Bonum Certa Men Certa

Links 27/4/2021: University of Minnesota Still in Trouble, Dan Kaminsky Eulogies



  • GNU/Linux

    • Server

      • Linux vs. Windows Server: Which one is for you?

        Linux and Windows Servers are the two popular and important web-hosting services worldwide. They power over 60% of all websites, and it is almost an age-old question: Linux or Windows? When deciding what is the best option for your server needs. These two operating systems have dominated the server market for years, with Linux maintaining a noticeable lead.

        I know you are wondering. Not Linux vs. Windows again! It feels like we will never get to the end of the discussion.

        However, this article will highlight a few of the desirable features of either Linux or Windows servers that will give you an informed decision when choosing the best solution for your business needs. Because let’s face it, there are minimal differences between Windows and Linux in terms of functions and applications. Making the correct choice sometimes is no walk in the park, even for experienced engineers and business managers.

        First, let’s understand the key desirable features of Windows and Linux operating systems you will need for a reliable server.

    • Audiocasts/Shows

      • WP Briefing: Your Opinion is Our Opportunity

        In this episode, Josepha discusses the importance of co-development and testing for the continued growth and maintenance of the WordPress project.

      • Uninstall Oh My ZSH Right Now And Do This Instead

        Whenever I bring up ZSH there's always at least one person who thinks I'm talking about Oh My Zsh and get confused when I tell them I think the application serves no purpose so today I thought I should explain again why you shouldn't bother with Oh My ZSH.

      • Destination Linux 223: Interview with CEO of LBRY (Odysee) Plus Bo’s Hack Snack

        This week’s episode of Destination Linux, we are being joined by Jeremy Kauffman, the CEO of LBRY Inc, to discuss SEC’s recent lawsuit that threatens cryptocurrency and blockchain. We have everyones favorite hacker/pentester, Bo Weaver is joining us again this week for another Bo’s Hack Snack. Then we’ll check out Firefox’s latest release plus take a sneak peak at their upcoming UI redesign. Plus we’ve also got our famous tips, tricks and software picks. All of this and so much more this week on Destination Linux. So whether you’re brand new to Linux and open source or a guru of sudo. This is the podcast for you.

      • Late Night Linux – Episode 122

        Linux flies on Mars, a new Ubuntu release, the kernel is the subject of an ill-judged study, Linux GUI apps on Windows, KDE Korner, and more.

    • Kernel Space

      • Linux Kernel 5.12 Released! How to Install it in Ubuntu

        The Ubuntu Mainline Kernel Archive provides the new kernel packages via DEB files.

        The mainline build kernels do not include any Ubuntu-provided drivers or patches. They are not supported and are not appropriate for production use. For those prefer using a graphical tool, see this tool to install the latest Kernel.

      • Linux Kernel 5.12 Released, This is What’s New

        The Linux 5.12 kernel has been released – albeit a week later than original scheduled.

        Linus Torvalds announced the release over on the Linux kernel mailing list, writing: “…thanks to everybody who made last week very calm indeed, which just makes me feel much happier about the final 5.12 release.” He adds that despite the extra week’s grace this is “actually a fairly small release overall”.

        I reckon Linus’ definition of ‘small’ may differ from ours, so read on to run through the biggest changes and most notable additions proffered in the latest Linux kernel update.

      • As Linux 5.12 released, Linus Torvalds warns next version will probably be rather large

        Linus Torvalds has emitted version 5.12 of the Linux kernel, and warned the next version looks like a whopper.

        "Thanks to everybody who made last week very calm indeed, which just makes me feel much happier about the final 5.12 release," he said in his announcement, while referencing last week's post in which he worried the release may slip a week.

        [...]

        Among the known additions coming to version 5.13 are support for Apple's M1 silicon, the addition of a wireless WAN subsystem, more RISC-V support, and provisions for Intel's standalone GPUs.

      • Slackware Beta: Kernel 5.12 Has Arrived in Testing

        Hell yeah, on 12 th April Pat Volkerding announced the first beta of what will eventually be Slackware 15.0 using a 5.10.29 kernel, ending the changelog entry on his typical cheery note. "I'm going to go ahead and call this a beta even though there's still no fix for the illegal instruction issue with 32-bit mariadb. But there should be soon (thanks ponce!) No build regressions noted with the official gcc-10.3 release. Please report any new (or old) issues on the LQ Slackware forum. Enjoy! :-)".

      • GNU Linux-libre 5.12-gnu Is Released

        GNU Linux-libre is a modified versions of the Linux kernel that is truly free software thanks to the removal of all the evil binary blobs modern GNU/Linux distributions include. The ideal is very noble, but the practical result is a crippled and practically useless Linux kernel. A Linux-libre kernel based on Linux 5.12 is now available for those find that to be appealing.

        [...]

        The GNU Project has a solution: The GNU Linux-libre kernel. It is a specially patched GNU-approved Linux kernel that does not include or rely on any binary blobs unless the source for those blobs is available under a free software license. Linux-libre version 5.12-gnu was just released. It was released as separate tarballs with updated clean-up scripts, kernel patches and ready-to-go packages with cleaned-up Linux kernel sources in several file compression formats. All the files in the Linux-libre 5.12-gnu release can be acquired from https://linux-libre.fsfla.org/pub/linux-libre/releases/5.12-gnu/.

        The release announcement for Linux-libre 5.12-gnu, which came in the form of a mailing list message, notes that this release adds patches eradicating new binary blobs introduced yesterday's Linux 5.12 release. Those include the OcteonTX2 crypto device, the MXL692 dvb, the Allegro-DVT, the MT7921E wifi chip and BCM VK accelerators.

