Yesterday long-time tech pundit Robert Cringley reviewed the predictions he'd made at the beginning of last year. "Having done this for over 20 years, historically I'm correct abut 70 percent of the time, but this year could be a disappointment given that I'm pretty sure I didn't predict 370,000 deaths and an economy in free-fall.

"We'll just have to see whether I was vague enough to get a couple right."

Here's some of the highlights: I predicted that IBM would dump a big division and essentially remake itself as Red Hat, its Linux company. Well yes and no. IBM did announce a major restructuring, spinning-off Global Technology Services just as I predicted (score one for me) but it has all happened slowly because everything slows down during a pandemic. The resulting company won't be called Red Hat (yet), but the rest of it was correct so I'm going to claim this one, not that anybody cares about IBM anymore...

I predicted that working from home would accelerate a trend I identified as the end of IT, by which I meant the kind of business IT provided and maintained by kids from that office in the basement. By working from home, we'd all become our own IT guys and that would lead to acceleration in the transition of certain technologies, especially SD-WAN and Secure Access Service Edge (SASE)... "That's the end-game if there is one — everything in the cloud with your device strictly for input and output, painting screens compressed with HTML5. It's the end of IT because your device will no longer contain anything, so it can be simply replaced via Amazon if it is damaged or lost, with the IT kid in the white shirt becoming an Uber driver (if any of those survive)."

It was a no-brainer, really, and I was correct: Internet-connected hardware sales surged, SASE took over whether you even knew it or not, and hardly any working from home was enabled by technology owned by the business, itself. It's key here that the operant term for working from home became "Zooming" — a third-party public brand built solely in the cloud.

Finally, I predicted that COVID-19 would accelerate the demise of not just traditional IT, but also IT contractors, because the more things that could be done in the cloud the less people would be required to do them. So what actually happened? Well I was right about the trend but wrong about the extent. IT consulting dropped in 2020 by about 19 percent, from $160 billion to $140 billion. That's a huge impact, but I said "kill" and 19 percent isn't even close to dead. So I was wrong.

The Linux Foundation has new courses to help you manage open-source projects and technical staff within your organization. Steven J. Vaughan-Nichols writes via ZDNet: Previously, if you want to know how to run open-source well in your company, you had to work with OASIS Open or the TODO Group. Both are non-profit organizations supporting best open source and open standards practices. But, to work with either group, effectively, you already had to know a lot about open source. [...] This 7-module course series is designed to help executives, managers, software developers, and engineers understand the basic concepts for building effective open-source practices. It's also helpful to those in the C suite who want to set up effective open-source program management, including how to create an Open Source Program Office (OSPO).

The program builds on the accumulated wisdom of many previous training modules on open-source best practices while adding fresh and updated content to explain all of the critical elements of working effectively with open source in enterprises. The courses are designed to be self-paced, and reasonably high-level, but with enough detail to get new open-source practitioners up and running quickly. Guy Martin, OASIS Open's executive director, developed these courses. Martin knows his way around open source. He has a unique blend of over 25 years' experience both as a software engineer and open-source strategist. Marin has helped build open-source programs at Red Hat, Samsung, and Autodesk. He was also instrumental in founding the Academy Software Foundation, the Open Connectivity Foundation, and has contributed to TODO Group's best practices and learning guides. The "Open Source Management & Strategy program" costs $499 and is available to begin immediately. A certificate is awarded upon completion.

New submitter shoor writes: Seeed Studios -- the makers of the Odyssey mini-PC -- have teamed up with well-known SBC vendor BeagleBoard to produce an affordable RISC-V system designed to run Linux. The new BeagleV (pronounced "Beagle Five") system features a dual-core, 1GHz RISC-V CPU made by StarFive -- one of a network of RISC-V startups created by better-known RISC-V vendor SiFive. The CPU is based on two of SiFive's U74 Standard Cores -- and unlike simpler microcontroller-only designs, it features a MMU and all the other trimmings necessary to run full-fledged modern operating systems such as Linux distributions. StarFive's VIC7100 processor design is aimed at edge AI tasks as well as general-purpose computing. In addition to the two RISC-V CPU cores, it features a Tensilica Vision VP6 DSP for machine-vision applications, a Neural Network Engine, and a single-core NVDLA (Nvidia Deep Learning Accelerator) engine.

