Bonum Certa Men Certa

Links 2/3/2021: Maui 1.2.1, RSS Guard 3.9.0



  • GNU/Linux

    • The ‘Unix Way’ Has a Right Way That’s Almost a Lost Way

      I’ve often extolled the philosophy of Unix, and as the title implies, I’m not about to stop. Before I learned computer science, I thought all computers were impenetrably arcane. But when I grasped Unix, through the imperfect medium of Linux, it made intuitive sense to me. Through all its evolution, at its heart Unix retains the charm that I have previously remarked on.

      To touch on one such trait that is relevant to the point I want to make, I love that Unix’s simplest tools are also its most versatile. This is because its creators believed that a handful of default tools should allow users to do anything imaginable. To that end, Unix’s brain-parents also ensured effortless interoperation via the common interface of textual data. All these design choices consciously facilitated user freedom.

      But this bears an important caveat: freedom has reasonable implied limits. Philosophies with the cardinal virtue of liberating adherents can never afford to shed all limitations for the simple fact that philosophies without doctrines are self-effacing. A philosophy, by existing, defines what it is and thus implicitly delineates what it is not.

      This is what I call the “Daoism Paradox.” Without getting too esoteric, Daoist philosophy holds that all is a perfectly effortless way. Existence is as it must be. In fact, its nature is so all-encompassing that defining it is impossible. So how does Daoism express this if expressing Daoism is impossible?

    • Server

      • Istio / Announcing Istio 1.9.1

        This release fixes the security vulnerability described in our March 1st, 2021 news post as well as bug fixes to improve robustness.

        This release note describes what’s different between Istio 1.9.0 and Istio 1.9.1.

      • ISTIO-SECURITY-2021-001

        This issue only affects Istio 1.9.0; previous versions of Istio are not affected. This issue has been given a CVSS score of 8.2 by the Istio product security working group.

      • Power To The Kubernetes People

        Big Blue shelled out an incredible $34 billion to buy open source infrastructure software juggernaut Red Hat, and it is determined not to just tend and

      • Introduction to k3d: Run K3s in Docker | SUSE Communities

        k3d is a small program made for running a K3s cluster in Docker. K3s is a lightweight, CNCF-certified Kubernetes distribution and Sandbox project. Designed for low-resource environments, K3s is distributed as a single binary that uses under 512MB of RAM. To learn more about K3s, head over to the documentation or check out this blog post or video.

        k3d uses a Docker image built from the K3s repository to spin up multiple K3s nodes in Docker containers on any machine with Docker installed. That way, a single physical (or virtual) machine (let’s call it Docker Host) can run multiple K3s clusters, with multiple server and agent nodes each, simultaneously.

      • Sysdig Contributes eBPF Components to CNCF

        Sysdig, Inc. recently announced that it has contributed the sysdig kernel module, eBPF probe, and Falco libraries to the Cloud Native Computing Foundation (CNCF). The contributed source code will be moved into the Falco organization, a cloud-native runtime security project and de facto Kubernetes threat detection engine, which was also contributed to the CNCF by Sysdig.

      • Sysdig contributes Falco’s kernel module, eBPF probe, and libraries to the CNCF

        Today, I’m excited to announce the contribution of the sysdig kernel module, eBPF probe, and libraries to the Cloud Native Computing Foundation. The source code of these components will move into the Falco organization and be hosted in the falcosecurity github repository.

    • Audiocasts/Shows

      • The Right Wallpaper Is The Key To A Beautiful Desktop

        The key to creating a beautiful desktop is finding the right wallpaper. In Linux, we have a number of great wallpaper packs available to us in our distro's repositories, as well as some nice programs that will fetch wallpapers from the Internet.

      • Arch User Repository: How Does It Really Work - YouTube

        The Arch User Repository is an amazing tool for Arch users but a lot of new Arch users and people who don't use Arch don't really understand how it works and what makes it so useful so today I thought I'd try to explain a bit about the AUR.

      • Destination Linux 215: Open Source vs Commercial: Endless War or Symbiosis? & Jill’s Treasure Hunt

        This week on Destination Linux, we’re going to discuss why being a supporter of open source does not mean that you are anti-commercial. Later in the show, we’re going to go on a Treasure Hunt in Jill’s silicon world of wonders and hardware museum! Plus we’ve also got our famous tips, tricks and software picks. All of this and so much more this week on Destination Linux. So whether you’re brand new to Linux and open source or a guru of sudo. This is the podcast for you

    • Kernel Space

      • Linux Championed Work From Home Before Everyone Else: Greg Kroah-Hartman [Ed: This is a revisionist load. GNU predates this. Linux and LF trying to delete GNU from history…]

        Linux kernel is the world’s largest collaborative technology. It’s created by thousands of people from around the world, working together from the comfort of their homes, just via email. In this episode of TFiR Insights, we hosted none other than Greg Kroah-Hartman, the leading Linux kernel developer and maintainer of the stable branch. We discussed a wide range of topics including work from home and the progress Linux has made over the years.

    • Benchmarks/Graphics

      • Let's talk about Wayland ...

