Lessons in Vendor Lock-in: Shaving

safety razors

Learn how to embrace open standards while you remove stubble.

Freedom is powerful. When you start using free software, a whole world opens up
to you, and you start viewing everything in a different light. You start
noticing when vendors don’t release their code or when they try to lock you
in to their products with proprietary protocols. These vendor lock-in techniques
aren’t new or even unique to software. Companies long have tried to force
customer loyalty with incompatible proprietary products that make you stay on an
upgrade treadmill. Often you can apply these free software principles outside
the software world, so in this article, I describe my own object
lesson in vendor lock-in from the shaving industry.

When I first started shaving, I was pretty intimidated with the notion of a
sharp blade against my face so I picked the easiest and least-intimidating
route: electric razors. Of course, electric razors have a large up-front cost,
and after some time, you have to buy replacement blades. Still, the shaves were
acceptable as far as I knew, so I didn’t mind much.

At some point in my shaving journey, Gillette released the Mach 3 disposable
razor. For some reason, this design appealed to a lot of geeks, and I ended up
hearing about it on geek-focused blogs like Slashdot back in the day. I decided
to try it out, and after I got over the initial intimidation, I realized it
really wasn’t all that hard to shave with it, and due to the multiple blades and
lubricating strip along the top, I got a much closer shave.

I was a convert. I ditched my electric razor and went all in with the Mach 3.
Of course, those disposable blades had the tendency to wear out pretty quickly,
along with that blue lubricating strip, so I’d find myself dropping a few
bucks per blade to get refills after a few shaves. Then again, Gillette was
famous for the concept of giving away the razor and making its money on the
blade, so this wasn’t too surprising.

We’re Going to Four Blades!

The tide started turning for me a few years later when Gillette decided to
deprecate the Mach 3 in favor of a new design—this time with four blades, a
lubricating strip and a rubber strip along the bottom! Everyone was supposed to
switch over to this new and more expensive design, but I was perfectly happy
with what I was using, and the new blades were incompatible with my Mach 3
so I didn’t pay it much attention.

The problem was that with this new design, replacement Mach 3 blades became
harder and harder to come by, and all of the blades started creeping up in
price. Eventually, I couldn’t buy Mach 3 blades in bulk at my local warehouse
store, and finally I gave up and bought one of the even more expensive new
Gillette razors. What else could I do?

Source: Linux Journal

Vote for Linux Support on Adobe, Nextcloud 15 Now Available, LF Deep Learning Foundation Introduces Interactive Deep Learning Landscape, Canonical Announces Full Enterprise Support for Kubernetes 1.13 on Ubuntu and Icinga Director 1.6 Released

News briefs for December 11, 2018.

Adobe customer care says there hasn’t been enough demand for Linux, Phoronix
. But, if you’re interested in Linux support on Adobe Premiere CC,
you can “upvote that feature request” via the Adobe
User Survey

15 is out
. This major release is “big step forward for communication and
collaboration with others in a secure way”. It introduces several new features, including
Nextcloud Social, new security abilities and deep Collabora Online
integration. Download Nextcloud 15 from here.

The Linux Foundation’s Deep Learning Foundation has created the Interactive Deep Learning Landscape,
which is “intended as a map to explore open source AI, ML, DL projects”.
According to the LF
Deep Learning blog post
, the
tool “allows viewers to filter, obtain detailed information on a
specific project or technology, and easily share via stateful URLs. It is
intended to help developers, end users and others navigate the complex AI, DL
and ML landscape.” All
data is also available in a GitHub repo.

Canonical announced full enterprise support for Kubernetes 1.13 on Ubuntu,
including support for kubeadm and updates to MicroK8s. The Ubuntu
notes that “Canonical’s certified, Charmed Distribution of Kubernetes
(CDK) is built from pure upstream binaries, and offers simplified deployment,
scaling, management, and upgrades of Kubernetes, regardless of the underlying
hardware or machine virtualisation. Supported deployment targets include AWS,
GCE, Azure, VMware, OpenStack, LXD, and bare metal.”

