Links 9/3/2021: RISC-V Growing in Europe, More Fake Security From Linux Foundation

Posted in News Roundup at 4:38 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Server

      • European HPC chip boots Linux

        The European Processor Initiative (EPI) has demonstrated Linux booting on the first version of its RISC-V core for high performance computing (HPC) on an FPGA
        The EPI project has 28 partners from 10 European countries working on an independent core for HPC. A subset of the European Processor Accelerator (EPAC) 1.0 core was implemented on programmable FPGA hardware to boot the operating system. This is expected to be used as multiple cores alongside the ARM Zeus-based cores to handle artificial intelligence, machine learning and other high performacne applications.

        The boot took “a few dozens of seconds” compared to weeks using cycle-accurate software simulation. The system is fully usable and interactive for system software and application development and it also includes Ethernet connectivity to enable running large and complex software packages such as OpenMP and MPI.

      • European Processor Initiative EPAC1.0 RISC-V Core Boots Linux on FPGA

        One key segment of EPI activities is to develop and demonstrate fully European processor IPs based on the RISC-V Instruction Set Architecture, providing power efficient and high throughput accelerator core named EPAC (European Processor Accelerator). Using RISC-V will allow leveraging open-source resources at hardware architecture level and software level, as well as ensuring independence from non-European patented computing technologies.

        First silicon implementation of EPAC 1.0 test chip is expected in the second half of 2021 and as an important technical milestone towards that goal, we have successfully booted Linux on a subset of EPAC 1.0 synthesized on FPGA. The FPGA design includes the Avispado RISC-V core, the Vector Processing Unit (VPU), the Network on Chip (NoC), the Shared L2 Cache with Coherence Home Node (L2HN), interrupt controllers, IO peripherals and several other components. This implementation will enormously speed-up software development on the EPI HPC architecture as well as testing and improving the architecture for next generations EPAC chips.

    • Audiocasts/Shows

    • Kernel Space

      • Linux 5.11.5, 5.10.22 Released With Headless AMD Navi 12 SKU Backported

        Just two days after the release of Linux 5.11.4 it has now been succeeded by Linux 5.11.5 and the maintained LTS kernels also saw new releases this morning.

        Among the fixes in this latest round of point releases is a USB audio fix for the Corsair Virtuoso SE, disabling VCN for a new Navi 12 SKU, enabling headset mic support on the Acer Swift, several Btrfs file-system fixes, a fix to resume from suspend if the system is running on battery and has a RTL8105e ASIC, and several other fixes.

      • Linux 5.11.5
        I'm announcing the release of the 5.11.5 kernel.
        All users of the 5.11 kernel series must upgrade.
        The updated 5.11.y git tree can be found at:
        	git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.11.y
        and can be browsed at the normal kernel.org git web browser:
        greg k-h
      • Linux 5.10.22
      • Linux 5.4.104
    • Applications

      • Canva Vs. Inkscape [Ed: Conflating Free software with "Freeware," promoting proprietary software]

        I’ve been trying Canva since a few months ago, and truth is, it has blown my mind. HEY, I still LOVE inkscape, but when I started giving workshops to people who wanted to improve their social networks, reality was that my students were not experts on design, and tools like this became my allies.

        I’ve always supported Freeware, since those are simply apps that have a free version along their paid features. Best from Canva is that their free version doesn’t expire, which is definitely a highlight. And that’s why today I want to tel you some of the pros and cons that I found along the way.

    • Instructionals/Technical

      • A little tool to make DNS queries

        Hello! I made a small tool to make DNS queries over the last couple of days, and you can try it at https://dns-lookup.jvns.ca/.

        I started thinking about this because I’m working on writing a zine about owning a domain name, and I wanted to encourage people to make a bunch of DNS queries to understand what the responses look like.

      • How To Install Sublime Text on Manjaro 20 – idroot

        In this tutorial, we will show you how to install Sublime Text on Manjaro 20. For those of you who didn’t know, Sublime Text is a cross-platform text and source code editor with a Python API. It is a sophisticated text editor for code, markup, and prose. Its functionality is extendable with plugins. Most of the extending packages have free-software licenses and are community-built and maintained.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Sublime Text on a Manjaro 20 (Nibia).

      • Collect sensor data with your Raspberry Pi and open source tools

        I have lived in 100-plus-year-old brick houses for most of my life. They look nice, they are comfortable, and usually, they are not too expensive. However, humidity is high in the winter in my climate, and mold is a recurring problem. A desktop thermometer that displays relative humidity is useful for measuring it, but it does not provide continuous monitoring.

        In comes the Raspberry Pi: It is small, inexpensive, and has many sensor options, including temperature and relative humidity. It can collect data around the clock, do some alerting, and forward data for analysis.

      • [Older] Server-sent events: a simple way to stream events from a server

        Yesterday I learned about a cool new way of streaming events from a server I hadn’t heard of before: server-sent events! They seem like a simpler alternative to websockets if you only need to have the server send events.

        I’m going to talk about what they’re for, how they work, and a couple of bugs I ran into while using them yesterday.

      • How To Install OpenOffice on Debian 10 – idroot

        In this tutorial, we will show you how to install OpenOffice on Debian 10. For those of you who didn’t know, Apache OpenOffice, commonly known as OpenOffice.org or OpenOffice, is an open-source office productivity software suite whose main components are for word processing, spreadsheets, presentations, graphics, and databases.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of OpenOffice on a Debian 10 (Buster).

      • How to Show Line Numbers in vi / vim Editors – Putorius

        It is important to be able to see line numbers when working with shell scripts or configuration files. In this Linux quick tip we will show you how to quickly show line numbers in the vi editor. We will also show you how to make displaying line numbers the default behavior for vi. Finally, we will discuss using the line numbers to jump to a specific line in a file.

        To show line numbers in vi or vim, simply set the number parameter. To do this enter the :set number command to turn on the number parameter. This will add a line number to each row down the left hand side.

      • How to increase the disk space of an AWS EC2 Ubuntu instance

        Sometimes there could be a need to increase the disk space of your servers. It is always recommended to take a snapshot of the volume before you extend it or increase the disk size. Also, it is not advisable to decrease the disk size. Increasing the size of a volume does not increase the size of the partition, its file system must be extended. One needs to use a file system-specific command to resize the file system of the volume.

        In this article, we will increase the disk space of the boot volume (root partition) with the filesystem of type ext4 of Ubuntu 20.04 Server.

      • How to update the ONLYOFFICE Docs Docker version on Ubuntu

        ONLYOFFICE Docs is an open-source office suite distributed under GNU AGPL v3.0. It comprises web-based collaborative editors for text documents, spreadsheets, and presentations highly compatible with OOXML formats (docx, xlsx, pptx).
        ONLYOFFICE Docs can be used with various cloud storage platforms such as Nextcloud, ownCloud, Seafile, Alfresco, HumHub, Plone, etc., as well as embedded into your own solution. ONLYOFFICE Docs can also be used together with ONLYOFFICE Groups, a free open-source collaboration platform distributed under Apache 2.0 (the complete solution is available as ONLYOFFICE Workspace).
        In this tutorial, we’ll learn how to update the Docker version of ONLYOFFICE Docs. If you’re new to ONLYOFFICE Docs, learn how to install the suite on your Ubuntu machine in this article.

      • mjg59 | Unauthenticated MQTT endpoints on Linksys Velop routers enable local DoS

        Linksys produces a series of wifi mesh routers under the Velop line. These routers use MQTT to send messages to each other for coordination purposes. In the version I tested against, there was zero authentication on this – anyone on the local network is able to connect to the MQTT interface on a router and send commands.

      • [Quick Tip] Single Command to Rotate a Video in Ubuntu Linux | UbuntuHandbook

        Got a video playing upside down? Here’s an easy way to rotate it via a single command in Ubuntu.

        There are a few video players, e.g., SMPlayer, support for rotating by 90 degrees clockwise or counter-clockwise during video playback.

        If you want to make it permanent by exporting video rotated, besides using a heavy video editing tool, e.g., Pitivi and Openshot, the single command in this tutorial may help.

      • How to Use a Printer in Linux Apps on Chromebook | Beebom

        In my opinion, Linux apps are far more helpful on Chromebooks than Android apps. You get a full-fledged desktop experience and the performance remains top-notch. I love the fact that you can run the Linux version of Skype, Libre Office, Steam. etc. on a Chromebook without a hitch. Clearly, things are improving so users want all the features in Linux apps on Chromebook. For example, users want to print directly from Linux apps such as Libre Office on a Chromebook, but there is no native support. So in this article, we bring you a handy guide on how to use a printer in Linux apps on Chromebook. On that note, let’s go through the guide.

      • How to Configure and Operate Linux Servers – Full Course

        Linux has long been a favorite operating system for server administration because it’s a secure open-source operating system that’s able to be both stable and flexible.

        We released a course on the freeCodeCamp.org YouTube channel that will teach you how to configure servers running the Linux operating system, including the boot process, kernel modules, network connection parameters, localization groups, and more.

      • What is a Helm Chart? A Tutorial for Kubernetes Beginners

        Kubernetes is a very helpful tool for cloud-native developers. But it doesn’t cover all the bases on its own – there are some things that Kubernetes cannot solve or that are outside its scope.

        This is one of the reasons why open source projects are so great. They help amazing tools become even more amazing when we combine them with other awesome open-source tools. And often these tools were developed for the sole purpose of filling the gaps. One of these tools is Helm.

      • The Refinery, an Analogy for Distributed Systems

        A refinery is a distributed system. There are specs and basically internal contracts on each sub-unit regarding the quantity it should process per day, what the requirements for inputs and the desired output characteristics are. Instead of queries, the inputs and outputs are, you know, oil and gas.

        There are continuous and batch processes. Just like in tech, the interface between these is the subject of a lot of literature and ops knowledge.

        In tech, services have availability and latency SLOs. In a refinery, there are input and output SLOs (plus specs like purity, sulfur content, water content, etc.).

        In tech, there are error budgets. In a refinery, you have emission budgets as a limiting factor. You may only send x amount of NOx or SOx or CO2 into the air over the course of the day. You may only go over the target value for n hours per month, otherwise the company pays a fine. The water that leaves the grounds may only be so-and-so polluted and have at most y degrees of temperature, otherwise there is another fine. And so on.

        And just like in tech, contractors do the darndest things, although in tech, you rarely get a truckload of methanol dumped into your waste water stream.

      • The Truth About High-Resolution Audio, CD Quality, and MQA

        There are far more variables in the Hi-Fi and Head-Fi experiences than most realize, and depending on your current state the best way to upgrade varies significantly. Here are some examples.

        If you have consumer gear, the best thing you can do to upgrade your experience is to upgrade your gear

        If you have audiophile-level gear, the recording quality becomes the most important factor

        High-resolution files only matter if you’re doing everything else really well

        If you have a perfect recording and phenomenal gear, then (and only then) does high-res start to matter

      • How To Remove The HTML Extension From A URL

        What this snippet of code is doing, is stripping out .html from the URL path. It will also redirect anyone who visits a URL with .html appended to it, so you shouldn’t get any 404 errors if people visit the full URL.

      • The Wonderful World Of WordPress Wizardry For Working With Websites

        On 04th February I flipped back to WordPress from Jekyll. This was relatively simple to do, as my guestbook was already running WordPress and used a theme that look exactly like the theme on my Jekyll site.

        So, I restored a backup of my WordPress site from before the switch to Jekyll, so I had most of my content ready. I then dumped any posts I had made with Jekyll back into WordPress, and I was done. After an hour or so of work, I updated the DNS to point to my server…

        And no-one even noticed!

        Well, that’s not strictly true. A couple of people noticed, but over the course of the month, I even had 2 emails from readers who commented on how performant my site was and how awesome static site generators like Jekyll are for this.

      • Getting PIV-based SSH working on a YubiKey

        Getting the thing to work as an SSH agent was, however, not the easiest thing I’ve ever done. There are multiple options here – you can use the OpenPGP applet and then configure GnuPG to work as an SSH agent, but that’s a brittle solution in my experience (gpg-agent is quite flaky, and often requires restarting when it forgets about the YubiKey). Instead, I wanted to see whether I could use the YubiKey’s PIV (Personal Identity Verification) applet to get this working.

      • I made a file copy thing

        If you’re unfamiliar with async I/O, it allows you to queue up reads and writes to run in the background, and check back later to see if they’re done, without having to wait before you start doing other things (like submitting even more requests). This ain’t no fancy pantsy high-level javascript event loopy memory safey framework though. It’s a ring buffer in memory shared directly with the kernel, and you’re responsible for reading and writing the right things at the right time. Luckily the io_uring authors wrote a handy library that eases some of the pain of this.

      • Some views and notes on ZFS deduplication today

        I’m not sure if it’s okay on SSDs, so here’s my view. Reads aren’t slowed by being deduplicated, but writes (and deletes) require a synchronous check of the DDT for every block, which means a synchronous SSD read IO if the necessary section of the DDT isn’t in RAM. It’s not clear to me what latency SSDs have for isolated synchronous reads, but my vaguely measured numbers suggest that we should assume on at least a couple of milliseconds per read.

      • How to Disable SSH Login to Specific User in Linux

        As you might already know, SSH (Secure Shell) is a network protocol for securely accessing a computer remotely. The server and client software in Linux are thereby known as SSH Server and SSH Client respectively and have many implementations.

        By default, SSH allows you to log in to any user of the computer, as long as you have the password for the user. However, this comes with the same problem which is faced by any software using password-based authentication: an invitation for an attacker to exploit and gain admin access.

        Today, we will see how to disable SSH login to a specific user, and more importantly, to the root user.

      • Using Nmap results to help harden Linux systems

        You don’t what’s vulnerable until you know what’s exposed. Nmap can help you find out what.

    • Games

      • Godot Engine – Release candidate: Godot 3.2.4 RC 4

        Godot 3.2.4 is going to be incredibly feature-packed, and we’re taking the time necessary to ensure that it will also be stable. That’s why we’re releasing a fourth Release Candidate now, focused mostly on fixing issues reported against the previous RC 3. Thanks to all pre-release testers who help us find and debug regressions!

        Things should now be in a pretty good shape and we hope to be able to release 3.2.4 stable soon™.

        For macOS, both the standard and Mono editor builds are now signed and notarized! Thanks to Prehensile Tales for the certificate and the work on the infrastructure.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Kongress 1.0.1 is available

          The first bug fix release of Kongress, the conference companion application of the KDE community, is now available. Several fixes have been included in this release…

          Kongress is available in various desktop and mobile Linux distributions. You can also install the flatpak version of Kongress from the software repository of your distribution or directly from flathub. Android users can also try the nightly build from the F-Droid repository of KDE.

        • Efficient custom shapes in QtQuick : shaders

          A long time ago, I wrote a post about creating custom shapes in Qt Quick, via the scene-graph APIs. That post covered defining suitable geometry to draw a part of a circle, known also as a ‘sector’, efficiently, since such sectors occur commonly in instrument and vehicle interfaces. I started writing the second part, about implementing the material and shaders to make the complete functioning item.

          Then, somehow, life and customers intervened, and I forgot all about publishing the second part, and now it’s an embarrassingly long time later. Not as bad as the wait for A Dance With Dragons or Duke Nukem forever, but still, embarrassing. This is all my way of saying, here’s a post about writing shaders and QtQuick scene graph materials, which is interesting but also more than three years late, and that WordPress apparently doesn’t remind you that you have drafts sitting around.

          In the previous post, I talked about creating the geometry for the custom sector item. We saw that I need to define the geometry as a collection of triangles (since GPUs love triangles), each triangle having three points, or vertices. Additionally, we saw that we can create our triangles somewhat larger than we need, to allow us to make a perfectly curved edge for our sector, as well as to permit some other effects such as anti-aliasing (reducing the appearance of steps or ‘jaggies’ on the edge) and even adding borders. And UX designers love borders almost as much as they love gradients and rounded corners.

          Making our triangles larger also means we need fewer. The extreme case of this is just to make two triangles (a square) covering the whole circular area of the sector. But that’s wasteful, especially as our fragment shader grows more complex, which it’s about to do. Also, on a tiled renderer (which means almost every mobile GPU in practice), if we can reduce how many tiles the geometry intersects, we get some additional performance wins. So, we want to have enough triangles that our geometry approximates our real shape, but not so many that we’re making the scene-graph or vertex processing elements do unnecessary work.

    • Distributions

      • Haiku Survey February/March 2021

        Please do not hesitate to give your feedback on Haiku in the survey – your feedback can influence decisions we make in the future. Additionally, if you have any feedback on how the survey should be conducted, please let kallisti5 know either through the forums or on the Haiku mailing lists.

      • Reviews

        • Trisquel Linux Wraps Polish and Productivity Into Four User Needs

          Trisquel Linux is one of those computing staples you wished you knew about much sooner. This Linux distribution has been around literally for years and is extremely polished.