        In the past few weeks, I read several articles on Wayland. And I thought, what the Internet needs is more debate, not less! So I figured I should add my own opinion into the ether and foster the productive, respectful and totally not emotional discussion around Wayland, the new desktop thingie what shows images on your screen. If you're a techie, you are already flipping, but if you're not, you may be wondering, what? Indeed, for non-techies, Wayland doesn't mean anything. Neither does Xorg.

        But the two are display engines, which results ultimately in stuff being painted on your monitor. Xorg is the old technology, a display server, and Wayland is the new display server protocol, and it is meant to replace the former. Except ... this has been going on for more a decade, without end in sight. It boils down to a boss fight of Xorg vs Wayland, and why one is better than the other, and so forth ad infinitum. Now, the real problem is, because this debate is heralded by techies, it boils down to technical details, which is WRONG. The reality is far simpler, far more abstract. Follow me.

        [...]

        Thirdly, logging keystrokes can be done in many many different ways. Why limit the discussion to this being possible with Xorg? Do you know how you prevent such a scenario? Don't have a rogue application or process on your host! Very simple. But then, why not go for malware that is sophisticated enough to install its own driver, or install its own device? Why not something that does all sorts of wonders when installed?

        If you have malware on your system, then you have a much bigger problem than the fact once it gets past your perimeter security, it could potentially do bad things. The solution is to make sure that your system does not get exposed or infected, and then, the discussion around Xorg is no longer relevant. Moreover, if someone gets onto your system, it's game over. Not in the movie drama sense, but there's no reason to limit oneself to an arbitrary usecase that serves the narrative. Why not listen to the microphone? Why not delete data? Why not pop a message in your terminal every nine seconds? Lots of options.

        [...]

        We also need to put things into perspective. The Linux desktop - desktop, as in you actually have a graphical interface where the Xorg vs Wayland argument would matter - controls a tiny proportion of the global PC market. To make things worse, the 1% mark has been around for a good decade plus, so it's not like we're going anywhere with any great majesty.

        The discussion around Wayland and Xorg affects 1% of users at best - and even then, lots of people don't really care about the technological ingredients in their systems, they just want functionality. The same way you don't care where the flax in your bed linen was sourced, how porcelain in your plates is made, the angle of the spark plug in your car's cylinders, or the composition of the fertilizer at the nearby farm. Those are trivial details behind functionality. They are only of interest to diehard fans.

        [...]

        The discussion around Wayland and Xorg shouldn't be about implementation details - those matter to the experts in the field, of course. But lacking any fundamental user-centric reasons why Xorg should be gone and why something (Wayland) should replace it, the narrative must deteriorate to bickering about tech lingo and buzzwords. At the end of the day, the proof is in the pudding. Functionality. Usability.

        Can Wayland do what Xorg does today? Does it offer users at least what they have today? Can a person, no matter their tech credentials, achieve their basic needs using this thing? And the answer to all of these is, unfortunately, NO. Wayland is just part of the greater equation called Linux. But it is a great example of a technology tool that intrudes into userspace and breaks the user experience, whereas technology should be the opposite. Totally invisible and silent. Hint: for those of you already rushing for your pitchforks, Xorg isn't the ideal solution either. It also breaks the user experience, only much less than Wayland.

        But the Linux desktop as a whole does not offer the seamless functionality that people need, because it is designed with software tools as the end goal and not with the user experience supported by software tools as the end goal. Cause and effect, reversed. Because it's not a product. It's a bundle of tech. And until this mindset changes (extremely unlikely), the Linux desktop will never get past its 1% share.

      • AES-NI XTS Crypto Performance Looking Good For AMD With Linux 5.12 Fix

        Of the performance-related changes with Linux 5.12 worth noting is faster AES-NI XTS performance for systems relying upon return trampolines "Retpolines" as part of the CPU's Spectre V2 mitigations. On the Intel side this primarily impacts older CPUs where Retpolines is still used while on the AMD side through Zen 3 the Retpolines is still relied upon, which as shown by these benchmarks is now much better off for AMD Ryzen AES XTS performance as measured by Cryptsetup.

        As reported last year, AES-NI regressed heavily under Retpolines and seemingly went unnoticed for the better part of three years. Now with Linux 5.12 the AES-NI kernel module code has been reworked so it doesn't face such overhead in Retpolines-enabled environments and in turn really helps out with performance.

        I previously ran some benchmarks while now for getting an idea as to the impact with Linux 5.12 mainline, I carried out some fresh cryptsetup benchmarks with two AMD systems of Linux 5.11 stable versus Linux 5.12 Git at the end of the merge window.

    • Applications

      • Fish shell 3.2.0 released

        Version 3.2.0 of the fish shell has been released. New features include undo and redo support (for command-line editing, not commands!) and a long list of incremental improvements; see the announcement for details.

      • RSS Guard 3.9.0 - Neowin

        RSS Guard is a simple (yet powerful) feed reader. It is able to fetch the most known feed formats, including RSS/RDF and ATOM. It's free, it's open-source. RSS Guard currently supports Czech, Dutch, English, French, German, Italian. RSS Guard will never depend on other services - this includes online news aggregators like Feedly, The Old Reader and others.