Icinga Director 1.6 was released yesterday.
This version of Icinga Director—a tool to configure the Icinga open-source
monitoring software—now includes multi-instance support,
configuration baskets and improved health checks. You can checkout or
download the new release here.

Source: Linux Journal

Testing Your Code with Python’s pytest, Part II


Testing functions isn’t hard, but how do you test user input and output?

In my last
, I started looking at “pytest”, a framework for testing Python programs
that’s really changed the way I look at testing. For the first time, I really
feel like testing is something I can and should do on a regular basis; pytest makes
things so easy and straightforward.

One of the main topics I didn’t cover in my last article is user input and output. How
can you test programs that expect to get input from files or from the user? And, how
can you test programs that are supposed to display something on the screen?

So in this article, I describe how to test input and output in a variety of ways,
allowing you to test programs that interact with the outside world. I try not
only to explain what you can do, but also show how it fits into the larger context of testing
in general and pytest in particular.

User Input

Say you have a function that asks the user to enter an integer and then
returns the value of that integer, doubled. You can imagine that the function would
look like this:

def double():
    x = input("Enter an integer: ")
    return int(x) * 2

How can you test that function with pytest? If the function were to take an argument,
the answer would be easy. But in this case, the function is asking for
interactive input from the user. That’s a bit harder to deal with. After all, how
can you, in your tests, pretend to ask the user for input?

In most programming languages, user input comes from a source known as
standard input (or stdin). In Python, sys.stdin is a read-only file object from
which you can grab the user’s input.

So, if you want to test the “double” function from above, you can (should) replace
sys.stdin with another file. There are two problems with this, however. First, you
don’t really want to start opening files on disk. And second, do you really want to
replace the value of sys.stdin in your tests? That’ll affect more than just one

The solution comes in two parts. First, you can use the pytest “monkey patching”
facility to assign a value to a system object temporarily for the duration of the
test. This facility requires that you define your test function with a parameter named
monkeypatch. The pytest system notices that you’ve defined it with that parameter,
and then not only sets the monkeypatch local variable, but also sets it up to let you
temporarily set attribute names.

In theory, then, you could define your test like this:

Source: Linux Journal

Cumulus Networks Partners with Lenovo, Unvanquished Game Announces First Alpha in Almost Three Years, KDE Frameworks 5.53.0 Released, Git v2.20.0 Is Now Available and Major Milestone WordPress Update

News briefs for December 10, 2018.

Cumulus Networks is partnering with Lenovo to deliver open data-center
networking switches. According to the press
, through this
partnership, “Lenovo will offer ThinkSystem RackSwitch models with support
for Cumulus Linux. Lenovo customers can now use Cumulus’ popular
network operating system (OS), Cumulus Linux, and Cumulus’ operational
management tool, NetQ, while taking advantage of unprecedented third-party
options including network automation and monitoring to drive greater
operational efficiency.”

Developers of the open-source game Unvanquished announce a new
alpha release, Unvanquished Alpha 51 today, marking their first
release in almost three years. According to Phoronix,
the beta should drop soon as well. See the game’s website
for details.

KDE yesterday announced
the release of KDE Frameworks 5.53.0
. KDE Frameworks is made up of 70
add-on libraries to Qt, and this release is part of a series of planned
monthly releases. See the announcement
for the list of what’s new in this version.

The latest feature release of Git, v2.20.0, is now available. According to
the release
this version is composed of “962 non-merge commits since
(this is by far the largest release in v2.x.x series), contributed
by 83 people, 26 of which are new faces”. You can get the tarballs here.

WordPress recently announced a new major milestone update, WordPress
5.0, which is code-named “Bebo” in honor of Cuban jazz musician Bebo
Valdés. The biggest user-facing change is the new Project Gutenberg
editor, “the primary interface to how WordPress site administrators create
content and define how it is displayed”. See the WordPress
for more information on the new block-based editor.

Source: Linux Journal

How Can We Bring FOSS to the Virtual World?

Liam Broza

Is there room for FOSS in the AI, VR, AR, MR, ML and XR revolutions—or vice versa?

Will the free and open-source revolution end when our most personal computing happens inside the walled gardens of proprietary AI VR, AR, MR, ML and XR companies? I ask, because that’s the plan.