      • Initial Support For The Apple M1 Lands In Linux 5.13

        As expected, support for the initial Apple M1 SoC support and 2020 Apple Silicon devices (Mac Mini, MacBook Pro, MacBook Air) has landed into the Linux 5.13 kernel.

        During this first day of the Linux 5.13 merge window the various ARM SoC/platform pull requests were submitted and have already been merged to mainline.

      • Linux 5.13 Bringing Code For Intel SGX Within KVM Guests - Phoronix

        Linux 5.11 brought mainline support for Intel Software Guard Extensions (SGX) after a lengthy mainlining process. Building off that SGX enclaves support in the mainline kernel more recently has been support for SGX with KVM virtualization and now for mainline Linux 5.13 that guest-side support is landing for KVM guests.

        Software Guard Extensions for KVM allows for a portion of the system meory to be encrypted with an SGX enclaves and used exclusively by a KVM guest that cannot be used by the host or any other guest.

      • The Linux Foundation's demands to the University of Minnesota for its bad Linux patches security project [Ed: ZDNet isn't disclosing that it has been working as a marketing/front group of the Linux Foundation, i.e. a collective of openwashing corporations]

        To say that Linux kernel developers are livid about a pair of University of Minnesota (UMN) graduate students playing at inserting security vulnerabilities into the Linux kernel for the purposes of a research paper "On the Feasibility of Stealthily Introducing Vulnerabilities in Open-Source Software via Hypocrite Commits" is a gross understatement.

        Greg Kroah-Hartman, the Linux kernel maintainer for the stable branch and well-known for being the most generous and easy-going of the Linux kernel maintainers, exploded and banned UMN developers from working on the Linux kernel. That was because their patches had been "obviously submitted in bad faith with the intent to cause problems."

        The researchers, Qiushi Wu and Aditya Pakki, and their graduate advisor, Kangjie Lu, an assistant professor in the UMN Computer Science & Engineering Department of the UMN then apologized for their Linux kernel blunders.

      • Linux kernel team rejects University of Minnesota researchers’ apology

        Last week, senior Linux kernel developer Greg Kroah-Hartman announced that all Linux patches coming from the University of Minnesota would be summarily rejected by default.

        This policy change came as a result of three University of Minnesota researchers—Qiushi Wu, Kangjie Lu, and Aditya Pakki—embarking on a program to test the Linux kernel dev community's resistance to what the group called "Hypocrite Commits."

        [...]

        Last week, senior Linux kernel dev Greg Kroah-Hartman reverted 68 patches submitted by folks with umn.edu email addresses in response to these "Hypocrite Commits." Along with reverting these 68 existing patches, Kroah-Hartman announced a "default reject" policy for future patches coming from anyone with an @umn.edu address.

        Kroah-Hartman went on to allow exceptions for such future patches if "they provide proof and you can verify it," but he went on to ask "really, why waste your time doing that extra work?"

        The University of Minnesota Department of Computer Science and Engineering responded to the ban by immediately "suspend[ing] this line of research," promising to investigate the researchers' method—and the process by which it was approved.

      • Linux 5.13 Power Management Updates Submitted - Phoronix

        Working on the Linux power management code is a never-ending and increasingly important task. The ACPI and power management updates were sent in today for the Linux 5.13 merge window though this isn't as exciting as some of the recent kernels heavy on CPUFreq and P-State changes.

    • Benchmarks

      • AMD EPYC 72F3 Linux Performance For 8-Core Zen 3 Server CPU

        Over the past month we have been quite impressed by the performance of the EPYC 7003 series Milan processors when looking at the top-tier parts, but how does Zen 3 do for lower-tier server CPUs? Recently we were supplied with two EPYC 72F3 processors from AMD for these 8-core high performance SKUs. In our initial look at the EPYC 72F3 Linux performance is seeing how they compare to the similar previous-generation EPYC 7F32 processor.

        With just having our hands on the EPYC 72F3 processors for a few days, the initial look is just some 1P testing compared to the EPYC 7F32 processor for looking at the generational advancement with Zen 3. In the days/weeks ahead will be more tests including the 2P benchmark results and additional comparison figures. Via OpenBenchmarking.org is also already various comparison points that can be made for those interested.

    • Instructionals/Technical

      • caja – invalid encoding – how to convert German Windows Filenames with special chars (Windows-1252) to GNU Linux filename.encoding (UTF-8)
      • Make Plasma look like Windows 10 guide

        Why? Why not! There are three reasons why anyone would want to attempt this. One, because they can, ergo nerds who want to have fun. Two, to see how flexible and powerful the Plasma desktop really is. Three, to make Plasma look like Windows, because the target users expect such looks regardless of functionality. Can it work, though?

        After testing a bunch of Windows 7/10 themes in non-Plasma desktops a few days back, I decided to expand my experiment and see how Plasma copes with this rather unnecessary yet interesting challenge. So far, I've attempted Mac makeover and Unity customization with fairly decent degrees of success. Now, I'd like to try my luck with the Windows skinning attempt. In my other tests, the results weren't that promising. Here? Well, below, this be a Plasma desktop made to look like Windows 10. Now, let's commence.