    • Instructionals/Technical

      • Get started with CrowdSec v.1.0.X

        The official release of CrowdSec v.1.0.X introduces several improvements to the previous version, including a major architectural change: the introduction of a local REST API.

        This local API allows all components to communicate more efficiently to support more complex architectures, while keeping it simple for single-machines users. It also makes the creation of bouncers (the remediation component) much simpler and renders them more resilient to upcoming changes, which limits maintenance time.

      • Open Source Web Radio with Icecast and Raspberry PI - peppe8o

        As web became more popular, a number of web radio born because of their low maintenance costs. One of most popular platform to broadcast a private web radio is Icecast2, which runs also on Raspberry PI computer boards

        [...]

        Icecast is an open source software (distributed indet GNU GPL, version 2) able to create a self hosted streaming server. Supports a number of audio/video media formats, like Ogg (Vorbis and Theora), Opus, WebM and MP3.

      • How to install Citra Emulator on a Chromebook

        Today we are looking at how to install Citra, a Nintendo DS emulator, on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • How to change Apache Document root directory on Ubuntu 18.04

        To modify the root folder in Apache, you would need to make changes to two files basically. We will first start by modifying the file /etc/apache2/apache2.conf.

    • Games

      • Joan Fons is hired to work on Godot's rendering

        I started contributing to Godot about 3 years ago while I was still studying at uni. I quickly felt at home and I started focusing on 3D editor and rendering contributions. Not long after that, I got a job as a Godot consultant at Prehensile Tales, which I kept till last Friday...

        My latest big contribution to the engine is the new CPU lightmapper, which will be landing with the 3.2.4 release, and should make lightmaps a viable option for 3.2. Here you can see some screenshots...

        [...]

        Moving forward, and with my full focus on Godot development, my goal is to work on Godot's 3D rendering and help bring Godot 4.0 finish line.

        My first task will be integrating an occlusion culling system into the new Vulkan renderer. While occlusion culling is not a silver bullet, it can give big performance improvements in a variety of scenes. I have been working on a small prototype implementation and the results so far are promising, but it still needs to be integrated in the rendering backend and exposed to the user.

      • Building a Retro Linux Gaming Computer - Part 1: Dumpster Diving | GamingOnLinux

        Before I begin, I feel I should state that this project is just a bit of fun. The goal is not to build the most powerful retro gaming computer I can, or to engage in any kind of serious analysis or benchmarking. All I want to do is play around with old hardware and software, explore what could be done with Linux back in the day, and maybe learn a thing or two about how far we have come along the way.

        Older computing hardware is getting harder and harder to find. What would have been given away just five or ten years ago can now often only be found on websites such as eBay for inflated prices and heavy shipping costs, at least for Canadian buyers like myself. So when I noticed an interesting looking beige box ready to be recycled at my local dump, I did not hesitate to rescue it in order to see what was inside.

      • DXVK 1.8.1 Is Released With Better DirectX 9 Performance On AMD GPUs

        The DirectX to Vulkan translation layer DXVK, popular among Wine uses who like to play Windows games on Linux, got a huge speedbump for DirectX 9 games using MSAA on AMD graphics cards using the Mesa RADV driver in the latest 1.8.1 release. There's also workarounds for Mafia II and Warhammer Online.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • KStars v3.5.2 Is Released

          Developer Jasem Mutlaq has released another fine version of the user-friendly yet very advanced astronomy program KStars. The highlights in the new version are mostly for those who happen to have their own observatory. KStars is still a great little program for anyone who wants to brush up on the constellations or have an interest in the night sky.

          [...]

          There's also two major improvements to the Ekos Polar Alignment Assistant, contributed by Hy Murveit, in KStars 3.5.2. Polar Alignment can now be done while pointing anywhere in the sky, and the user-interface for it has been greatly improved.

        • Plasma Mobile updates make the user interface more customizable (and a bit more Android-like)

          There are several different user interfaces available for Linux smartphones, but the one that will probably feel the most familiar to Android users is KDE’s Plasma Mobile.

          Like Android, it has a home screen, an app drawer, navigation buttons on the bottom, status notifications at the top, and a quick settings panel that appears when you swipe down from the top of the screen.

          Soon, it may work even more like Android – developers plan to add support for multiple home screens that you can scroll through horizontally, giving you more space for app icons and widgets. Support for custom app launchers may also be on the way.

        • Plasma Mobile February Update

          The Plasma Mobile team is happy to present the Plasma Mobile updates from January and February 2021.

          [...]

          The highlights for Plasma Dialer include one bug fix and two new features. First off, Powerdevil no longer suspends calls. (Bhushan Shah: plasma-mobile/plasma-dialer!31) The two new features are that it is now possible to send DTMF tones and send USSD requests. DTMF tones can be sent during a call and can be used to navigate the menus of certain automated calling systems. USSD requests, also called “quick codes”, can be used to request the current pre-paid balance from the mobile phone operator, as well as other data. Both features were tested to work on the Pinephone. (Alexey Andreyev: plasma-mobile/plasma-dialer!32 and plasma-mobile/plasma-dialer!33)

        • Maui 1.2.1 & 1.1.0 Releases

          Today, we are pleased to announce the release of MauiKit and Maui Apps 1.2.1!.