Jake Edge, writing at LWN: The problems with "vendoring" in packages -- bundling dependencies rather than getting them from other packages -- seems to crop up frequently these days. We looked at Debian's concerns about packaging Kubernetes and its myriad of Go dependencies back in October. A more recent discussion in that distribution's community looks at another famously dependency-heavy ecosystem: JavaScript libraries from the npm repository. Even C-based ecosystems are not immune to the problem, as we saw with iproute2 and libbpf back in November; the discussion of vendoring seems likely to recur over the coming years. Many application projects, particularly those written in languages like JavaScript, PHP, and Go, tend to have a rather large pile of dependencies. These projects typically simply download specific versions of the needed dependencies at build time. This works well for fast-moving projects using collections of fast-moving libraries and frameworks, but it works rather less well for traditional Linux distributions. So distribution projects have been trying to figure out how best to incorporate these types of applications.

This time around, Raphael Hertzog raised the issue with regard to the Greenbone Security Assistant (gsa), which provides a web front-end to the OpenVAS vulnerability scanner (which is now known as Greenbone Vulnerability Management or gvm). "the version currently in Debian no longer works with the latest gvm so we have to update it to the latest upstream release... but the latest upstream release has significant changes, in particular it now relies on yarn or npm from the node ecosystem to download all the node modules that it needs (and there are many of them, and there's no way that we will package them individually). The Debian policy forbids download during the build so we can't run the upstream build system as is."

Hertzog suggested three possible solutions: collecting all of the dependencies into the Debian source package (though there would be problems creating the copyright file), moving the package to the contrib repository and adding a post-install step to download the dependencies, or removing gsa from Debian entirely. He is working on updating gsa as part of his work on Kali Linux, which is a Debian derivative that is focused on penetration testing and security auditing. Kali Linux does not have the same restrictions on downloading during builds that Debian has, so the Kali gsa package can simply use the upstream build process. He would prefer to keep gsa in Debian, "but there's only so much busy-work that I'm willing to do to achieve this goal". He wondered if it made more sense for Debian to consider relaxing its requirements. But Jonas Smedegaard offered another possible approach: analyzing what packages are needed by gsa and then either using existing Debian packages for those dependencies or creating new ones for those that are not available. Hertzog was convinced that wouldn't be done, but Smedegaard said that the JavaScript team is already working on that process for multiple projects.

Charlotte Web writes: With Linux 5.10 having shipped as the latest Long Term Support (LTS) release to be maintained for at least the next five years, a discussion has begun over dropping a number of old and obsolete CPU platform support currently found within the mainline kernel. For many of the architectures being considered for removal they haven't seen any new commits in years but as is the case once proposals are made for them to be removed there are often passionate users wanting the support to be kept.

Thelasko quotes gHacks: Linux Mint 20.1 is now available.

The first stable release of Linux Mint in 2021 is available in the three flavors Cinnamon, MATE and Xfce. The new version of the Linux distribution is based on Ubuntu 20.04 LTS and Linux kernel 5.4...

- Linux Mint 20.1 comes with a unified file system that sees certain directories being merged with their counterparts in /usr, e.g. /bin merged with /usr/bin, /lib merged with /usr/lib for compatibility purposes...

- The developers have added an option to turn websites into desktop applications in the new version [using the new Web App manager]... Web apps behave like desktop programs for the most part; they start in their own window and use a custom icon, and you find them in the Alt-Tab interface when you use it. Web apps can be pinned and they are found in the application menu after they have been created.

Bleeping Computer reports: NVIDIA has released security updates to address six security vulnerabilities found in Windows and Linux GPU display drivers, as well as ten additional flaws affecting the NVIDIA Virtual GPU (vGPU) management software. The vulnerabilities expose Windows and Linux machines to attacks leading to denial of service, escalation of privileges, data tampering, or information disclosure.

All these security bugs require local user access, which means that potential attackers will first have to gain access to vulnerable devices using an additional attack vector. Following successful exploitation of one of the vulnerabilities patched today, attackers can easily escalate privileges to gain permissions above the default ones granted by the OS.

