Geoclue 2.5 is now available, and coder Zeeshan Ali is asking for help. Geoclue uses the Mozilla Location Service (MLS), which was launched in 2013 in connection with its Firefox OS project that has since been abandoned. The service is still running, and users can contribute data, but it isn't being maintained or developed any longer. Zeeshan Ali writes, "If your company relies on MLS (directly or through Geoclue) and you'd want to secure the future of Open Source geolocation, please do get in touch and we can discuss how we could possibly achieve that."

Red Hat developer Ivan Chavero yesterday submitted a new patch for the Linux Code of Conduct. Phoronix reports that the proposal "drops the mention of 'a harassment-free experience for everyone, regardless of age, body-size, disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality,personal appearance, race, religion, or sexual identity and orientation.' In place Ivan proposes, 'our community an effective and enriching experience to any sentient being in the Universe.'"

The Internet Freedom Festival—"5 Years Joining Forces to Fight Censorship and Surveillance"—is being held in Valencia, Spain, April 1–5, 2019. The call for proposals is open until November 9, 2018. See the IFF website for more details, as well as news and updates from the community.

Chrome OS Stable Channel Gets Linux Apps

Chromebook

How to get started with Linux Apps for Chromebooks.

After months of user testing in developer and beta channels, the Crostini project at Google finally delivered the goods, Linux apps for most users of Chromebooks in the stable channel—definitely worth the wait. While this still is aimed primarily at developers using Chromebooks, I think there's a good chance these Linux apps will be used and enjoyed by the general public using Chromebooks as well. There's still a bit of a learning curve to overcome before that possibility is realized, but if you already are a user of any Linux distro, it will feel very familiar. Here's an overview of how to install it and what to expect afterward.

After getting the update to version 69, go to Settings and scroll down a bit, and you'll see the option to turn on Linux apps. Figure 1 shows this first step. Note that this isn't available on all Chromebooks; if you're using an older one, you'll have to wait a while before this function is available. If you don't see the option to turn on Linux apps, your Chromebook currently lacks that functionality. But, if you have a Chromebook produced in the past two years, you probably will see the option.

Figure 1. Linux Apps Option

Figure 2. Installing Linux Apps

After it's done installing, you see the terminal appear. From here, you can do as you would with any terminal. I chose to sudo apt-get install the GIMP, Open Shot, Handbrake, Firefox and the GNOME Software Center, which I used to download and install Audacity. The GNOME Software Center provides an easy-to-manage GUI method of finding the more popular Linux apps, but if you prefer the terminal method of using apt-get install, that works just as well and provides more app choices than the GNOME Software Center.

One more thing to note about the GNOME Software Center is that you likely will not see any apps in it after first installing it. You need to reboot first before the apps appear.

If you want to run Firefox on a Chromebook, there are actually two ways to do it. One way is to download and install Firefox from the Google Play Store as an Android app. Now with Linux apps via Crostini, you also can download and install it from the terminal using apt-get install, but it needs to be the extended support release version, Firefox-ESR.

Figures 3–5 show some of my installed apps up and running.

Episode 3: Microsoft and Patents

Doc Searls and Katherine Druckman talk to Erich Andersen, Corporate Vice President, Deputy General Counsel at Microsoft and Keith Bergelt, CEO of Open Invention Network about Microsoft's recently announced membership with the Open Invention Network patent community.

Useful links:

https://www.openinventionnetwork.com/pressrelease_details/?id=89

https://azure.microsoft.com/en-us/blog/microsoft-joins-open-invention-network-to-help-protect-linux-and-open-source/

Canonical Announces Plex as a Snap, DuckDuck Go Reaches 30 Million Direct Searches a Day, Purism’s Librem 5 Phone to Ship with GNOME 3.32 Desktop, Libre Computer Project Launches the La Frite SBC and Google Releases Oboe

News briefs for October 12, 2018.

Canonical yesterday announced that Plex has arrived in its Snap Store. You now can download the multimedia platform as a snap for Ubuntu, KDE Neon, Debian, Fedora, Manjaro, OpenSUSE and Zorin. For more details, see the Ubuntu Blog.