          Are you a developer and want to start developing cross-platform and convergent apps, targeting, among other things, the upcoming Linux mobile devices? Then join us on Telegram: https://t.me/mauiproject. If you are interested in testing this project and helping out with translations or documentation, you are also more than welcome.

        • January/February in KDE PIM

          Since the last report two month ago we saw the 20.12.2 release of Kontact, had a virtual New Year meetup, and integrate more than 1600 changes by more than 30 contributors. Here are some of the highlights.

          [...]

          The bulk of the changes again focus on preparing the upcoming migration to Qt6 and KF6. This mainly consists of porting away from deprecated functionality in Qt, KDE Frameworks or the build system, towards the respective future-proof alternatives.

      • GNOME Desktop/GTK

        • Martín Abente Lahaye: Portfolio 0.9.10

          This new release introduces a new home page, which serves as the starting point for the navigation experience. Besides its utility as “quick access”, it also provides a better interface for managing external devices. Kudos to @nahuelwexd for designing it.

        • Sam Thursfield: Return to Codethink

          2020 was a year full of surprises, so surprise that I finished it by returning to work in the same job that I left exactly 3 years ago.

          There are a few reasons I did that! I will someday blog in more detail about working as a language teacher. It’s a fun job but to make the most of it you have to move around regularly, and I unexpectedly found a reason to settle in Santiago. Codethink kindly agreed that I could join the ongoing remote-work revolution and work from here.

          Three years is a long time. What changed since I left? There’s a much bigger and nicer office in Manchester, with nobody in it due to the pandemic. The company is now grouped into 4 internal divisions. This is still an experiment and it adds some management overhead, also helps to maintain a feeling of autonomy in a company that’s now almost 100 people. (When I started there ten years ago, I think there were seventeen employees?!)

          I also want to mention some research projects that my colleagues are working on. Codethink is a services company, but has always funded some non-customer work including in the past work on dconf, Baserock, Buildstream and the Freedesktop SDK. These are termed ‘internal investments’ but they are far from internal, the goal is always to contribute to open software and hardware projects. The process for deciding where to invest has improved somewhat in my absence; it still requires some business case for the investment (I’m still thinking how to propose that I get paid to work on music recommendations and desktop search tools all day), but there is now a process!

          [...]

          My contribution to Codethink’s RISC-V research was writing an article about it. The tl;dr is we are playing with some RISC-V boards, mainly in the context of Freedesktop SDK. Since writing that article the team tracked down a thorny bug in how qemu-user uses GLib that had been blocking progress, and got GNOME OS running in qemu-system-riscv. Expect to see a video soon. You can thank us when you get your first RISC-V laptop

    • Distributions

      • Reviews

        • GParted 1.2.0 Live CD & USB Image: Nimble and Effective

          Continuing the theme of Debian based rescue distributions, simply because most of them are built on Debian, I am looking at GParted this week as last one in this short series. GParted is of course known as a tool to work with and edit partitions that is included with most distributions where it could be considered a de facto standard. But it also lends its name to a rescue CD image where it is at the centre of the collection of tools.

          Images are updated frequently, about every two months, but core functionality stays the same so there is no need to focus on numbers too much. That said, I downloaded the gparted-live-1.2.0-1-amd64.iso which was 387 MB in size and is using the 5.10 Linux kernel. 1.2.0-2 is currently in testing. These newer builds are based on the unstable branch of Debian for obvious reasons, to stay relevant with support for newer hardware, but are in themselves considered stable.

          The systemd software is running under the hood. With its small size GParted can be written to USB, CD or DVD and is available for i686 and x86_64 architectures, as ISO or extractable USB image. There‘s also a PAE enabled version for 32-bit computers. The 64-bit version supports booting UEFI machines. The home page advises to have a minimum of 320 MB RAM available.

      • SUSE/OpenSUSE

        • Call for Papers Open for openSUSE Conference

          The call for papers is open until May 4. This leaves a little more than 60 days to submit a proposal. The dates of the conference are scheduled for June 18 - 20. Registration for the conference has also begun.

      • Arch Family

        • [Arch] FOSS Activities in February 2021

          The start of this month was marked with FOSDEM! I held a talk about secure boot and the tooling stuff I have written, sbctl. It’s a tool to help you manage secure boot keys and signing files. With help from sbsigntools it also does live enrollment of keys.

          The talk went great (I think) and it was fun to see how FOSDEM pulled off the conference with matrix and jitsi. I gave me some inspiration for Arch Conf 2021 that I should try kick off some planning on.

      • IBM/Red Hat/Fedora

        • Red Hat Risk Report: A tour of 2020's branded security flaws [Ed: Branding is just hype and marketing for FUD agenda]

          An article from December 2020 reported that 2020 had a record high number of CVEs reported for the fourth year in a row (yet another reason to dislike the year!). Across the technical spectrum more than 176,447 CVEs were reported. Back when we started the Red Hat Risk Report the volume of CVEs across all software vendors numbered in the 4,000-8,000 range. The specific reasons for the increase will be debated for some time to come, but the harsh reality is that the organizations need to address a growing number of vulnerabilities each year.