An anonymous reader quotes a report from The Register: Linux creator Linus Torvalds has accused Intel of preventing widespread use of error-correcting memory and being "instrumental in killing the whole ECC industry with its horribly bad market segmentation." ECC stands for error-correcting code. ECC memory uses additional parity bits to verify that the data read from memory is the same as the data that was written. Without this check, memory is vulnerable to occasional corruption where a bit is flipped spontaneously, for example, by background radiation. Memory can also be attacked using a technique called Rowhammer, where rapid repeated reads of the same memory locations can cause adjacent locations to change their state. ECC memory solves these problems and has been available for over 50 years yet most personal computers do not use it. Cost is a factor but what riles Torvalds is that Intel has made ECC support a feature of its Xeon range, aimed at servers and high-end workstations, and does not support it in other ranges such as the Core series.

The topic came up in a discussion about AMD's new Zen 3 Ryzen 9 5000 series processors on the Real World Tech forum site. AMD has semi-official ECC support in most of its processors. "I don't really see AMD's unofficial ECC support being a big deal," said an unwary contributor. "ECC absolutely matters," retorted Torvalds. "Intel has been detrimental to the whole industry and to users because of their bad and misguided policies wrt ECC. Seriously. And if you don't believe me, then just look at multiple generations of rowhammer, where each time Intel and memory manufacturers bleated about how it's going to be fixed next time... And yes, that was -- again -- entirely about the misguided and arse-backwards policy of 'consumers don't need ECC', which made the market for ECC memory go away."

The accusation is significant particularly at a time when security issues are high on the agenda. The suggestion is that Intel's marketing decisions have held back adoption of a technology that makes users more secure -- though rowhammer is only one of many potential attack mechanisms -- as well as making PCs more stable. "The arguments against ECC were always complete and utter garbage. Now even the memory manufacturers are starting to do ECC internally because they finally owned up to the fact that they absolutely have to," said Torvalds. Torvalds said that Xeon prices deterred usage. "I used to look at the Xeon CPU's, and I could never really make the math work. The Intel math was basically that you get twice the CPU for five times the price. So for my personal workstations, I ended up using Intel consumer CPU's." Prices, he said, dropped last year "because of Ryzen and Threadripper... but it was a 'too little, much too late' situation." By way of mitigation, he added that "apart from their ECC stance I was perfectly happy with [Intel's] consumer offerings."

Phoronix reports: It's been a turbulent year and 2020 is certainly ending interesting in the Linux/open-source space... If it wasn't odd enough seeing Sony providing a new official Linux driver for their PlayStation 5 DualSense controller for ending out the year, there is also a new Linux port to the Nintendo 64 game console... Yes, a brand new port to the game console that launched more than two decades ago.

Open-source developer Lauri Kasanen who has contributed to Mesa and the Linux graphics stack took to developing a new Nintendo 64 port and announced it this Christmas day. This isn't the first time Linux has been ported to the N64 but prior attempts weren't aimed at potentially upstreaming it into the mainline Linux kernel...

This fresh port to the N64 was pursued in part to help port emulators and frame-buffer or console games.
And also, the announcement adds, "Most importantly, because I can."

Long-term Slashdot reader couchslug believes that "Howls of anguish from betrayed CentOS 8 users highlight the value of its long support cycles..." Earlier this month it was announced that at the end of 2021, the community-supported rebuild of Red Hat Enterprise Linux, CentOS 8, "will no longer be maintained," though CentOS 7 "will stick around in a supported maintenance state until 2024."

This leads Slashdot reader couchslug to an interesting question. "Should competitors like Ubuntu and SUSE offer truly long-term-support versions to seize that (obviously large and thus important to widespread adoption) user base?" As distros become more refined, how important are changes vs. stability for users running tens, thousands and hundreds of thousands of servers, or who just want stability and security over change for its own sake...? Why do you think distro leadership are so eager for distro life cycles? Boredom, progress or what mix of both?

What sayeth the hive mind and what distros do you use to achieve your goals?
The original submission argues that "Distro-hopping is fun but people with work to do and a fixed task set have different needs." But what do Slashdot's readers thinks? Leave your own thoughts in the comments.

And how long do you think a vendor should support a distro?

Sony has published a new "hid-playstation" Linux kernel driver for bringing up the PlayStation 5 DualSense controller and will also be used for supporting other PlayStation hardware on Linux. Phoronix reports: This new Linux kernel driver supports the PlayStation 5 "DualSense" game controller both in USB and Bluetooth modes. All key functionality along with LEDs, motion sensors, touchpad, battery, lightbar, and rumble are all supported by this official Sony Linux driver. The Linux kernel already has the existing "hid-sony" driver while this PlayStation 5 game controller comes with the hid-playstation driver. In announcing the new driver, they are planning to move some of the Sony Interactive Entertainment hardware support from the existing hid-sony to hid-playstation drivers. The hid-sony driver will continue to be maintained and used by broader Sony devices. This new driver follows the move from about a year ago of Sony "officially" maintaining the hid-sony Linux input driver.