DuckDuck Go, the privacy-focused search engine, has reached the milestone of 30 million direct searches a day. According to The Verge and Search Engine Journal, DuckDuck Go's market share is estimated to be .18%, compared with Google's 77% and Bing's 5%; however, DuckDuck Go's traffic is up 50% from last year.

Purism's Librem 5 phone will ship with the GNOME 3.32 desktop, which is scheduled for release March 13, 2019. Softpedia News reports that GNOME developer Adrien Plazas invites "GNOME and GTK+ app developers to adapt their applications to work both on their favorite GNU/Linux distribution and on the upcoming Librem 5 Linux phone, which will use Purism's Debian-based and security-oriented Pure OS operating system by default." See also Adrien's blog post for more details on Librem 5 + GNOME 3.32.

The Libre Computer Project recently announced its new open-source, libre ARM SBC called La Frite. Phoronix reports the new 512MB model will ship for $5 USD, or you can get the 1GB version for $10 USD. In addition, "the $5 ARM SBC is said to be 10x faster than the Raspberry Pi Zero" and also includes real HDMI, Ethernet and USB ports. La Frite, the miniature version of Le Potato SBC supported by mainline Linux and Android 8, should be available in November. See the Kickstarter page for details.

Google yesterday released Oboe, a C++ library for creating real-time audio apps. According to the post on Packt, one of Oboe's main benefits is "the lowest possible audio latency across the widest range of Android devices". See the GitHub repository to get started with Oboe.

Doing Date Math on the Command Line, Part I

calendar

If you've ever used a spreadsheet, you've probably used or seen functions for doing date math—in other words, taking one date and adding some number of days or months to it to get a new date, or taking two dates and finding the number days between them. The same thing can be done from the command line using the lowly date command, possibly with a little help from Bash's arithmetic.

FSF Issues Statement on Microsoft Joining OIN, RaspEX Build 181010 Now Available for Raspberry Pi 3 Model B+, OpenShift Container Platform 3.11 Released, Kernel Security Update for CentOS 6 and RHEL 6, and Qt Creator 4.8 Beta Is Out

News briefs for October 11, 2018.

Following the news of Microsoft joining the Open Invention Network, the Free Software Foundation issued a statement calling on Microsoft to "take additional steps to continue the momentum toward a complete resolution". These steps include "make a clear, unambiguous statement that it has ceased all patent infringement claims on the use of Linux in Android"; "work within OIN to expand the definition of what it calls the 'Linux System' so that the list of packages protected from patents actually includes everything found in a GNU/Linux system"; and "use the past patent royalties extorted from free software to fund the effective abolition of all patents covering ideas in software."

RaspEX Build 181010 is now available for the Raspberry Pi 3 Model B+. It features the Helium Desktop from BunsenLabs Linux, and according to Softpedia News, it's "based on the latest Ubuntu 18.04 LTS (Bionic Beaver) operating system series, using packages from the Debian GNU/Linux 9 'Stretch' and Linaro open source software for ARM SoCs. RaspEX is compatible with Raspberry Pi 2, Raspberry Pi 3, and Raspberry Pi 3 Model B+." See also Arne Exton's release announcement for more details.

Red Hat announced the availability of the OpenShift Container Platform 3.11 release yesterday. eWeek reports that key highlights with this release "are multiple components that have been integrated from the CoreOS Tectonic distribution of Kubernetes, including a new cluster administrator console. Red Hat has also integrated CoreOS' Operator concept into OpenShift making it easier for organizations to deploy cloud native applications."

CentOS and Red Hat announced an important Linux kernel security update for CentOS Linux 6 and Red Hat Enterprise Linux 6 that addresses two vulnerabilities found in those operating systems: CVE-2018-5391 and CVE-2018-14634.Users should update immediately. See the Softpedia News post for details.

Qt Creator 4.8 Beta was released today. This version introduces experimental support for the Language Server Protocol, added some experimental C++ features and added support for running debuggers on one or more executables simultaneously. You can download the open-source version here.

FOSS Project Spotlight: Tutanota, the First Encrypted Email Service with an App on F-Droid

Seven years ago, we started building Tutanota, an encrypted email service with a strong focus on security, privacy and open source. Long before the Snowden revelations, we felt there was a need for easy-to-use encryption that would allow everyone to communicate online without being snooped upon.