I could see that plan when I met the Magic Leap One at IIW in October (only a few days ago as I write this). The ML1 (my abbreviation) gave me an MR (mixed reality) experience when I wore all of this:

  • Lightwear (a headset).
  • Control (a handset).
  • Lightpack (electronics in a smooth disc about the size of a saucer).

So far, all Magic Leap offers is a Creator Edition. That was the one I met. Its price is $2,295, revealed only at the end of a registration gauntlet that requires name, email address, birth date and agreement with two click-wrap contracts totaling more than 7,000 words apiece. Here’s what the page with the price says you get:

Magic Leap One Creator Edition is a lightweight, wearable computer that seamlessly blends the digital and physical worlds, allowing digital content to coexist with real world objects and the people around you. It sees what you see and uses its understanding of surroundings and context to create unbelievably believable experiences.

Also recommended on the same page are a shoulder strap ($30), a USB (or USB-like) dongle ($60) and a “fit kit” ($40), bringing the full price to $2,425.

Buying all this is the cost of entry for chefs working in the kitchen, serving apps and experiences to customers paying to play inside Magic Leap’s walled garden: a market Magic Leaps hopes will be massive, given an investment sum that now totals close to $2 billion.

The experience it created for me, thanks to the work of one early developer, was with a school of digital fish swimming virtually in my physical world. Think of a hologram without a screen. I could walk through them, reach out and make them scatter, and otherwise interact with them. It was a nice demo, but far from anything I might crave.

But I wondered, given Magic Leap’s secretive and far-advanced tech, if it could eventually make me crave things. I ask because immersive doesn’t cover what this tech does. A better adjective might be invasive.

Source: Linux Journal

Weekend Reading: Sysadmin 101

Kyle Rankin

This series covers sysadmin basics. The first article explains how to approach alerting and on-call rotations as a sysadmin. In the second article, I discuss how to automate yourself out of a job, and in the third, I explain why and how you should use tickets. The fourth article covers some of the fundamentals of patch management under Linux, and the fifth and final article describes the overall sysadmin career path and the attributes that might make you a “senior sysadmin” instead of a “sysadmin” or “junior sysadmin”, along with some tips on how to level up.

Sysadmin 101: Alerting

In this first article, I cover on-call alerting. Like with any job title, the responsibilities given to sysadmins, DevOps and Site Reliability Engineers may differ, and in some cases, they may not involve any kind of 24×7 on-call duties, if you’re lucky. For everyone else, though, there are many ways to organize on-call alerting, and there also are many ways to shoot yourself in the foot.

Sysadmin 101: Automation

Here we cover systems administrator fundamentals. These days, DevOps has made even the job title “systems administrator” seem a bit archaic, much like the “systems analyst” title it replaced. These DevOps positions are rather different from sysadmin jobs in the past. They have a much larger emphasis on software development far beyond basic shell scripting, and as a result, they often are filled by people with software development backgrounds without much prior sysadmin experience. In the past, a sysadmin would enter the role at a junior level and be mentored by a senior sysadmin on the team, but in many cases currently, companies go quite a while with cloud outsourcing before their first DevOps hire. As a result, the DevOps engineer might be thrust into the role at a junior level with no mentor around apart from search engines and Stack Overflow posts.

Source: Linux Journal

Feral Interactive Bringing DiRT 4 to Linux in 2019, Chrome 71 Blocks Ads on Abusive Sites, New Linux Malware Families Discovered, The Linux Foundation Launches the Automated Compliance Tooling Project, and GNU Guix and GuixSD 0.16.0 Released

News briefs for December 7, 2018.

Feral Interactive announced this morning that DiRT 4 is coming to Linux
and macOS in 2019. The all-terrain motorsport game was originally developed
by Codemaster and boasts a fleet of more than 50 rally cars, buggies,
trucks and crosskarts. And, for the first time in the history of the
franchise, players can create their own rally routes. You can view the trailer here.

