October 17th, 2020
The spat between LibreOffice and OpenOffice rumbles on. Canonical brings high-availability to MicroK8s, new versions of Snap! and VisiData land, and a Bluetooth vulnerability triggers the community. Plus new mobile hardware coming soon, and more.
Show Transcript and Links
The plea from The Document Foundation that Apache OpenOffice does the decent thing and tell its users to switch to LibreOffice appears to have fallen on deaf ears. Last show I reported on the open letter penned by The Document Foundation which made the suggestion, since when Apache's Jim Jagielski has come out swinging — and suggested that OpenOffice would be in a better state if commits to LibreOffice were shared with it. But they currently can't be, as a licensing conflict means that code can only flow one way — and that's not from the actively maintained LibreOffice project back to the near-abandoned Apache OpenOffice. Although many in the community have chimed in with calls that Apache finally pull the plug on a project which Jagielski himself described as not being healthy as far back as 2016, that outcome looks no nearer today than before the latest intervention by The Document Foundation. Rather than directly addressing the controversy, on Wednesday the Apache Software Foundation instead chose to put up a blog post celebrating the twentieth anniversary of OpenOffice, continuing to sing its praises. And while Apache seems to be digging its heels in for now, what's particularly surreal about the whole disagreement between the two office suites is that in his mailing list post of 2016, Jagielski actually suggested that perhaps the OpenOffice project should be directing users toward LibreOffice instead — which is exactly what The Document Foundation recently called for. But instead of that happening, relations between the two projects seemed to have soured even further since then — resulting in the current impasse, and ongoing confusion for users looking to choose a free office application suite.
• LibreOffice rains on OpenOffice's 20th anniversary parade, tells rival project to 'do the right thing' and die
• Jim Jagielski tweets
• Reddit comments: Apache OpenOffice: “Encourage Dual license commits!”
• LWN comments: An open letter to Apache OpenOffice
• [Jagielski 2016] What Would OpenOffice Retirement Involve?
• The Apache Software Foundation Celebrates 20 Years of OpenOffice
Canonical has added high-availability functionality to its MicroK8s orchestration platform. While already popular in the IoT space and as a development environment, the company is clearly hoping to see more widespread adoption of the platform in general production environments — and the simplicity of its implementation could well be appealing to many in the devops community. Although MicroK8s can use etcd, the new high-availability features have been designed around Canonical's own raft-enhanced distributed version of SQLite, and come into play once a cluster has three or more nodes — with datastore node promotion happening automatically in the event of a failure. Meanwhile, Canonical has also announced new Machine Images for version 1.18 of Amazon's Elastic Kubernetes Service, which now includes support for launch templates and managed node groups — which could ease the administrative burden for many users.
• Introducing HA MicroK8s, the ultra-reliable, minimal Kubernetes
• Introducing Ubuntu support for Amazon EKS 1.18
And if Kubernetes is one buzzword you simply can't escape these days, another would be blockchain. And distributed ledger technology seems to be a core underpinning of the latest initiative from the Linux Foundation, which has announced that it will be adding what it's calling 'Open Governance Networks' to the type of project that it will host going forward. While much of the post announcing the initiative makes sense and relates to the bread-and-butter governance issues involved in managing any significant multi-party project, the Foundation's argument that distributed ledger technologies can act as a magic bullet to solve complex issues of logistics and trust, seems more than a little tenuous, to say the least.
• Introducing the Open Governance Network Model
UC Berkeley has released version 6 of Snap!, its visual drag-and-drop programming environment. The platform is designed to provide students with a graphical introduction to programming, by allowing them to construct code by connecting visual blocks that represent the different elements of the language. While the latest release adds more expressive math and list blocks, the major changes are behind the scenes — with implementation rewrites dramatically reducing the memory footprint of the environment, leading to major speedups and a far more usable experience on mobile devices and tablets.
• Snap!6 is here, and it's all about scale
Version 2 of VisiData has been released. The Python tool has been described by its creator as a 'Swiss Army chainsaw for data', and provides a visual way of working with many types of column-based files in a terminal environment. The latest release sees the project completely falling under the GPLv3 license, and gaining a stable and documented API for plugin developers to target. It also now features the ability to split your work view into two separate panes, and has added undo and redo functionality. And if you work with tabular data at the command line but haven't come across VisiData, do check out the brief demonstration video in today's shownotes — as it's a tool that's very much worth knowing about.
• VisiData v2.0
• [Old] VisiData Lightning Demo at PyCascades 2018
This week saw the announcement of major security flaws in the Linux Bluetooth stack. And while the vulnerabilities appear pretty significant, and could lead to arbitrary remote code execution on susceptible devices, the way that Intel unveiled the problems also raised plenty of eyebrows. The flaws were originally reported by a Google engineer to Intel, and led the company to state that users ought to upgrade to the recently released version 5.9 of the Linux kernel to see themselves protected. But this came as a surprise to key figures in the kernel development community, including Greg K-H, who apparently knew nothing about the vulnerabilities. Intel later revised its advice, and said that users needed to upgrade to version 5.10 of the kernel as soon as they possibly could — which would be a neat trick to pull, as that version isn't due to release until December this year. The latest version of Intel's advisory has simply removed any reference to a specific kernel version as being safe, and the week has seen various distributions scrambling to implement fixes to what appears to be a serious issue. However, we're still waiting to find out all of the details of the flaws; and there's currently a fog over who knew what and when — and whether some of the Linux kernel subsystem maintainers have been asleep on the job, or, as now looks more likely, Intel failed to follow standard disclosure protocols.
• Google warns of severe 'BleedingTooth' Bluetooth flaw in Linux kernel
• BleedingTooth: Researcher warns of gaps in the Linux Bluetooth stack BlueZ
• Intel: BlueZ Advisory
• Andy Nguyen on Twitter
• Matthew Garrett on Twitter
• Greg K-H on Twitter
But let's end on a more positive note, with some good news from the PINE64 and Popcorn Computer projects. While again acknowledging ongoing screen supply issues for its tablet and laptop devices, Pine has announced that from next month the 3GB version of its mainboard will be available to buy as a replacement item for PinePhone users — allowing anybody who originally opted for the 2GB version to upgrade. Pine has also committed to introduce swappable back covers for the device, which will allow the phone to support features such as wireless charging and NFC connectivity, as well as a planned clamshell keyboard extension. Meanwhile, Popcorn Computer has provided an update on the testing and build of its upcoming Pocket PC device. Powered by Debian, the Pocket PC combines a five-inch display and physical keyboard into a flat chassis, and is being pitched at the marketplace as being an easily portable Linux terminal device. The blog post from Popcorn suggests that shipping to existing backers should begin next month, and that any orders taken in the next week or so will also be fulfilled in that timeframe, rather than having to wait for another scheduled production run in March next year.
• PINE64 Update: New Hacktober Gear
• Popcorn Computer Pocket PC: Starting production soon!