07.31.21

Gemini version available ♊︎

Links 31/7/2021: Kernel Additions and Linux Mint 20.3 Release Date

Posted in News Roundup at 6:27 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Where to Learn Linux

      If you’re new to Linux or if you just want to learn more about Linux and improve your professional skills, you might be wondering where to learn Linux. This article will help you.

      There are many options to choose from, ranging from written content to video tutorials and audiobooks. Each category with its own different choices. We’ll go through each one of them and guide you through all the options of where to learn Linux.

    • Desktop/Laptop

      • Your PC is not compatible with Windows 11? Here are your options!

        The second option that you have is to switch to Linux. It requires more work on your part, as you have to find a suitable Linux distribution, alternatives to programs that are not available on Linux, and get to know a new operating system.

        Depending on the distribution, Linux may look and feel similar to Windows, or it may be a totally different experience.

        Most Linux distributions support Live operating systems, which means that you may run them without installing them. Instructions are provided on the websites, e.g. Linux Mint.

        Gamers find that most PC games work on Linux nowadays either directly or through applications such as Wine. Valve and its Steam service have pushed Linux compatibility significantly in recent time, and there are options to play games from other stores as well under Linux.

        The advantage of this method is that you will have no trouble finding a suitable distribution, and that most programs and games will either run or have suitable alternatives.

        Downside is that no programs or apps can be carried over, that it takes time to find a suitable distribution and get used to it. Some programs and apps are not available on Linux, and won’t run using Wine or other methods.

      • The 10 Best Websites to Run Linux in a Web Browser

        Linux is not everyone’s cup of tea. But does that mean you can’t get the hang of it on your own? Definitely not. You can embark on the journey to learn Linux-based operating systems even on your Windows and Mac device.

        Surprised? Well, don’t be, for the key lies in your browser. You can access Linux on your very own internet browser, right from your existing operating system.

        Still can’t believe it? Why not check out these websites and test them out for yourself?

      • Top 50 HD wallpaper packs for your Linux PC

        As a matter of fact, a suitable wallpaper is a motivation factor that can cheer you up while working on your machine. Any image based on your love’s cool colors can soothe and stimulate your senses while working, thus maintaining your activeness on your machine. This, therefore, means that selecting an appropriate wallpaper is super necessary as it plays a significant psychological role.

        Before looking at some of the best 50 HD wallpapers we have for you, let us first show you how you can easily change your desktop wallpaper without any issues. To have any of these wallpapers on your Linux computer, all you have to do is follow the steps below, and you will be good to go.

    • Server

      • How microservices and containers work, apart and together

        CMicroservices and containers are two methods that enable companies to more efficiently create and deliver applications. Here’s how they work — and when they’re best used together.

        Containers and microservices are related concepts that help companies design and adopt applications with speed, efficiency and flexibility. It’s hard to talk about one without also talking about the other. Microservices and containers are distinct technologies — they don’t have to be used together, but they often are. Let’s break down how each works, their key similarities and differences, and how an enterprise can use them in tandem.

        What are microservices?

        Microservices are individual units of software that combine to provide all of the functions required to run an application. Typically, each microservice handles a discrete type of functionality within an application. For example, one microservice handles logins, another generates the UI, another populates the interface with content specific to each user session and yet another interfaces with the database that stores user data.

        Until about 2010, most applications were monolithic designs in which the entire application ran as a single unit and, in most cases, as a single process. Prior to wide adoption of the internet and APIs, a service-oriented architecture (SOA) approach evolved to break applications into somewhat smaller pieces. However, the individual services within an SOA are typically not as small or dynamic as microservices.

    • Audiocasts/Shows

      • A Rolling Release Debian? Install The “Unstable” Branch!

        Debian has three different branches: (1) stable, (2) testing and (3) unstable. The unstable branch “Sid” is a rolling release distribution similar to something like Arch Linux. You get the latest and greatest packages, unlike the standard “stable” edition of Debian, which can have very old packages.

