Category Archives: Stiri IT Externe

LE9, Canonical’s Profits, Steam Deck, & Loongson 3A5000 Made For An Exciting July


PHORONIX --

July was a pretty damn exciting summer month amid the pandemic thanks to many interesting Linux software and hardware announcements.

During the course of the past month on Phoronix were 232 original news articles and 19 featured multi-page articles / Linux hardware reviews. While normally the summer months tend to be quite light on exciting announcements, July 2021 was certainly an exception with a lot of great Linux kernel progress, Valve announcing the Steam Deck, and more.

If you enjoy the new and original content on Phoronix each and every day, consider showing your support by joining Phoronix Premium, making a PayPal tip, or at the very least not engaging any ad-blocker when viewing this web-site. Following the flow of new Phoronix content via Facebook and Twitter.

Here were the most viewed news articles on Phoronix over the past month:

“le9” Strives To Make Linux Very Usable On Systems With Small Amounts Of RAM
It’s well known that the Linux desktop can be quite unbearable when under heavy memory pressure as has been showcased over the years and more attention these days turning to the likes of OOMD/systemd-oomd and other alternatives to better deal with Linux low/out-of-memory scenarios especially with today’s desktop software and web browsers consuming increasing amounts of memory. Another effort coming to fruition for helping this scenario is the “le9” Linux kernel patches.

Canonical Has Been Weathering The Pandemic Well: Turned A Profit, Back Above 500 Employees
Thanks to Canonical’s distributed workforce with most of their employees working from home even pre-pandemic and the booming Linux ecosystem, the Ubuntu maker performed very well over 2020 and even grew its headcount back above 500 employees and managed to swing from a loss in 2019 to a profit in 2020.

Linus Torvalds Calls On Paragon To Send In The New NTFS Driver
One year ago was the surprise of Paragon Software wanting to mainline their NTFS Linux kernel driver. The Paragon “NTFS3” kernel driver provides much better read/write support for Microsoft’s NTFS file-system than what is available with other kernel or FUSE options for this file-system support on Linux. It looks like this driver might finally be mainlined soon.

Valve Announces Steam Deck As Portable SteamOS + AMD Powered Portable PC
Following months of rumors about new gaming hardware from Valve, today they announced Steam Deck as a new handheld PC gaming device starting at $399.

Loongson 3A5000 Benchmarks For These New Chinese CPUs Built On The LoongArch ISA
While Loongson has been known for their MIPS-based Loongson chips that are open-source friendly and have long been based on MIPS, with MIPS now being a dead-end, the Chinese company has begun producing chips using its own “LoongArch” ISA. The first Loongson 3A5000 series hardware was just announced and thanks to the company apparently using the Phoronix Test Suite and OpenBenchmarking.org we have some initial numbers.

XWayland 21.1.2 Released With NVIDIA Hardware Acceleration Support
XWayland 21.1.2 is out today and while it may seem like “just a point release”, it’s quite an exciting one at that since it does bring NVIDIA hardware acceleration for XWayland when paired with their new NVIDIA 470 series driver.

Debian 11.0 “Bullseye” Gets An August Release Date
The Debian release team has just announced their planned release date for Debian 11.

Linux 5.14 Can Create Secret Memory Areas With memfd_secret
The “memfd_secret” system call is being added to the Linux 5.14 kernel to provide the ability to create memory areas that are visible only in the context of the owning process and these “secret” memory regions are not mapped by other processes or the kernel page tables.

Linux Regressed Its Floppy Disk Driver – Someone Actually Noticed Just A Few Months Later
It turns out there is actually people running modern versions of the Linux kernel in 2021 that also are using floppy disks.

Following NetBSD, DragonFlyBSD Now Has “COVID”
There is now covid going around the BSDs… DragonFlyBSD has ported it from NetBSD.

GNOME 41 Alpha Released With Many Desktop Changes Accumulating
The GNOME project is out today with their first alpha release of the forthcoming GNOME 41 desktop environment.

FreeBSD Working On A New Installer, Updates To Their Linux Compatibility Layer
The FreeBSD project just published their Q2-2021 report concerning all of their different development activities from April through June.

Firewalld 1.0 Released With Big Improvements
Firewalld was started by Red Hat a decade ago for managing Linux firewall functionality with Netfilter. Ten and a half years after the first release, Firewalld 1.0 was released this afternoon.

ASRock Rack Has One Of The Best, Most Open-Source Firmware x86 Server Motherboards
For those wanting to get into open-source firmware development or even just to have a small SOHO x86_64 low-cost Intel server platform that is as open as possible, ASRock Rack happens to now boast one of the best solutions.