      • Linux Fu: A Little Bit Of (Network) History Repeating Itself | Hackaday

        These days, embedded systems often have networks and that can make them significantly more complex. Networks are usually pretty nondeterministic and there are a variety of oddball conditions. For example, when your public-access pick and place machine gets written up on Hackaday and you suddenly get a 50X surge in traffic, how does your network stack handle it? While there’s no silver bullet for network testing, there are some tricks that can make it easier and one of those is the tcpreplay utilities that allow you to record complex network traffic and then play it back in a variety of ways. This has many benefits, especially if you manage to capture that one thing that triggers bad behavior sporadically. Being able to play it back on demand can speed up diagnostics considerably.

      • How to port forward through the firewall on Ubuntu

        Do you use the Ubuntu firewall and need to open up ports to the internet on your system? We can help! Follow along with this guide as we go over ways you can port forward on Ubuntu!

        Note: although this guide focuses on Ubuntu, it will also work on any Linux OS based upon Ubuntu as they also have access to the same firewall.

      • How to set up a persistent Ubuntu USB

        If you find yourself using an Ubuntu live disk a lot for portable computing, you might notice that the files you save to it don’t save and aren’t persistent. That’s because, by default, the Ubuntu live disk doesn’t have persistent storage.

        [...]

        It is possible to make a persistent Ubuntu USB stick but to do it, and you’ll need to install a unique tool. This tool is known as Mkusb. It’s a unique program that can help you create bootable disks, including ones that allow you to have persistent storage.

        Getting this app installed on Ubuntu requires some tinkering, as it doesn’t come in any of the default Ubuntu software repositories. To get started, open up a terminal window on the Ubuntu desktop. To do that, press Ctrl + Alt + T on the keyboard or search for “terminal” in the app menu.

        Once the terminal window is open, use the add-apt-repository command below to add the Mkusb PPA to your Ubuntu system. This PPA is currently the only way to get the app working on Ubuntu.

      • 9 Practical Examples of the Linux date Command

        Meet the Linux date command. No, it can't get you a romantic evening. But it can format the date at the top of a love letter you wrote in the terminal. Close enough? Let's get started.

        As you're scripting in Bash, you'll inevitably need to print a date or time, and that date or time will often need to be in a specific format to satisfy the requirements of other functions. That's when the date command comes into play.

        As you'll see, the date command in Linux is both simple and versatile, meaning it will accept all kinds of input and generate dates in a multitude of formats. It also has other special functions for various time-related computing tasks. Learning date's options and syntax will definitely make you more skilled in scripting, and maybe more punctual.

      • 3 Linux commands you have forgotten about

        Time passes and things change. There is nothing eternal in this world, maybe except taxes but just as people get older and are replaced by younger ones, so Linux commands also get older and are replaced by other “younger”, “more modern” .

        In this article, we’ll look at a few commands that you’ve used a lot before, but you’ve probably forgotten about. People have the ability to forget very quickly and adapt to the new without thinking much about the past.

      • How to install Ubuntu Kylin 21.04

        In this video, I am going to show how to install Ubuntu Kylin 21.04.

      • How to measure the execution time of a command in Linux

        When working on the command line in Linux, you may want to know how much time a particular command has taken (from start to finish).

        If you are new to Linux and looking for a way to do this, you will be pleased to learn that there is a command-line tool that does exactly what you want. The tool in question is called "time". In this guide, I will show you how to use the time command. We will measure how long a Linux command takes to execute.

        Please note that all instructions and examples mentioned here have been tested on Ubuntu 20.04.

      • How to install RubyMine on a Chromebook

        Today we are looking at how to install RubyMine on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • How to use FTP or SFTP in Linux command line interface - LinuxTechLab

        FTP or File Transfer Protocol is a network protocol that is used to transfer files to & from a remote location. If you are looking to set up an FTP server, then please go through the tutorials mentioned HERE & HERE.

        In this tutorial, we are going to discuss how to use Linux FTP or SFTP command to manage files and directories FTP server using the command line interface. Though there are many GUI clients available that can be used to manage files but there are many a time when CLI is the best option.

      • How to Install Odoo 11 on CentOS 7 with Nginx as a Reverse Proxy

        In this tutorial, we will guide you through the steps of installing Odoo 11 on CentOS 7. We will also install Nginx and configure it as a reverse proxy. Odoo (formerly OpenERP) is a simple and intuitive suite of open-source enterprise management applications such as Website Builder, eCommerce, CRM, Accounting, Manufacturing, Project and Warehouse Management, Human Resources, Marketing, and many more.

        Odoo comes in two editions, Community edition which is free, and Enterprise edition. In our case, we will install and use the Community edition. Odoo 11 requires Python 3.5 which is not available in the CentOS repositories. That is the reason why we cannot install the Odoo package via yum

      • How to Install ProFTPD with TLS on Ubuntu 20.04 LTS

        Transferring files via FTP (File Transfer Protocol) is probably still one of the most popular ways to upload files to a server. ProFTPD is a popular and versatile FTP server that is available as open-source software and supports TLS (SSL) for secure connections.

        By default, FTP is an insecure protocol as passwords and data are transferred in cleartext. By using TLS, as we do in this guide, all communication can be encrypted, making FTP more secure.

        This article describes how to configure proftpd with TLS on Ubuntu server 20.04 LTS.

      • Linux 101: What is the Linux $PATH? - TechRepublic

        If you're new to Linux, you might have heard mention of something called the PATH. Or, you've seen it written like: $PATH. What is this mysterious convention? Is it less followed or something dark and dangerous you might want to avoid?

        Actually, the Linux PATH is quite simple, in that it consists of all the directories wherein your user can fun commands from anywhere. Let me explain.

        Let's say you write a bash script to print out "Hello, TechRepublic!" and named it hello.sh. You give it executable permissions and leave it in your home directory.