          Trisquel GNU/Linux is based on Ubuntu 18.04.5 LTS (Bionic Beaver) but comes with the Linux-Libre kernel using Ubuntu’s 4.15 kernel. That should not matter to newcomers or seasoned Linux users.

          But if you are driven by the notion of purity in free software, you might have to pause to ponder where you want to straddle the line. This issue is a battle cry for some Linux users, much like their choice of, for instance, Debian versus Arch or any other Linux family.

          Unlike the Debian Linux kernel, the Linux-Libre kernel lacks by design any non-free firmware. It also prevents users from loading non-free firmware even if they wish to do so. That is a major sticking point with the Free Software Foundation (FSF), which has endorsed Linux-Libre for its commitment to truly free software standards.

          The definition of what constitutes true free software is a technicality. Both kernels are free software, but the FSF takes issue with the Debian GNU/Linux distribution’s inclusion of non-free repositories on the same infrastructure.

          For clarity’s sake, users of distros running the Debian Linux kernel do not pay for firmware or software from distro download repositories. The developers front those costs. Trisquel is one of the few Linux distributions endorsed by the Free Software Foundation.

          So technically, users ride for free either way. The Trisquel project, based in Spain, is 100 percent free to download and use. It is managed by independent developers and is partially funded by donations.

          Trisquel offers a family of Linux editions that meet or exceed the needs of home users, small enterprises, and educational centers. Trisquel can also be an ideal platform for multimedia workstations.

      • BSD

        • My jail post was read on BSDNow!

          I was catching up on podcasts yesterday and realised that Benedict Reuschling and Allan Jude had discussed my follow-up post about FreeBSD jails on episode 391! Better still, I made them both laugh, so mission accomplished :).

          Allan mentioned that in addition to what I described, ZFS feature flags can be enabled for specific jails. I’ve been dealing with an issue where extended attributes aren’t being passed to Mac guests from a jail running Samba, but on the host they do. This might be an avenue of inquiry to check out.

      • SUSE/OpenSUSE

        • openSUSE Leap 15.3 Beta Performance Is Looking Good

          Given the beta phase of openSUSE Leap 15.3 having started earlier this month, here are some preliminary benchmarks looking at the performance for openSUSE Leap 15.3 with the initial beta snapshot against Leap 15.2 with all stable release updates against the rolling-release openSUSE Tumbleweed.

          For this initial round of benchmarking for the openSUSE Leap 15.3 beta phase, a single Intel system was used for the preliminary benchmarks while once Leap 15.3 is out this summer there will be plenty more benchmarks. The Intel system used was the recently reviewed OnLogic Helix 500 IoT/edge computer system with Core i7-10700T Comet Lake processor.

        • Is openSUSE Leap Ready to Be the New CentOS? | Data Center Knowledge

          OpenSUSE Leap is set to become an identical twin to the commercial distribution SUSE Linux Enterprise in a way that CentOS never was to RHEL.

        • SUSE eLearning Will Help Bridge the Growing Technical Skills Gap

          The IT skills gap continues to widen. IDC’s 2019 Worldwide CIO report shows that 30% of high-demand roles for emerging technologies will remain unfilled through 2022. As a result, training existing teams remains a top priority for CIOs, and SUSE is here to provide the level of support needed to accomplish this.

      • Arch Family

        • Arch Linux Looking To Employ LTO By Default, Possibly Raise x86-64 Requirements

          Arch Linux developers are considering some default enhancements to their Linux distribution that would increase the out-of-the-box performance.

          Following openSUSE Tumbleweed using LTO by default, Fedora 33 doing it too, and Ubuntu 21.04 set to ship with LTO’ed packages, Arch Linux is finally looking at enabling link-time optimizations by default for their package builds.

          Turning on link-time optimizations (LTO) often enhances the performance of the resulting binary thanks to the added optimizations that can be done at link-time on the entire binary. LTO can also provide some size benefits and other enhancements but at the cost of slower compilation times and increased memory usage. LTO though is normally working quite well these days on both the GCC and LLVM Clang compilers.

      • IBM/Red Hat/Fedora

        • Alma Linux – An Open-Source RHEL Fork Built by CloudLinux

          Remember when I told you about CloudLinux donating up to $1 million to a CentOS replacement annually? Well, the operating system is finally here in the form of AlmaLinux – a free, open-sourced, community-driven, 1:1 binary compatible fork of RHEL 8. In case you missed that news, get yourself up to speed by reading all about it here.

          AlmaLinux is a community-inspired free and open-source Linux operating system developed to be the perfect replacement for CentOS 8. It was launched with the code name Project Lenix with the intention of it to be a 1:1 binary compatible fork of RHEL® 8 after the demise of the CentOS stable release.

          Built for anyone who relies on the CentOS stable release for their computing objectives, AlmaLinux is targeted at individuals and organizations that need an enterprise-grade distro similar to Fedora but can’t afford the RHEL license.

        • Download Fedora 33 Full Editions (Workstation, Server, IoT Included)

          Fedora, the technology leading computer operating system, reaches version 33 last year. Fedora is family to Ubuntu as both came from GNU/Linux — that is, variant of GNU operating system with Linux as the kernel. This article is a collection of all download links of The Editions including Workstation, Server, IoT, and The Spins so everyone can grab easily by one click. Happy downloading!

        • “Fedora Linux” Is The Latest Change Proposed For F35 – Phoronix

          While Fedora 34 will be out around the end of next month, there are already change proposals being filed for Fedora 35 that will come in the autumn. One of those early changes for that next release cycle is referring to the OS as “Fedora Linux” within its OS release information.

          Arguably most users refer to this Red Hat sponsored Linux distribution as “Fedora” and have been doing so since the original “Fedora Core” days for the distribution prior to merging of the Core and Extras repositories. But as the Fedora Project technically provides a distribution (Fedora Linux) as well as related efforts like the Extra Packages for Enterprise Linux (EPEL), moving ahead they are looking at ensuring the OS is branded as Fedora Linux.

        • Open Mainframe Project Kicks Off First Quarter with New Members, Additional COBOL and Linux on Z Resources and Launch of the 2nd Annual Open Mainframe Summit

          The Open Mainframe Project (OMP), an open source initiative that enables collaboration across the mainframe community to develop shared tool sets and resources, today welcomes ASG Technologies, BMC Software and High School Technical Services as well as COBOL Check and ConzoleZ to its growing global community.

        • Linux on Oracle Cloud Infrastructure: Deploying components of your cloud made easy…

          In this week’s Training Tuesday blog we will begin with the first in a series of blogs about Linux on Oracle Cloud Infrastructure. Each blog provides pointers to free, short videos that you can watch at your own pace to get a better at understanding of the products.

          This first blog focuses on deploying components of your cloud. You will learn to build and administer compute instances to support your solution in Oracle Cloud Infrastructure. This comprehensive set of videos includes Oracle Autonomous Linux, enabling and using the oci-utils and cloud-init utilities, working with boot volumes, the Oracle Linux KVM image, OS Management for Linux, and using Terraform to deploy Oracle Linux on Oracle Cloud Infrastructure.

        • New Rocket solution addresses terminal emulator pain points | ITWeb

          “Rocket Software, a trusted terminal emulation partner to global companies who need access to mission-critical host systems, has launched Rocket Terminal Emulator to address terminal emulation needs more efficiently, at a lower cost, for every organisation that relies on IBM Z mainframes, IBM I, or other VT-based systems that need a terminal emulator for host access,” she says. “Rocket Terminal Emulation solutions provide a cost-effective alternative to ageing emulators. Highly configurable with native security to ensure that your critical business data remains protected, this is a cost-effective alternative that delivers exceptional value.”

          Rocket Terminal Emulator (formerly Rocket BlueZone) provides a fast, reliable, and cost-efficient way to access terminal-based applications like IBM i (TN5250), IBM Z (TN3270), and UNIX/DEC (VT) from desktops, Web, or mobile devices. Rocket Terminal Emulator can deliver faster emulation with advanced functionality at a fraction of the cost of incumbent emulation technologies.

        • Linux sysadmins: What’s your favorite IDE? | Enable Sysadmin

          When you think of the tools a sysadmin relies on every day, an IDE isn’t necessarily the first thing that comes to mind. IDEs are for developers. It’s literally in the name: Integrated Development Environment (IDE). Setting aside the reality that most sysadmins by necessity do a lot more than their official job description lets on, an IDE is still a useful tool for any resourceful sysadmin with a personal collection of utilitarian scripts, a Git repo full of important Ansible plays, and half a dozen custom web portals to help their users navigate to all the important sites on the intranet.

        • Reflections on security vulnerabilities in 2020

          What can be said about 2020 that hasn’t been said already? It definitely was a year where things happened and there certainly were several of those things that involved security. Looking across the vulnerability landscape, we see that more than 176,447 CVEs were reported.

          Within the Red Hat portfolio, we identified 2,040 unique CVEs that impacted components we supply and support. This was far-and-away the highest volume of CVEs we’ve fixed in any calendar year on record. This translates to a significant amount of work an operator or administrator needs to do in order to keep their systems running at peak patch levels.

        • Istio adoption at Sberbank: Viewpoints from the international project team

          In 2018, Sberbank initiated a project, codenamed SberSynapse (referred to as Synapse hereafter), to develop a robust integration architecture for their banking application. Their goal was to build a cloud-native solution, so the Synapse team chose a service mesh — and, specifically, Istio — to manage communication between various banking applications and services.

          In this blog post, Brad Topol, IBM Distinguished Engineer, asked the Sberbank project team to comment on their work modernizing the current integration layer, key challenges, decisions made, and lessons learned.


          Vladimir Alekseev, Client Technical Architect, IBM: IBM and Sberbank have been partners for a long time, with both companies valuing open source development. IBM was a co-creator of Istio and is still one of its lead contributors, so our team was able to help Sberbank make architectural decisions and map non-functional requirements to Istio deployment in terms of performance, availability, and security.

          Istio contributors from the IBM Research team in Haifa worked with experts from the IBM’s Moscow office to help the Synapse team fully understand the specifics of designing and running Istio in production and take advantage of the flexibility offered by a hybrid cloud environment.

      • Debian Family

      • Canonical/Ubuntu Family

        • Ubuntu Shares Designs for Its New Desktop Installer

          Designs for the new Ubuntu installer have been shared by the Canonical design team, giving us our first proper look at what’s in store for this critical system element.

          As you’re probably aware of by now Ubuntu’s revamped installer leverages the new technologies underpinning its server set-up tool, and its UI is made using Flutter, Google’s open source web-based UI framework.

          “Consolidating the installer for server and desktop on common technologies will mean we can deliver a consistent, robust, installation experience across the Ubuntu family and focus our efforts on maintaining a single code base,” (now ex) Ubuntu desktop lead Martin Wimpress explained back in February.

        • Multi-cloud Kubernetes management with Portainer

          Our friends over at Portainer have been recently experimenting with Canonical’s Kubernetes distributions and created tutorials on how to run their container management system, which significantly simplifies the Kubernetes experience through an intuitive UI. They started small with MicroK8s, a lightweight Kubernetes for edge and IoT, and then looked at more complex enterprise use cases with Charmed Kubernetes on the Azure cloud.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • 8 Best Free and Open Source Calendar Software

        For many of us, our calendar is a centre point of our life. We are seeing fewer households with a wall calender or a paper day planner to organize their schedule. Instead, more households have moved over to managing their life with a digital calendar helping them to keep track of events, appointments and everyday tasks.

        As with countless other tools, you don’t need a proprietary hosted solution for your calendar needs. There might just be an open source project that’s a perfect fit.

        To provide an insight into the quality of software that is available, we have compiled a list of 8 high quality open source calendar software. Hopefully, there will be something of interest here for anyone who wants to manage their daily activities.

      • Open source enterprise support vs free open source use

        Many enterprises use open source enterprise support from a vendor, such as Red Hat or Canonical, to boost uptime and peace of mind. Others choose to use open source without any additional vendor support, relying on one of the major benefits of open source – the robust community support that is freely available. Oftentimes, those choices are driven by use cases, with teams opting for added support when running mission-critical workloads vs relying on community support for staging and dev environments.

        Ubuntu and CentOS are both popular examples of open source Linux operating systems adopted because of the breadth of community support, but also because of the availability of enterprise-grade support. However, since the announcement last December, the CentOS project as we knew it, will be discontinued. Many CentOS users are currently looking for other OS migration options, and our team has been connecting with users wanting to find out the best way to move workloads from CentOS to Ubuntu.

        If you are running CentOS in your estate and are looking to migrate to a stable, supported OS, this post outlines resources and guidance on migration from CentOS to Ubuntu.

      • Take the first global open source maintainer survey | Opensource.com

        I work for a company, Tidelift, that supports the work of open source maintainers. We care deeply about understanding the reality of maintainer life—good, bad, and otherwise—to advance the global conversation and provide better-targeted support for maintainers (in addition to paying them).

      • Has the cloud been good for open source?

        I used to be launched to open supply, as an idea, when working with some very proficient builders years in the past. All of them had “free software program” (that’s what open supply was referred to as on the time)—easy utilities that they gave away totally free, code and all.

        The time period “open supply” changed free software program after a time, actually to rebrand this idea to mirror a extra commercially minded group that regarded for the business prospects on this rising motion. This gave start to Linux, MySQL, MongoDB, Puppet, and so forth. (all nonetheless broadly used in the present day) and the rise of enterprises that choose, or no less than use, open supply software program.

        The attraction is greater than it simply being free. Those that select open supply expertise achieve this to take away the chance of some distributors going below or being acquired by an organization that will pull help, to call only some unfavorable outcomes. If this occurs, they’ll take the code and transfer ahead on their very own.

        These already within the public clouds perceive that open supply software program is a part of the providing. There are two flavors: first, a third-party software program system that runs within the cloud. Second, some model of open supply that has been rebuilt and rebranded to be a cloud-native providing however is functionally based mostly and depending on the open supply code tree.

      • Xiaomi Redmi Note 10 Pro, Redmi K40 Pro, Motorola Edge S, and OnePlus Nord Android 11 kernel sources are now available

        The GNU General Public License version 2 (GPLv2) mandates every Android device manufacturer to publicly release the part of Linux kernel code that they have shipped on their devices. An ideal kernel source release should be accompanied by appropriate commit history, and all the dependencies are expected to be properly documented. While we don’t expect every company to maintain such a high standard, there are a few OEMs who regularly publish the source code for all the software revisions they roll out. We are happy to report that a couple of new devices now have had their kernel sources released, namely the Xiaomi Redmi Note 10 Pro and the Redmi K40 Pro. Motorola has also updated its official GitHub repository with the kernel source code release for the Motorola Edge S and several other smartphones. The OnePlus Nord grabbed our attention as well, for which OnePlus has published kernel sources corresponding to the phone’s stable Android 11 update.

      • Web Browsers

        • Mozilla

          • Hide Your Lint Errors

            Have you ever submitted a patch to Phabricator only to have reviewbot reveal dozens of lint errors all over? Or worse yet, have you landed before reviewbot had a chance to analyze your patch and been backed out over lint failures? If so fear not, we’ve all been there. Still, it’s hard not to feel a little embarrassed when it happens. Luckily for you, it’s pretty easy to eliminate the possibility of it ever happening again!

            There are many places where one might want to run linters. In an editor for early and rapid feedback. At commit or submit time in case you forgot to run it in an editor. At review time in case you forgot to run it before submitting. Finally in CI in case all of the above fails. The key area to focus on here is at submit time. While running linters in your editor or at commit time can be beneficial, it’s at submission that you’ll want to have your backstop. That way you will be only person to ever know how many lint mistakes you let slip!

      • SaaS/Back End/Databases

        • Building Rich Web Applications with YottaDB

          For YottaDB to be a Web Application database, it must be integrated with a Web Server. The Web Server provides the outward-facing HTTP/HTTPS interface by which web browsers and REST clients communicate with the web application server.

      • Productivity Software/LibreOffice/Calligra

        • LanguageTool

          I read up and discovered LanguageTool, a LibreOffice add-on. It requires Java, which made me nervous about performance, but it’s been fine for the past week or so. It’s not blowing my mind, but it behaves much more like a modern spellcheck, so it was worth the installation for me.

        • New Generation: Flyer for schools and universities

          We’ve put the flyer source file on our wiki (in ODG format, for opening in LibreOffice Draw), so translations in more languages would be great! If you make a translation, please email it to us and we’ll add it to the wiki.

          And then: let’s get the flyers out there! We’ll print copies of these flyers, so if you want to distribute them in your school or university, send us an email and we’ll talk further.

      • FSF

        • GNU Projects

          • GSoC 2021: GNOME Foundation has been accepted as a mentor organization!

            Yay! We are participating in GSoC once again this year and our org features in the list of this year’s accepted organizations.