Debian 11.0 “Bullseye” Is Very Close To Release – Now Under A Full Freeze
Following the soft freeze and hard freeze, Debian 11 “Bullseye” is now under a full freeze ahead of its official Debian 11 stable release.

More Than Five Years In The Making: Creating A New Linux Random Number Generator
The “Linux Random Number Generator” (LRNG) effort as a new drop-in replacement for /dev/random is now up to its 41st revision and in development for more than five years.

Steam On Linux Still Tap Dancing Around 0.9% Marketshare
Even with Steam Play continuing to get into quite good shape for running recent Windows game releases on Linux with ease thanks to the work Valve has been investing into Proton, DXVK, VKD3D-Proton, and lower-level Linux graphics infrastructure, for now at least the overall marketshare is holding steady at around 0.8~0.9% for the past number of months.

PipeWire 0.3.32 Released With Numerous Fixes
A new release of PipeWire was made on Tuesday for this audio/video stream management solution for Linux that can replace the likes of JACK and PulseAudio.

Fedora Workstation 35 Looks To Use Power Profiles Daemon By Default
Fedora Workstation 35 is looking to ship with power-profiles-daemon by default and to have it enabled for benefiting newer laptops.

Intel Reported To Be Looking At Acquiring GlobalFoundries
The latest surprise news under Intel’s new leadership is that they are reported to be exploring a deal to acquire GlobalFoundries, the company ultimately formed when AMD decided in 2008 to spin off their semiconductor manufacturing business.

And the most popular featured articles:

An Early Look At Windows 11 WSL2 Performance Against Ubuntu Linux
For those making use of Microsoft’s Windows Subsystem for Linux (WSL2) for enjoying Linux application support within Windows, here are some early benchmarks of the inaugural Windows Insider Preview build of Windows 11 with WSL2 against Windows 10 and then Ubuntu Linux bare metal on the same hardware.

Linux Leading Over Early Windows 11 Benchmarks For AMD Ryzen 9 5950X Performance
With Microsoft making public this week their early Windows Insider Preview builds of Windows 11, curiosity got the best of me to give it a whirl in looking at the performance of the early Windows 11 preview build compared to Ubuntu Linux.

AMD Ryzen 9 5900HX / ASUS ROG Strix G15 AMD Advantage On Linux
With an AMD Ryzen 9 5900HX Zen 3 processor and Radeon RX 6800M graphics, the ASUS ROG Strix G15 laptop may be promising for those wanting high performance and graphics backed by AMD’s much enjoyed open-source Linux GPU driver stack. Plus this ASUS ROG Strix G15 (G513QY) is one of the first two “AMD Advantage” laptops. But when it comes to using it on Linux, it’s not without some struggles before being able to enjoy the compelling performance.

Squeezing More Performance Out Of The Linux Kernel With Clang + LTO
With the Linux 5.12 kernel bringing support for building the kernel with link-time optimizations (LTO) when using the LLVM Clang compiler, here are some benchmarks looking at that performance impact as well as more generally seeing how the LLVM Clang compiler performance is looking when building the Linux kernel relative to GCC.

Mesa RADV vs. AMDVLK Radeon Vulkan Performance For July 2021
It’s been a while since last looking at the performance of AMD’s official “AMDVLK” open-source Linux Vulkan driver against that of the popular Mesa “RADV” Radeon Vulkan driver. But here are some fresh benchmarks for those interested while using the latest-generation Radeon RX 6800 XT graphics card paired with the in-development Linux 5.14 kernel across testing both Vulkan drivers.

GCC 8 Through GCC 11 Stable Plus GCC 12 Compiler Benchmarks
For today’s benchmarking is a look at how the GNU Compiler Collection has performed over the past few years going from the GCC 8 stable series introduced in 2018 through the recently released GCC 11.1 stable feature release plus also including the current early development snapshot of GCC 12.

Linux Gaming Performance With Radeon Vulkan NGG Culling
The newest performance optimization merged this week for Mesa’s “RADV” Radeon Vulkan open-source driver is NGG culling for Navi 1x/2x graphics cards. NGG Culling “NGGC” isn’t enabled by default at this time but can be easily activated and depending upon the software under test can provide some minor performance gains on top of all the other optimizations seen in recent times for RADV.

