September 19th, 2020
While IBM was birthing MQ for the Raspberry Pi, Firefox Send met its end. Plus a new GNOME release, more Linux laptop options, systemd is back in the headlines, GitHub mainstreams its CLI client, Tor triumphs with its latest fundraiser, and more.
Show Transcript and Links
Since GNOME released version 3.38 just hours after our last show, you'll likely know all about it by now. In brief, the update brings a reworked applications grid that allows the user to rearrange items within it, has started integrating some functionality from GNOME Tweaks into the main UI, and has finally added a dedicated restart option to the system menu in the Shell. Meanwhile, the project has also announced a change to its versioning scheme, which will see the next stable release being tagged as version 40. One of the developers has written a forum post explaining the abrupt change, and his words under the first point in the FAQ section of that post are quite revealing — if a little surprising, given the history of GNOME. The text suggests that the project has recognized how past changes have caused major disruption to its users, and hints that future updates will be far less radical. And wanting to carry users and developers along with the project was also the theme of a separate blogpost on Extensions management, in which another author promised that a more collaborative approach will help create a successful and robust ecosystem around GNOME going forward.
• Introducing GNOME 3.38: “Orbis”
• New GNOME versioning scheme
• The GNOME Extensions Rebooted Initiative
IBM has formally announced the availability of its MQ messaging middleware for the Raspberry Pi platform. The code had been out in the wild for some time but gone largely unnoticed, which is likely why the company has chosen to bring attention to it now. While MQ is usually found in heavyweight server environments, this implementation has been demonstrated running happily on Raspberry Pi Zeros. The current codebase doesn't support all of the functionality of MQ proper, and it's also tagged as a developer edition for now — meaning that there's no formal support on offer, over and above being able to raise issues in the project's GitHub repository.
• IBM MQ on Raspberry Pi – our tastiest developer edition yet!
• [Old] From the mainframe to the mobile or to infinity and beyond. IBM MQ is everywhere!
Mozilla made several announcements in recent days that drive home its commitment to cut costs, apart from spending on activism. When Firefox Send was revealed as being used to distribute malware earlier in the year, Mozilla shut the service down, with promises that the product would return after being improved. However, that temporary suspension has now become permanent, with the organization dumping the Firefox Send service, along with another application that allowed users to easily sync text notes between their mobile and desktop browsers. But while these two popular services were being dropped, Mozilla announced a new initiative designed to collect data to help it pressure YouTube to make its recommendation algorithm more transparent. Mozilla has long believed that YouTube's AI can lead users to videos that they'd be better off not watching, and has now produced extensions for Chrome and Firefox that allow users to report videos that they later regret viewing, and collect information about how they stumbled upon them. Mozilla has promised to keep the data generated anonymous, and intends to publicly share its findings down the line in hopes of influencing AI product development at companies like YouTube. And lastly, the Mozilla Foundation yesterday helped co-launch a new open source tool for tracking keywords and conversations on Twitter, Reddit, 4chan, and 8chan. In the future additional platforms such as Parler and Gab will also gain coverage by the service, which is intended to be used by researchers, journalists, and activists, to track disinformation online.
• Update on Firefox Send and Firefox Notes
• Mozilla is Crowdsourcing Research into YouTube Recommendations
• A New Open-Source Tool for Tracking Disinformation
Meantime, anyone still holding onto an old version of Firefox for Android because they don't like the redesigned update, or its lack of support for many extensions, might want to reconsider their decision. A security researcher has discovered that the browser can easily be hijacked by another user connected to the same Wi-Fi network, and cause the victim's phone to execute arbitrary Android intent commands.
• Firefox for Android LAN-Based Intent Triggering
Since new Linux laptops seem to be appearing almost every week now, I'm going to skim over the details of three new offerings — but there'll be more information in today's shownotes. Spanish company Slimbook has introduced two new models, which look to offer better value for money than most. The fourteen and fifteen inch ultrabooks are housed in ABS and aluminum, and offer a choice of 10th generation Intel CPUs coupled with up to 32GB of RAM. The smaller model weighs in at just under three pounds, and in its base configuration will set you back less than $600. At the opposite end of the spectrum, TUXEDO Computers has introduced a portable gaming rig that features desktop Intel CPUs. The new luggable can be outfitted with up to 128GB of RAM, offers a choice of dedicated NVIDIA graphics cards, and comes fitted with a 97 watt hour battery that ought to be good for around four hours of active use. Naturally none of this comes cheap, and the new machine retails for upwards of twenty-eight hundred dollars.
• Slimbook Essential
• Portable performance giant: The new TUXEDO Book XUX7
And staying with hardware for a moment, PINE64 is now accepting pre-orders for the Manjaro Community Edition of the PinePhone. The branded device is being offered in a base configuration with 2GB of RAM and 16GB of storage for a hundred and fifty bucks, while another fifty will snag you an upgrade to a model sporting an extra gigabyte of RAM, twice the storage, and a bundled convergence dongle that lets the phone connect to an external monitor, keyboard, and mouse. However, the opening of the order window didn't go quite as smoothly as Pine might have liked, as the company briefly had to close its online store having discovered that it had been infiltrated by a malicious bot. Pine doesn't believe that any customer data was compromised by the breach, which it laid at the feet of a vulnerable WordPress plugin.
• PINE64 Store
• PSA: Vulnerability Disclosure 2020/09/17
The contentious issue of systemd has again raised its head within the Debian project. Back in July, users noticed that the init script had been dropped from the network-manager package, breaking compatibility for those not running systemd. But the maintainer didn't respond to the bug that had been filed until one of the users added a non-maintainer upload that rolled back the change, and the issue got picked up on social media. A standoff has now developed, with the maintainer adamant that he won't restore the init script to the package, and the bug has been categorised as a wishlist item.
• Debian Bug report logs - #964139; network-manager: Please restore removed init script
GitHub has promoted its command line interface tool into production status. The client has gained extra functionality since it was launched in beta back in February, and now looks to be a practical option for managing day-to-day workflows on the platform. And having listened to user feedback, the company has also added support for using the CLI tool with repositories hosted on GitHub Enterprise Server.
• GitHub CLI 1.0 is now available
The Tor Project has revealed that this year's Bug Smash fundraiser has been more successful than it had hoped for. The event raised over a hundred and six thousand dollars, with fully 60% of the donations coming in the form of cryptocurrency. The project will now start tagging existing bugs on GitLab so that donors can see where their money is going to be spent, and has promised that promotional swag from the fundraising event is now in the post to its supporters.
• Tor’s Bug Smash Fund, Year 2: $106,709 Raised!
And finally, if you see more coverage than usual of Free Software issues in the mainstream press over the weekend, then the Digital Freedom Foundation will have done its job. Saturday September 19th has been designated as this year's Software Freedom Day, and although participation has waned in recent years, we can still expect to see many teams around the world holding events in an effort to raise public awareness about Free and Open Source Software.
• Software Freedom Day
• Wikipedia: Software Freedom Day