    • Kernel Space

      • First mentions of AMD RDNA1 “Cyan Skillfish” iGPU for future Ryzen APUs appear in Linux code

        All the leaked AMD processor roadmaps we got up until now show how Team Red plans to replace the Vega iGPUs with RDNA2 models. A bit strange to skip over the original RDNA architecture, considering that it offers a smaller die size with a fairly higher transistor density compared to its successor. Sure, it does not integrate ray tracing tech, but no one really expects good ray tracing performance from an iGPU anyway, plus it is also more cost effective due to its smaller die size. However, AMD might have reconsidered this aspect in the meantime, as Phoronix recently discovered mentions about a “Cyan Skillfish” iGPU based on the RDNA1 architecture for unnamed upcoming APUs in the Linux 5.15 OS code.

        It could be that AMD wants to keep the RDNA2 iGPUs on the more powerful APUs like the laptop H-series and the Pro G-series for desktops, while upcoming embedded and U-series may only feature the RDNA1 graphics since these models come with lower TDPs. An interesting alternative here would be the inclusion of these RDNA1 iGPUs on the high-end desktop processors, so that AMD could finally fully match what Intel is offering.

      • Linux 5.14 Drops Old DEC Alpha-Specific Binary Loader Used For x86 Binary Emulation – Phoronix

        As a weekend blast from the past, the Linux 5.14 kernel saw some Alpha CPU architecture updates — including various fixes and the removal of an Alpha-specific binary loader for running a decades dated x86 software emulator.

        While past the merge window, the Linux 5.14 code this week has dropped “binfmt_em86″ from the kernel. This is an Alpha binary loader for Linux focused on running i386/i486 binaries via the EM86 emulator in user-space. This was part of the effort for allowing Intel Linux x86 binaries back in the day to run on DEC Alpha hardware.

      • The New NTFS Driver Looks Like It Will Finally Be Ready With Linux 5.15 – Phoronix

        It’s looking like the new NTFS file-system kernel driver developed by Paragon Software and over the past year revised more than two dozen times could be ready for mainlining in the kernel in about one month’s time when the Linux 5.15 merge window opens. Everything is finally aligning and looking like the code is in good enough shape for its initial merging though not necessarily replacing the existing NTFS driver at this point.

      • Linux Changes Pipe Behavior After Breaking Problematic Android Apps On Recent Kernels – Phoronix

        At the end of 2019 a rework to the Linux kernel’s pipe code saw some of its logic reworked to only wake up readers if needed and avoid a possible thundering herd problem. But it turns out some Android libraries abused the functionality and this has led to broken Android applications when moving to recent kernels. While the user-space software is in the wrong, the kernel is sticking to its policy of not breaking user-space and as such Linus Torvalds has changed the code’s behavior for Linux 5.14 and to be back-ported to prior stable kernels.

        Rather than only waking up readers if needed, the change merged into the Linux kernel on Friday will make pipe writes always wake up readers. Due to some Android libraries like Realm misusing the EPOLL interface, the pipe change at the end of 2019 ended up breaking some Android apps.

      • Linux’s FWUPD Expands Poly High-End Web Camera Support – Phoronix

        For those looking to purchase a high-end Linux-friendly web camera for your home office or other environment, there are a few more options now compatible with Linux’s fwupd if interested in having the capability of updating the camera firmware under Linux.

        FWUPD has had support for updating firmware on the Poly Studio P30 web camera while now it’s been expanded to handle additional Poly web cameras. This expanded Poly support can be found with the new FWUPD 1.5.12 release.

      • More RT Code Out For Review, RT Patches Updated Against Linux 5.14 – Phoronix

        The real-time (RT) patches for the Linux kernel still appear a ways off from mainline but at least there is movement on this important patch series for embedded and other use-cases needing real-time support.

        While mainlining the long out-of-tree Linux “RT” patches has been brought up many times in recent years, earlier this year the developers noted the mainlining has been held up by a lack of funding in getting the patches across the finish line. The PREEMPT_RT “development and maintenance is currently stalled” at least as was the case earlier this year but does seem to be loosening up a bit now.

    • Applications

      • 5 Popular Free And Open Source Project Management Tools

        Managing a project of any type is not an easy task. It involves resources planning, task assignment, following schedules and assuring everyone sticks to the deadline. Remote work became much more interesting after the COVID-19 crisis, which made it hard for project managers to coordinate and manage team members all over the world.

        This is why project management tools are essential in 2021.