Ubuntu vs. Arch Linux On The ASUS ROG Strix G15 / Ryzen 9 5900HX
This past week were the initial Linux benchmarks of the Ryzen 9 5900HX with the ASUS ROG Strix G15 laptop. Ubuntu was used as the default test platform as usual given its popularity and arguably the most relevant Linux distribution to use given that it’s the most common Linux distribution at the moment for preloads on laptops by multiple vendors. In any case, as usual many users were quick to say “but Arch Linux!” as if it was going to make a dramatic difference in my findings. Well, here are some Ubuntu 21.04 versus Arch Linux benchmarks on that AMD Advantage laptop.

Intel Tiger Lake Performance Between Windows 10 vs. Ubuntu 21.04 Linux
With having hands on with a Dell XPS 13 9310 (Dell 0DXP1F) with the Core i7 1185G7 Tiger Lake processor (compared to prior Linux tests with the i7-1165G7), here is a fresh look at the performance of Microsoft Windows 10 Pro as shipped by Dell with all available stable updates versus a clean install of Ubuntu 21.04 Linux.

Ubuntu 21.04 vs. Windows 10 Trade Blows On The AMD Ryzen 9 5900HX / ASUS ROG Strix G15
While the AMD Ryzen 9 5900HX performance is great on Linux once overcoming any laptop support quirks like with the ASUS ROG Strix G15 “AMD Advantage” laptop running into keyboard and WiFi issues on Linux depending upon the kernel version, how does the performance compare to Microsoft Windows 10? Here are some benchmarks of that ROG Strix G15 AMD laptop under Windows 10 as shipped by ASUS against Ubuntu 21.04 when upgraded to the Linux 5.13 stable kernel.




How The New Workplace Model Challenges Cybersecurity


Accessibility and security. Two words that keep most technology officers awake at night. Perhaps now more than ever before, businesses are forced to find new approaches to cybersecurity to keep data safe. As employees no longer report to an in-house network, keeping data safe across geographies and network lines has become the newest challenge.

Quick solutions brought to light many “good enough” answers that are now causing security nightmares. While companies tried to deal with certain issues caused by remote access limitations, they may have positioned themselves for the almost equally conceivable doom of cyberattacks. Especially as cyber attackers become more sophisticated.

Remote work during COVID-19 increased data breach costs in the United States by $137,000. And at the height of the pandemic, the FBI reported upwards of 4,000 security complaints per day. The list continues to grow of circumstances like these with mounting challenges for cybersecurity teams.

If there were ever a time to go back to the basics and redefine security and accessibility, that time is now. We’ve been relying on a vast and ever-increasing number of discreet security products like VPN products and Next-Gen Firewalls to the most recent use of SD-WAN (SASE) deployments. We forget that sometimes the absolute best security “tool” is a change in attitude. Rather than keeping everything in the castle or on-premises, the new workplace needs to be able to adjust security to zero trust.

Who gets in?

Bad guys out, good guys in. This long-standing principle has shaped how enterprises approach information security for decades. Anchored in the premise that IT environments can be protected from malicious activity by simply making the perimeter bigger, stronger, and more resilient. But as globalization grows and our networks expand through neighborhoods and countries, IT departments must reevaluate not just their tactics but their attitude.

For many organizations, adding layer upon layer of these defenses over an extended period of time has caused the implementation of many defenses reliant on legacy, on-premises, and cumbersome point solutions. Fortifying the castle one wall, one moat, and one drawbridge at a time doesn’t allow for much architectural progress.

During COVID, organizations that previously had tight control of the user’s endpoint found themselves struggling to provide access to necessary organizational data and push security updates from their central location onto the bandwidth-constrained home networks. Ironically, the tighter the pre-covid security stance had aligned to central control, the larger the problem they now faced.

According to research, enterprises already run 77% of their workloads in the cloud. While COVID-19 put this adoption in overdrive, the concept isn’t new—what is new is all the ways we’re interacting with cloud architecture, which is where IT must begin to find a “new normal” for internal and external networks. The new framework should become zero-trust.

Who has access?

Whether intentional or not, everyone who has access to the network can be compromised. This type of security framework requires all users, whether in or outside the organization’s network, to be authenticated, authorized, and continuously validated before being granted or maintaining access to applications and data. Zero-trust assumes that there is no traditional network edge—they can be on-premises, in the cloud, or hybrid—which is where many organizations are finding themselves now.

This type of security embraces the use of more precise and stringent network segmentation, creating what are sometimes called micro-perimeters throughout the network to prevent lateral movement. The goal is that when – not if – a breach occurs, an intruder can’t easily access sensitive data by hopping VLANs, for example. Gartner predicts that by 2023, 60% of enterprises will phase out most of their remote access virtual private networks (VPNs) in favor of Zero-trust Network Access.