Figure 1. The Tutanota team's motto: "We fight for privacy with automatic encryption."

As developers, we know how easy it is to spy on email that travels through the web. Email, with its federated setup is great, and that's why it has become the main form of online communication and still is. However, from a security perspective, the federated setup is troublesome—to say the least.

End-to-end encrypted email is difficult to handle on desktops (with key generation, key sharing, secure storing of keys and so on), and it's close to impossible on mobile devices. For the average, not so tech-savvy internet user, there are a lot of pitfalls, and the probability of doing something wrong is, unfortunately, rather high.

That's why we decided to build Tutanota: a secure email service that is so easy to use, everyone can send confidential email, not only the tech-savvy. The entire encryption process runs locally on users' devices, and it's fully automated. The automatic encryption also enabled us to build fully encrypted email apps for Android and iOS.

Finally, end-to-end encrypted email is starting to become the standard: 58% of all email sent from Tutanota already are end-to-end encrypted, and the percentage is constantly rising.

Figure 2. Easy email encryption on desktops and mobile devices is now possible for everyone.

The Open-Source Email Service to Get Rid of Google

As open-source enthusiasts, our apps have been open source from the start, but putting them on F-Droid was a challenge. As with all email services, we have used Google's FCM for push notifications. On top of that, our encrypted email service was based on Cordova, which the F-Droid servers are not able to build.

Not being able to publish our Android app on F-Droid was one of the main reasons we started to re-build the entire Tutanota web client. We are privacy and open-source enthusiasts; we ourselves use F-Droid. Consequently, we thought that our app must be published there, no matter the effort.

When rebuilding our email client, we made sure not to use Cordova anymore and to replace Google's FCM for push notifications.

Episode 2: Privacy is Personal

Episode 2 cover

Katherine Druckman talks to Doc Searls about consumer privacy, Main Street, and heart attacks at Walmart.

Links mentioned:

https://twitter.com/torproject/status/1049370119338713088

http://customercommons.org/

Microsoft Joins the Open Invention Network, NVIDIA Announces RAPIDS, Asterisk 16.0.0 Now Available, BlockScout Released and Security Advisory for Debian GNU/Linux 9 “Stretch”

News briefs for October 10, 2018.

Microsoft has joined the Open Invention Network (OIN), an open-source patent consortium. According to ZDNet, this means "Microsoft has essentially agreed to grant a royalty-free and unrestricted license to its entire patent portfolio to all other OIN members." OIN's CEO Keith Bergelt says "This is everything Microsoft has, and it covers everything related to older open-source technologies such as Android, the Linux kernel, and OpenStack; newer technologies such as LF Energy and HyperLedger, and their predecessor and successor versions."

NVIDIA has just announced RAPIDS, its open-source data analytics/machine learning platform, Phoronix reports. The project is "intended as an end-to-end solution for data science training pipelines on graphics processors", and NVIDIA "laims that RAPIDS can allow for machine learning training at up to 50x and is built atop CUDA for GPU acceleration".

The Asterisk Development Team announces that Asterisk 16.0.0 is now available. This version includes many security fixes, new features and tons of bug fixes. You can download it from here.

BlockScout, the first full-featured open-source Ethereum block explorer tool, was released yesterday by POA Network. The secure and easy-to-use tool "lets users search and explore transactions, addresses, and balances on the Ethereum, Ethereum Classic, and POA Network blockchains". And, because it's open source, anyone can "contribute to its development and customize the tool to suit their own needs".

Debian has published another security advisory for Debian GNU/Linux 9 "Stretch". According to Softpedia News, CVE-2018-15471 was "discovered by Google Project Zero's Felix Wilhelm in the hash handling of Linux kernel's xen-netback module, which could result in information leaks, privilege escalation, as well as denial of service". The patch also addresses CVE-2018-18021, a privilege escalation flaw. The Debian Project recommends that all users of GNU/Linux 9 "Stretch" update kernel packages to to version 4.9.110-3+deb9u6.