This new driver comes in at just over 1,400 lines of code in its initial form catering to the PS5 controller. When transitioning support for older hardware to this new driver there is also a promise of unit test coverage and more. The new HID-PlayStation driver is currently under review and isn't yet queued up for mainlining but those wanting to try it out can find the 13 patches up for testing.

An anonymous reader quotes a report from ZDNet: When Red Hat, CentOS's Linux parent company, announced it was "shifting focus from CentOS Linux, the rebuild of Red Hat Enterprise Linux (RHEL), to CentOS Stream, which tracks just ahead of a current RHEL release," it lost a lot of friends. CentOS co-founder, Gregory Kurtzer, immediately announced he'd create his own RHEL clone and CentOS replacement: Rocky Linux. He wasn't the only one. CloudLinux also proclaimed it would create a new CentOS clone Lenix. And, CloudLinux will be putting over a million dollars a year behind it.

Why? Igor Seletskiy, CloudLinux CEO and founder, explained, "Red Hat's announcement has left users looking for an alternative with all that CentOS provides and without the disruption of having to move to alternative distributions. We promise to dedicate the resources required to Project Lenix that will ensure impartiality and a not-for-profit community initiative. CloudLinux already has the assets, infrastructure, and experience to carry out the mission, and we promise to be open about the process of developing Project Lenix." [...] Project Lenix will be a free, open-source, community-driven, 1:1 binary compatible fork of RHEL 8 (and future releases). For CentOS users, the company promises Lenix will provide an uninterrupted way to convert existing CentOS servers with absolutely zero downtime or need to reinstall anything. The company even claims you'll be able to port entire CentOS server fleets with a single command with no reinstallation or reboots required. That's a bold claim. But CloudLinux already does that trick with its commercial Linux distribution. If the company says it can do it, I think it can. Lenix is only a placeholder name, notes ZDNet. "[A] yet to be formed governing board will decide on a permanent name for the distribution. If all goes well, the first software release will appear in the first quarter of 2021."

Well here is a surprise for those that have long used CentOS as the community-supported rebuild of Red Hat Enterprise Linux... CentOS 8 will end in 2021 and moving forward CentOS 7 will remain supported until the end of its lifecycle but CentOS Stream will be the focus as the future upstream of RHEL. From a report: For those relying on CentOS 8 to enjoy the reliability and features of Red Hat Enterprise Linux 8 but without the licensing costs, etc, that will end in 2021. At the end of 2021, CentOS 8 will no longer be maintained but CentOS 7 will stick around in a supported maintenance state until 2024. The CentOS Project will be focused moving forward just on CentOS Stream as the upstream/development branch of Red Hat Enterprise Linux. CentOS 8 users are encouraged to begin transitioning to CentOS Stream 8. The CentOS Project announced this shift in focus today via the CentOS Blog. Red Hat's announcement meanwhile is promoting the change as beneficial to CentOS Stream.

Writing for TechRepublic, open source advocate Jack Wallen predicts 2021 will be a year where open source technology dominates the world of big data even more than 2021 (with a big role predicted for SUSE). But he also sees businesses cutting costs by switching to open source solutions — including a big move to Linux on enterprise desktops, thanks to enterprise-ready options now available from System76, Lenovo, and Dell: This will have the added benefit of even more companies jumping into the mix and offering more and more desktops and laptops, all powered by Linux and open source technology.

One added bonus for this movement is that System76 will finally gain the recognition they've deserved for so many years. Linux on the desktop would not be where it is today, had it not been for their stalwart support for open source technology. Year after year, System76 has proved that high-quality, business-class systems, powered by Linux, can be produced at a level befitting the enterprise.

That success within the realm of business will start trickling down to consumers. As more and more people start using Linux at their place of business, they'll begin seeing the benefits of the open source operating system and desire to adopt it for their home computers. I suspect that by the end of 2021, we'll see Linux desktop market share to finally break the 10% bubble. It may not sound like much, but given how Linux has hovered around 2% and maxed out at 5%, that 10% figure is like a dream come true.

That's only the tip of the iceberg. Although Linux will max out at around 10% by the end of the year, it will lead to continued growth over the coming years.