Policies and governance also play an important role in a zero-trust architecture since users should have the least amount of access required to fulfill their duties. Granular control over

who, what, where and when resources are accessed is vital to a zero-trust network.

Automate the rest

Along with the move to zero-trust, IT teams must also automate continual trust evaluations. From the banals of science fiction, we’ve always been afraid that machines will replace us. When in reality, they’re just here to make us better. For the last decade or so, artificial intelligence and automation have emerged as key partners to prepare infrastructures for the future. IT automation, or infrastructure automation, is the use of software to create repeatable processes.

The purpose of automation is to reduce human interaction with IT systems and make the remaining interaction completely predictable. A core component of a zero-trust network relies on trust evaluation—usually done by an adaptive access control engine. By combining logs from the trusted proxy with continuous analysis of behaviors, AI can help analyze and ensure access is maintained to only risk-averse users.

In many ways, IT automation is the foundation of the modern data center where servers, storage, and networking are transformed into software-defined infrastructure. When we discuss keeping data secure, the fewer human touchpoints, the better. By automating many of the security processes, once manual, tedious tasks can be automated, and therefore security is increased.

Who keeps the future secure?

Just like the workplace is changing, so is what we expect from our IT departments and partners. No one could have foreseen the way that our workforce would change—not just to more remote work, but to a truly distributed workforce capable of working anywhere. The reality we find ourselves in now will continue to force innovators to keep their networks secure and accessible. With an agile philosophy, IT teams should feel supported to walk the tightrope between security and accessibility with a zero-trust framework.

Karl Adriaenssens works in the Office of the CTO at GCSIT.

 



Source link

Linux Changes Pipe Behavior After Breaking Problematic Android Apps On Recent Kernels


LINUX KERNEL --

At the end of 2019 a rework to the Linux kernel’s pipe code saw some of its logic reworked to only wake up readers if needed and avoid a possible thundering herd problem. But it turns out some Android libraries abused the functionality and this has led to broken Android applications when moving to recent kernels. While the user-space software is in the wrong, the kernel is sticking to its policy of not breaking user-space and as such Linus Torvalds has changed the code’s behavior for Linux 5.14 and to be back-ported to prior stable kernels.

Rather than only waking up readers if needed, the change merged into the Linux kernel on Friday will make pipe writes always wake up readers. Due to some Android libraries like Realm misusing the EPOLL interface, the pipe change at the end of 2019 ended up breaking some Android apps.

This has broken “numerous Android applications” since Linux 5.5, but given the long period of times between kernel versions shipped by Android, it only has become a problem recently with Android transitioning to Linux 5.10 LTS. Realm’s behavior has since been addressed but will take some period of time before all applications leveraging the library (and any other problematic libraries out there) are updated and re-built, thus for now broken Android applications are still out there.

While user-space was misusing an interface and that led to “all applications using this library stopped working”, the Linux kernel carries a policy that if applications break from new kernel behavior/changes, it’s a regression. Thus on Friday Linus Torvalds authored and merged this change to always make writes wake-up readers even if extraneous in order to better jive with the old behavior.

See this commit for those interested in all the technical details on the issue and resolution.


Is Unlicensed Wireless Too Risky for Mission-Critical Use


As the use of mobile devices, IoT sensors, and other wireless technologies continues to rise, the unlicensed wireless spectrum that Wi-Fi technologies rely on can succumb to over congestion due to an increase in external interference.

Compounding this problem even further is the fact that wireless carriers in the US are beginning to deploy License Assisted Access (LAA) technologies as part of their 5G rollout plans. Although LAA was designed to coexist with Wi-Fi in the 5 GHz space, a recent study from the University of Chicago shows that this may not be the case in some situations. Thus, as 5G continues to be deployed throughout the US, enterprise organizations must be prepared for the potential performance degradation that LAA deployments could have on portions of their wireless LAN (WLAN). Additionally, businesses that rely heavily on wireless for mission-critical uses might want to begin investigating alternatives that are less prone to this type of interference.

What is License Assisted Access (LAA)?