        Several open source project management tools have matured enough to be able to compete with proprietary software. Being fully customizable and supported by the community is an important feature in open source PM tools since every project is unique in its core, and both the projects manager and his tools should be as adaptive as possible to avoid failure.

        Today, we’ll check some of the best open source project management programs in the market.

    • Instructionals/Technical

      • What Does ‐‐ (double dash) Mean In SSH Shell Command?
      • How To Install Craft CMS on Ubuntu 20.04 LTS – idroot

        In this tutorial, we will show you how to install Craft CMS on Ubuntu 20.04 LTS. For those of you who didn’t know, Craft CMS is a free and open-source content management system written in PHP and based on the Yii framework. It is very popular due to its performance and full control of CMS. It is a secure and scalable CMS and comes with a lot of plugins that help you to customize your website easily.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Craft content management system on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • My website now shows an icon next to all external links | Hund

        My website now shows an icon next to all external links. I thought it would be a good idea on a website like mine, where there’s a lot of links to both internal and external sources.

      • How To Install ArangoDB on CentOS 8 – idroot

        In this tutorial, we will show you how to install ArangoDB on CentOS 8. For those of you who didn’t know, ArangoDB is an open-source NoSQL database manager and provides all the database features that are needed for a modern web application. ArangoDB does not use the traditional data storage system as in MySQL or PostgreSQL. It is specially designed for being high-performance, open-source, and easily scalable.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the ArangoDB NoSQL database on a CentOS 8.

      • How to Install Linux Mint Apps (Hypnotix, Webapp-Manager, etc) via PPA in Ubuntu | UbuntuHandbook

        The Linux Mint team introduced many great new apps in recent releases. And now an Ubuntu PPA is available that contains these apps for all current Ubuntu releases.

        Without adding Linux Mint repository and setting the priority, an Ubuntu PPA is good choice to install or receive the package updates.

        And ‘Butterfly’, a top contributor of Linux Mint project on launchpad, maintains the PPA repository with packages so far for Ubuntu 18.04, Ubuntu 20.04, Ubuntu 21.04, and Ubuntu 21.10 support.

      • DHCPv6 prefix delegation with systemd-networkd | Major Hayden’s Blog

        My home internet comes from Spectrum (formerly Time Warner Cable) and they offer IPv6 addresses for cable modem subscribers. One of the handy features they provide is DHCPv6 prefix delegation.

      • How to install your own WireGuard Server in under five minutes

        Whether you want to hide your identity from prying eyes or access content blocked by geo-restrictions, running a WireGuard server is an excellent solution to run your own VPN server.

      • How to install HAProxy on FreeBSD – Unixcop

        HAProxy, as is name suggest, is a proxy server and a load balancer for provide high availability. In this article first I will show how to install HAProxy in FreeBSD. Next we will set up to act as a reverse proxy.

      • What Is Podman And How To Install Podman In Linux – OSTechNix

        This guide explains what is Podman, its features, difference between a Podman container and an image, and how to install Podman in Linux operating systems.

      • How to Create a Linux VPS Server on Kamatera

        his article is going to explain how to create a Linux VPS (Virtual Private Server) on Kamatera, so you can run your own email server and website.

        ScalaHosting vs Kamatera

        In a previous tutorial, I explained how to create a Linux VPS server on Scalahosting, which is my recommended hosting provider for running email servers, because it has the best IP reputation. However, Scalahosting plans start at $26/month (2 CPUs, 8GB RAM). It’s a bit expensive for some folks since they don’t need that much RAM to get started.

        If your business depends on email, I still recommend ScalaHosting, because it will you better email deliverability. If you are short of money, then you can choose Kamatera VPS hosting, which starts at $4/month (1 CPU, 1GB RAM) and you will get one month for free.

        I have email servers on both hosting providers and I will share my experience in Kamatera with you.

      • January 25 – Day 1 – Raspberry Pi Cross Compilation Toolset | mddionline.com

        Today’s discussion will focus on building a Linux environment that will support the Raspberry Pi 4B C language cross-compilation process.

      • 7 Tips to Customize the Look of Your Linux Terminal

        The terminal emulator plays an integral part in a Linux system, and many users like to change its theme for a customized presentation. Users prefer a quick makeover within their Linux distribution. With a few tweaks, you can change the entire appearance of the terminal window.