      • How to Connect a Projector to Your Ubuntu Computer - Make Tech Easier

        There’s nothing quite as fun or as necessary as using a projector. Whether you’re a teacher using a projector in your classroom or setting up an outdoor movie night on the wall of your house, projectors are a great way to turn an average space up to 11. However, for Linux users, there can sometimes be difficulties getting different displays to work, and it may be important to walk through some troubleshooting steps to get things to work. Here we walk you through how to connect a projector to your Ubuntu computer.

      • How To Disable IPv6 on Ubuntu 20.04 LTS - idroot

        In this tutorial, we will show you how to disable IPv6 on Ubuntu 20.04 LTS. For those of you who didn’t know, IPv6 is enabled by default in Ubuntu. But you may want to disable IPv6 for many reasons. Some programs may cause problems when IPv6 is enabled, So if you are not planning to use IPv6, simply disable it and not worry about any potential problems.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step disable IPv6 on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

    • Wine or Emulation

      • Boxedwine is an emulator that can run Windows apps on the web (or Linux, Mac, or… Windows)

        The free and open source Wine utility that makes it possible to run some Windows applications on Linux and Mac computers is not an emulator, but rather a compatibility layer. The name is actually an abbreviation for Wine Is Not an Emulator.

        But that doesn’t mean you can’t do some pretty cool things when you combine WINE with an emulator. And one developer has done just that to create Boxedwine, a utility makes it possible to run some Windows applications on the web or on a computer running Linux, Mac, or even Windows (which could come in handy if you want to run older apps that don’t work with recent versions of Windows).

        In a nutshell, Boxedwine emulates the Linker kernel and an x86 CPU and then runs an unmodified version of the 32-bit version of Wine, allowing you to run supported16-bit or 32-bit on a host operating system. The developer is also working on a version that may be able to run on the Raspberry Pi 4 or other devices with ARMv8 processors.

    • Games

      • Be a dancing tentacle alien who murders bosses and wears their skulls in Zapling Bygone | GamingOnLinux

        Well, that certainly is a headline isn't it. I'll admit that the idea and style of Zapling Bygone pulled me in right away, along with the description of what you'll be doing. This pixel-art platformer is a skull-swapping alien adventure where you go onto murder bosses and wear their skulls.

        Created by 9FingerGames, it's another metroidvania platformer that's bringing in something highly unique. Thanks to the design of the creature you control with the many legs, you get a lot of control. The developer says that everything "responds instantly with absolutely zero horizontal inertia, and control is nevertaken away from the player. You are in full control from the moment you launch the game to the moment you see the end credits.".

        [...]

        It's planned to release for Linux and be mainly supported on Ubuntu, with the developer mentioning they will do their best to ensure it works well.

      • Veil of Dust is an upcoming environmental exploration of what comes after devastating loss

        Trying to survive in a sparse landscape, Veil of Dust: A Homesteading Game puts you in the shoes of someone just trying to keep going and find your way after loss.

        Mixing together elements of a visual novel, with farming, foraging, crafting and more - the developer Calamity Bay Games explains that it's "historically-grounded" which makes me quite curious about it. However, it's also mixing in some mystery and magic too so it's all kinds of things. You need to solve the sudden appearance of some magical beasts, while dealing with the sparse landscape to have enough to eat.

        We spoke with the developer over email who explained that it's built with GameMaker Studio, and they regularly test their Linux builds.

      • Here’s how to play full Xbox games on Linux with xCloud (video) [Ed: Games you neither own nor control; they spy on you and take up your bandwidth]

        Microsoft mainly built this version because Apple won’t let them make a game streaming app for the Apple App Store, so the web-based method is a workaround for that

    • Desktop Environments/WMs

    • Distributions

      • The New elementary Store is Here

        For the past several months our web team has been working on a new merch store to replace the old manual front-end—and we’re ready to debut that work for you all now.

        [...]

        We’ve long offered a simple store as a way to get official branded merch while directly supporting development of elementary OS. We’ve partnered with Printful for years thanks to their excellent quality products, but our previous store page was a very finicky PHP app that required manual uploading of print files and fiddling with product JSON—basically, unfriendly to both developers and designers. As a result, we only ever offered a small selection of products and were largely unable to spend the time to design and upload new ones.

        Printful does offer a number of integrations with popular selling platforms like Shopify and Etsy, but they weren’t a good price fit for the relatively low volume plus global reach of our store, nor were they able to be as integrated into our existing website and design style as we’d like.

      • Reviews

        • Deepin 20 Review

          Curious about Deepin 20? Here's our review to this latest version of the super beautiful and unique China operating system for your computers and laptops. We can say that Deepin is now a fashion in computing ready to compete with Windows and MacOS. This series of release begins with the big switch, from WPS to LibreOffice, and similarly from Google Chrome to Browser, aside from other large improvements in its system most notably the desktop in general and Control Center in particular. Here's Deepin Twenty for you all!

          Deepin 20 is a fashion, successful beauty operating system with good performance. Among GNU/Linuxes, it has the originality and it is clearer to see in this release. I think it needs mass production as real computers. Several shortcomings exist such as the bad theming of LibreOffice and live session issue but those are covered up by the goodness. If now Lenovo proudly produce Fedora Thinkpads, I think it is not too difficult for them and other brands to produce Deepin Laptops and so on as well. To Deepin Team, thank you very much, you all have made an excellent OS and please continue! Finally, I can say Deepin 20 will be very much appealing to both of Windows' and MacOS' users to try and use in their machines. Enjoy Deepin computing to you all!