        • Customer Success Stories: Red Hat solutions found around the world

          We regularly publish customer success stories that highlight how we're helping customers gain efficiency and transform the way they deliver software. Read on to see how we helped Tomago Aluminium, the MGEN Group, and Alliance Bank—three customers in three different continents—find success in application deployment, automation, and more.

        • Ben Williams: F33-20210301 updated Live isos released

          The Fedora Respins SIG is pleased to announce the latest release of Updated F33-20210301-Live ISOs, carrying the 5.10.18-200 kernel.

          This set of updated isos will save considerable amounts of updates after install. ((for new installs.)(New installs of Workstation have about 1.1GB+ of updates savings )).

        • Developers can now use IBM’s cloud services across multiple environments with IBM Cloud Satellite

          Today we announced that IBM Cloud Satellite has designed its cloud services to be available across multiple environments — on IBM Cloud, on premises, or at the edge. This is big news for enterprise developers for several reasons.

          The first is that increasingly enterprise developers are being asked to build applications across a wide range of environments, and that trend is only accelerating. A recent IBM Institute for Business Value study found that a typical enterprise uses nearly eight clouds from multiple vendors. There has been a surge in the adoption of hybrid clouds — the combination of public clouds, private clouds, and on-premises IT — noting that in the next three years, hybrid cloud adoption is expected to grow by 47%, and the average organization will be using nearly six clouds.

      • Debian Family

        • Charging the Librem 5

          When you find yourself low on power, it’s helpful to know how long it takes to charge your device. This video will go over the expected charge time of the Librem 5.

        • Built-in "Xray" like UNO object inspector – Part 2

          Since my last blog post I've been continuing the work on DevTools and since then a lot of things have progressed. Point & click has been implemented and the object inspector view has been greatly improved to show current object’s properties and methods. In this part I will mainly talk about the point & click and a bit about the current state, and in the next blog I will extensively talk about the object inspector.

          [...]

          The object inspector is already in a very good shape so I encourage everyone to try it and give feedback, what can be improved, changed or added - especially if you use Xray or MRI regularly.

          For the next steps the major focus will be to fix a couple of bugs and crashes (mainly due to missing checks if objects are available), work on the UI, object stack (so it is possible to go back to the previous object) and finalizing all the features of the object inspector.

        • Sparky news 2021/02

          Many thanks to all of you for supporting our open-source projects, specially in this difficult days. Your donations help keeping them and us alive.

      • Canonical/Ubuntu Family

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Apache Month in Review: February 2021
      • Approved: Four New Open Source Licenses

        As the steward of the Open Source Defintion, the Open Source Initiative has been designating licenses as "open source" for over 20 years. These licenses are the foundation of the open source software ecosystem, ensuring that everyone can use, improve, and share software. When a license is approved, it is because the OSI believes that the license fosters collaboration and sharing for the benefit of everyone who participates in the ecosystem.

        The world has changed over the past 20 years, with software now used in new and even unimaginable ways. The OSI has seen that the familiar open source licenses are not always well-suited for these new situations. But license stewards have stepped up, submitting several new licenses for more expansive uses. The OSI was challenged to evaluate whether these new concepts in licensing would continue to advance sharing and collaboration and merit being referred to as "open source" licenses, ultimately approving some new special purpose licenses.

      • Cryptographic Autonomy License Approved by OSI

        The controversy over the scope of copyleft these days remains brisk. Regarding CAL, it was so heated that OSI founder Bruce Perens resigned in protest, as the license approached approval. There is a also a larger controversy over whether copyleft licenses written by single companies, and not part of the community drafting process, should be approved, regardless of content.

      • Programming/Development

        • DRY enums for Absinth macros

          Absinth is a great GraphQL library for Elixir, but it brings a few challenges as it’s practically implemented using macros. One of these challenges is a DRY way of reusing enumerables in Absinth enums.

          [...]

          The only thing we had to do is to use require to require the module beforehand.

        • Perl/Raku

          • Gzip::Zopfli - another compression module

            Following on from the Gzip::Libdeflate I mentioned before, I also made this: Gzip::Zopfli

            It is based on the Zopfli gzip compression library from Google Research.

        • Rust

          • Weird architectures weren't supported to begin with

            You don’t know about any of the above until the bug reports start rolling in: users will report bugs that have already been fixed, bugs that you explicitly document as caused by unsupported configurations, bugs that don’t make any sense whatsoever.

            You struggle to debug your users’ reports, since you don’t have access to the niche hardware, environments, or corporate systems that they’re running on. You slowly burn out as an unending torrent of already fixed bugs that never seem to make it to your users. Your user base is unhappy, and you start to wonder why you’re putting all this effort into project maintenance in the first place. Open source was supposed to be fun!

            What’s the point of this spiel? It’s precisely what happened to pyca/cryptography: nobody asked them whether it was a good idea to try to run their code on HPPA, much less System/3906; some packagers just went ahead and did it, and are frustrated that it no longer works. People just assumed that it would, because there is still a norm that everything flows from C, and that any host with a halfway-functional C compiler should have the entire open source ecosystem at its disposal.