        Since you spend most of your time within the terminal, why not make it look like what you prefer. The graphical user interface (GUI) does not need any special commands for customization, so a quick reference guide like this should serve you well.

        Check out the following tips for a quick, seamless transition from your old dull and drab terminal to a customized, rustic look.

      • Scheduling tasks with systemd timers on Linux | FOSS Linux

        Systemd is a service and system manager comprised of a collection of tools to perform different system tasks. One such tool is systemd timers, whose primary purpose is to schedule and run tasks during startup or repeatedly after a system boot.

        Systemd timers are an alternative to the scheduler cron or anacron. For sysadmins, scheduling tasks play a crucial role in automating your system’s boring or difficult tasks. This article is an introductory guide to system timers, their structure, and configurations with real-world examples.

    • Games

      • You can get Delver, Tower of Time and more in the Humble RPG Heroes Bundle | GamingOnLinux

        It seems Humble Bundle are starting to ramp-up their game bundles again and they have another with the Humble RPG Heroes Bundle that has some great games inside.

        The bundle is on the smaller side though but even so, what’s there seems like a pretty good deal overall with some real indie gems included.

      • Using FSR To Boost Any Game’s Framerate on Linux

        Ever heard of the little war between AMD and Nvidia regarding upscaling technologies? Nvidia has DLSS (Deep Learning Super Sampling) and AMD has recently released FSR (FidelityFX Super Resolution).

        [...]

        On Linux, we have an extra opportunity to use FSR, without asking anyone to do anything. Proton already has a full screen hack upscaler included, which prevents Windows games from trying to change the current screen’s resolution. This hack instead uses a software upscaler pretending the resolution change is happening while remaining at the native monitor’s resolution. If an old game uses 800×600 as maximum resolution, the upscaler will fill your 1920×1080 screen by scaling up that tiny picture so that it fits in the larger monitor screen.

        Some folks have had the genius idea to simply replace the basic upscaler included in Proton by… AMD’s FSR! It makes it work out of the work on any game that uses Vulkan through ProtonGE – a benefit that Windows gamers can’t get for now!

        Of course, this is NOT how you are supposed to use FSR: ideally you want to apply FSR on a picture before the HUD and the post processing is applied, but still, it’s an acceptable usage of the upscaler, and provide massive performance boosts. You can see the video I published earlier today for Max Payne 3 and how much boost I can get from a meager Nvidia GTX 1060 3GB (with 470.x drivers), without much visual information loss (Using Proton-6.13-GE-1).

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • KDE’s HiDPI Scaling Support For X11 Is Getting Into Better Shape

          While KDE on Wayland has generally enjoyed good HiDPI support, it’s now taken until 2021 for KDE’s X11 HiDPI support to be in a position of greater usability after evolving over the years.

          With KDE Frameworks 5.85, when using a high DPI scaling factor on X11 with the default Plasma scaling system, task manager icons, system tray icons, and tool button icons are now displayed the correct size. But this isn’t “the end” as there still are issues being tackled with some elements being too small and the like. At least more of the KDE desktop is behaving correctly under X11 with the HiDPI scale factor.

        • Which Linux Desktop Should You Use? KDE vs. GNOME

          One of the first things you learn about Linux is that what you see on your screen doesn’t always match what you see on someone else’s. The interface, the way you interact with your PC, is often completely different even though you’re both using the same operating system.

          Windows and macOS both have one interface or desktop environment. Linux has many, and two of the most popular are KDE and GNOME. But how do you choose between them?

        • Instructions: Cut videos with Kdenlive on Linux and Windows [Ed: Automated translation]

          A small clip for social media, a YouTube video about the last big trip, the hobby or even short film projects: the open source software Kdenlive is a versatile video editor that can be used to create very different videos. Getting started is pleasantly easy And if you want, you can also build small animations, add a subtitle track to the video and render it in the appropriate format for the desired publication platform.

          Lots of effects and transitions provide variety, a library saves clips that are used frequently so that they are quickly available in all projects. Generators produce clips with a countdown, white noise, or a test pattern. The Kdenlive user interface can be adjusted in detail so that everything goes quickly when editing video.