Joe2020 writes: Famous developer Hector Martin who put Linux on the PS4 now wants to port Linux to the new Apple M1, and he wants to do it with the help of crowdfunding by making it his full-time job. One can find his official pledge for support here. "Since these devices are brand new and bespoke silicon, porting Linux to run on them is a huge undertaking. Well beyond a hobby project, it is a full-time job," the developer explains.

"The goal is to bring Linux support on Apple Silicon macs to the point where it is not merely a tech demo, but is actually an OS you would want to use on a daily driver device. To do this, there is a huge amount of work to be done. Running Linux on things is easy, but making it work well is hard. Drivers need to be written for all devices. The driver for the completely custom Apple GPU is the most complicated component, which is necessary to have a good desktop experience. Power management needs to work well too, for your battery life to be reasonable," the dev explains. Martin says he hopes to have enough donations to purchase the new Apple Silicon-powered devices and hire other people to help with the job.

Slashdot reader NoMoreACs also shared the news via Mac Rumors.

From a recent report: Greg Kroah-Hartman, the Linux Foundation fellow currently responsible for stable Linux kernel releases, shared the lessons he's learned as a kernel developer that are applicable to other developers at this year's Linux App Summit. He started by showing how he could succinctly distill the essence of the talk into a single five-word slide:

"Don't make your users mad...."

Kroah-Hartman explains that one of Linus Torvalds' most deeply-held convictions: don't break userspace. "Other operating systems have this rule as well — it's a very solid rule — because we always want you to upgrade. And we want you to upgrade without worrying about it. We don't want you to feel scared. If you see a new release, and we say, 'Hey, this fixes a bunch of problems,' we don't want you to feel worried about taking that. That's really really important — especially with security...."

If you do make a change, make sure there truly is a compelling reason. "You have to provide enough reason and enough goodness to force somebody to take the time to learn to do something else. That's very rare."

His example of this was systemd, which unified a variety of service configurations and initialization processes. "They did it right. They provided all the functionality, they solved a real problem that was there. They unified all these existing tools and problems in such a way that it was just so much better to use, and it provided enough impetus that everybody was willing to do the work to modify their own stuff and move to the new model. It worked. People still complain about it, but it worked. Everybody switched... It works well. It solves a real problem.

"That was an example of how you can provide a compelling reason to move on — and make the change."

Yes, Torvalds said he'd love to have one of the new M1-powered Apple laptops, but it won't run Linux and, in an exclusive interview he explains why getting Linux to run well on it isn't worth the trouble. Steven J. Vaughan-Nichols writes via ZDNet: Recently, on the Real World Technologies forum, Linux's creator Linus Torvalds was asked what he thought of the new M1-powered Apple laptops. Torvalds replied, "I'd absolutely love to have one if it just ran Linux." You may think, "what's the problem? Doesn't Linux run on practically every processor on the planet from 80386s to IBM s390x to the ARM family of which Apple's M1 chip is a child?" Well, yes, yes it does. But it takes more than a processor to run a computer.

Torvalds would like to run Linux on these next-generation Macs. As he said, "I've been waiting for an ARM laptop that can run Linux for a long time. The new Air would be almost perfect, except for the OS. And I don't have the time to tinker with it, or the inclination to fight companies that don't want to help." Aye, there's the rub. In an exclusive interview, Torvalds expanded on why he can't see porting Linux to the M1-based Macs. "The main problem with the M1 for me is the GPU and other devices around it, because that's likely what would hold me off using it because it wouldn't have any Linux support unless Apple opens up."

Still, while Torvalds knows Apple opening up their chipsets "seems unlikely, but hey, you can always hope." Even if that "wasn't an issue," Torvalds continued, "My personal hope would be more cores. Even in a laptop, I don't care about 20-hour battery life (and I wouldn't get it building kernels anyway). I'd rather plug it in a bit more often, and have 8 big cores." As for the Mac's limited RAM -- no more than 16GBs on current models -- he can live with that. "16GBs is actually ok by me because I don't tend to do things that require a lot more RAM. All I do is read email, do git and kernel compiles. And yes, I have 64GB in my desktop, but that's because I have 32 cores and 64 threads, and I do hugely parallel builds. Honestly, even then 32GB would be sufficient for my loads." That said, other developers and power users may want more from the new Macs, Torvalds thinks. "The people who really want tons of memory are the ones doing multiple VMs or huge RAW file photography and video."