          • Woodruff: Weird architectures weren't supported to begin with

            William Woodruff has posted a rant of sorts on the adoption of Rust by the Python Cryptography project, which was covered here in February.

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • Security

          • Security updates for Monday

            Security updates have been issued by CentOS (firefox, ImageMagick, libexif, thunderbird, and xorg-x11-server), Debian (docker.io, python-aiohttp, and thunderbird), Fedora (chromium, firefox, kernel, and rygel), Mageia (nodejs, pix, and subversion), openSUSE (glibc, gnuplot, nodejs12, nodejs14, pcp, python-cryptography, qemu, and salt), Red Hat (bind and podman), and SUSE (csync2, glibc, java-1_8_0-ibm, nodejs12, nodejs14, python-Jinja2, and rpmlint).

          • KDE neon Blog: Offline Updates are Coming

            For a very long time we’ve been paving the road for offline updates. We are excited to finally introduce the first step to the KDE neon Unstable Edition today and would love to hear your opinion in the forum.

            Unlike regular updates offline updates are not applied immediately but are only download and marked for installation on the next system restart. This has the tremendous advantage that you no longer need to interrupt whatever you are doing to update the system. They also prevent the system from entering a curious state of inconsistency resulting in an increased chance of bugs and crashes just after updating. Previously you might have been angrily looked at by Firefox, had Dolphin crash on you, or even got locked out of the session because the lockscreen jumped off a cliff after you applied an update. The reason for this is that most complex pieces of software really do not fare well if essential files change out from under it. Offline updates solve this problem by simply moving the installation stage to a time when the system is in a less vulnerable state.

          • Working Linux exploit for Spectre flaw found by French researcher

            A French researcher claims to have found a working exploit for the Spectre vulnerability on Linux systems on the VirusTotal database, the first such exploit to come to light since the flaw was made public by Intel back in 2018.

            Julien Voisin said in a short post on Monday that a Windows exploit had also been uploaded, adding that he had not looked at it closely.

          • Working Windows and Linux Spectre exploits found on VirusTotal

            Working exploits targeting Linux and Windows systems not patched against a three-year-old vulnerability dubbed Spectre were found by security researcher Julien Voisin on VirusTotal.

            The vulnerability was unveiled as a hardware bug in January 2018 by Google Project Zero researchers.

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

          • Privacy/Surveillance

            • Singapore reveals open-source blockchain COVID-test result tracker, eyes uses as vaccine passport app [Ed: Openwashing surveillance and Orwellian stuff, as has become common]

              Singapore has proposed a blockchain-based document verification system developed by its GovTech agency to provide proof of recent negative COVID-19 tests, and hopes it becomes used to offer proof of vaccination status around the world.

              Named "HealthCerts", the system is based on open-source framework known as OpenAttestation that uses blockchain to issue cryptographically trustworthy documents. The technology is already applied by some local universities to issue and authenticate diplomas.

              [...]

              From that date travelers planning to leave Singapore will book in for a COVID PCR test before they fly. Results will be uploaded to a government website and aspiring tourists will then go online to request the results be notarised by the Ministry of Health. If approved, the QR code linking to the notarised digital certificate will appear in SingPass Mobile, the nation's app for consuming digital government services.

    • Censorship/Free Speech

      • Hardware Unboxed Has Been Shadow-Banned From YouTube

        The somewhat popular Australian hardware review channel Hardware Unboxed, with 730k subscribers, has been shadow-banned from the Google-owned video hosting platform YouTube. This illustrates the importance of diversifying by creating your own video hosting platform using free open source software if you are completely reliant on one or two big-tech platforms.

        [...]

        YouTube has a long history of shadow-banning, and outright de-platforming, anyone who mentions any inconvenient truth or has that today rare quality called "critical thinking skills". The rampant YouTube-censorship has so far not affected any bigger mainstream technology-related YouTube channels. That seems to have changed with the current shadow-banning of the Australian hardware review channel Hardware Unboxed.

        [...]

        YouTube never told Hardware Unboxed that their channel is shadow-banned or why. YouTube did warn them that their channel had been flagged for some kind of "suspicious activity" the same day the shadow-ban took effect, so there is likely some relation between that vague warning and the shadow-ban. Nobody from Hardware Unboxed can tell you what, concretely, that means or what, if anything, they have done on their end that would qualify as "suspicious activity".

        The shadow-ban is hurting the channel badly both in terms of viewership and financial revenue.

        Hardware Unboxed does not have any website of their and do not have their own video hosting platform. The excellent free software video hosting platform PeerTube is very easy to install, configure and use. Hardware Unboxed could easily diversify and become less reliant of the whims of big tech. Luke Smith is one of many mostly Linux-focused video creators with his own video hosting platform at videos.lukesmith.xyz. Hardware Unboxed aren't even on any of the alternative free-to-use video hosting platforms like BitChute thought they do have a presence on the subscription-based pay-walled Canadian video hosting platform floatplane.com.

      • this what happens when a user pisses off Google

        this is why there need to be alternatives to Google, Youtube, GoogleDrive… actually in every country.