          • No GSoC projects in 2021

            For 2021, GNU has not been selected as a GSoC organization. This also means that GNUnet GSoC projects will not be offered through the GSoC programme. Thanks to all of those interested in our proposed projects and their efforts in preparing proposals, including preliminary discussions with us. If you are still interested in tackling any of the proposed open issues, you are very welcome to do so.

      • Programming/Development

        • Emmanuel Kasper: Displaying CSV files in a readable way on the terminal

          Until this week I did not know about the column command.

        • Python

          • Learn Python dictionary values with Jupyter | Opensource.com

            Dictionaries are the Python programming language’s way of implementing data structures. A Python dictionary consists of several key-value pairs; each pair maps the key to its associated value.

            For example, say you’re a teacher who wants to match students’ names to their grades. You could use a Python dictionary to map the keys (names) to their associated values (grades).

        • Rust

          • Experimental Rust-Based Coreutils Working Well Enough To Run Debian Basics

            Sylvestre Ledru who is a director at Mozilla by day while also being prolific to Debian/Ubuntu and LLVM/Clang development has managed to get a Rust version of Coreutils packaged and running well enough on Debian.

            Using “uutils” as a Rust implementation of the key Coreutils – GNU core utilities, some of the key CLI tools found on Linux systems – Ledru has managed to get a booting Debian system. Not only is Debian booting with the Rust-based Coreutils implementation but it’s handling the most popular Debian packages, building Firefox / Linux / Clang, and more. Ledru wrote more than 100 patches to get the code along this far and used it as an exercise to get more involved with Rust.

  • Leftovers

    • The Leningrad Rock Club turns 40! Listen to the legendary Russian bands that got their start at the Soviet Union’s first legal rock venue

      Founded on March 7, 1981, the Leningrad Rock Club was the first and largest venue in the Soviet Union where young people could legally perform rock music. Located on Rubinstein Street in what is now St. Petersburg, in the 1980s the Leningrad Rock Club counted more than 150 bands among its members, including groups like Aquarium, Kino, Alisa, Zoopark, and DDT that would go on to become Russian rock legends. While the rock club is also known for its connections to the KGB (indeed, it was officially overseen by the Soviet security agency) this shouldn’t overshadow the fact that real art was created within its walls; despite the censorship and constant pressure, the Leningrad Rock Club gave birth to new music, the best of which rivaled Western rock.

    • We All Move

      “To the memory of Christopher Columbus,” reads the inscription to the large Columbus Fountain in Washington, D.C., “whose high faith and indomitable courage gave to mankind a New World.” The monument was erected in 1912, and one cringes reading those words now. Columbus did not give mankind a New World. As the statue of the Native American man kneeling by Columbus’s side suggests, that world was already fully possessed by humanity.

    • Education

      • No Gates, No Keepers

        In a lot of ways, I have it easy. I have enough experience with software development and security research under my belt to basically ignore the requirements that HR puts on job listings and still get an interview with most companies. (If you want a sense of what this looks like, look no further than rawr-x3dh or my teardown of security issues in Zed Shaw’s SRP library… which are both things I did somewhat casually for this blog.)

        The irony is, I’m probably deeply overqualified for the majority of the jobs that come across my inbox, and I still don’t meet the HR requirements for the roles, and the people who are actually a good fit for it don’t have the same privilege as me.

        So if the rules are made up and the points don’t matter, why do companies bother with these pointlessly harrowing job requirements?

    • Health/Nutrition

      • Hospital-Owning Frist Family ‘Made a Killing’ During Pandemic, With Wealth Soaring by $8.1 Billion

        “HCA and the Frists join the ranks of pandemic profiteers that have seen their fortunes soar during a time of national tragedy.”

      • Opinion | Congress Must Expand Health Care Now Through the American Rescue Plan

        Expanding health care incrementally through the American Rescue Plan will help save lives now, and lay the groundwork for health care for all later.

      • Opinion | Making the Covid Vaccine Less Accessible to Poorer Countries Is Dangerous for Everyone

        COVID-19 and its variants reduce poor nations to producers of pathogens that will continue to disrupt economic and social life in wealthy nations. 

      • The Lost Year: What the Pandemic Cost Teenagers

        Everything looks the same on either side of the Texas-New Mexico border in the great oil patch of the Permian Basin. There are the pump jacks scattered across the plains, nodding up and down with metronomic regularity. There are the brown highway signs alerting travelers to historical markers tucked away in the nearby scrub. There are the frequent memorials of another sort, to the victims of vehicle accidents. And there are the astonishingly deluxe high school football stadiums. This is, after all, the region that produced “Friday Night Lights.”

        The city of Hobbs, population just under 40,000, sits on the New Mexico side, as tight to the border as a wide receiver’s toes on a sideline catch. From the city’s eastern edge to the Texas line is barely more than two miles. From Hobbs to the Texas towns of Seminole and Denver City is a half-hour drive — next door, by the standards of the vast Southwestern plains.

      • John Oliver On Drug Raids: Why Are We Raiding Houses For Drug Quantities That Could Be Easily Flushed Down A Toilet?

        John Oliver has demolished many institutions in his time (not literally, unfortunately, in most cases) as the host of HBO’s Last Week Tonight. It’s rare when a mainstream program chooses to address more esoteric matters often discussed at this website. But Oliver does it more than most and, for that, we truly appreciate him.

      • Opinion | The Ghost of the Trump Administration Is Haunting Medicare

        The Trump administration has outsourced Medicare to insurance companies and other for-profit middlemen, placing them between Americans and their doctors. 

      • Could Indigenous Midwifery Improve Maternal Health for Native Women?

        It was a chilly Wednesday in January when Kaylynn Begaye, six months pregnant, walked into the lobby of the Changing Woman Initiative, her mother, Christine, by her side. Begaye, 33, found herself in this clinic in Santa Fe, N.M., after one too many doctor visits in nearby Albuquerque had left her stressed out. Since giving birth to a son eight years ago, followed by a daughter five years later, Begaye, who is Diné (Navajo), said the treatment she endured during both of those deliveries left her dreading having to go through it all over again: getting separated from her newborns at birth without her consent, being rushed out of her hospital room while still in postpartum recovery, seeing her family treated poorly by a mostly white staff. The birth of her third baby would be different, she vowed. This time, it would be on her own terms.1

      • Kids and Cannabis today

        Martin Bolz began to smoke marijuana at 16. Now, three years later, he’s still smoking, though he says he won’t smoke forever. His “marijuana habit,” as he calls it, won’t help him get into the U.S. Air Force. No, he doesn’t want to drop bombs.  He wants the Air Force to pay for grad school. “I’m a productive stoner,” Bolz tells me. “I’ve been able to train my mind to do the same things with cannabis that I do without it.”

        When asked to describe his relationship to weed, Bolz says, “It’s complicated.” Many if not most Norcal teens deplore weed and praise it, insist they’d like to stop but go on using it. Are they addicted? Depends on how one defines addiction.

      • Antivax pediatrician Liz Mumper suggests “criteria” for knowing COVID-19 vaccines are safe

        Recently, I’ve seen a presentation by a pediatrician named Dr. Elizabeth Mumper being promoted by antivaxxer Robert F. Kennedy, Jr. and his antivaccine organization Children’s Health Defense entitled “How will we know that a COVID vaccine is safe?” It’s a great example of antivaccine propaganda disguised as “concerns” that are portrayed as seemingly reasonable but fall apart upon closer inspection. Before I get to that closer inspection of the video itself, however, let me explain how Dr. Mumper’s video is a perfect teaching tool to help identify antivaccine propaganda, particularly in the way that it basically answers the question with antivaccine talking points and an impossible standard.

      • INMO calls on WTO to waive vaccine intellectual property rules

        The Irish Nurses and Midwives Organisation (INMO) has today joined with nursing and healthcare unions around the world in calling for the waiving of Intellectual Property rules regarding Covid-19 vaccines.

        Alongside members of the Global Nurses Union (GNU), the INMO is calling on the Council for Trade Related Aspects of Intellectual Property Rights (Trips) of the World Trade Organisation (WTO) to support the proposed waiver “to ensure equitable and speedy vaccine production and distribution”.

      • I’ve lived twelve months in lockdowns. What now?

        Executive summary: many people who had plenty of money and stability in February 2020 now have have at least as much, often more. All the others are worse off. Sometimes a lot.

    • Integrity/Availability

      • Proprietary

        • Security

          • “git clone” Hit By Vulnerability That Could Lead To Code Execution

            Disclosed today is CVE-2021-21300 as a security vulnerability affecting git clone that could lead to specially crafted repositories being able to execute code during the Git clone process.

            Git versions back to v2.15 are affected by this security vulnerability. Specially crafted repositories could execute code during the git clone process on case-insensitive file-systems supporting symbolic links. The vulnerability stems from clean/smudge filters being abused like those used by Git LFS.

          • The Tor Software Has Two Potential Denial Of Service Vulnerabilities, Fix Is Coming Next Week

            Current and previous versions for the Tor Onion Router software have two undisclosed Denial Of Service vulnerabilities with the potential to cause problems for the Tor networks authority servers. The Torproject will release a new version with a fix “early next week”. Everyone who is using Tor Browser or running a Tor node should upgrade when it becomes available.

          • Linux Foundation Announces Free sigstore Signing Service to Confirm Origin and Authenticity of Software

            The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the sigstore project. sigstore improves the security of the software supply chain by enabling the easy adoption of cryptographic software signing backed by transparency log technologies.

            sigstore will empower software developers to securely sign software artifacts such as release files, container images and binaries. Signing materials are then stored in a tamper-proof public log. The service will be free to use for all developers and software providers, with the sigstore code and operation tooling developed by the sigstore community. Founding members include Red Hat, Google and Purdue University.

            “sigstore enables all open source communities to sign their software and combines provenance, integrity and discoverability to create a transparent and auditable software supply chain,” said Luke Hinds, Security Engineering Lead, Red Hat office of the CTO. “By hosting this collaboration at the Linux Foundation, we can accelerate our work in sigstore and support the ongoing adoption and impact of open source software and development.”

          • Industry-Wide Initiative to Support Open Source Security Gains New Commitments

            OpenSSF, a cross-industry collaboration to secure the open source ecosystem, today announced new membership commitments to advance open source security education and best practices. New members include Citi, Comcast, DevSamurai, Hewlett Packard Enterprise (HPE), Mirantis, and Snyk.

            Open source software (OSS) has become pervasive in data centers, consumer devices and services, representing its value among technologists and businesses alike. Because of its development process, open source has a chain of contributors and dependencies before it ultimately reaches its end users. It is important that those responsible for their user or organization’s security are able to understand and verify the security of this dependency supply chain.

          • Serious Security: Webshells explained in the aftermath of HAFNIUM attacks

            Get authenticated access to an Exchange server without needing a password.


            To start with, we’re going to use a compact and stripped-down scripting language called Lua as an example. (Lua is a bit like Perl, Python, Ruby and their ilk, only much smaller.)

            Like all those languages, it comes with a shell, often also referred to as a REPL, short for read-evaluate-print loop, which does what the name suggests.

            Simply put, instead of running an existing program directly, a REPL typically prints a prompt and waits for you to type in a command or language statment, whereupon it executes the statement immediately, prints any results and goes back for more.

            You can therefore work interactively, computing results, constructing new programs in memory and running them, building data structures, creating files, and even running external programs found elsewhere on your computer.

            With a REPL or a shell you can quite literally make it all up as you go along, rather than being stuck with a program you created earlier.

          • Security Announcement: Mitigating NAT Slipstreaming

            Last autumn, we learned about a severe attack called NAT Slipstreaming, which ultimately enables a remote attacker to establish arbitrary TCP and UDP connections to the victim’s client behind a NAT firewall, bypassing the firewall ruleset configured. No complex user interaction is required for this, visiting a malicious website – or a legitimate one with malicious content from third parties such as advertisement or tracking servers embedded – while having JavaScript enabled is sufficient.

            In addition, NAT Slipstreaming allows an attacker to execute port scans out of the victim’s browser against local networks the victim has access to. This can be used to detect vulnerable clients such as network printers or IoT devices, even if they are not allowed to establish connections to the internet themselves because of a corresponding firewall ruleset. Such IT equipment is unfortunately rarely patched, and vendors tend to discontinue support and updates for them quickly.

            A second, improved version of this attack was disclosed in late January, extending the attack vector to establish arbitrary TCP and UDP connections to any device behind the victim’s NAT. While the portscan method already exposes vulnerable internal clients to a significant risk, this reduces the effort needed to compromise them drastically.

            To stress the meaning of this again: Any network device the victim’s client can establish connections to can be scanned and subsequently targeted effectively by a remote attacker, either directly or indirectly, just by having the victim visiting a website. In terms of security, things hardly can get worse than this.

          • Puny humans [Ed: There are far more devices running Linux than there are devices running Microsoft Windows so statements like "Linux is lucky that most malware still targets Windows" are outdated and outright false]

            I’d always say the biggest security threat to any system is the human using it. That’s not because said human is malicious or incompetent – people make mistakes, after all. But that’s compounded when you’re effectively tricked into making mistakes by phishing attacks or malware. A lot of phishing is carried out to compromise online accounts and Linux is lucky that most malware still targets Windows.

            But equally those puny human design systems that are flawed, and not always in obvious ways. Two-factor authentication is an awesome tool and it can make you feel super secure… even when the system is flawed. After all, when you can just select a “forgot your password” link and have everything reset, then any extra security goes out the window.

          • Security updates for Tuesday

            Security updates have been issued by Fedora (firefox, kernel, kernel-headers, kernel-tools, libebml, and wpa_supplicant), openSUSE (mbedtls), Oracle (kernel, kernel-container, and screen), Red Hat (curl, kernel, kernel-rt, kpatch-patch, nss-softokn, python, and virt:rhel and virt-devel:rhel), Scientific Linux (screen), SUSE (389-ds, crmsh, openldap2, openssl-1_0_0, and wpa_supplicant), and Ubuntu (glib2.0, gnome-autoar, golang-1.10, golang-1.14, and libzstd).

          • Privacy/Surveillance

            • EFF, ACLU and EPIC File Amicus Brief Challenging Warrantless Cell Phone Search, Retention, and Subsequent Search

              In June 2016, the Green Bay Police Department was investigating a hit-and-run accident and vehicle fire. Since Burch had previously driven the vehicle at issue, the police questioned him. Burch provided an alibi involving text messages with a friend who lived near the location of the incident. To corroborate his account, Burch agreed to an officer’s request to look at those text messages on his cell phone. But, despite initially only asking for the text messages, the police used a sophisticated mobile device forensic tool to copy the contents of the entire phone. Then about a week later, after reviewing the cell phone data, a Green Bay Police officer wrote a report that ruled Burch out as a suspect, finding that there was “no information to prove [Burch] was the one driving the [vehicle] during the [hit-and- run] accident.”

              But that’s not where things end. Also in the summer of 2016, a separate Wisconsin police agency, the Brown County Sheriff’s Office, was investigating a homicide. And in August, Burch became a suspect in that case. In the course of that investigation, the Brown County Sheriff’s Office learned that the Green Bay Police Department had kept the download of Burch’s cell phone and obtained a copy of it. The Brown County Sherriff’s Office then used information on the phone to charge Burch with the murder. 

              Burch was ultimately convicted but argued that the evidence from his cell phone should have been suppressed on Fourth Amendment grounds. Last fall, a Wisconsin intermediate appellate court certified Burch’s Fourth Amendment challenge to the Wisconsin Supreme Court, writing that the “issues raise novel questions regarding the application of Fourth Amendment jurisprudence to the vast array of digital information contained in modern cell phones.” In December, the Wisconsin Supreme Court decided to review the case and asked the parties to address six specific questions related to the search and retention of the cell phone data.  

            • The FBI Should Stop Attacking Encryption and Tell Congress About All the Encrypted Phones It’s Already Hacking Into

              The FBI wants these terms to sound scary, but they actually describe security best practices. End-to-end encryption is what allows users to exchange messages without having them intercepted and read by repressive governments, corporations, and other bad actors. And “user-only access” is actually a perfect encapsulation of how device encryption should work; otherwise, anyone who got their hands on your phone or laptop—a thief, an abusive partner, or an employer—could access its most sensitive data. When you intentionally weaken these systems, it hurts our security and privacy, because there’s no magical kind of access that only works for the good guys. If Wray gets his special pass to listen in on our conversations and access our devices, corporations, criminals, and authoritarians will be able to get the same access. 

              It’s remarkable that Wray keeps getting invited to Congress to sing the same song. Notably, Wray was invited there to talk, in part, about the January 6th insurrection, a serious domestic attack in which the attackers—far from being concerned about secrecy—proudly broadcast many of their crimes, resulting in hundreds of arrests. 