Creating the Concentration Game PAIRS with Bash, Part II

Dave finishes up the PAIRS concentration game, only to realize it's too hard to solve!

In my last article, I tossed away my PC card and talked about how I was a fan of the British colonial-era writer Rudyard Kipling. With that in mind, I do appreciate that you're still reading my column.

I was discussing the memory game that the British spy plays with the orphan boy Kim in the book of the same name. The game in question involves Kim being shown a tray of stones of various shapes, sizes and colors. Then it's hidden, and he has to recite as many patterns as he can recall.

The card game Concentration is clearly inspired by the same pattern memorization game, and it's considerably easier to set up: shuffle a deck of cards, place them face down in a grid, then flip pairs to find matches. In the beginning, it's just guessing, of course, but as the game proceeds, it becomes more about spatial memory than luck. Someone with an eidetic memory always will win.

Using letters makes things easy, so I suggested a row, column, notational convention like this:


    1   2   3   4   5   6   7   8   9   10  11  12  13
1: [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-]
2: [-] [-] [-] [A] [-] [-] [-] [-] [-] [-] [-] [-] [-]
3: [-] [-] [-] [-] [-] [-] [-] [-] [E] [-] [-] [-] [-]
4: [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [-] [Z]

You can represent uppercase letters as a shell array like this:


declare -a letters=(A B C D E F G H I J K L M N O P Q R
                    S T U V W X Y Z)

Unfortunately, Bash doesn't support multidimensional arrays, so you're going to have to represent the grid as a one-dimensional array. It's not too hard though, because the grid is straightforward. Here's an index formula if firstvalue is the first digit and rest is the remainder of the index value:


index=$(( ( ( $firstvalue - 1 ) * 13 ) + $rest ))

The letter "E" in the above grid, at 3,9, would show up in the array as ((3-1)*13)+9 or slot 35.

Shuffle Those Values

The script from my last article already initializes everything in sequential order and defaults to 2 * 13 slots (for simplicity in debugging). The work of the script is really in the shuffle, but it turns out that there's a pretty elegant little shuffle algorithm (shown in a kind of sloppy C for illustrative purposes) floating around the internet that can be tapped for this task:


shuffle {
   for (i = n-1; i > 0; i-) {
     int j = rand() % (i+1);
     swap( array[i], array[j]);
   }
}

Translating this into a shell script and using better variable names, here's what I created:

Redis Labs and the “Common Clause”

So, the short version is that with the recent licensing changes to several Redis Labs modules making them no longer free and open source, GNU/Linux distributions, such as Debian and Fedora, are no longer able to ship Redis Labs' versions of the affected modules to their users.

As a result, we have begun working together to create a set of module repositories forked from prior to the license change. We will maintain changes to these modules under their original open source licenses, applying only free and open fixes and updates.

We are committed to making these available under an open source license permanently, and welcome community involvement.

You can find more background info here:

New Open-Source GoodFORM Project, Made by Google 2018 Event Today, Asus Chromebook C423, HP Chromebook x360 14 and KDE Launches Plasma 5.14

News briefs for October 9, 2018.

Redis labs recently added the Commons Clause on top of the Redis open-source, in-memory data structure store, and now open-source developers are forking the code in a new project called GoodFORM. ZDNet quotes Debian project leader Chris Lamb and Fedora developer Nathan Scott's explanation for the need to fork the code: "With the recent licensing changes to several Redis Labs modules making them no longer free and open source, GNU/Linux distributions such as Debian and Fedora are no longer able to ship Redis Labs' versions of the affected modules to their users."

The Made by Google 2018 event kicks off today at 11am ET. 9To5Google reports the company is expected to announce the Pixel 3 and 3 XL, the Google Home Hub and the Google Pixel Slate. You can watch the Made by Google 2018 live event here.

Asus just announced its super-thin Chromebook C423. The company has not released any pricing info or availability date. According to Engadget, it will have a 14" screen, and you can choose between a full HD touchscreen or a non-touchscreen with a 1366x768 pixel resolution. You also will be able to install Android apps on it via Google Play.

And, HP yesterday announced the HP Chromebook x360 14, which is "HP's thinnest Chromebook convertible device" and is "designed make the most of the seamless integration of the Google and Chrome OS ecosystem". It will be available October 21st, starting at $599.