    • Monopolies

      • Patents

        • Court Affirms Damages on Very Wide Royalty Range Testimony

          A jury sided with the patentee Bayer — finding the patent infringed and not proven invalid. The judge refused to allow the jury to decide willfulness, and instead found no willful infringement as a matter of law. Affirmed here on appeal.

          The basic setup: Bayer’s U.S. Patent No. 9,364,520 covers a conjugate that includes a “functional Factor VIII polypeptide” having a particular amino acid sequence (“or an allelic variant thereof”). Factor VIII is normally produced by the human liver and is important to blood coagulation. Thus, Factor VIII is also a helpful treatment for hemophilia A. The conjugate also includes polyethylene glycol (PEG) that is used as a preservative and has a particular binding site on the polypeptide (“the B-domain”). The process of joining the two factors together is known as PEGylation. The B-domain binding site limitation was important because prior researchers had found that non-specific conjugation changed the Factor VIII in a way that reduced or eliminated its functionality.

          [...]

          RANDOM: Construing the Claim Construction. The district court construed the claimed polypeptide conjugation as “not random” based upon statements in the patent and the prosecution history. On appeal, the defendant argued that the term random – although not found in the claims – should have been construed by the district court.

          On appeal, the Federal Circuit found no error — explaining that claim construction need not “purge every shred of ambiguity.” quoting Acumed LLC v. Stryker Corp., 483 F.3d 800 (Fed. Cir. 2007). Here, the defendant had asked for a particular narrow construction and the district court had refused — finding it too narrow.



Recent Techrights' Posts

Official SUSE Blog Still Uses LLM Slop (Bots) to Make Fake Articles (Marketing)
The company is all about sound bites
Companies Realise That Slop Doesn't Work as Advertised, Accordingly Dump It
"Hype dims as a country-wide survey of US corporations shows a sudden drop-off in AI use among firms with more than 250 employees."
Microsoft-Funded Lawsuits Against Critics of UEFI 'Secure Boot'
Remember that no company (or law firm) ever survives collaborations with Microsoft
It's Only the Second Week of September and Already Two Waves of Layoffs at Microsoft, Slopfarms and Microsoft-Funded Sites Spin It as "AI Investments" Rather Than Commercial Failure
A very large third one expected next week
If Your Machine Still Has "Secure Boot" Enabled, Then Microsoft Has a de Facto Kill Switch (Even If Your Machine Doesn't Have Windows and Never Had Windows)
It is not incorrect to call UEFI 'secure boot' a "kill switch"
Reddit is Corporate Propaganda
To make matters worse, Reddit ousted many original moderators
Jeff Geerling Shocked to Discover Many Metrics in YouTube Are Fake (His Audience Turns Out to be Much Smaller)
Maybe self-host all videos, don't rely on Google's "FOMO" cheating (addiction based on false assumptions)
 