              It’s also remarkable what Wray, once more, chose to leave out of this narrative. While Wray continues to express frustration about what his agents can’t get access to, he fails to brief Senators about the shocking frequency with which his agency already accesses Americans’ smartphones. Nevertheless, the scope of police snooping on Americans’ mobile phones is becoming clear, and it’s not just the FBI who is doing it. Instead of inviting Wray up to Capitol Hill to ask for special ways to invade our privacy and security, Senators should be asking Wray about the private data his agents are already trawling through. 

            • Brave Browser announces Brave Search: a privacy conscious alternative to Google

              Brendan Eich emphasizes that Brave Search (and the Browser behind it) will not treat its users or its users’ data the way that Google does. Eich emphasized:

            • Utah: Mandatory ‘Porn Filter’ Bill Passes Senate, Awaits Governor’s Signature

              On February 19, the Utah House of Representatives passed an amended version of the controversial bill that would mandate a default “porn filter” on any phones, computers, tablets or any other electronic devices sold in the state starting in 2022.

              HB 72, sponsored by Rep. Susan Pulsipher (R-South Jordan) — a realtor with no technology experience — was speedily passed by the House only hours after it had cleared the committee stage by the narrowest of margins (a 6-5 vote).

            • Colleges That Require Virus-Screening Tech Struggle to Say Whether It Works

              The University of Idaho is one of hundreds of colleges and universities that adopted fever scanners, symptom checkers, wearable heart-rate monitors and other new Covid-screening technologies this school year. Such tools often cost less than a more validated health intervention: frequent virus testing of all students. They also help colleges showcase their pandemic safety efforts.

              But the struggle at many colleges to keep the virus at bay has raised questions about the usefulness of the technologies. A New York Times effort has recorded more than 530,000 virus cases on campuses since the start of the pandemic.

              One problem is that temperature scanners and symptom-checking apps cannot catch the estimated 40 percent of people with the coronavirus who do not have symptoms but are still infectious. Temperature scanners can also be wildly inaccurate. The Centers for Disease Control and Prevention has cautioned that such symptom-based screening has only “limited effectiveness.”

            • France, Spain push for new EU data retention law

              In spite of repeated rulings by the European Court of Justice against data retention, a group of EU governments insist that new legislation is „urgently needed“. France, Spain and five other countries spoke in favour of a new data retention law at a closed-door video meeting of member states on February 8, a working paper drawn up by the Portuguese council presidency reveals (full document here).

              Data retention laws require providers of telecommunications service to keep records of their customers data for use by law enforcement. However, the ECJ has struck down the EU’s 2006 Data Retention Directive and has ruled against similar provisions in national law for violation of fundamental rights.

            • Confidentiality

              • In Search For a Perfect Access Control System

                And finally, access control should recognize the distributed nature of organizations and services, and encode the identity that could be independently verified. We can establish it as an identity property.

                This might not be a complete set of properties to build such a system, but it might be a minimally required one.

              • No, RSA Is Not Broken

                It does not. At best, it’s an improvement in factoring — and I’m not sure it’s even that. The paper is a preprint: it hasn’t been peer reviewed. Be careful taking its claims at face value.

    • Defence/Aggression

      • Somalia: a Knotted Web of Causes

        Could the source lie in the complete idiocy of the Italian colonial ‘masters’? How about the fissiparous constellation of sultanates? Or, better yet, let’s blame it on Cold War eye-pokery, with the Soviets backing the frankly disgusting dictator Mohammed Siad Barre to the hilt. Maybe it’s U.S. support for favoured post-Barre warlords that led to the current assholery. Or the total lack of functional state institutions. The secessionist dreams of Somaliland and Puntland? Could the Saudis have a shine for fundamentalists Al-Shabaab? It might make sense if you want control over the vital Gulf of Aden.

        No answer comes: the web of potential causes is too knotted. Al-Shabaab has control of much of the countryside. And that means these days that it’s a free-fire drone zone, with multiple platforms aloft and killing people at any given time of day. It’s such a ‘rich target environment’ that the CIA’s drones are all over, flying off aircraft carriers or from the surprisingly numerous regional U.S. bases, including a secret one in Mogadishu reported on by the indefatigable Jeremy Scahill.

      • ‘The Skopin maniac’ Rapist who tortured and imprisoned two women returns home after 17 years in prison, amid rumors that he fetched cash prize for TV appearance

        In 2000, Viktor Mokhov abducted two women, then 14 and 17 years old, and kept them in his basement where he raped and abused them. One of the two women gave birth to two children while living in the basement, with the other prisoner aiding the delivery. Mokhov abandoned these children in the entrances of residential buildings. After his arrest in 2004 and trial, Mokhov served his entire sentence of 16 years and 10 months. Now 70 years old, Mokhov has returned home, but rumors are circulating that a television network paid him for an exclusive talk-show appearance. The whole thing could, however, be a sick joke.

      • Privileged third country: EU security cooperation with Great Britain after Brexit

        British authorities continue to participate in many EU instruments in the area of justice and home affairs, and cooperation in some cases even goes further than with the Schengen states Norway, Iceland or Switzerland. The exit from Europol and the Schengen Information System could strengthen the secret services.

      • Whistleblower: Police Officers Celebrated Shooting People With Badge-Bending, BBQs

        There’s a lot of competition for Worst Police Force in America. The NYPD is known for its casual approach to human life and its antagonistic approach to public records requesters. The Chicago PD operated its own black site to separate residents from their rights while interrogating them. The Pasco County Sheriff’s Department thinks it should be in the business of turning students into criminals. The list goes on and fucking on.

      • Biden’s Hawkish Cabinet Portends Renewed US Militarism in Northeast Asia

        In practical terms, this would translate into the projection of US military power over the Korean Peninsula through a de facto trilateral military alliance between the US, Japan and South Korea as part of the enlarged “Indo-Pacific plan.”

        It would also mean returning to the doomed pressure policies of  Obama’s “strategic patience” approach toward North Korea, which emphasized containment via sanctions and deterrence while demanding substantial concessions from Pyongyang up front.

      • The Phantom Sonic Menace: Cuba and the Attacks That Never Happened

        The Cuban government denied over and over again that it was responsible for this strange disease that neither the laws of physics nor dozens of scientists from a wide variety of disciplines could explain. If, according to various versions by Trump’s State Department, the cause were a sonic or microwave weapon, how could the waves have been perceived by certain people gathered in the same place and not others? How could a strong energy emission have had a selective effect? Did someone have James Bond’s magic ray gun? Was it SPECTRE (Special Executive for Counterintelligence, Terrorism, Revenge, and Extortion), the secret organization that the most famous spy in British films fought against?

        The National Security Archive, an independent nongovernmental research institute, based at George Washington University, recently released the executive summary of a 2018 report from the State Department’s Accountability Review Board (ARB) after a four-month investigation. The strange attacks against U.S. diplomats in Havana served as a pretext to initiate the Trump administration’s sanctions against Cuba—242 measures in four years applied against a single country, an unprecedentedrecord in U.S. foreign policy.

    • Environment

      • As Wells Fargo Sets New Financed Emissions Goal, Climate Campaigners Warn ‘Net Zero Is Not Enough’

        “What matters most now are concrete actions in 2021 to stop funding fossil fuel expansion and setting a timeline for phasing out fossil fuel financing overall.”

      • Carbon emissions slow, but not nearly fast enough

        Global shutdown during Covid-19 has forced down carbon emissions. But no inadvertent pause can replace global resolve.

      • Greta Thunberg Says Science Shows Joe Biden Not Doing Enough on Climate Change

        The Swedish climate activist, who encouraged her social media followers to vote for Biden in 2020, said the president’s current climate policies are not in line with efforts to keep global temperatures below 1.5 degrees Celsius—a crucial global warming benchmark set by the Paris climate conference.

      • Opinion | Enbridge’s Greenwashing Will Not Stand

        You can’t put a fire out and pour millions of barrels of tar sands on it at the same time.

      • Energy

        • ‘A Climate Time Bomb’: 370+ Groups Urge Biden to Immediately Halt Line 3 Pipeline

          “It’s up to President Biden to continue with the country’s renewable energy agenda and reduce our reliance on fossil fuels. After his action to halt Keystone XL, stopping Line 3 is essential.”

        • Goodbye Small Server, Hello 150 Watt Office

          The combined power usage of all these devices which I use in a typical work day tops out at just under 110 watts. This quite an accomplishment in my opinion. My work has not been hampered in any significant way either. I have enough processing power and enough RAM and enough software compatibility to do all the things I need to do. I can even run heavy legacy Windows 10 VMs which are required for some legacy contract work I am still on the hook for without skipping a beat.

      • Wildlife/Nature

      • Overpopulation

        • Parenting as a Radical Act of Love

          Even before the pandemic hit, the feeling was pervasive: When we’re raising children in America, we’re going it alone. Demands for more support are growing, but the persistent lack of interest by our government in the essential work of child-rearing has fueled the sense that launching children safely into the world is something we have to figure out on our own. We were struggling—some much more than others—even before Covid-19 roared into our lives. But the pandemic has fully exposed the brutal logic of modern parenting. Too many families entered the crisis with too little. With schools shuttered, many of these children lost access to meals, counseling, and clean clothes. Suddenly without child care, thousands of mothers were pushed out of the workforce. Shut inside our homes, cut off from family and friends, robbed of the solidarity forged at the playground, we battle an isolation that feels more acute than ever.

    • Finance

      • Jing Fong Couldn’t Survive. Will Manhattan’s Chinatown?

        Jing Fong, Manhattan’s largest Chinese restaurant, is dead. When I visited on March 2, the two grand escalators ascending to the third-floor banquet hall were frozen. The restaurant could once seat a thousand people upon red carpet, beneath golden dragons and resplendent chandeliers. But last week only two of its six heaters were working, and next to the dining room’s entrance were just a handful of patrons eating out of takeout containers. After nearly three decades on Elizabeth Street, Jing Fong limped through its final days—its dining room closing for good on March 7.

      • Unlike $1.9 Trillion GOP Tax Scam, Democrats’ $1.9 Trillion Relief Plan ‘Puts Money in Hands of Working People’

        Sen. Bernie Sanders called the American Rescue Plan “the most significant piece of legislation to benefit working families in the modern history of this country.”

      • Feds Investigating Lender That Sued Thousands of Lower-Income Latinos During Pandemic

        A federal consumer watchdog agency has launched an investigation into a company that aggressively sued thousands of Latino borrowers in Texas during the coronavirus pandemic while depicting itself as a financial ally of the community.

        Oportun Inc., a Silicon Valley-based installment lender, which was founded to help Latino immigrants build credit so they can go on to achieve the American Dream, disclosed to investors last week that it had received a civil investigative demand from the Consumer Financial Protection Bureau.

      • Push for Robinhood Tax Grows as Poll Shows Majority in NY Support Levy on Wall Street Trades

        “There’s really no good argument for not doing this except that Wall Street is very nervous about this escalating into the first successful progressive tax reform in 50 years.”

      • Economy Adds 379,000 Jobs in February; Unemployment Edges Down to 6.2 Percent

        The household survey showed the unemployment edging down to 6.2 percent, while the employment-to-population ratio (EPOP) also ticked up 0.1 percentage point to 57.6 percent. That is down 3.5 percentage points from its year-ago level.

        Small Businesses and Older Workers Hit Hardest Small businesses continue to be hard hit in the recession. The number of incorporated self-employed is down by 797,000 over the last year, or 12.3 percent. There is relatively little change in the number of unincorporated self-employed, but these businesses tend to be smaller and are often part-time, like selling items on the web.

    • AstroTurf/Lobbying/Politics

      • Democracy Is Not Exclusive

        House and Senate Democrats have made passage of the democracy-strengthening For the People Act a top priority. Given our intense partisan divisions, it is not surprising that Republicans have not yet gotten on board. But this isn’t and shouldn’t be a partisan issue. There are good reasons for principled Republicans to embrace the For the People Act just as many congressional Republicans embraced the Civil Rights Act and Voting Rights Act in the 1960s.

      • ‘Bloody Sunday’: Left Activists, Labor Leaders Executed in Philippines After Duterte Says ‘Finish Off’ the Communists

        “The government’s increasingly brutal counter-insurgency campaign… no longer makes any distinction between armed rebels and non-combatant activists, labor leaders, and rights defenders.”

      • Ruling Restores Right of Former Brazilian President Lula da Silva to Challenge Bolsonaro in 2022

        “The election starts today,” said one prominent political reporter. “It’s virtually impossible Lula won’t be a candidate.

      • Trump Appointee Who Wanted To Turn Voice Of America Into Breitbart Spent Millions Of Taxpayer Dollars Investigating His Own Staff

        Remember Michael Pack? That’s the Steve Bannon protégé who Trump appointed last year to head the US Agency for Global Media. USAGM is the organization that oversees Voice of America, Radio Free Europe/Radio Liberty, Radio Free Asia, Middle East Broadcasting and the Open Technology Fund. It was an open secret that Pack was appointed to turn those widely respected, independent, news organizations into pure Breitbart-style propaganda outfits. He wasted little time causing a huge fucking mess, firing a ton of people in a manner so upsetting that even Republican Senators were concerned. It also turned out that many of the people he fired… he legally had no right to fire.

      • Eight Years Without President Chávez

        Today is the 8th anniversary of the untimely death of President Hugo Chávez.

        Immediately after, the USA, Canada and allies intensified their attempts to overthrow the Venezuelan government, believing his successor, Nicolás Maduro, would be unable to follow in Chávez’ shoes and would fall easily.

      • Opinion | ‘Is This Who We Are?’: Gitmo is America’s Enduring Shame

        Guantánamo is a crime against humanity and there will never be any justification to rationalize why hundreds of people were held indefinitely, without trial, without due process, without international observers and without ever seeing their families and loved ones. 

      • “The Mauritanian”: Film Tells Story of Innocent Man Held at Guantánamo for 14 Years Without Charge

        A new feature film, “The Mauritanian,” tells the story of Mohamedou Ould Slahi, a Mauritanian man who was held without charge for 14 years at the U.S. military prison at Guantánamo and repeatedly tortured. We speak with Mohamedou Ould Slahi, who says the film is not just about his struggle. “This is not my movie. This is the movie of so many people,” he says. “Some of the people who were kidnapped after 9/11 were tortured to death. They did not have a chance to tell their story.” We also speak with Kevin Macdonald, director of “The Mauritanian”; Nancy Hollander, the lead lawyer for Mohamedou Ould Slahi; and actor Tahar Rahim, whose portrayal of Slahi earned him a Golden Globe nomination.

      • ‘Is This Who We Are?’: Gitmo is America’s Enduring Shame

        “That’s certainly our goal and our intention.” This was the non-committal answer given by White House Press Secretary, Jen Psaki, when, on February 12, she was asked by a reporter whether the new Joe Biden administration intends to shut down the notorious Guantánamo Bay Prison by the end of the president’s first term in office.

      • Close Guantánamo: Ex-Prisoner & Torture Survivor Mohamedou Ould Slahi Calls on Biden to Shut Prison

        President Joe Biden is facing new calls to close the U.S. military prison in Guantánamo Bay, Cuba, an enduring symbol of U.S. abuses in the “war on terror.” Since 2002, about 770 men and boys have been held at the prison, and only eight have been convicted of a crime. Three of the convictions were later overturned on appeal. Today the prison’s population is down to 40, and shortly after Biden’s inauguration, seven former prisoners penned an open letter to the new president pleading with him to finally close the facility. One of the seven authors was Mohamedou Ould Slahi, a Mauritanian man who was held without charge for 14 years, during which time he was repeatedly tortured, before his release in 2016. He says he also wrote a personal letter to Biden asking him to close the prison. “I really believe he’s a good man,” Slahi says. We also speak with Slahi’s lead defense attorney, Nancy Hollander, who says there is no justification for keeping “forever prisoners” at the facility. “If the political will is there, President Biden can get Guantánamo closed,” Hollander says.

      • ‘Hard to Overstate How Big This Is’: Joe Manchin Signals He Is Open to Filibuster Reform

        Manchin floated a return to the talking filibuster, which would represent a major change to the current “no-show filibuster” that allows obstruction via email.

      • Two Cheers for Joe Manchin

        One of the favorite tropes in Washington journalism is “Democrats in disarray.” It’s a much-recycled story line for a good reason: It’s often true. Compared to the overwhelmingly white and evangelical-dominated Republican Party, the Democrats are a very diverse coalition and very quick to fracture. Still, it’s a bit odd to see this narrative trotted out after the Democrats successfully passed a $1.9 trillion stimulus bill, a major legislative achievement by any measure.

      • IOC refuses to recognize Lukashenko’s son as the head of Belarus’s Olympic Committee

        The International Olympic Committee (IOC) has refused to recognize Viktor Lukashenko (Viktar Lukashenka) — the eldest son of Belarusian President Alexander Lukashenko (Alyaksandr Lukashenka) — as the head of Belarus’s National Olympic Committee (NOC). This was announced in a press release on the IOC’s website on Monday, March 8.