KDE today launched the first release of Plasma 5.14. This release has several new features and bug fixes. Much work went into improving the Discover software manager, a new Firmware Update feature was added and "many subtle user interface improvements give it a smoother feel". Download live images from here.

Linus’ Behavior and the Kernel Development Community

WARNING: This article contains profanity.

On September 16, 2018, Linus Torvalds released the 4.19-rc4 version of the kernel, and he also announced he was taking a break from Linux development in order to consider his own behavior and to come up with a better approach to kernel development. This was partly inspired by his realization that he wasn't looking forward to the Kernel Summit event, and he said that "it wasn't actually funny or a good sign that I was hoping to just skip the yearly kernel summit entirely."

He also wrote that it was partly inspired when:

...people in our community confronted me about my lifetime of not understanding emotions. My flippant attacks in emails have been both unprofessional and uncalled for. Especially at times when I made it personal. In my quest for a better patch, this made sense to me. I know now this was not OK and I am truly sorry.

So he said, "I am going to take time off and get some assistance on how to understand people's emotions and respond appropriately."

He compared the situation to the kind of "pain points" the Linux kernel project has experienced on a technical level in the past, like moving from tarballs to BitKeeper, and from BitKeeper to git. And he remarked that "We haven't had that kind of pain-point in about a decade. But this week felt like that kind of pain point to me."

He also added, by way of clarification, that "This is not some kind of 'I'm burnt out, I need to just go away' break. I'm not feeling like I don't want to continue maintaining Linux. Quite the reverse. I very much *do* want to continue to do this project that I've been working on for almost three decades."

That was the last post Linus sent to the mailing list, up to the time of this writing. However, he and several other kernel developers signed off on a patch to the kernel tree, incorporating a new code of conduct policy. It's fairly boilerplate—basically, don't be mean, don't discriminate, violations will be investigated, and appropriate measures taken.

It's not a new idea. Long ago, Richard Stallman used to troll the mailing list trying to start an argument about "Linux" vs. "GNU/Linux", until the mailing list maintainers threatened to ban him if he kept it up. They phrased it as a general rule, not unlike a code of conduct.

There's been a wide range of responses to Linus' announcement and to the code of conduct itself. Some felt that Linus' earlier behavior had been community-strengthening, encouraging people to respond as equals and duke it out with Linus on the issues they cared about.

Some felt that Linus was taking a really wonderful step, seeking feedback and reflecting on the issues, and they in turn offered their own insights and assistance.

Linux 4.19-rc7 Released, Calculate Linux Version 18 Announced, Linux Code of Conduct Patches, Emmabuntus Debian Edition 2 1.03 Now Available and Several Improvements to the KDE Software Stack

News briefs from October 8, 2018.

Linux 4.19-rc7 was released yesterday. Greg KH says it's a bigger release than rc6 was, with networking fixes and lots of driver subsystem fixes. It also looks like there will be an -rc8 next week "just to be sure 4.19 is solid".

Calculate Linux version 18 was announced yesterday. In this version, "Calculate Utilities were ported to Qt5, your network is managed in a different way, and binary packages get checked using their index signature". See the announcement for more details. You can download LiveUSB images here.

The Linux Code of Conduct may see changes with the upcoming 4.19 kernel release, Phoronix reports. James Bottomley submitted a couple fixes over the weekend, and Geert Uytterhoeven submitted a patch as well.

The Emmabuntus Collective yesterday announced the release of Emmabuntus Debian Edition 2 1.03, based on Debian 9.5 and featuring the XFCE desktop environment. This distro was "designed to facilitate the reconditioning of computers donated to humanitarian organizations, starting with the Emmaüs communities (which is where the distribution's name obviously comes from), to promote the discovery of GNU/Linux by beginners, as well as to extend the lifespan of computer hardware in order to reduce the waste induced by the overconsumption of raw materials".

There has been a "veritable flood of improvement throughout KDE's software stack over the past few days", Nate Graham writes in his Adventures in Linux and KDE blog. See the post for details on all the new features, UI improvements and bug fixes.