      • Canonical/Ubuntu Family

        • Ubuntu 21.04 Adds Support for Active Directory and Other Major Changes

          In a bid to help make Linux more viable for the business desktop, Canonical adds support for Active Directory and a few other notable changes.

          In a move that should surprise no one, Canonical has made it considerably easier for admins to join Ubuntu desktop machines to Active Directory domains and use Group Policy to set password requirements, user access controls, and even tweak desktop environment settings (such as login screen backgrounds and required applications).

          Canonical has even made it possible for the integration of a Ubuntu Desktop into an existing Active Directory domain to be an automated and effortless process, with the help of the System Security Services Daemon (SSSD).

        • Ubuntu Cinnamon Remix 21.04

          Today we are looking at Ubuntu Cinnamon Remix 21.04. It comes with Linux Kernel 5.11, Cinnamon 4.8.6, and uses about 1.5GB of ram when idling. Enjoy!

        • Ubuntu Cinnamon Remix 21.04 Run Through

          In this video, we are looking at Ubuntu Cinnamon Remix 21.04.

        • Why You Can’t Upgrade to Ubuntu 21.04 (For Now)

          Still waiting to see that Ubuntu 21.04 upgrade prompt? Well, you’re not alone — and it’s not coming anytime soon.

          Turns out there’s a pretty severe bug in the Ubuntu 21.04 upgrade process. The bug is so severe that Ubuntu developers have chosen not to trigger the upgrade notification that many Ubuntu 20.10 users are (rather patiently) waiting for.

          It’s still possible to upgrade to Ubuntu 21.04 from Ubuntu 20.10 from the command line but this still carries a risk.

          So what’s up?

        • Ubuntu Weekly Newsletter Issue 680

          Welcome to the Ubuntu Weekly Newsletter, Issue 680 for the week of April 18 – 24, 2021.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Is a Computer Science Degree Required to Work with Open-Source Software? [Ed: Well, programming does not require a university degree, but it does require actually doing something for skills and experience]

        Open-source software development is booming, and it is creating many innovations, much faster in recent years. It is no wonder that many developers and even students choose to showcase their skills and upgrade themselves with these latest trends.

        Open-source software is distributed with its source code, which makes it available to use. Source code is a part of the software that most people don’t see. That code can be manipulated to control the behavior of a program or application. And programmers can access the source code, change an application, add to it or fix some of the parts that are not working properly.

        The code is shared publicly or is stored in a public repository, and anyone can access it and use it. The Open-Source Software (OSS) comes with a license that includes all the terms that define how the open-source software developers can use, modify, study and distribute the software.

        The most popular licenses are MIT License, Apache License 2.0, GNU General Public License 2.0, GNU General Public License 3.0, and BSD License.

      • Web Browsers

        • Mozilla

          • Mozilla Explains: What is IDFA and why is this iOS update important?

            During last week’s Apple event, the team announced a lot of new products and a new iPhone color, but the news that can have the biggest impact on all iPhone users launched today with iOS 14.5. They are finally giving users the option to get rid of IDFA, or identifier for advertisers, something that Mozilla has been asking for since 2019.

          • Upgrading Mozilla’s Root Store Policy to Version 2.7.1

            Individuals’ security and privacy on the internet are fundamental. Living up to that principle we are announcing the following changes to Mozilla’s Root Store Policy (MRSP) which will come into effect on May 1, 2021.

            These updates to the Root Store Policy will not only improve our compliance monitoring, but also improve Certificate Authority (CA) practices and reduce the number of errors that CAs make when they issue new certificates. As a result, these updates contribute to a healthy security ecosystem on the internet and will enhance security and privacy to all internet users.

          • Chris H-C: Data Science is Interesting: Why are there so many Canadians in India?

            Any time India comes up in the context of Firefox and Data I know it’s going to be an interesting day.

          • Firefox Nightly: These Weeks in Firefox: Issue 92
      • Programming/Development

        • Steve Kemp: Writing a text-based adventure game for CP/M

          In my previous post I wrote about how I'd been running CP/M on a Z80-based single-board computer.

        • Rust

          • Congrats to compiler team member Aaron Hill

            Aaron Hill (@Aaron1011) has been contributing to many different parts of the compiler since his start in 2017. Recently, Aaron has been working on finding and fixing bugs and correctness issues in the incremental system, cleanups and improvements to macro expansion and hygiene, as well as miscellaneous bug fixes. Beyond the compiler, Aaron has also implemented support for unwinding in Miri, generating documentation for auto-traits, and future incompatibility reporting in Cargo.

          • Niko Matsakis: Async Vision Doc Writing Sessions VII

            We have previously set 2021-04-30 as the end-date, but I proposed in a recent PR to extend that end date to 2021-05-14. We’ve been learning how this whole vision doc thing works as we go, and I think it seems clear we’re going to want more time to finish off status quo stories and write shiny future before we feel we’ve really explored the design space.

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • Pseudo-Open Source

          • Privatisation/Privateering

            • Linux Foundation/Openwashing Services

              • Open Source Joins Efforts to Create Gene Therapies for Rare Diseases

                The OpenTreatments Foundation enables treatments for rare genetic diseases regardless of rarity and geography. The RareCamp Project provides the source code and open governance for the OpenTreatments software platform to enable patients to create gene therapies for rare genetic diseases.

              • OpenAPI Specification 3.1.0 Available Now

                The OpenAPI Initiative (OAI), a consortium of forward-looking industry experts who focus on standardizing how APIs are categorized and described, released the OpenAPI Specification 3.1.0 in February. This new version introduces better support for webhooks and adds 100% compatibility with the latest draft (2020-12) of JSON Schema.