      • Fancy lifestyles and cocktails with glitter Putin’s alleged ‘secret’ daughter played a DJ set at a Moscow night club over the weekend

        This past weekend, the Moscow bar Rovesnik hosted its most recent “Zvonok Drugu” (“Phone a Friend”) party, where only non-professional DJs are invited to perform guest sets. Ahead of the event, the nightclub advertised that a “mystery girl from the northern capital” was coming to the party to DJ her first set. Reports quickly followed that the “mystery girl” was Luisa Rozova — the alleged illegitimate daughter of Russian President Vladimir Putin. During the party itself, journalists reported increased security and the presence of anti-extremism agents — but the bar’s owner later denied these claims. Here’s what happened at Rovesnik on Saturday night.

      • The Futility of Bipartisanship

        Many of today’s do-nothing Republicans pretend they believe in the tooth fairy, sex trafficking Democrats running pedophile rings and beholden to Satan and nearly every other conspiracy and horror story that’s swimming in the internet sewer.

        Biden at the same time has been charging full speed ahead since even before he sat down at the Resolute desk in the Oval Office, looking and acting all presidential all of the time, not always following in the footsteps of his former leader, President Barack Obama.

      • Joe Biden, LBJ, and Voting Rights

        America is again approaching a crucial decision-point on the most fundamental right of all in a democracy – the right to vote. The result will either be the biggest advance since LBJ’s landmark Civil Rights and Voting Rights Acts of 1964 and 1965, or the biggest setback since the end of Reconstruction and start of Jim Crow in the 1870s.

      • Public Fatigue, Distrust and Fear Taint Chauvin Trail Before it Even Begins

        The Hennepin County Courthouse will soon be teeming with satellite-equipped news media trucks and throngs of reporters from around the country as the trial of former Minneapolis police officer, Derek Chauvin for the killing of George Floyd is only weeks away. Charged with two counts of second-degree manslaughter and second-degree unintentional murder, Chauvin could soon face an additional charge of third-degree murder.

      • Govt-Linked CSIS Urges DC To Partner with Social Media Firms To “Promote Protests Movements”

        A new report from Washington D.C.-based think tank the Center for Strategic and International Studies (CSIS) concludes that the U.S. government should work closely with social media companies to ensure that protest movements around the world result in an outcome more conducive to American interests. Along with intern Riley McCabe, the organization’s senior fellow, Samuel Brannen, argued that the White House, State Department, and intelligence community must explore deeper coordination with major tech companies that provide global media platforms:

      • NYT Fails to Examine Its Participation in Brazil’s ‘Biggest Judicial Scandal’

        The Brazilian Supreme Court on March 8 dismissed all charges against former President Luis Inacio “Lula” da Silva made during the Lava Jato investigation, a little over a month after the investigation was officially ended. The termination came shortly after the Supreme Court admitted 6 terabytes of leaked Telegram chats between public prosecutors and judges as evidence in the case.

      • YouTube removes five Myanmar TV channels from platform

        “We have terminated a number of channels and removed several videos from YouTube in accordance with our community guidelines and applicable laws,” a YouTube spokeswoman said in a statement in response to a Reuters question.

        The channels taken down include the state network, MRTV, (Myanma Radio and Television) as well as the military-owned Myawaddy Media, MWD Variety and MWD Myanmar, YouTube said.

    • Censorship/Free Speech

      • Did Racist Images in Dr. Seuss Books Contribute to War Crimes?

        “I didn’t realize Dr. Seuss made us all racists,” he quipped.

        As usual, a flippant retort to a flippant remark moves the conversation nowhere. One has to dig a bit deeper.

      • Islamophobia, Cancel culture and the silencing of the lambs

        The three biggest terrorist organizations in the world today are ISIS, Boko Haram, and al-Shabaab. Boko Haram has been operating in Nigeria since 2009, and ISIS started a splinter group there in 2015 called Islamic State West Africa Province (ISWAP). Al-Shabaab operates out of Somalia and mainly in East Africa.

        There is also another lesser known group which we at ICC term “Fulani militants.” This is a hostile group of individuals who attack Christian farming communities throughout the Middle Belt of Nigeria.

      • Social media and messaging apps disrupted in Senegal amid political unrest

        Network data from the NetBlocks Internet Observatory confirm the disruption of social media and messaging apps in Senegal as of Friday 5 March 2021. Metrics show that Facebook, YouTube, WhatsApp, and some Telegram servers were restricted on leading cellular network operator Orange/Sonatel as of early morning Friday. Affected services have subsequently been restored from 7:30 a.m. UTC.

    • Freedom of Information/Freedom of the Press

    • Civil Rights/Policing

      • ‘It Should Have Stopped’: Rochester, NY Police Again Under Fire After Officers Pepper-Spray, Tackle Mother Holding Toddler

        “The trauma inflicted on this little girl and her mother will be a permanent scar and will ripple out into the community for years to come.”

      • Parenting in Prison: A Love Story

        William Anderson, then 64, breathes a tiny sigh of relief when he sees his youngest son, Naeem, sitting across the table from him. His son looks back with the same wide brown eyes he’s always remembered. At 23, Naeem (a pseudonym, as are all the names of the family members in this article) still has a baby face, more pronounced now that he’s clean-shaven, his coiled locks no longer sprouting wildly from his head. Unlike the many times before, however, he isn’t visiting his father in prison; this day, he’s housed in the same facility. William and Naeem have only this one face-to-face visit to connect in real time before Naeem embarks on his own long sentence. William hopes to mentally and emotionally prepare his son for “the life inside.”

      • Across Prison Walls, I Felt My Parents’ Love

        Toward the end of a weekend trailer visit to my incarcerated father in New York State in 1992, when I was 12, I had an emotional meltdown—and not for the first time. Trailer visits are occasional overnight accommodations provided to family members of people serving long sentences who’ve kept a good disciplinary record. On that particular weekend, I’d brought a stack of homework that I had to complete before school on Monday. We’d had a couple of happy days together, cooking epic meals of fresh vegetables, tofu, and brown rice, playing chess and cards, watching movies—even as I refused his advice to do my homework the whole time. (Sound familiar?) On the second and last night, I had a temper tantrum: I didn’t want to do my homework, or at least that was the trigger for a lot of pent-up emotion. The joy of every prison visit was punctured by the grim realization that I was going to have to leave, and that my dad would not be coming with me. In a fit, I threw all my homework out the window into the dark, windy yard. In that otherwise banal act of rebellion, I created a terrible dilemma for my father. He could leave the trailer to chase down my papers in the dark before they blew away, violating a prison rule and risking a discipline violation, or “ticket,” which would not only tarnish his perfect record but also forfeit future visits with me. Or he could protect himself and our access to the trailer visits by doing nothing, sending me home the next day without my schoolwork. He put me first.1

      • The Long Shadow of Family Separation

        Ana brushes her hair in front of the mirror with a haunted look in her eyes. Minutes pass; her hair is still wet. She feels cold and realizes she was lost in her own thoughts again. In a rush, she puts her hair in a ponytail and leaves her small bedroom. Her head is spinning. I have to take the children to school, clean the house, go to the supermarket, worry about money… and lunch! Will my husband find work today?1

      • Feminist activists in St. Petersburg hold protest to mark International Women’s Day

        Feminist activists in St. Petersburg held a protest on Monday, March 8, in honor of International Women’s Day, reports the local news site Bumaga (Paper). 

      • Opinion | Sowing a Feminist Future

        “This is the struggle of a whole people who know they are thirsty for justice and have the wisdom to forge their liberation.”

      • Opinion | The World Not Only Needs Women Leaders—It Needs Feminist Leaders

        “Because gender equality not only serves to advance the cause of women—a fairer society benefits us all.”

      • Opinion | Do You Want a More Caring—and Feminist Society? Tax Better!

        Women are the first to pay the price for decades of budget cuts and privatization of essential services.

      • Opinion | International Women’s Day Should Reflect a Record of Direct Action, Not Hollow Gestures

        COVID-19 is the enemy of us all, but to women it has felt like a meteor made of pure misogyny, shattering our lives on impact.

      • Biden Signs Two Executive Orders to Advance Gender Equality on International Women’s Day

        “Let us recommit to the principle that our nation, and the world, is at its best when the possibilities for all of our women and girls are limitless.” 

      • International Women’s Day
      • This International Women’s Day Rise Up Against Capitalism and Femicide

        Last year on March 8, International Women’s Day, Nuriluz Hermosilla joined nearly a million feminists in the streets of Santiago, Chile, in what has become an annual protest across Latin America against gender-based violence. A day later, the same women who marched vanished from the workplace to show how a world without women would look. After years of localized efforts to change abortion and domestic violence laws, the demonstrations were the largest feminist mobilizations Latin America had ever seen and indicated the movement’s growing power.

      • Blinken Blinks on Human Rights

        In a nutshell, the statement exposes that the Joe Biden Administration has blinked for a second time on the human rights situation in West Asia by refusing to even acknowledge that the ICC investigation into the “Palestinian situation” is about human rights first and foremost.

        The State Department’s argument essentially narrows down to a bureaucratic point questioning the ICC’s jurisdiction to investigate the human rights violations issues that involve the state of Israel and, secondly, that “Palestinians do not qualify as a sovereign state and therefore, are not qualified to obtain membership as a state in, participate as a state in, or delegate jurisdiction to the ICC.”

      • Millions Mark International Women’s Day as Pandemic Deepens Inequality, Violence Around the World

        Millions of women around the world are taking to the streets today to mark International Women’s Day — in a year where women have been disproportionately impacted by rising poverty, unemployment and violence during the pandemic. We hear voices from protests in the Philippines, Mexico and Guatemala.

      • Russian advocacy group ‘Nasiliu.net’ forced to vacate office space where they help victims of domestic violence

        The landlord who rents out office space to the anti-domestic violence group “Nasiliu.net” (No to Violence) has demanded that they vacate the premises within a month. This was reported by the organization’s director Anna Rivina in an open letter published on Facebook.

      • How Biden Can Spread the Benefits of Trade to Black Workers
      • Covid 19 and Illegal Immigrants

        On Saturday I asked a friend of mine who lives in Walsall whether he had been vaccinated yet. He replied that he had not, because he is an illegal immigrant, which I had forgotten. He has been here for seven years now, and I know him from before that in Nigeria. After some online research, I called him back and asked him if he knew that the government had announced that illegal immigrants could receive the vaccine through registering with a G.P., with no details asked. He said he did not have a G.P. and certainly would not be providing the state with all the information needed to register.

      • Jeep owes the Cherokee Nation; it’s time to pay up

        It’s time Jeep and Stellantis, the huge automaker that owns the popular and profitable brand, pay their debt to the Cherokee Nation of American Indians. It won’t be easy, it shouldn’t be free, but it’s the right thing to do.

        Jeep has reaped billions of dollars from positive perceptions of what “Cherokee” means since the first vehicle bearing the name — the 1974 Cherokee SUV — went on sale nearly 50 years ago. Jeep sells two vehicles bearing the name today, and is about to add a third.

      • Germany: Syrian father allegedly incited his 12-year-old son to kill his allegedly too permissive daughter – The victim’s body was dumped like rubbish

        However, the boy was younger than 14 years old at the time of the crime and is therefore regarded as unable to contract guilt in Germany – in other words, he cannot be criminally convicted for his crimes.

        After the death of his half-sister, he disappeared at some point, possibly he is in Turkey. That is where his father had fled to escape the German investigators.

    • Internet Policy/Net Neutrality

      • Crappy US Broadband Is Also Hampering Equitable Vaccine Deployment

        As our recent Greenhouse policy forum on broadband made abundantly clear, COVID is shining a very bright light on US broadband dysfunction. The high cost of service, spotty coverage, slow speeds, and high prices are all being felt acutely in an era where having a decent broadband connection is the pathway to education, employment, healthcare, and opportunity. And after 25 years of US apathy to its telecom monopoly problem, COVID-19 is applying pressure on lawmakers and regulators in an entirely new way to do something about the 42 million without broadband, the 83 million under a monopoly, and the tens of millions who simply can’t afford service due to limited competition.

      • Washington: Everyone Deserves Reliable Internet

        This is why EFF joined a coalition of private-sector companies and organizations to support H.B. 1336, authored by Washington State Representative Drew Hansen. This bill would remove restrictions in current Washington law preventing public entities from building and providing broadband services. In removing these restrictions, Hansen’s bill would allow public entities to create and implement broadband policy based on the needs of the people they serve, and provide services unconstrained and not beholden to big, unreliable ISPs. 

      • Senegal restricts internet as protests over rape allegation escalate

        Over the past two days, at least one person has been killed in clashes between riot police and supporters of Ousmane Sonko, who say his detention on Wednesday in the wake of a rape allegation is politically motivated.

        NetBlocks said social media and messaging apps including Facebook, WhatsApp, and Youtube had been restricted early on Friday ahead of a planned demonstration by civil society and opposition parties led by protest movement “Y En A Marre” (Enough is Enough).

      • A ‘splinternet’ won’t solve global cyber defense problems

        To accelerate this process, then, will take global collaboration. Attribution alliances, global information sharing, joint investigations and a global signature repository are among the ways nations should support one another. This could even take the form of a “Cyber WHO,” a global body that could develop norms about behavior in cyberspace; share knowledge about threats and attacks, specifically their digital signatures; establish attribution where possible; establish protocols to share best practices; and provide technical support to countries at all stages of cyber building. This also will have the added benefit of supporting countries at earlier stages of cyber capacity building.

        This will work if there are clear benefits to participation, including strategic and financial support to countries that are serious about addressing the four fundamental building blocks of cyber capacity. This can also create a new market of cyber rating mechanisms, similar to the S&P global credit ratings.

        Countries that continue down a path of isolation and willingly break global cyber redlines established by a cyber WHO should have a clear understanding of the consequences, such as a poor cyber rating with economic implications, sanctions, or even removal from a newly formed global cyber defense arrangement.

    • Monopolies

      • State Duma lawmaker calls for new laws to ‘protect digital sovereignty’ after Facebook blocks articles from Russian news sites

        Russian lawmaker Vyacheslav Volodin has called for new laws aimed at “protecting digital sovereignty,” after Facebook blocked access to articles published by several Russian news sites.

      • Why Big Pharma Shouldn’t Have Any Control Over COVID-19 Vaccines

        It’s the vaccine Hunger Games. Or, as the creator of the Minneapolis Vaccine Hunter Facebook group told the New York Times, “It’s like buying Bruce Springsteen tickets.”

        In the private Los Angeles Vaccine Hunter Facebook group in which I lurked for a few days, both as a bona fide member and as a journalist, I observed Southern Californians sharing tips about how to obtain leftover doses at Kedren Community Health Center in South Los Angeles, a private clinic serving a vulnerable community. Vaccine hunters reminded one another to be polite and considerate to the community they obviously did not hail from, and some even said they made a donation after getting their shots. Obtaining leftover doses requires standing in a separate line, sometimes for hours, with no guarantee of getting a vaccine. Many fear being judged.

      • Misguided Crusade For Tech Antitrust Will Exacerbate Inequality

        After a week of congressional hearings following a 16-month, bipartisan investigation into competition in the digital marketplace, it’s clear Republican and Democratic congresspersons alike are skeptical of Big Tech. That’s fine—healthy, even. But that doesn’t make rewriting antitrust legislation to allow Congress to pick winners and losers in the marketplace a good idea.

      • In aftermath of $2.2B verdict, Apple and Intel file 161-page overhauled antitrust complaint against Softbank-owned patent litigation funder Fortress, others

        Apple and Intel just threw a book at Softbank’s patent assertion conglomerate Fortress Investment. Not literally, but what I meant by book is a 161-page complaint with a 17-page table as its Exhibit A.


        Let’s put it that way: either complainant got slapped last week. But they keep on fighting, and in the Fortress context I’m glad Apple doesn’t cede an inch (an Apple trait that left me no choice but to root for the app store liberation movement started by Spotify and Epic Games).


        I understand the point Intel and Apple want to make there: those exorbitant demands can materialize in the form of damages awards. However, the second paragraph of the complaint says “Defendants [...] aggressively pursue meritless litigation have long been recognized to harm and deter innovation,” and Fortress will be sure to counter this by pointing to its (non-final and hopefully never final) victory in Texas.

      • Patents

        • Eurasian Union: Pharmaceutical Register launched

          A patent holder may file an application to include the drug in the Pharmaceutical Register. The application shall comprise INN, patent claims protecting pharmacologically active substance, information about drugs registered within the EAPO along with relevant evidence.

          As of 1 March 2021, a demo version of the Pharmaceutical Register includes above 100 INNs and patents.

          Similar registers have long been set up worldwide to settle disputes between patent holders and generic producers (e.g., the US Orange Book).