        • My Work on Documentation (June/July)

          After two month in documentation I can tell you this: documentation in general is quite alive and kicking. :) From the outside you might see outdated content here and there, but there are quite a few people working on improving that. Of course, as most things, it is a never-ending effort and every helping hand is appreciated. If you are interested in helping, please talk to us on our mailing list. One of the more time-consuming tasks is currently porting documentation from TechBase to the new Developer Portal. It’s basically copy&paste with some adjustments, so volunteers welcome :)

          For me the time flew by blazingly fast. In the beginning … there was Akademy, the first conference for me. It meant getting up at 7 to go to work, joining Akademy when I came back home and staying up till midnight or longer for the last talks or events to finish. Processing and carving out the outcome of the three documentation BoF sessions is still on my todo list.

          In the time before and since Akademy, I have been busy reading through several years of documentation improvement planning backlog and fixing lots of smaller issues in existing docs in the wikis and on the new Developer Portal. This also included cleaning up some outdated content (EBN has been decommissioned) and proofreading other people’s documentation-related merge requests when asked to do so.

          Unfortunately, my first contribution to one of the website’s Git repositories is still unmerged at the time of writing. I blame me for that not keeping track of my own merge requests. But it also shows one of the things we need to put more effort into: closing merge requests (one way or another). Also, check your own merge requests once in a while.

    • Distributions

      • Linspire-based Linux distro Freespire embraces cloud apps with ‘an entirely new direction’
      • Freespire 7.7 Released with Xfce 4.16 and Kernel 5.4

        Freespire 7.7 is here based on Ubuntu 20.04 LTS (Focal Fossa) and still does not incorporate any proprietary media codecs.

        Freespire is a desktop oriented Ubuntu-based Linux distro powered by Xfce. For those not in the know it is the open source equivalent of Linspire, but containing mostly libre / FOSS components. It contains many of the same software packages as Linspire, but it strictly follows the Free and Open Source Software philosophy of providing only license-free software. So any Linspire packages that require the community-based Freespire developer team to purchase a license to redistribute the distro are left out.

      • Deepin vs. Ubuntu – which Linux distro is for you?

        Deepin Linux, a.k.a Deepin OS, is widely regarded as the most beautiful-looking Linux distro out there. In fact, it can even give proprietary OSes like Windows and macOS a run for their money in terms of looks and aesthetics. Furthermore, the distro’s focus on stability and ease of use gives Linux newcomers all the more reasons to fall in love with Deepin OS.

        Now, on the flip side, we have Ubuntu – a distro so popular that its name is synonymous with Linux to the outside world. Ubuntu is backed by a massive community, has access to almost all the major Linux software, and gives users a complete ready-to-use desktop experience right out of the box. This is why it’s our top pick for the best Linux distro for beginners.

        And this brings us to the question of the hour – which is the better distro? Deepin or Ubuntu? To answer that, we have put together a detailed overview giving you an in-depth look at the major differences between the two distros. By the end, you should have a clear idea of which Linux distro is best for your needs and requirements.

      • New Releases

        • MX Linux 21 Beta 1 Released: Here’s What’s New

          While the world’s busy trying out Windows 11, GNU/Linux users are busy distro-hopping. Developers, on the other hand, are busy with new distro releases. MX Linux, which stands first in Distrowatch’s distributions leaderboard, has a new beta release available for testing purposes.

          The Developers are calling it MX Linux 21 Beta 1. If you’re wondering what happened to MX Linux 20, the developers follow a year-based version number for major releases. In this article, let’s look at what’s new in the release.

        • 4MLinux 37.0 Distro Released, Powered by Linux Kernel 5.10 LTS with Reiser4 Support

          More than four months in development, 4MLinux 37.0 is here with support for more software that you can install via extensions, since this is a modular Linux distro. The new apps that you can install in this release are the Dmidecode tool for reading hardware-related data from SMBIOS, FluidSynth software synthesizer with VMPK (Virtual MIDI Piano Keyboard, HandBrake video transcoder, and qBittorrent BitTorrent client.