        • Security

          • Computer security world in mourning over death of Dan Kaminsky, aged 42

            When your Register hack asked Kaminsky why he hadn't gone to the dark side and used the flaw to become immensely wealthy – either by exploiting it to hijack millions of netizens' web traffic, or by selling details of it to the highest bidders – he said not only would that have been morally wrong, he didn't want his mom to have to visit him in prison. You can read more technical info on the DNS flaw here.

            Besides discovering the domain-name system weakness, he had been a stalwart of the security research scene for years, and was a much-loved regular at conferences big and small. You can find a YouTube playlist of his DEF CON presentations, for instance, here. He would talk with and advise anyone – even paying the entrance fees for some researchers or letting them crash on his hotel room floor – and it was this generosity that people are overwhelmingly remembering this weekend.

            [...]

            As a journalist, this was a blessing for your vulture – Kaminsky had no animosity to the press if they were trying to get the full story out, and would explain stuff quickly and simply to make sure coverage was accurate. This hack remembers cancelling dinner plans when he called late one afternoon with an interesting tale: you knew it was going to be a late night of reporting work though it would be worth it.

            There is now a move to see Kaminsky inducted into the Internet Hall of Fame. It is an accolade he thoroughly deserves.

            In a statement thanking everyone for their kind words, Kaminsky's family said he died as a result of diabetic ketoacidosis, and asked for privacy at this time.

          • Computer security world in mourning over death of Dan Kaminsky (The Register)

            The Register reports on the death of security researcher Dan Kaminsky. "Though Kaminsky rose to fame in 2008 for identifying a critical design weakness in the internet's infrastructure – and worked in secret with software developers to mitigate the issue before it could be easily exploited – he had worked behind the scenes in the infosec world for at least the past two decades."

          • Cybersecurity World Mourns Over Security Researcher Dan Kaminsky's Passing

            On Saturday, April 24th, 2021, the computer security world was shaken by the news of the sudden death of Dan Kaminsky, a renowned hacker best known for his contributions in the realm of DNS security. Kaminsky was 42 years old.

            A regular speaker at prestigious cybersecurity conferences including DEFCON and Black Hat - both of whom have expressed their condolences on Twitter, Kaminsky is best known for his groundbreaking DNS cache-poisoning research that prompted an industry-wide movement to address a major Internet security weakness. Kaminsky is also credited with raising awareness of the severity of the 2005 SONY rootkit infections.

    • Finance

      • Cryptocurrency is an abject disaster

        Starting on May 1st, users of sourcehut’s CI service will be required to be on a paid account, a change which will affect about half of all builds.sr.ht users. Over the past several months, everyone in the industry who provides any kind of free CPU resources has been dealing with a massive outbreak of abuse for cryptocurrency mining. The industry has been setting up informal working groups to pool knowledge of mitigations, communicate when our platforms are being leveraged against one another, and cumulatively wasting thousands of hours of engineering time implementing measures to deal with this abuse, and responding as attackers find new ways to circumvent them.

        Cryptocurrency has invented an entirely new category of internet abuse. CI services like mine are not alone in this struggle: JavaScript miners, botnets, and all kinds of other illicit cycles are being spent solving pointless math problems to make money for bad actors. Some might argue that abuse is inevitable for anyone who provides a public service — but prior to cryptocurrency, what kind of abuse would a CI platform endure? Email spam? Block port 25. Someone might try to host their website on ephemeral VMs with dynamic DNS or something, I dunno. Someone found a way of monetizing stolen CPU cycles directly, so everyone who offered free CPU cycles for legitimate use-cases is now unable to provide those services. If not for cryptocurrency, these services would still be available.

        [...]

        There are hundreds, perhaps thousands, of cryptocurrency scams and ponzi schemes trussed up to look like some kind of legitimate offering. Even if the project you’re working on is totally cool and solves all of these problems, there are 100 other projects pretending to be like yours which are ultimately concerned with transferring money from their users to their founders. Which one are investors more likely to invest in? Hint: it’s the one that’s more profitable. Those promises of “we’re different!” are always hollow anyway. Remember the DAO? They wanted to avoid social arbitration entirely for financial contracts, but when the chips are down and their money was walking out the door, they forked the blockchain.

    • AstroTurf/Lobbying/Politics

      • Green Horizons 2020 Exit Interview

        Our 400,000+ votes for 0.3% of the total vote falls in the middle range of Green presidential results. That is pretty good considering that the larger political context and dynamic of this election was the most difficult we have ever faced. 2020 was a referendum on Trump. We competed with a militant lesser-evilism among progressives that was desperately willing to settle for any Democrat to replace Trump.

        The larger political context of presidential races each year has always determined Green results far more than our candidates, message, or campaign execution. Greens generally do better when running against an incumbent Democrat who disappoints progressives than an incumbent Republican who scares progressives. Until the Greens are a major force in American politics and rooted in the political system with thousands elected to local offices and, on that foundation, to states legislatures and the US House, our presidential ticket will be like a cork bobbing in the sea of the larger political dynamic of that year. There are no shortcuts around building a mass-based party at the grassroots that can be our ship to steer our own way through these strong currents.