          The EAPO Register will certainly lower the burden of proof for patent holders in infringement cases and make the possibility to challenge SPCs (a 3-month statute of limitation applies in most jurisdictions) more complicated. It will also help in regulatory and contractual issues for the local market.

        • Latest news on IP and coronavirus in Europe [Ed: JUVE 5 years ago was exposing EPO abuses and now it’s just reprinting insulting and revisionist lies from corrupt EPO management]

          The EPO has successfully held its first-ever eEQE (online European Qualifying Examination). For the first time since the exam was established in 1979, the EPO held the written test online from 1 to 5 March 2021. According to the EPO the digital edition, which was adapted to follow European coronavirus guidelines, involved “almost 4000 candidates, five exams split over eleven flows, 130 exam pages in a choice of languages, 24 hours of examination in five days, 80 online invigilators, 400 people involved in preparations, a secured examination environment, and audio and image supervision.”

          However, it appears the EPO’s long-term planned already involved this transition to digital. It says, “What had initially been planned as a major change for the years ahead was fast-forwarded due to the Covid-19 pandemic. Under the Strategic Plan 2023, the EPO plans to deliver a complete, end-to-end digital EQE with a possible revision of the EQE legal framework, format and content of the exam. Due to the pandemic, and after the cancellation of the EQE2020, the greatest challenge of holding the exam online was achieved within just a few months.”

          The EQE is a pre-requisite exam for almost anyone wishing to be admitted as a qualified European patent attorney, and to represent clients before the EPO.

        • UPC cases not in BVerfG’s 2021 “important cases” list [Ed: It’s dead, Jim]

          The German Federal Constitutional Court (Bundesverfassungsgericht – BVerfG) has published here its annual preview, i.e. “a list of important cases in which it intends to reach a decision over the course of the year”. The list does not include the two constitutional complaints (2 BvR 2216/20 and 2 BvR 2217/20) filed on 18 December 2020 against the draft legislation enabling Germany to ratify the Unified Patent Court (UPC) Agreement and its Protocol on Provisional Application. The previous complaint, filed in March 2017 and decided in February 2020, was included in the 2018, 2019 and 2020 lists – every year very few cases listed are actually heard and many are just carried over.

      • Copyrights

        • CJEU rules that linking can be restricted by contract, though only by using effective technological measures

          Can a rightholder restrict linking by contract, eg by imposing the adoption of technological measures?

          This, in a nutshell, is the core issue at the heart of the referral to the Grand Chamber of the Court of Justice of the European Union (CJEU) in VG Bild-Kunst, C-392/19, which was decided this morning. The Court answered in the affirmative.


          Today’s ruling is an important one that substantially adds to the construction of the (not-always-idyllic) relationship between linking and the right of communication to the public.

          The CJEU endorsed the AG’s recommendation to revisit existing case law and focus on the prohibition of exhaustion under Article 3(3) of the directive. However, it did not adopt his proposed differential treatment between different types of links, nor did it offer to revisit the ‘new public’ criterion. After today, it appears – first of all – that different links might have to be (still) treated alike. Whilst this may serve to avoid the risk of technological obsolescence of CJEU case law, it may also lead to outcomes that are not necessarily balanced. Secondly, the ‘new public’ will likely continue raising interpretative doubts and very concrete questions of application.

          The key aspect of the ruling is the conditions at which contractual restrictions to linking can be imposed. The CJEU was explicit in saying that consent can be only limited by adopting technological measures. This is functional to ensuring legal certainty and the proper functioning of the internet. This part of the judgment is important also from a broader perspective: for instance: Article 4 of the DSM Directive allows rightholders to reserve the doing of text and data mining activities in relation to their content. The VG Bild-Kunst judgment may serve to clarify further, beyond the language of that directive, how such reservation is to be done.

        • Her Story: Facing Our Greatest Challenges

          Our hope is that these conversations will inspire you to reflect on your own stories and ideas. We also hope it will motivate you to think about how you can help make open sharing more inclusive, equitable, and sustainable. Put simply, we want to make sharing better—to do that, we need your help.

        • Her Story: Becoming an Advocate for Open

          Our hope is that these conversations will inspire you to reflect on your own stories and ideas. We also hope it will motivate you to think about how you can help make open sharing more inclusive, equitable, and sustainable. Put simply, we want to make sharing better—to do that, we need your help.

        • Movie Companies Sue Popcorn Time, VPN, and ‘Hosting’ Provider in Piracy Lawsuit

          A group of independent movie companies, including the makers of “The Hitman’s Bodyguard” and “London Has Fallen,” has filed a lawsuit against a widely used Popcorn Time app and several of its users. The companies don’t stop there either. The complaint also accuses VPN service VPN.ht and hosting provider Voxility of copyright infringement.

        • Operators of Major Pirate Sites Committed No Crimes, Court Rules

          Four men accused of criminal copyright infringement for operating major Spanish streaming sites SeriesYonkis and PeliculasYonkis have been acquitted by a local court. The men, who were previously cleared in 2019, faced an appeal but the court found that at the times the sites were operational, no crimes were being committed.

        • The Digital Copyright Act: We Told Senator Tillis Not To Do This, But He Did It Anyway. So We Told Him Again.

          Back in December, the Copia Institute submitted comments to Senator Tillis, who wanted feedback on making changes to the DMCA. It was a tricky needle to thread, because there’s a lot about the DMCA that could be improved and really needs to be improved to be constitutional. At the same time, having protection for platforms is crucial for there to be platforms, and we did not want to encourage anything that might lead to the weakening of the safe harbors, which are already flimsy enough. So our advice was two-fold: address the First Amendment problems already present with the DMCA, and check what assumptions were driving the reform effort in order to make sure that any changes actually made things better and not worse.

Things IBM Can Do to Help the GNU/Linux Community Instead of Trying to Monopolise Almost Everything

Posted in GNU/Linux, IBM, Red Hat at 8:30 am by Dr. Roy Schestowitz

Video download link

Summary: The IBM stance on GNU/Linux and Free software is complicated to say the least, but there are ways IBM can assure the real community that it is in fact an ally and restore confidence in IBM’s motivations

THE marketing blitz of IBM is insulting to our intelligence. Together with the Linux Foundation, a misleading marketing front, IBM tells us that it’s trying to domesticate the IT sector. It tells us that IBM combats racism, but it’s an inversion of what is true. IBM ought to quit the fake ‘activism’ whose purpose is to confuse and distract the public regarding IBM’s racism. Better to confess and apologise. Many people would appreciate the sincerity.

“IBM needs to recognise that it doesn’t exist in a vacuum and a lot of the software it leverages (and profits from) wasn’t developed for or by IBM.”Regarding the hosting of code, it’s time for IBM to delete GitHub and stop outsourcing almost everything (even Fedora projects) to Microsoft, as it makes no sense.
Does IBM not have enough engineers who know how to set up a Git repository (self-hosted) and then maintain it? It is outsourcing to Microsoft’s proprietary software trap almost everything of importance. It’s clear that IBM cannot compete with the company that controls its platform. It also sets a bad example. Suffice to say, IBM ought to facilitate better support for init systems that are not systemd and also remove systemd from GitHub (as noted before). That would at least remove one cause of distrust or criticism of systemd.

As noted in the video above, IBM should bring back CentOS (in its traditional form) or something similar. RHEL with some artificial limits isn’t the same as CentOS.

Four years after Hitler rose to powerPerhaps most importantly, IBM should quit lobbying for software patents. Instead, IBM should use its clout to abolish all of those patents. Software developers everywhere would appreciate it.

As we’ve just noted (in our latest Daily Links, under “Fedora is a community; Fedora Linux is our OS”), IBM staffers in charge of the Fedora project (not community) worry that they lose quite a few volunteers or non-salaried testers, who correctly perceive the project to be an IBM sandbox which IBM is only semi-heartedly committed to. Asserting that Fedora is a community is living in the past (it did feel like a community a long time ago). There’s not much legitimacy to this claim anymore; Planet Fedora is dominated by IBM staff and even they do not blog much anymore. IBM distorts the meaning of “community”… while distracting us from the real community, which it actively undermines (e.g. trying to remove RMS from GNU, which he had founded).

Well, to IBM “community” means IBM pensioners and similar members of the corporation. IBM needs to recognise that it doesn’t exist in a vacuum and a lot of the software it leverages (and profits from) wasn’t developed for or by IBM.

IBM needs to promote people who better understand the real community, not Mac users like Jim Whitehurst who are good with words rather than technical stuff.

Links 9/3/2021: KCPUID for Linux, IBM Calls Fedora a Community

Posted in News Roundup at 4:55 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Audiocasts/Shows

      • Late Night Linux – Episode 115

        Why so many distros ship GNOME by default, a retro OS on modern hardware, Mint’s update woes, your feedback, and more.

      • Destination Linux 216: Firewalls On Linux & Google’s Change Of Heart On Tracking?

        This week on Destination Linux, we’re going to discuss firewalls. Specifically, what the heck are they? Do you need to set one up? Does your distro have a default firewall and our favorite firewall software. Google is now a privacy ally…or at least that’s what they’re marketing. Later in the show, we’re going to discuss 0 A.D. and Steam Link enhancements for Linux. Plus we’ve also got our famous tips, tricks and software picks. All of this and so much more this week on Destination Linux. So whether you’re brand new to Linux and open source or a guru of sudo. This is the podcast for you.

      • Sunday Morning Linux Review – Episode 326 (Audio-Only)

        I normally don’t post episodes of the Sunday Morning Linux Review on my channel, but I’ve decided to post the latest episode to let people know about it that aren’t already subscribed. Presented as audio only.

      • Solve Problems With Shell Scripting And Dmenu

        While dmenu is a great way to launch your programs, dmenu is much more than just a run launcher. You can have shell commands output to dmenu. This makes dmenu a fantastic tool to incorporate into your shell scripts.

    • Kernel Space

      • Intel Contributes New “KCPUID” Utility For Linux To Reliably Report CPU Features

        Intel engineers have been working on a tool called kcpuid for showing the raw CPU features/capabilities of a processor under Linux. This utility will be part of the kernel source tree and is queued up now in tip’s x86/misc branch, thereby making it material for Linux 5.13 barring any issues coming up.

        Users/administrators can generally rely on /proc/cpuinfo for quickly finding out CPU features of a given system. But the reported CPU information can be a bit misleading as some information can get left out due to kernel boot-time / command-line options that may disable some feature flags. Meanwhile other user-space utilities exist for reading CPU features but they are not necessarily up-to-date for the latest CPUs, among other potential issues.

      • Intel 14th Gen Luna Lake CPU Leaked In Latest Linux Patches; Release Date Hinted

        Intel is reportedly commencing the development of the rumored 14th Generation Luna Lake processors. Rumors have it that the company’s rolling out of chips’ first support through the latest Linux patches hints at its potential launch window.

        The term “Intel Luna Lake” processor was spotted by Coelacanth’s Dream via Videocardz on a page showing a patch that introduced support for the unannounced CPU. The patch notes are for the Intel Ethernet Driver e1000e, which is a 1 Gbps NIC for Linux systems. Based on the patch notes, support for Intel Meteor Lake CPU was added last October 2020.

      • Intel 14th Gen Lunar Lake CPU Platform Referenced In New Linux Patch Notes

        In the immediate future, Intel will be rolling out its Rocket Lake processors, comprised of 11th Gen Core desktop CPUs. Then a little bit further down the road, we will get to see how Intel’s hybrid design works out, with the eventual introduction of Alder Lake. What about after that? We’ve seen references to a Meteor Lake platform, and now another reference to Lunar Lake, which is likely destined for a 2023 or 2024 launch.

        If you are keeping count, Lunar Lake would logically land within Intel’s 14th Gen Core processor plans. That is assuming (A) Lunar Lake is real, and (B) Intel does not shake things up with something else in between, and/or get funky with its Gen labels. Now that Pat Gelsinger has taken the reins as Intel CEO, it is anyone’s guess what the future might hold.

    • Applications

      • 13 Best PDF editors for Linux

        PDF stands for Portable Document Format. It is widely used for exchanging electronic documents. Documents, forms, and web pages encoded in PDF can be correctly displayed on any device, including smartphones and tablets.

        PDF files are most reliable and secure way to share the documents with others over email because they cannot be manipulated easily. They can can be edited however, to some extent when necessary using pdf editors. But most of the time we only read the pdf documents.

        By default all Linux distributions come with a PDF viewer but not with a PDF editor.

        In this tutorial, we will show you some of the best PDF editors that can be used to edit contents, split and merge pdf documents in Linux.

      • Best Hex Editors for Linux

        This article will list useful hex editor applications available for Linux. Hex editors allow you to modify pre-compiled binary files whose source code is typically not available to change. They work by browsing binary data present in a file and then presenting the data in hexadecimal notation to users. Hex editors can also show partial or full ASCII data depending on the contents of the file.

        These hex editors allow you to change hexadecimal values, thereby allowing users to modify file behavior even if they don’t have access to source code. However, the data represented by a hex editor is not exactly human readable. Reading and interpreting hexadecimal values to infer program logic and behavior is not an easy task by any means and it takes considerable efforts to find values and make even the smallest of change. A hex editor is one of the first tools used while reverse engineering a file.

    • Instructionals/Technical

      • How to Update openSUSE Linux System – It’s FOSS

        I have been an Ubuntu user for as long as I remember. I distrohopped a little but keep on coming back to Ubuntu. But recently, I have started using openSUSE to try something non-Debian.

        As I keep exploring openSUSE, I keep on stumbling upon things that are slightly different in SUSE-worse and I plan to cover them in tutorials on It’s FOSS.

      • How To Install XWiki on Ubuntu 20.04 LTS – idroot

        In this tutorial, we will show you how to install XWiki on Ubuntu 20.04 LTS. For those of you who didn’t know, XWiki is a free and open-source, Java-based advanced wiki software platform. It runs on servlet containers like JBoss, Tomcat, Jetty, etc. It also uses a database such as MySQL or PostgreSQL to store its information.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the XWiki on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • Installing Apache CouchDB on Fedora

        Developed by Apache software foundation, CouchDB is a database management system that stores data in JSON documents. We can access our data using the HTTP protocol. Similarly, we can manipulate the data with JavaScript.

      • How to Install PHP 8 on Linux Mint 20? – Linux Hint

        Being a popular server-side scripting language, PHP is used in the creation of dynamic websites, content management systems, and many famous frameworks such as Laravel, WordPress, etc which are developed in PHP. As of preparing this post, the latest stable release of PHP is 8.2.

      • How to Install Steam on Linux Mint 20? – Linux Hint

        Developed by Valve Corporation, steam is a multi-platform application for playing games. There are 30,000+ games available on Steam. Using Steam, you can meet and interact with new people.

        It can be installed on Linux Mint 20 from the Software Manager utility, from the terminal using the apt command, and from the steam official website.

      • How to Create Simple Shell Scripts in Linux Using Vim – Linux Hint

        Shell Scripting executes commands to perform some useful functions and is designed to run in the shell. Shell scripts are quite handy to perform operations like file manipulation, automating tasks to avoid time consumption; you can even create your commands.

        Shell is an interface between the user and operating system that lets users interact with the operating system and perform various tasks using commands. Shell takes input from the user through the terminal, interacts with the kernel, processes it, and gives the output.

      • How to Create and Delete Users on CentOS 8 – Linux Hint

        User management is much needed and must-know technique for a Linux server administrator. A Linux administrator often needs to create and grant different privileges and permissions to different users. This post will perform a couple of tasks like creating and deleting the user on the CentOS 8 Operating system.

        As you know, the creation and deletion of a user is an administrative type of task, and for performing such tasks, you must log in as a root user or execute all the commands with the sudo privileges. Let’s start and see how to add or create a user in the CentOS 8 system.

      • How to Customize a Bash Shell with the shopt Command – Linux Hint

        Shopt is a built-in command in Unix-like operating systems, such as macOS and Linux distributions. The “shopt” command provides control over many settings that are used to tweak the operations in a Bash shell.

        This article shows you how to work with the “shopt” command in Linux. Since this command is built-in, it is not required to install this command to use it. The number of options available for the “shopt” command varies from version to version; older versions will have fewer commands compared to newer versions.

        Some options in Bash are enabled or disabled by default, but these options can temporarily be tweaked, once you restart the shell, these options will be reverted. However, it is also possible to permanently change these options if you are interested in keeping a tweaked version of the shell.

      • HOWTO: install MongoDB on Slackware

        Today I am going to show you how to install MongoDB, create a database admin account and enforce basic security.

        Why MongoDB when Slackware already has MariaDB? Well, the two are not comparable. MariaDB is a SQL database server, whereas MongoDB is a “NoSQL” database server, aka “Not only SQL“, and its queries – just like its object storage format – are in JSON. The two types of databases have entirely different usage targets.