          Under the hood, there are even better news as 4MLinux 37.0 is powered by the long-term supported Linux 5.10 LTS kernel series, which has been patched to support the Reiser4 file system. This means that you should be able to install 4MLinux on a Reiser4 formatter drive, but also to handle such disk drives.

      • SUSE/OpenSUSE

        • Recently and soon in openSUSE #1

          Today (Saturday 31st of August, 17:00 UTC) is the third installment of the recently rejuvenated Community meetings! Taking place on Jist Meet, it will be an excellent opportunity to discuss and coordinate on solutions for improving things in the Project.

          One important topic will be openSUSE Membership, soon to be affected by the shutdown of connect-o-o.

      • IBM/Red Hat/Fedora

        • Dealing with burnout in open source [Ed: Sorry, IBM/Red Hat... but burnout is burnout and can happen to anybody, nothing to do with Free software ("open source"); this is as silly as your several articles about breakfasts for "open source people" (as if coding and software licences affect your diet). You've run out of topics. This Web site called Open Source dot com has become a lot of openwashing, IBM marketing and general non-tech articles being painted with the "open" crush to make it seem "tech".]

          Burnout is something you don’t expect to happen to you—until it does. The technology industry is one of the worst offenders; over 60% of industry professionals report they’ve experienced burnout. Sixty percent! Chances are, you or someone you know has dealt with it. How can we tackle such a staggering burnout rate if those who make decisions about mental health barely know what burnout is, never mind how to prevent it?

      • Canonical/Ubuntu Family

        • Monthly News – July 2021
        • Linux Mint 20.3 coming Christmas 2021

          Windows 11 is rumored to be released in October, and since it is already in the Beta Channel, that rumor seems plausible. So, yeah, Microsoft is sure to dominate headlines in the final quarter of the year.

          While a new version of Windows is surely exciting, that won’t be the only operating system getting a new version later in the year. You see, the Linux Mint developers have shared some exciting news about when version 20.3 of the Ubuntu-based distro will be available for download.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Haiku R1/Beta3 released

        Going from beta 2 to beta 3 is a giant leap if you haven’t been keeping up. Haiku is much farther along than people think, with the biggest drawback being, as always, that hardware support is going to be a mixed bag. Haiku is still every bit as clean, fast, and enticing as the original BeOS was over two decades ago, and I’ve scored two junkyard office PCs to see if I can get a proper Haiku box running.

      • Web Browsers

        • Mozilla

          • Mozilla VPN Review [Ed: One paragraph before last shows that Mozilla does not actually do VPN; it’s a reseller for some dodgy company, reusing the Firefox brand to sell a bunch of crap or upsell (likely bogus privacy or a ticking time bomb)]

            Mozilla VPN protects your privacy, and your subscription fee supports a proponent of a free internet. It’s a simple service for anyone who needs a virtual private network, but it offers no bonus privacy tools beyond the VPN.

            [...]

            Mozilla VPN is not, strictly speaking, wholly a Mozilla project like Firefox. Instead of building and maintaining the infrastructure required for a consumer VPN, Mozilla found another company to partner with. During Mozilla’s earliest forays into the world of VPNs, Mozilla courted Editors’ Choice-winner ProtonVPN.

      • SaaS/Back End/Databases

        • MySQL data types: Know the ones to use and how

          When creating a table in a database, it should have both a name and a data type. A column’s data type defines the values the column holds, such as integer, money, binary, character, date, and time. Therefore, it is a developer’s task to determine which data types will be stored in each column while creating databases and tables.

          In simple terms, data types are guidelines that aid SQL in understanding what type of data is required inside a column. It is also efficient in identifying how SQL interacts with the stored data.

          A point to note is that data types might contain different names in different databases, and in cases where the names are the same, other aspects and details such as size will differ. Therefore, it is recommended that you always refer to documentation whenever you encounter similar cases.

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • Security

          • Chris Lamb: Free software activities in July 2021

            One of the original promises of open source software is that distributed peer review and transparency of process results in enhanced end-user security. However, whilst anyone may inspect the source code of free and open source software for malicious flaws, almost all software today is distributed as pre-compiled binaries. This allows nefarious third parties to compromise systems by injecting malicious code into ostensibly secure software during the various compilation and distribution processes. The motivation behind the Reproducible Builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.

            [...]