This week Purism began shipping its mass-produced Librem 5 phone to customers, according to announcement from the company: The Librem 5 is a one-of-a-kind general-purpose computer in a phone form-factor that Purism has designed and built from scratch following a successful crowdfunding campaign that raised over $2.2 million. Both the hardware and software design is focused on respecting the end user's freedom and giving them control over their privacy and security.

The Librem 5 doesn't run Android nor iOS but instead runs the same PureOS operating system as Purism's laptops and mini PC.

The Librem 5 has unique hardware features including a user-removable cellular modem, WiFi card, and battery. Like with Librem laptops, the Librem 5 also features external hardware kill switches that cut power to the cellular modem, WiFi/Bluetooth, and front and back cameras and microphone so that the user can control when these devices are in use. All hardware switches can also be triggered together to enable "lockdown mode" which also disables the GPS, accelerometer and all other sensors...

Another unique feature of the Librem 5 is convergence: the ability to connect the Librem 5 to a monitor or laptop dock and use it as a desktop computer running the same full-sized desktop applications as on Librem laptops. When in a phone form-factor, applications behave much like "responsive websites" and change their appearance for the smaller screen. This allows you to use the Librem 5 as a phone, a desktop, or a laptop with the same applications and same files.
Their announcement notes their work on software making desktop applications "adaptive" to phone form factors, adding "This suite of software has now become the most popular software stack to use on other handheld Linux hardware." And they close with an appreciative comment from Purism's founder and CEO Todd Weaver:

"Shipping the Librem 5 has been an immense multi-year developmental effort. It is the culmination of people's desire to see an alternative to Android and iOS and fund it, coupled with dedication from a team of experts addressing hardware, kernel, operating system, and applications that has turned a lofty near-impossible goal into reality. We have built a strong foundation and with the continued support of customers, the community, and developers, we will continue to deliver revolutionary products like the Librem 5 running PureOS."

Rudra Saraswat is the creator of the Ubuntu Unity distro (which uses the Unity interface in place of Ubuntu's GNOME shell).

But this week they released Ubuntu Web Remix, "a privacy-focused, open source alternative to Google Chrome OS/Chromium OS" using Firefox instead of Google Chrome/Chromium. Liliputing reports: If the name didn't give it away, this operating system is based on Ubuntu, but it's designed to offer a Chrome OS-like experience thanks to a simplified user interface and a set of pre-installed apps including the Firefox web browser, some web apps from /e/, and Anbox, a tool that allows you to run Android apps in Linux...

You don't get the long battery life, cloud backup, and many other features that make Chromebooks different from other laptops (especially other cheap laptops). But if you're looking for a simple, web-centric operating system that isn't made by a corporate giant? Then I guess it's nice to have the option.
Rudra Saraswat writes: An easy web-app (wapp) format has been created to package web-apps for the desktop. You can now create your own web apps using web technologies, package them for the desktop and install them easily.

An experimental wapp store can be found at store.ubuntuweb.co, for distributing web apps. Developers and packagers can do pull requests at gitlab.com/ubuntu-web/ubuntu-web.gitlab.io to contribute wapps.

New submitter LeeLynx shares a report from The Register: A new group called the "Inclusive Naming Initiative" has revealed its existence and mission "to help companies and projects remove all harmful and unclear language of any kind and replace it with an agreed-upon set of neutral terms." Akamai, Cisco, the Cloud Native Computing Foundation, IBM, the Linux Foundation, Red Hat, and VMware are all participants. The group has already offered a Word replacement list that suggests alternatives to the terms whitelist, blacklist, slave, and master. There's also a framework for evaluating harmful language that offers guidance on how to make changes.

Red Hat's post announcing its participation in the Initiative links to a dashboard listing all instances of terms it wants changed and reports over 330,000 uses of "Master" and 105,000 uses of "Slave," plus tens of thousands and whitelists and blacklists. Changing them all will be a big job, wrote Red Hat's senior veep and CTO Chris Wright. "On a technical level, change has to be made in hundreds of discrete communities, representing thousands of different projects across as many code repositories," Wright wrote. "Care has to be taken to prevent application or API breakage, maintain backward compatibility, and communicate the changes to users and customers." The Initiative nonetheless hopes to move quickly, with its roadmap calling for best practices to be defined during Q1 2021, case studies to be available in Q3 2021 and a certification program delivered in Q4 2021.