        MongoDB is a ‘general-purpose, document-based database server‘. It has use-cases where it is more powerful than the traditional row/column model of a relational database management system. NoSQL databases, in particular MongoDB, are preferred over RDBMS in Cloud services, Big Data environments and for high-volume web based data processing services. These are typically environments where flexibility is required to handle big amounts of unstructured data and constantly varying schemas. A distributed cluster of MongoDB servers excels at “map-reduce“, the framework invented by Google for condensing large volumes of data into useful aggregated results – the very paradigm that catapulted Google Search into the number one position of search engines shortly after the turn of the millennium.

      • How to install Telegram on Linux Mint 20.1 – YouTube

        In this video, we are looking at how to install Telegram on Linux Mint 20.1.

      • How to install Badlion on a Chromebook

        Today we are looking at how to install Badlion on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

        Please take note that you need the full account of Minecraft to use the application.

      • MariaDB/MySQL Auto-Сlustering with Load Balancing and Replication

        These days high availability and database clustering are very important for highly loaded production applications. If your server is down for a fraction of time, you are losing customers and money. Therefore making a database environment highly available has typically one of the highest priorities. Set up a highly available cluster is not easier for any developers and system administrators.

      • How To Fix The GIMP Eraser Not Working

        GIMP is a free and reasonably good alternative to Photoshop. The app’s UI isn’t the best or the most modern but it has all the tools that you’d find in Photoshop.

        GIMP has the same tools as Photoshop but many of its tools work differently and the workflow is different. Despite having the same tools, there is a noticeable difference between the two apps.

      • How to use screen command to improve your productivity on Linux terminal

        Similar to many tools utilized by system administrators, the Linux screen command is another great tool that helps with productivity. screen can be seen as an alternative to Tmux, but it has many other useful options outside of just saving screen space. screen allows you to create multiple sessions of terminals/interactive shells. In this tutorial I will give you a quick rundown of screen and present several use cases of the command.

      • Hunting Excel date twins

        Certain versions of Microsoft Excel for Mac counted days from 1 January 1904, while other Excel versions numbered their days from 1 January 1900. Microsoft calls these “the 1904 date system” and “the 1900 date system”, and says there are problems you may encounter when you use workbooks that use different date systems.

        I wrote about one of those problems in a 2017 post for The Linux Rain blog. If you compile a spreadsheet using a mix of “1900″ and “1904″ dates, you might have the same record represented twice, with dates exactly 4 years and 1 day apart (1462 days). These pseudo-duplicates are “Excel date twins”.

        The first twins I found (by accident) were in the Atlas of Living Australia (ALA) and had been imported from the Tasmanian Natural Values Atlas (TNVA). From the ALA they went to the Global Biodiversity Information Facility (GBIF). Both records say that I observed the peripatus species Ooperipatellus cryptus at a certain spot in Tasmania. One record says I did it on 3 February 1976, the other on 2 February 1972. The second date is an Excel date twin and impossible: I first came to Australia in January 1973.

      • Removing qtwebengine from a Gentoo Linux installation | Fitzcarraldo’s Blog

        At the beginning of March I updated the world set in Gentoo Testing (~amd64) running the KDE suite (Plasma, Frameworks and Applications) on my secondary laptop, an eleven-year-old Compal NBLB2. It has a first-generation Core i7 CPU and the maximum amount of RAM that can be installed in that model (8 GB).

    • Distributions

      • SUSE/OpenSUSE

        • Real Linux on a Smartphone: PinePhone and openSUSE Tumbleweed

          Why is that phone so special? My wife asked me. I was exited like a child with my shiny new toy: the PinePhone KDE Community Edition.

          So how do you explain the history of failing efforts to get ‘real’ Linux on a smartphone in 5 minutes? How do you explain the difficulties of developing an operating system for the always changing ARM ecosystem?

          I tried: It’s not normal that you can install an Operating System on a phone. Normally you have 2 choices: you buy an Android phone or you buy an Apple iOS phone. In both cases, the phone hardware (read: boot loader) is locked down. So you can’t change the Operating System. At least not easily (because you can root some Android phones).

      • IBM/Red Hat/Fedora

        • Fedora is a community; Fedora Linux is our OS

          When I talk about the Fedora Project, I’m talking about you: the community. The Linux distribution we make is great, but the community is the key. When people say “Fedora” without a qualifier, I’d like them to think “Fedora Project”, not the bits we produce. What’s more, we make more than just one thing — EPEL, for example, plus artwork, documentation, websites, and tools which aren’t tightly tied to the OS itself.

          Over the years, we haven’t done a great job of drawing this distinction. Now, let’s be more intentional with our language.

          I recently asked the Fedora Magazine editors to start using “Fedora Linux” in places where we mean the operating system. For example: “Using mycoolpackage on Fedora Linux” instead of “Using mycoolpackage on Fedora”. The Fedora Program Manager has updated the schedules and the Change proposal template to use “Fedora Linux” where appropriate. And for Fedora Linux 35, I submitted a Change proposal to set the NAME to “Fedora Linux” in /etc/os-release.

        • An introduction to JavaScript SDK for CloudEvents

          In today’s world of serverless functions and microservices, events are everywhere. The problem is that they are described differently depending on the producer technology you use.

          Without a common standard, the burden is on developers to constantly relearn how to consume events. Not having a standard also makes it more difficult for authors of libraries and tooling to deliver event data across environments like SDKs. Recently, a new project was created to help with this effort.

          CloudEvents is a specification for describing event data in common formats to provide interoperability across services, platforms, and systems. In fact, Red Hat OpenShift Serverless Functions uses CloudEvents. For more information about this new developer feature, see Create your first serverless function with Red Hat OpenShift Serverless Functions.

        • Deploying Node.js applications to Kubernetes with Nodeshift and Minikube

          In a previous article, I showed how easy it was to deploy a Node.js application during development to Red Hat OpenShift using the Nodeshift command-line interface (CLI). In this article, we will take a look at using Nodeshift to deploy Node.js applications to vanilla Kubernetes—specifically, with Minikube.

        • A guide to Red Hat OpenShift 4.5 installer-provisioned infrastructure on vSphere

          With Red Hat OpenShift 4, Red Hat completely re-architected how developers install, upgrade, and manage OpenShift to develop applications on Kubernetes. Under the hood, the installation process uses the OpenShift installer to automate container host provisioning using Red Hat Enterprise Linux (RHEL) CoreOS. It is then easy to initialize the cluster and set up the cloud domain name system (DNS), load balancer, storage, and so on.

          Initially, the fully automated OpenShift installation option (called installer-provisioned infrastructure) was available only for public and private clouds. In OpenShift 4.5, the installer was updated to support installer-provisioned infrastructure on VMware vSphere.

          This article is for enterprise IT users and developers who run their workloads on vSphere. I will show you how to bring up your OpenShift clusters in 30 minutes without the pain of needing to do manual tasks each time.

      • Canonical/Ubuntu Family

        • First Look at Ubuntu’s New Desktop Installer

          Initially unveiled last month, the new Ubuntu Installer for the Ubuntu Desktop flavor will have a more modern design that leverages Google’s Flutter UI SDK, which Canonical announced last week that will be their default choice for building future Ubuntu apps.

          At that point in time, only a screenshot was shown of the new Ubuntu Installer, teasing us with a whole new look of the “Try or Install” page, which also featured a “Repair Installation” option that isn’t available in the current Ubiquity installer.

        • How to Create an ISO from Current Installation in Ubuntu 20.04 – Linux Hint

          In Ubuntu, most programs and operating systems can be installed through the ISO file. The ISO file format is a live identical image of the specific operating environment that contains all required installation files. Another name used for ISO files is a disc image. So, an ISO file is a perfect duplicate of the content of an optical disc, such as DVD and CD images. An ISO file is a package that consists of installation directories in an ISO format.
          Users can create a backup of their current installation in an ISO file format. The ISO file can also be used as an external drive, or you can make a bootable USB. if you have an ISO file, then you can create the installation disc by burning the image to a CD or USB.

          This article shows you how to create an ISO file from a currently installed Ubuntu 20.04 system. You can create an ISO file from the current installation of Ubuntu 20.04 using any of the following methods.

        • How to Install Security Updates in Ubuntu 20.04 – Linux Hint

          An essential part of using any operating system is to check for security updates from time to time. It can be difficult to keep track of security updates all the time. One of the easiest ways to keep your Ubuntu system secure is by upgrading your software packages. New versions add the latest features available, and system security is increased by updating programs frequently.

          This guide shows you how to install security updates in Ubuntu 20.04, which will be performed by upgrading security packages.

        • How To Use the C Programming Language in Ubuntu 20.04 – Linux Hint

          C is an excellent procedural programming language for beginners who want to learn how to program. Many applications, including databases and operating systems, use this general-purpose programming language for development.

          The C language is popular among new learners because it is not only easy to use but also helps programmers to better understand the internal architecture of the computer. C is the first step into the programming world, and after learning the C programming language, it will not be as difficult to learn other programming languages. Moreover, the C language is portable, as programs written in this language can be transferred to various platforms without requiring any changes to the code.

          This article shows you how to use the C programming language in Ubuntu 20.04 (LTS) and 20.10.

        • What is build-essential Ubuntu, how to install and use it? – Linux Hint

          The build-essentials packages are meta-packages that are necessary for compiling software. They include the GNU debugger, g++/GNU compiler collection, and some more tools and libraries that are required to compile a program. For example, if you need to work on a C/C++ compiler, you need to install essential meta-packages on your system before starting the C compiler installation. When installing the build-essential packages, some other packages such as G++, dpkg-dev, GCC and make, etc. also install on your system.
          Above, we have described what the build-essential packages are. In the rest of the article, we will explain how to install and use build-essentials on Ubuntu systems. All terminal commands we have executed on Ubuntu 20.04 system in this article. Let’s dive into the depths!

        • Learning Dart & Flutter

          My employer, Canonical – recently announced we’re working with the Flutter developers to bring their platform to the Linux desktop. My interest was piqued.

          Personally I like the concept of writing applications which can run on many platforms. I sometimes dabble with game development engines like Construct3, GDevelop, Unity & Godot which all have multiple export options for different platforms. Having similarly powerful, cross-platform and open source tools for building mobile and desktop (non-game) applications is welcome in my book.

        • The Fridge: Ubuntu Weekly Newsletter Issue 673

          Welcome to the Ubuntu Weekly Newsletter, Issue 673 for the week of February 28 – March 6, 2021. The full version of this issue is available here.

    • Devices/Embedded

      • Netflix 4K certified MECOOL KM2 S905X2-B TV Box runs Android TV 10

        There are plenty of Amlogic TV boxes around, but unless you buy from the big players, most devices won’t support Netflix FullHD/4K because certification is hard to get for smaller companies.

        The Hailstorm device scaling program launched in 2018 aimed to make the process easier on Amlogic and Hisilicon processors, and HiMedia S1 TV dongle was one of the first to get approved. But now MECOOL KM2 joins the rank of Netflix 4K certified devices. The TV box is powered by an Amlogic S905X2-B processor running Android TV 10, also known as Android TV on Android 10.

      • Arduino With Python Tutorial for Beginners – Linux Hint

        When you have started playing with Arduino boards, the standard programming language is provided by Arduino. This language is extremely useful for getting started and can even be used for real use. People who have used it for a while, though, notice a few limitations. You might also be used to programming in Python already. For this reason, developers have invented Micropython.

        With Micropython, you have all the basics of Python, with limitations due to the hardware you are finally running it on. This article will not discuss these limitations. Hopefully, you have a clear picture of what a microcontroller can do. Most likely, you will find that it can do much more than you imagined before you started.

      • NXP i.MX 8M Plus 2.5-inch Pico-ITX SBC supports UIO40-Express expansion modules

        With NXP i.MX 8M Plus AI processor nearing mass production, we’ve seen many companies introduce i.MX 8M Plus systems-on-module at Embedded World 2021. But as one would come to expect, there should also be single board computers based on the new processor, and Advantech has unveiled the RSB-3720 2.5-inch SBC (aka Pico-ITX SBC) compatible with the company’s UIO40-Express expansion boards.

    • Free, Libre, and Open Source Software

      • Productivity Software/LibreOffice/Calligra

        • LibreOffice Online with Team Editing Collaboration

          Continuing the intro, now we will try LibreOffice Online with team collaboration. This allows you and friends (a team) altogether to edit a document simultaneously via the internet. It supports computer, laptop, as well as Android device users. How to do that? This simple tutorial explains it step by step for you.


          Once a friend clicked the link, he/she will open your document on the web browser, asked for a name, asked for the password if any, and finally can edit the document together with you at the same time. The name asked will be used as identifier when a team working together.

      • CMS

        • Proposal and Steps To Dual-License Gutenberg Under the GPL and MPL

          The GPL is so embedded into WordPress that it is not just the license the platform is under but a part of the community’s culture. Friends have been gained and lost over discussions of it. Bridges burned. Battles waged. People cast out to the dark corners of the web that “we don’t talk about.” There was even a time when one could expect a fortnightly GPL dust-up in which the inner WordPress world argued the same points over and over, ad nauseam.

          It might be hard to imagine a world where — outside of third-party libraries — direct contributions to the software are under anything other than the GPL. However, the wheels are now in motion. The Gutenberg project, which is the foundation of WordPress going forward, may soon be under both the GNU General Public License (GPL) v2 and the Mozilla Public License (MPL) v2.0.

        • People of WordPress: Olga Gleckler

          From a natural interest in computers and fixing things as a young woman, Olga Gleckler from St Petersburg, Russia, found WordPress took her on a journey to becoming a successful female tech entrepreneur. On International Women’s Day, we share her story.

      • Programming/Development

        • Vue Computed with Parameter

          The Computed property is usually used to compute data from some other data. It is known for its reactivity because whenever a variable involved in some computed property gets changed, the whole property gets recomputed.This post will learn to pass the parameter to computed property and see how to use Vue computed with parameter. Before getting started with passing parameters to the computed property, let’s first understand the computed properties by going through the example.

        • Vue Computed Property not updating; Troubleshooting Steps

          Vue.js is a very popular JavaScript library that is known for its reactivity, flexibility, and intuitive API. However, reactivity and flexibility come with some drawbacks, leading to the developer’s performance or a headache. The computed property is a very famous and most known feature of Vue.js, which is used to update some variable or perform some calculation depending upon some other variable’s updation.

          This post will try to troubleshoot the problems that occurred when the computed property does not work or update what we want. Let’s have a look at the scenarios, what might go wrong, and Vue Computed Property not updating.

        • How to Use Heredoc in Shell Scripting

          Here document (Heredoc) is an input or file stream literal that is treated as a special block of code. This block of code will be passed to a command for processing. Heredoc originates in UNIX shells and can be found in popular Linux shells like sh, tcsh, ksh, bash, zsh, csh. Notably, other programming languages like Perl, Ruby, PHP also support heredoc.

          Structure of Herdoc

          Heredoc uses 2 angle brackets (<<) followed by a delimiter token. The same delimiter token will be used to terminate the block of code. Whatever comes within the delimiter is considered to be a block of code.

          Look at the example below. I am redirecting the block of code to the cat command. Here the delimiter is set to “BLOCK” and terminated by the same “BLOCK“.

        • LLVM Clang Mainlines Support For The Motorola 68000 Series (m68k) – Phoronix

          If it wasn’t odd enough during these pandemic times seeing Nintendo 64 support upstreamed into the Linux 5.12 kernel a few weeks back, the latest vintage hardware seeing open-source support still going on is the Motorola 68000 series 32-bit processors. LLVM/Clang today merged the “m68k” target for these three decade old processors.

          The Motorola 68000 (m68k) 32-bit processors were found in early Apple Macintosh computers, the Amiga, Sega Genesis, and other vintage devices. Motorola hasn’t even been developing the 68000 series since the mid 90′s but it has remained popular in some retro computing circles and still sees Linux/open-source work.

        • How CSS Positioning and Flexbox Work – Explained with Examples

          If you have ever used CSS, then you know how hard it is to position elements. But by the end of this tutorial you’ll know much more about CSS positioning and Flexbox, and you’ll be able to position elements in your dream project like a boss.

        • How Classes Work in C++

          C++ supports Object Oriented Programming, and classes and objects are the heart of this programming paradigm.

          You might be wondering – what is a class and why do we need them? In this article I’ll go over some basics to help you understand how classes work in C++.

        • A Jetpack Compose Tutorial for Beginners – How To Understand Composables & Recomposition

          This tutorial will teach you a few fundamental concepts and terms related to the Jetpack Compose UI Library on Android.

          While this is a beginner’s guide to Compose, it will not be a beginner’s guide to Android – so you should have built at least an application or two (though not in Compose, necessarily).

          Before we begin, I was initially planning to write a follow up article directed towards more senior developers until I came across Leland Richardson’s two part article series. Leland is not only a Software Engineer working on the Jetpack Compose team, but I see that he is a great writer as well.