            As part of my role of being the assistant Secretary of the Open Source Initiative and a board director of Software in the Public Interest I attended their respective monthly meetings. As outlined in last months posts, however, my term on the OSI board has been slightly extended due to the discovery of a vulnerability in OSI’s recent election — as a result, the 2021 election is currently being re-run.

          • Aaron Portnoy – ‘There’s no silver bullet for ransomware or supply chain attacks’ [Ed: When you receive packages from Microsoft/GitHub/NPM you're basically begging for malware. Not just PRISM; Microsoft literally brings people from the NSA to run GitHub/NPM.]
          • This Week In Security: Fail2RCE, TPM Sniffing, Fishy Leaks, And Decompiling | Hackaday

            Fail2ban is a great tool for dynamically blocking IP addresses that show bad behavior, like making repeated login attempts. It was just announced that a vulnerability could allow an attacker to take over a machine by being blocked by Fail2ban. The problem is in the mail-whois action, where an email is sent to the administrator containing the whois information. Whois information is potentially attacker controlled data, and Fail2ban doesn’t properly sterilize the input before piping it into the mail binary. Mailutils has a feature that uses the tilde key as an escape sequence, allowing commands to be run while composing a message. Fail2ban doesn’t sanitize those tilde commands, so malicious whois data can trivially run commands on the system. Whois is one of the old-school unix protocols that runs in the clear, so a MItM attack makes this particularly easy. If you use Fail2ban, make sure to update to 0.10.7 or 0.11.3, or purge any use of mail-whois from your active configs.

          • Ransomware Changes: DoppelPaymer Rebrands; Babuk Evolves

            One example is the DoppelPaymer – aka DopplePaymer – ransomware-as-a-service operation, which has gone relatively quiet since early May, posting no victims to its data leak site since May 6 and no leaked files since June 25. But one expert says the operation appears to have been rebranded by its operator, Evil Corp, in an attempt to avoid sanctions imposed on the crime group in December 2019 by the U.S. Treasury Department’s Office of Foreign Assets Control.

            The Babuk ransomware operation also recently appears to have altered its approach – if not splintered – following its late-April ransomware attack against the Metropolitan Police Department of Washington, D.C.

          • The Week in Ransomware – July 30th 2021 – €1 billion saved

            We also saw ransomware groups continue to innovate with LockBit 2.0 now using group policies to automate the deployment of their ransomware over a Windows domain.

            I shared what I know about the inner conflict of the Babuk ransomware gang…

          • Secure applications with Keycloak authentication tool [Ed: Is this journalism or "sales"?]
    • Finance

    • Civil Rights/Policing

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. [Meme] 70 Days of Non-Compliance

    António Campinos would rather fall on his sword than correct the errors or work to undo the damage caused by Team Battistelli, which is still at the EPO



  2. EPO “Board 28” Meeting: Imaginary Dialogue Between EPO President Campinos and the Chair of the Administrative Council, Josef Kratochvíl

    The EPO‘s chaotic state, which persists after Benoît Battistelli‘s departure, is a state of lawlessness and cover-up



  3. Links 16/9/2021: Linux Mint Has New Web Site, LibreOffice 7.2.1, KDE Plasma 5.23 Beta, and Sailfish OS Verla

    Links for the day



  4. If Git Can be Done Over the Command Line and E-mail, It Can Also be Done Over Gemini (Instead of Bloated Web Browsers)

    In order to keep Git lean and mean whilst at the same time enabling mouse (mousing and clicking) navigation we encourage people everywhere to explore gemini://



  5. Techrights Examines a Wide Array/Range of Gemini Clients/Browsers

    After spending many months examining an array of different types of software for Gemini (including but not limited to clients/browsers) we take stock of what exists, what's supported (it varies a bit), and which one might be suitable for use by geeks and non-geeks



  6. Links 16/9/2021: KStars 3.5.5 and Chafa 1.8

    Links for the day



  7. Trusting Microsoft With Security is a Clown Show

    A quick and spontaneous video about this morning's post regarding a major new revelation that reaffirms a longstanding trend; Microsoft conflates national security (back doors) with security



  8. IRC Proceedings: Wednesday, September 15, 2021

    IRC logs for Wednesday, September 15, 2021



  9. Microsoft Azure and Back/Bug Doors in GNU/Linux: Fool Me Once (Shame on You) / Fool Me Twice (Shame on Me)

    "Fool me once, shame on you; fool me twice, shame on me," goes the old saying...