        Some have suggested running a celebrity is the shortcut to instant competitiveness. We have done that. We had an incomparable celebrity in 2000 with Ralph Nader. Nader had nearly universal name recognition and huge public favorability as an accomplished progressive reformer known as an advocate for the people. 2000 also had a more favorable two-party competition dynamic with Nader running for an open seat against Al Gore, the heir to eight years of Clinton centrism, and a not-yet-scary George W. Bush running as a “compassionate conservative.” Yet Nader still only received 2,882,955 votes for 2.7%. We got our second best result in 2016 when there was also an open seat and the two major party candidates were the most unpopular in polling history. Jill Stein received 1,457,216 votes for 1.1% in 2016.

    • Digital Restrictions (DRM)

    • Monopolies

      • Patents

        • World IP Day: Promoting Progress

          Today, April 26, is World Intellectual Property Day. And in the U.S., Congress is granted the power to create copyrights and patents—two key forms of intellectual property—in the Constitution. Article I, Section 8, Clause 8, grants Congress the power to “promote the Progress of Science and useful Arts, by securing for limited Times to Authors and Inventors the exclusive Right to their respective Writings and Discoveries.”

          All too often, discussion of IP focuses on the second half of that clause—securing to authors and inventors their copyrights and patents. But the first half of the clause is crucial to understanding the true purpose of the U.S. intellectual property system.

          The goal of IP in the U.S. is not to create exclusive rights. The goal is to foster creativity—to “promote the Progress of Science and useful Arts.” And that goal isn’t served by IP that is stronger than is needed any more than IP that is weaker than is needed. As the Supreme Court recently observed in Google v. Oracle, the award of exclusive rights “can sometimes stand in the way of others exercising their own creative powers” and “stifle the very creativity which that law is designed to foster.”

          That’s because the goal isn’t to reward past creativity—it’s to foster future creativity. That’s why the Court observed that the exclusive rights “should not grant anyone more economic power than is necessary to achieve the incentive to create.” Providing an exclusive right as a reward is part of providing that incentive. But if copyright or patent rights provide too much power to a rightsholder who has already created something, it may block others from exercising their own creativity, leading to less future progress.

        • World IP Day [Ed: A whole day named after a lie for lobbying purposes of robber barons and their loyal lawyers]

          Today is WIPO’s World IP Day. This year’s theme is “IP & SMEs: Taking your ideas to market”.

          Such a theme is fully in line notably with the latest IP developments of the European institutions and authorities as further described below.

        • Strong IP Protection A Priority For Current, Ex-USPTO Heads [Ed: USPTO doesn't do "IP" (it's not an ISP), it's doing trademarks and patents; maybe the publishers should learn to stop repeating lies and misnomers]

          The acting director of the U.S. Patent and Trademark Office joined forces with former agency heads Monday to highlight the importance of intellectual property rights, with ex-leader Andrei Iancu warning that loosening those rights could hamper global efforts to tamp down COVID-19.

          Iancu voiced concern about a World Trade Organization proposal to temporarily waive intellectual property rights to speed up global vaccine distribution. His remarks came during a webinar hosted by the Washington, D.C., chapter of the Licensing Executives Society to celebrate World Intellectual Property Day.

        • Software Patents

          • $3,000 for Cutting Edge Vision prior art

            The '827 patent generally relates to a camera system, including voice recognition, one or multiple microphones, gaze tracking, touch sensitive inputs and others. The voice recognition unit is operable for, among other things, receiving multiple different voice commands, recognizing the vocal commands, associating the different voice commands to one camera command and controlling at least some aspect of the digital camera operation in response to these voice commands. The gaze tracking unit is operable for, among other things, determining the location on the viewfinder image that the user is gazing upon. One aspect of the touch sensitive inputs provides that the touch sensitive pad is mouse-like and is operable for, among other things, receiving user touch inputs to control at least some aspect of the camera operation. Another aspect of the disclosed invention provides for gesture recognition to be used to interface with and control the camera system. It is currently being asserted against HTC and Sonim Technologies.

          • $2,000 for Mobile Equity Corp prior art

            The '058 patent generally relates to a system and method that a mobile device is used to initiate and execute a transaction between a customer and a merchant. It is currently being asserted against Walmart.



Recent Techrights' Posts

15 Countries Where Yandex is Already Seen to be Bigger Than Microsoft (in Search)
Georgia, Syrian Arab Republic, Cyprus, Moldova, Ukraine, Armenia, Azerbaijan, Kyrgyz Republic, Uzbekistan, Kazakhstan, Turkmenistan, Tajikistan, Belarus, Turkey, and Russia
FSF Has Made It Halfway to Its Target (Funding Goal) a Week Before Christmas Day
$400,000 definitely seems reachable now, especially if they extend the "deadline"
 