        • Git Cheat Sheet – 50 Git Commands You Should Know

          A distributed version control system is a system that helps you keep track of changes you’ve made to files in your project.

          This change history lives on your local machine and lets you revert to a previous version of your project with ease in case something goes wrong.

          Git makes collaboration easy. Everyone on the team can keep a full backup of the repositories they’re working on on their local machine. Then, thanks to an external server like BitBucket, GitHub or GitLab, they can safely store the repository in a single place.

          This way, different members of the team can copy it locally and everyone has a clear overview of all changes made by the whole team.

          Git has many different commands you can use. And I’ve found that these fifty are the ones I use the most often (and are therefore the most helpful to remember).

        • Python

          • How to Filter Data in Django? – Linux Hint

            It is a very common requirement for the web application to display data on the web page based on the user’s interest. The searching feature of the application makes it more user-friendly. Django framework has a built-in filter() method to filter data from the database tables. A table can contain many records and sometimes determining some specific data are required based on the particular criteria. This task becomes easier by using the filter() method in different ways. How the data from a database table can be filtered using the filter method in four different ways will be discussed in this tutorial.

          • How to Create Django Templates? – Linux Hint

            A template contains HTML data that is generated from a view and displayed in the browser. The static and dynamic HTML pages can be created using the template. Logic and design have been kept separately in the Django application. Python code can’t be used directly in the Django template because the browser can’t interpret the python code. The designer can design the HTML pages only with the necessary format or styling, and the coder adds the static or dynamic data into the template using Django Template Language (DTL).

            How the Django template can be created and how the DTL can be used to add static or dynamic content to the template have been shown in this tutorial.

          • How to Create Django Form? – Linux Hint

            The use of the form is an essential part of any web application. The input from the website users can be taken using the form. It can contain different types of fields, such as text box, combo box, check box, radio button, etc. to take data from the users. Django framework contains a large number of libraries to help the web developer to design an HTML form for taking input from the user, process the input, and respond to the user’s input.

            How HTML form can be used to take data from the user, read the input values, and print the values in the browser using Django is shown in this tutorial.

          • How to Get Started with Pandas in Python – a Beginner’s Guide

            The Pandas package in Python gives you a bunch of cool functions and features that help you manipulate data more efficiently. It also lets you perform numerous data cleaning and data preprocessing steps with very little hassle.

            That’s great isn’t it? Here’s a list of some of the most frequently used Pandas functions and tricks to help you enjoy your data science journey.

        • Rust

          • Sylvestre Ledru: Debian running on Rust coreutils

            tldr: Rust/coreutils ( https://github.com/uutils/coreutils/ ) is now available in Debian, good enough to boot a Debian with GNOME, install the top 1000 packages, build Firefox, the Linux Kernel and LLVM/Clang. Even if I wrote more than 100 patches to achieve that, it will probably be a bumpy ride for many other use cases.
            It is also a terrific project to learn Rust. See the list of good first bugs.

            Even if I see Rust code every day at Mozilla, I was looking for an actual personal project (i.e. this isn’t a Mozilla project) to learn Rust during the various COVID lockdowns.

            I started contributing to the alternative Coreutils developed in Rust. The project aims at proposing a drop-in replacement of the C-based GNU Coreutils, and I wanted to evaluate if this could be used to run a regular Debian. Similar to what I have done with clang.debian.net a few years ago (rebuilding the Debian archive using clang instead of gcc).

            I expect that most of the readers know what the Coreutils. It is a set of programs performing simple operations (copy/move file, change permissions/ownership, etc). Even if some commands are from the 70th, they are at the base of Linux, Unix and macOS. While different implementations can be found, they are trying to remain compatible in terms of arguments, options, etc. This implementation of Coreutils isn’t different!

  • Leftovers

    • BSidesSF 2021 CTF: CuteSrv (Author Writeup)

      I authored the BSidesSF 2021 CTF Challenge “CuteSrv”, which is a service to display cute pictures.

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation

              • Overview of the Kubernetes Security Essentials Training Course

                We recently launched the LFS260 – Kubernetes Security Essentials eLearning course in partnership with the Cloud Native Computing Foundation (CNCF), the home of Kubernetes. This course provides the skills and knowledge on a broad range of best practices for securing container-based applications and Kubernetes platforms during build, deployment and runtime. It also gets you ready to sit for the Certified Kubernetes Security Specialist (CKS) exam.

        • Security

          • Feeding Frenzy as criminal groups stake their claim on Outlook Web Access servers

            This weekend, several days after the Patch Tuesday when Microsoft released fixes for the ProxyLogon vulnerability, Netcraft found more than 99,000 unpatched Outlook Web Access servers accessible on the internet — of which several thousand have clear evidence of one of more web shells installed.

            Outlook Web Access (OWA) provides remote access to on-premises Microsoft Exchange mailboxes. While a treasure trove of corporate email is a tempting enough target itself, it can also act as jumping-off point for deeper network access. Vulnerable versions allow unfettered remote access to the mail server. Originally attributed to the Hafnium group, the variety of different web shells and file naming conventions found by Netcraft suggest that the shells belong to multiple groups who have been spurred into action since Microsoft’s announcement by the scale of the opportunity.

          • A Basic Timeline of the Exchange Mass-Hack

            Sometimes when a complex story takes us by surprise or knocks us back on our heels, it pays to revisit the events in a somewhat linear fashion. Here’s a brief timeline of what we know leading up to last week’s mass-hack, when hundreds of thousands of Microsoft Exchange Server systems got compromised and seeded with a powerful backdoor Trojan horse program.

            When did Microsoft find out about attacks on previously unknown vulnerabilities in Exchange?

            Pressed for a date when it first became aware of the problem, Microsoft told KrebsOnSecurity it was initially notified “in early January.” So far the earliest known report came on Jan. 5, from a principal security researcher for security testing firm DEVCORE who goes by the handle “Orange Tsai.” DEVCORE is credited with reporting two of the four Exchange flaws that Microsoft patched on Mar. 2.

          • David Tomaschik: BSidesSF 2021 CTF: Encrypted Bin (Author Writeup)

            I thought I’d do a walk through of how I expected players to solve the challenge, so I’ll write this as if I’m playing the challenge.

            Visiting the web service, we find an upload page for text and not much else. When we perform an upload, we see that we’re redirected to a page to view the encrypted upload…

          • Daniel Stenberg: half of curl’s vulnerabilities are C mistakes

            Lots of people keep referring to the awesome summary put together by a friendly pseudonymous “Tim” which says that “53 out of 95” (55.7%) security flaws in curl could’ve been prevented if curl had been written in Rust. This is usually in regards to discussions around how insecure C is and what to do about it. I’ve blogged about this topic before, but things change, the world changes and my own view on these matters keep getting refined.

            I did my own count: how many of the current 98 published security problems in curl are related to it being written in C?

            Possibly due to the slightly different question, possibly because I’ve categorized one or two vulnerabilities differently, possibly because I’m biased as heck, but my count end up at:

            51 out of 98 security vulnerabilities are due to C mistakes

            That’s still 52%. (you can inspect my analysis and submit issues/pull-requests against the vuln.pm file) and yes, 51 flaws that could’ve been avoided if curl had been written in a memory safe language. This contradicts what I’ve said in the past, but I will also show you below that the numbers have changed and I still was right back then!

    • Monopolies

      • Brief of Remedies, Restitution, Antitrust, and Intellectual Property Law Scholars as Amici Curiae in Support of Respondent Federal Trade Commission

        An injunction is an equitable remedy with a long history in the courts of equity. The injunctive power historically and necessarily includes the attendant power for a court also to order restitutionary disgorgement of a defendant’s ill-gotten gains, among other forms of equitable monetary relief. That has been a long-standing and steadfast rule in equity jurisprudence for nearly two hundred years. It has also been a consistent holding in this Court’s cases. And this Court has required statutes to be clear and unambiguous in disclaiming traditional equity powers. The FTC Act does not do so.

        Amici are 43 professors and scholars of remedies, restitution, antitrust, and intellectual property law throughout the United States. Amici include editors of major casebooks and books on Remedies, Antitrust, and Intellectual Property, and one of the amici is the new editor of the leading treatise on Remedies. Many of the amici also have served as Advisers and Members of the Consultative Group to the Restatement (Third) of Restitution and Unjust Enrichment (Am. Law Inst. 2011). Two are the Reporters, and several serve as Advisers, for the Restatement (Third) of Torts: Remedies (in progress). One is President Emeritus of the American Law Institute. All amici have taught at major law schools and regularly publish articles in the areas of remedies, restitution, antitrust, and intellectual property. Amici seek to clarify the history and source of power for equitable remedies incident to injunctions such as disgorgement of a wrongdoer’s profits.

      • Canadian courts are interpreting supplementary pharmaceutical patent protection more broadly than their EU counterparts [Ed: Passing laws for large monopolies at the expense of public interest]

        For nearly 30 years, pharmaceutical patent policy in Canada has been designed to strike a balance between rewarding pharmaceutical innovation and enabling affordable drug access. This balance has evolved over time. From entry into the original North American Free Trade Agreement (NAFTA) in 1993 until entry into the Canada-EU Comprehensive Economic and Trade Agreement (CETA) in 2014, the Canadian government has successfully resisted trade obligations and pressures that, had it acceded, would have forced this delicate balance to tip in favour of intellectual property (IP) protection for pharmaceuticals.

        With CETA, the Canadian government agreed to measures to enhance pharmaceutical IP protection, including the extension of patent terms to reflect delays in regulatory approval. This form of protection is called supplementary protection certificates (SPCs) in the European Union. In agreeing to implement SPC-like measures, Canadian trade negotiators introduced safeguards to limit extended patent terms to two years and to exempt pharmaceutical manufacturing that is for the purposes of export. An apparent premise of Canada’s agreement to introduce SPC-like measures was that the protection would be similar to (and not broader than) SPC protection but balanced with the negotiated safeguards.

      • Patents

        • Bayer Healthcare LLC v. Baxalta Inc. (Fed. Cir. 2021)

          Last week, the Federal Circuit affirmed a jury verdict against Baxalta Inc., Baxalta US Inc., and Nektar Therapeutics for infringing Bayer Healthcare’s patent to human blood clotting factor conjugates in Bayer Healthcare LLC v. Baxalta Inc.

          Bayer Healthcare sued Defendants on U.S. Patent No. 9,364,520, alleging willful infringement by Baxalta’s product, Adynovate®. This product is a recombinant human Factor VIII (the blood clotting factor responsible for causing Hemophilia A) having the protein structural domains A1-A2-B-A3-C1-C2, wherein the B portion was specifically modified by addition of polyethylene glycol (PEG). PEGylation is important because Factor VIII has an 11-hour half-life which requires frequent injections and leads to reduced patient compliance. The prior art had disclosed “random” modification of Factor VIII with PEG, which had “several drawbacks” due to the multiplicity of PEGylations sites (“158 lysines, the two N-termini, and multiple histidines, serines, threonines, and tyrosines”) in the Factor VIII protein, which led to heterogeneity in the species produced, including ones having deleterious effects on Factor VIII activity and ones having a multiplicity of PEG residues conjugated to the protein.

        • Disney Files Patent to Turn Any Resort Room Into a Show

          The Disney Patent, filed on February 9, 2021, is the newest design idea by The Walt Disney Company and requests to protect the idea of turning any room into a show. But if one reads the filed papers, they will find that this proposed technology mentions over and over hotel room use and how to engage a Resort Guest.

          Will Disney utilize this tech in upcoming hotels or perhaps refit existing hotel rooms for multimedia shows?

        • Patent ‘death squad’ used by Apple and others could be unconstitutional

          According to the report the body has invalidated 2,000 patents since its inception in 2012, including nearly 200 just from Apple. Many of these patents, the report notes, are held by patent trolls, whose sole business models involve acquiring patents and then suing companies allegedly in breach of using them without licensing. The board was set up in 2011 by Congress “as a faster and cheaper alternative to litigation”.


          The Supreme court may reportedly go as far as to stop the board from reviewing any more patents, stripping 250 judges of their jobs in the process and possibly meaning cases would have to be reconsidered.

        • Sony has filed a patent for a system that could turn bananas and other household items into PlayStation controllers
        • LG wins patent lawsuit against TCL in Germany

          According to LG, the Mannheim Regional Court last week ruled in favour of the South Korean company, having found that TCL infringed upon LG’s standard essential patent, EP 2 627 146 B1, in Germany. The patent is related to LTE technology.

          LG said it would take immediate steps to halt TCL from using patented technology in its smartphones without a licence.

          The Chinese company can appeal the decision however, and its request to the German Federal Patent Court to nullify the patent in question is still pending.

          In November 2019, LG filed infringement lawsuits for three patents against TCL. There are two lawsuits still ongoing for the other patents. The hearing for one started last week and another will start in May.

        • Morocco Third in Africa for Most Patents Filed in 2020 [Ed: Rather meaningless measures hailed as something they're not (hint: patents and progress/innovation are totally different things, sometimes patents actively suppress progress)]

          Morocco filed the third greatest number of patents in Africa in 2020, trailing only South Africa and Egypt in a year notable for its economic upheaval and innovation amid the coronavirus pandemic.

          Between January and December of last year, Moroccan companies filed 42 patents across multiple industries, according to recent figures from the World Intellectual Property Organization (WIPO). The figure rose nearly 30% from the 33 patents filed by Morocco in 2019.

          China led the world in patent filings in 2020, registering 68,720 parents in 2020 alone. The United States followed at 59,230, while Japan rounded out the top three at 50,520 patent requests.

        • Software Patents

          • SynKloud Technologies patent held unpatentable

            On March 5, 2021, the Patent Trial and Appeal Board (PTAB) issued a final written decision in Unified Patents, LLC v. SynKloud Technologies, LLC holding all claims of U.S. Patent 9,098,526 unpatentable. SynKloud Technologies is a subsidiary of Ideahub, Inc. The ‘526 patent, directed to providing remote storage for wireless devices, has been asserted against Hewlett-Packard and Blu Products.

          • Vivint Sues ADT for Patent Infringement [Ed: "Smart" as patent legal minefield, e.g. for lousy software patents]

            In the complaint, Vivint asserts that ADT infringes six of Vivint’s U.S. patents related to security and smart home technology. As one of the premier providers of smart home technology, Vivint is recognized throughout the industry for its products, innovation and customer satisfaction. Vivint has more than 300 issued patents related to its proprietary technology.

IRC Proceedings: Monday, March 08, 2021

Posted in IRC Logs at 2:08 am by Needs Sunlight

HTML5 logs

HTML5 logs

#techrights log as HTML5

#boycottnovell log as HTML5

HTML5 logs

HTML5 logs

#boycottnovell-social log as HTML5

#techbytes log as HTML5

text logs

text logs

#techrights log as text

#boycottnovell log as text

text logs

text logs

#boycottnovell-social log as text

#techbytes log as text

Enter the IRC channels now

IPFS Mirrors

CID Description Object type
 QmXfS5K9KnaGR11R4FKYUF2C6Jdn5s1b6r9WSLgqN8qWuD IRC log for #boycottnovell
(full IRC log as HTML)
HTML5 logs
 QmVraiiXHWUSe1VXVzmJJe7GKDaPWn1uhDj9Zm6cUmgrGX IRC log for #boycottnovell
(full IRC log as plain/ASCII text)
text logs
 QmbnJSQyurS2SHZVrBzhnfkNmz3hB8ggwLH2RpBFrf1t73 IRC log for #boycottnovell-social
(full IRC log as HTML)
HTML5 logs
 QmeC9RAe75y7n54q7ppyqEzqx7wq1S5CquhMBYbm5L6mEd IRC log for #boycottnovell-social
(full IRC log as plain/ASCII text)
text logs
 QmT7TFcqLXJ8P6gfnGgxqfvj2YRtXyoGsdJAi157jFJtsT IRC log for #techbytes
(full IRC log as HTML)
HTML5 logs
 QmbVrP6Mv6xagmKnyFgFKqRVAHZqKQy84CB4T4efBcsYGt IRC log for #techbytes
(full IRC log as plain/ASCII text)
text logs
 QmRmaicL8Yxon1ZcVb4BpunAotSrK4QRvCapdUUwxKvNQv IRC log for #techrights
(full IRC log as HTML)
HTML5 logs
 QmXi6CUfqbBxYrXNgUS7HEnisWEWo4bmq5KdYMCCDGnLrf IRC log for #techrights
(full IRC log as plain/ASCII text)
text logs

IPFS logo

Bulletin for Yesterday

Local copy | CID (IPFS): QmWp121r1GXcbyqSwDPppCeSNezNLzAkSn1ouaS1a1jokb

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources




Samba logo

We support

End software patents


GNU project


EFF bloggers

Comcast is Blocktastic? SavetheInternet.com

Recent Posts