Links 09/09/2025: “Torrents of Hate” and Political Crisis in France
Links for the day
Gemini Links 09/09/2025: "Dedigitizing" and Forgejo on FreeBSD
Links for the day
Google News (Not Just Google Search) Lets Itself by Gamed by One Slopfarm - to the Point Almost Half of "Linux" News is Bot-Produced Plagiarism (LLM Slop With Slop Images)
That says a lot about what Google thinks of quality, even in Google News
Bill Gates-Funded Media Inadvertently Refutes the Microsoft Lie That in 2025 Microsoft Had Just Two Waves of Layoffs
There were about 12 rounds of layoffs so far in 2025
From theregister.co.uk to theregister.com (US) to The Register MS (Run by Microsoft Operatives) and theregister.ai
The best way to break this racket (or cycle of hype and harm) is to break the chains of funding
Open Source Initiative (OSI) Culture of Censorship Necessitates More Speech
The OSI bans dissent or people who merely point out that the OSI is abusive
How to Reach Us Discreetly (Other Than Encrypted E-mail)
We're still managing to maintain a 100% source protection record. We soon turn 19.
LLMs Are Vastly Worse Than a Waste of Energy and the Externalities Are Huge
Worse than just higher power bills for everybody
LLMs Versus Search (Not Replacing Search But Engaging in DDoS Attacks Against Web Sites That Permit Searching)
The state of the Web isn't just bad; it's utterly terrible
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, September 08, 2025
IRC logs for Monday, September 08, 2025
The UEFI 9/11 - Part IX - Shunning Old Computers (in 2023 the Certificate Was Updated/Overridden, Underlying Aim May Be Herding/Forcing People to Get TPM and Other 'Novel' Restrictions)
the "upgrade treadmill"
Rumour: Second Wave of Microsoft Mass Layoffs in September to Commence Third Week of September
That basically answers questions like, "Any specific date or time of the month?"
Gemini Links 08/09/2025: Reality, ROOPHLOCH 2025, and Writing Another Gemini Client
Links for the day
Updating Firmware is Not the Solution But Only Additional Risk, Disable "Secure Boot" Today
firmware blobs are buggy, secret, impossible to audit, and barely tested
Microsoft Tim's DevClass (Part of The Register MS/Situation Publishing) is Full of Slop
Looking at many sites that are full of slop images is becoming an eye sore and hallmark of text too likely generated by LLMs or 'assisted' (tainted) by them
Microsoft Trying to Fake Demand for Slop. At What Cost?
That's a giant demotion and broken promises
Sunlight is the Best Disinfectant and Kryptonite/Garlic to Vampires
Transparency (sometimes described by words like "Sunlight" or "Truth") is paramount
The Register MS Uses Slop in Articles About Slop
we are fairly certain it's slop or CG based on other people's work
Visiting a Web Page or a Public URL Should be Safe, Predictable, and Benign
It's probably too late to "fix" the Web
The Register MS (Situation Publishing) is Paid to Spread Mindless Hype for the "Hey Hi" Ponzi Scheme and That's a Serious Problem
"Sponsored by Zoom."
Links 08/09/2025: Burger King Cracked, Cox v. Sony Analysed
Links for the day
Gemini Links 08/09/2025: Socialist Computer Museum and GAFAM/ByteDance/TikTok-Dominated Net
Links for the day
Links 08/09/2025: Tim Crook Disappoints Apple Faithfuls and Zuckerberg Lies (Financial Fraud) for Cheeto King
Links for the day
EPO Workers Point Out that the EPO is Destroying the Planet Under the Guise of "Hey Hi" (It Also Grants Many Invalid Patents Illegally
On 12 March and 16 June 2025, staff representation met with the administration in the Local Occupational Health, Safety and Ergonomics Committee (LOHSEC) in Munich
Turn Off Microsoft's Restricted Boot ("Secure Boot")
We're still running a series on this issue
Social Control Media Sites Have Become Bot Farms (Not Limited to LLMs and Automation)
linkedin.com was nothing but trouble and losses for Microsoft
Deep in Debt With the Magnitude of Losses Quickly Growing, Microsoft "Open" "Hey Hi" Now Uses Broadcom for Vapourware, Pretending It'll Do OK Next Year
At some stage it'll collapse
You Can Tell Microsoft is in Trouble When Its Own Fans and Staff Blast it
"Microsoft sinks billions into chasing artificial intelligence fads to hype up its share price."
Multiple Undersea Cable Cuts and We're Still OK
Microsoft customers experience problems
Lawyers Who Think They Are Online Assassins Don't Deserve a Licence to Operate
they've become a laughing stock in their "sector"
Microsoft Windows Fell to 3.9% "Market Share" in Bahamas
Based on statCounter
How the European Union (EU) Fell Out of Love With Free/Libre Software
Lots of bribery
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, September 07, 2025
IRC logs for Sunday, September 07, 2025
Gemini Links 07/09/2025: Scanner, Slop, and Chadobear
Links for the day
The UEFI 9/11 is 3 Days Away
Nobody denies that bad things will happen
Google Versus Journalism
Google played a big role in the demise of news sites
Gemini Links 07/09/2025: Advertising, Decentralized Archival, and Outsourcing to Bezos
Links for the day
Certificate Authority Let's Encrypt Has Almost Gone Down to Zero, Nearly Totally Extinct in Geminispace, the Few Capsules Still Using It Are Spam/Dead/Stagnant
This represents another decrease for Let's Encrypt; the last decrease was last week
Not Much Left in News Cycles
To be very clear, this does not describe "Linux" anything; it's true in just about every facet of news, except the paid-for fake "journalism" about "hey hi" (sites getting paid explicitly to maintain or rekindle hype)
Trying to Silence Techrights Was a Huge Mistake
Peter Thiel attacked a publisher for asserting, correctly, that he was gay. Now everyone knows it.
Throwing Away "Old" Computers (Mozilla and Other Climate Deniers)
Mozilla is not leftist
The UEFI 9/11 - Part VIII - Denial of Service and Selling Us WSL (Windows) Instead of "Risky" (Prone by Breakage by Microsoft) GNU/Linux
Restricted Boot (so-called 'SecureBoot') does not improve security. It is nothing but trouble. It's meant to trouble non-Windows users. In dual-boot setups, SecureBoot is a recipe for disaster because Microsoft keeps erasing or tampering with the boot sector, to paraphrase an associate
Slop is Extremely Rare in Geminispace, Slop Images Are Unheard Of (Despite Images Being Supported)
As long as Geminispace grows in terms of domains it's safe to predict the protocol will still be used in 2029 and hence Geminispace will turn 10
Links 07/09/2025: Robodebt Class Action, Fines, and Copyright Settlement
Links for the day
Links 07/09/2025: Yle Impersonated in Social Control Media, Boat-Attacking Orcas, Midjourney Sued Again
Links for the day
Slopwatch: LinuxSecurity, Linux Journal, and the Serial Slopper
Google won't tackle the issue because Google participates not only in relaying slop but also in generating lots of it
Links 07/09/2025: Google Fines in EU and "Your Internet Access Is at Risk"
Links for the day
Gemini Links 07/09/2025: Little Brother and Corporate Theatre
Links for the day
Links 07/09/2025: More Harms of Slop and Anthropic's Nightmare Scenario (Huge Legal Liabilities for Slop)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, September 06, 2025
IRC logs for Saturday, September 06, 2025