Newly released Chrome
“now blocks ads on ‘abusive’ sites that consistently trick users with fake
system warnings, non-functional ‘close’ buttons and other bogus content
that steers you to ads and landing pages. The sites themselves won’t lose
access the moment Google marks them abusive, but they’ll have 30 days to
clean up their acts.” According to
Chrome 71 has other additional safeguards, and it’s available now for Linux, Mac and
Windows. It’ll be rolling out to Android and iOS users in the coming weeks.

Cyber-security company ESET has discovered 21 “new” Linux malware families,
and all of them “operate in the same manner, as trojanized versions of the
OpenSSH client”. ZDNet
that “They are developed as second-stage tools to be deployed in
more complex ‘botnet’ schemes. Attackers would compromise a Linux system,
usually a server, and then replace the legitimate OpenSSH installation with
one of the trojanized versions.
ESET said that ’18 out of the 21 families featured a credential-stealing
feature, making it possible to steal passwords and/or keys’ and ’17 out of
the 21 families featured a backdoor mode, allowing the attacker a stealthy
and persistent way to connect back to the compromised machine.'”

Linux Foundation has launched the Automated Compliance Tooling
project in order to help companies comply with open-source licensing
requirements. Kate Stewart, Senior Director of Strategic Programs at The
Linux Foundation,
says, “There are numerous open source compliance tooling projects but the
majority are unfunded and have limited scope to build out robust usability
or advanced features. We have also heard from many organizations that the
tools that do exist do not meet their current needs. Forming a neutral body
under The Linux Foundation to work on these issues will allow us to
increase funding and support for the compliance tooling development

GNU Guix and GuixSD 0.16.0 were released yesterday.
This release represents 4,515 commits by 95 people
over five months, and it’s hopefully the last release before version 1.0.
See the release
for more details and download links.

Source: Linux Journal

Reinventing Software Development and Availability with Open Source: an Interview with One of Microsoft Azure’s Lead Architects

Microsoft was founded in 1975—that’s 43 years ago and a ton of
history. Up until the last decade, the company led a campaign against
the Open Source and Free Software movements, and although it may have slowed
the opposition, it did not bring it to an end. In fact, it emboldened
its supporters to push the open-source agenda even harder. Fast-forward to the present, and open-source technologies run nearly
everything—mobile devices, cloud services, televisions and

It wasn’t until Satya Nadella took the helm (2014) that the
large ship was steered around. Almost overnight, Microsoft embraced
everything Linux and open source. It eventually joined The Linux
Foundation and, more recently, the Open Initiative Network. At first,
it seemed too good to be true, but here we are, a few years after
these events, and Microsoft continues to support the Open Source
community and adopt many of its philosophies. But why?

I wanted to
find out and ended up reaching out to Microsoft. John Gossman, a
lead architect working on Azure, spent a bit of time with me to
share both his thoughts and experiences as they relate to open source.

Petros Koutoupis: Can you tell our readers a bit about yourself?

John Gossman: I’m a long-time developer with 30
years of industry experience. I have been with Microsoft for 18 of
those years. At Microsoft, I have had the opportunity to touch a
little bit of everything—from Windows to other graphical applications,
and more recently, that is, for the last 6 years, I have worked on
Azure. My primary focus is on developer experience. I know this
area very well and much of it comes from the Open Source world. I
spend a lot of time looking at Linux workloads while also working
very closely with Linux vendors. More recently (at least two years
now), I stepped into a very interesting role as a member on the
board of The Linux Foundation.

PK: Microsoft hasn’t always had the best of
relationships with anything open-source software (OSS)-related&mddash;that is, until Satya Nadella stepped to his current role as CEO.
Why the change? Why has Microsoft changed its position?

JG: I have spent a lot of time thinking about this
very question. Now, I cannot speak for the entire company, but I
believe it all goes back to the fact that Microsoft was and still
is a company focused on software developers. Remember, when Microsoft
first started, it built and sold a BASIC interpreter. Later on,
the company delivered Visual Studio and many more products. The core mission
in the Microsoft culture always has been to enable software developers.

For a while, Windows and Office overshadowed the developer frameworks,
losing touch with those core developers, but with the introduction
of Azure, the focus has since been reverted back to software
developers, and those same developers love open source.

Source: Linux Journal