Seeking a low-cost method for expanding backhaul capabilities of LTE and 5G networks, carriers have looked at several unlicensed options that take advantage of the same 5 GHz wireless spectrum that most enterprise Wi-Fi deployments use today. While there are several technologies and standards available, carriers in the US have largely settled on LAA to perform these duties. LAA integrates seamlessly with LTE and 5G technologies and can deliver a significant download performance boost where LAA is deployed. In areas where LTE/5G device usage is dense, carriers are looking to LAA as a way to bolster their ability to handle larger traffic loads without having to use larger chunks of expensive, licensed spectrum.

The potential for significant Wi-Fi degradation when Wi-Fi and LAA coexist

The 3GPP LAA standard made significant attempts to coexist with Wi-Fi in the 5 GHz spectrum. The standard includes a strict Listen-before-talk (LBT) mechanism that forces the LAA platform to monitor channels within the 5 GHz space and only use those channels when they are not being used by Wi-Fi.

On paper and in lab scenarios, LAA with LBT seemed to be a fair way for carriers to tap into unused 5 GHz spectrum without stepping on the toes of existing Wi-Fi deployments. However, in the real world, it seems like this may not be the case. The University of Chicago study points out one common scenario known as the “hidden node problem.”

Without getting overly technical, the hidden node problem is a common situation found when wireless access points (AP) cannot see all others and becomes “hidden” from a clear-to-send standpoint. In this situation, any attempt to simultaneously send data to an AP that sits between the other two – and thus can see and communicate with both — results in both transmissions canceling each other out. This hidden node problem illustrates an inherent flaw in the Carrier Sense Multiple Access with Collision Avoidance (CSMA/CA) function within Wi-Fi that can significantly degrade performance across a WLAN.

The hidden node problem can exist within Wi-Fi-only networks. However, the University of Chicago report shows that hidden nodes operating using LAA technologies can also impact Wi-Fi networks. Therefore, even with strict LBT functionality in place, LAA deployments have the potential to render Wi-Fi useless when hidden node scenarios exist.

Alternative connectivity options for mission-critical wireless use-cases

Given the increased chance for wireless interference, which translates to performance degradation, businesses might want to look at alternatives to Wi-Fi in the 5 GHz spectrum. The most obvious choice is to upgrade all or parts of a WLAN to AP’s that support the new Wi-Fi 6E standard that operates in the 6 GHz space. However, keep in mind that most enterprise-grade manufacturers have yet to launch WLAN products that use this new standard. Additionally, very few Wi-Fi-capable endpoints are Wi-Fi 6E compatible today. Finally, note that the 6 GHz band that Wi-Fi 6E uses is also defined by the FCC as unlicensed spectrum. This means that it’s highly likely that a future variant of LAA will not only tap into 5 GHz unlicensed spectrum but also frequencies in the 6 GHz space.

A better option may be to abandon unlicensed spectrum altogether as interference will likely be an ongoing problem for the foreseeable future. Private LTE or 5G networks that operate in the Citizens Broadband Radio Spectrum (CBRS), for example, eliminate much of this risk. Instead of unlicensed spectrum that can be used (and potentially abused) by anyone, CBRS uses a spectrum sharing model for its 150 MHz wide band in the 3.5 GHz space.

Any business that wishes to deploy a private mobile network using CBRS-capable technologies must register through an automated coordination tool called the Spectrum Access System (SAS) prior to operation. The SAS is essentially a geolocation-based reservation system operated by a conglomeration of technology companies under the oversight of the FCC that dynamically manages spectrum between those that use it. SAS ensures that private mobile networks in the same geographic location will not use overlapping frequencies that result in interference. Thus, while the number of CBRS channels that a business can use at any given time might fluctuate, interference that can render wireless communication completely useless is far less likely. This added protection found in CBRS that’s missing in Wi-Fi today can safeguard wireless transmissions that are considered by businesses to be mission-critical.



Source link

Wine 6.14 Implements More 32-bit To 64-bit Thunks, Updated Mono


WINE --

Wine developers have popped open a new bi-weekly development snapshot of this software that allows Windows games/applications to run on Linux and macOS along with being what powers Valve’s Steam Play (Proton) and CodeWeavers’ CrossOver.

Wine 6.14 is this latest development snapshot for enjoying Windows applications and game support under Linux. With Wine 6.14 their integrated Mono engine is updated against Mono 6.3, more 32-bit to 64-bit thunks have been implemented in the WOW64 DLL, there is continued preparations around GDI system call support, and various bug fixes.

There are 30 known bug fixes with Wine 6.14 including for games like Star Citizen, Dead Rising, GTA V and Eve Online to applications like Autodesk 3dx Max and Microsoft Xbox Live Developer Tool.

More details on the Wine 6.14 changes in full via WineHQ.org.