There's an Abundance of Articles About the New Release of Kali Linux, But This One is a Fake
It can add nothing except casual misinformation (fed back into the model to reinforce lies)
Links 19/12/2024: Astronaut Record and Observer Absorbed
Links for the day
Links 19/12/2024: Seven Dirty Words and Isle Release v0.0.3 (Alpha)
Links for the day
Links 19/12/2024: Nurses Besieged by "Apps", More Harms of Social Control Media Illuminated
Links for the day
Links 19/12/2024: Magnitude 7.3 Earthquake and Privacy Camp
Links for the day
Gemini Links 19/12/2024: Port Of Miami Explosion, TurboQOA, Gnus
Links for the day
Fake Articles About 'Linux'
Dated yesterday
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 18, 2024
IRC logs for Wednesday, December 18, 2024
[Meme] The Master Churnalist
Speaking of press releases being passed off as "journalism"
Spamnil's TFiR: Still Pretending Press Releases Are 'Articles' (TFiR 'Originals' as Plagiarism or Fluff)
Same as last year
Links 18/12/2024: Zakir Hussain Dies, TuneIn Layoffs
Links for the day
Links 18/12/2024: Karate Love and Advent of Code
Links for the day
Windows (or Microsoft) Has Become the "One Percent" (Market Share) in Chad
How long before it falls below 1%?
Arvind Krishna, IBM's CEO, Will Eventually Suck Up to Donald Trump Like His Predecessor Did or the Watson Family Did With Adolf Hitler
Literally Hitler
Being a Geek Need Not Mean Being Sedentary
"In the past 18 months," Berkholz writes, "I’ve lost 75 pounds and gone from completely sedentary to fit, while minimizing the effort to do so (but needing a whole lot of persistence and grit)."
GAFAM Kissing the Ring of the Mafia Don
"resistance" to dictatorship and defenders of democracy?
Slop Spaghetti From the Chef, Second Time Today
Fresh slop ready out the oven!
IBM - Like Microsoft - Lies About the Number of People It's Laying Off (Several Tens of Thousands, Not Counting R.T.O. "Silent" Layoffs and Contractors/Perma-Temps)
How many waves of silent layoffs have we seen so far at IBM this year?
Links 18/12/2024: EU Launches Probe Into TikTok (At Last!)
Links for the day
Links 18/12/2024: Doha/Qatar Trafficking, Bloat Comfort Zone, and Advent of Code 2024
Links for the day
Saving What's Left of Decent and Independent Journalism on the Web
We increasingly (over time) try to make local copies (hosted on our server) of important documents; it's hard to rely on third parties
[Meme] Microsoft's Latest Marketing Pitch
"Stop Being Poor; buy a new PC with TPMs"
In South Africa, a Very Large Nation, Web Developers Can Already Ignore Microsoft Browsers (Edge Measured Below 3% in 55 Nations)
The dumb assumption you must naively test with Microsoft browsers is no longer applicable in a lot of places
Open Source Initiative (OSI) is the Voice of Bill Gates and Satya Nadella
Not hard to see what they've done with the money
Microsoft Boasts That Its (Microsoft-Sponsored) "Open Source AI" Propaganda Got Cited in Media (That's Just What the Money Did)
This is a grotesque openwashing campaign
In Many Places Around the World, Perhaps as Expected, Yandex is Nearly Bigger Than Microsoft (Like in Several African Countries)
Microsoft may soon fall to "third place" in search
Keeping Productive This Christmas
We've (pre)paid for hosting till almost January 2026 and fully back on the saddle
IBM and Canonical Leave Money on the Table Because Microsoft Pays Them Not to Compete and Instead Market Windows, WSL, Microsoft 'Clown Computing', and TPMs
Where are the regulators?
Other Editors Who Agree "Hey Hi" (AI) is Just Hype But Won't Say So Publicly as It Might Upset Key Sponsors
Some media would gladly participate in a scam to make money
Brian Fagioli's Latest "Linux" Article Appears to be Fake
Another form of plagiarism/ripoff using bots?
IBM (and Red Hat) is a Patent Troll, Still Leveraging Software Patents to Extract Money Out of Other Companies by Suing Them
Basically, when it comes to patents, IBM is demonstrably part of the problem, not the solution
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 17, 2024
IRC logs for Tuesday, December 17, 2024
[Meme] When the People Who Falsely Accuse You of Pedophilia Turn Out to be Projecting
When you attack something or someone using falsehoods, as happens a lot to Richard Stallman (RMS), there's risk that the attacks will backfire, badly
In Some Countries, Such as Greece, Almost 80% of Windows Users Are on Vista 10 and About 85% Need to Move to GNU/Linux for Security Patches
Vista 11 was a failure
[Meme] They Don't Want the Public to Know What "Responsible Encryption" Really Means
They also blame "China" for their own back doors (because China learned how to exploit those)
The Linux Foundation's Certificate Authority (CA) Significantly and Suspiciously Raises the Number of Certificates It Issues (Quantity Increase/Inflation) by Lessening Their Lifetime in the Name of 'Security' (That Barely Makes Sense!)
LE made 3 months the "standard" for most, soon to become just 6 days instead of 6 months?
Why I Continue to Believe That at the End Software Freedom Will Win
a short and incomplete list of factors which I believe contribute to the sentiment that we can - and will - win the battles over hearts and minds in the "Tech" realm
Links 17/12/2024: More China Sanctions, GOP Scheming to Prop Up Fentanylware (TikTok)
Links for the day
Gemini Links 17/12/2024: The Streisand Effect and Productivity-systems Desiderata
Links for the day
Technology: rights or responsibilities? - Part X
By Dr. Andy Farnell
Links 17/12/2024: More "Tesla Autopilot" and "Hey Hi" (AI) Blunders
Links for the day
Instead of Promoting GNU/Linux (or Ubuntu) Ahead of Vista 10's EoL Canonical is Marketing Microsoft's Proprietary Software
It's like Canonical employs people who work for Microsoft, not for Canonical
Links 17/12/2024: Many Abuses by Microsoft and War Updates From Ukraine
Links for the day
Content Management Systems (CMS) Bloat/ Static Site Generators (SSG) Trouble
some Web site management stories
DEI Room at fedoraproject.org Pretty Much Dead
We're not against diversity but against its weaponisation by greedy people who do not value diversity at all
The "Latest Technology News" at BetaNews is Slop About Slop
This is at the very top of the "news" (front page) at the moment
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 16, 2024
IRC logs for Monday, December 16, 2024