  10. Deleted Post: “LibreOffice is Becoming Dominated by a Bunch of Corporates, and Has no Place for the Enthusiastic Amateur.”

    Chris Sherlock, an insider of LibreOffice, cautions about the direction of this very important and widely used project



  11. Links 16/9/2021: Unifont 14.0.01, LibreOffice on ODF 1.3, Mozilla Pushing Ads (Sponsored 'Firefox Suggest'), and Microsoft Pushes Proprietary Direct3D via Mesa

    Links for the day



  12. Links 15/9/2021: Another Azure Catastrophe and Darktable 3.6.1

    Links for the day



  13. Open Invention Network (OIN) Recognises a Risk Posed to Cryptocurrencies (Danger From Software Patents), But OIN Still Proposes the Wrong Solutions

    Square is joining OIN, but it's another example of banking/financial institutions choosing to coexist with software patents instead of putting an end to them



  14. IRC Proceedings: Tuesday, September 14, 2021

    IRC logs for Tuesday, September 14, 2021



  15. (Super)Free Software As a Right – The Manifesto

    "Software text has long been recognized as “speech”, and is covered under the very same copyright laws as conventional printed matter."



  16. Links 15/9/2021: Java 17 / JDK 17 Released and ExpressVPN Sold

    Links for the day



  17. Latest Public Talk (Over BigBlueButton) by Richard Stallman is Now Online

    This video has been released; it starts with an old talk and then proceeds to a new discussion (14 minutes from the start)



  18. Richard Stallman Is Not Surrendering His Free Speech

    The homepage of Dr. Stallman looked like this on Saturday, 20 years since the September 11 attacks in the US, noting that “[t]oday we commemorate the September 11 attacks, which killed President Allende of Chile and installed Pinochet’s murderous military dictatorship. More than 3,000 dissidents were killed or “disappeared” by the Pinochet regime. The USA operated a destabilization campaign in Chile, and the September 11, 1973, attacks were part of that campaign.”



  19. Twitter -- Like Google's YouTube -- is 'Hiding' Tweets From People Who Follow You

    So-called 'entertainment' platforms disguised as 'social' aren't the future of media; they need to be rejected



  20. How to Track the Development or Construction of the Techrights Web Site and Gemini Capsule

    Following some busy publication schedule (heavy lifting for weeks) we're stopping a bit or slowing down for the purpose of site (or capsule) 'construction'; here's a status update



  21. Links 14/9/2021: Libinput 1.19, Kali Linux 2021.3, and ExTiX Deepin 21.9

    Links for the day



  22. [Meme] [Teaser] EPO Management, Always Right

    The only permissible and allowable/exercise-able “Right” at the EPO is “Shut up and work”; if you strike, the dictator du jour will authorise a drone strike



  23. Recent Focus on Git, Gemini, and Upcoming Series About EPO Abuses

    Some updates about this past weekend's (and Monday's) work, which improves transparency and resilience ahead of the next 'blockbusters'



  24. Links 14/9/2021: Ubuntu 21.10 Kernel Freeze Thursday and Mailchimp (Spam) Bought

    Links for the day



  25. IRC Proceedings: Monday, September 13, 2021

    IRC logs for Monday, September 13, 2021



  26. Links 13/9/2021: Zink's Completion and 72% of Top 50 Steam Games Can Run on GNU/Linux

    Links for the day



  27. This Coming Saturday Richard Stallman Will Give His First Public Talk Since May

    Cordial headsup to Free/libre software aficionados; “Richard Stallman will be giving a talk in Kyiv, Ukraine, on Saturday, September, 18, titled Free Software and the GNU General Public License,” his Web site says. It’s noted here.



  28. Links 13/9/2021: GDB 11.1, Only 2 New Debian Developers in 2 Months

    Links for the day



  29. The Register Cannot Stop Trolling Linus Torvalds (It Recently Corrected Falsehoods in the Headlines, But No Lessons Have Been Learned)

    The media coverage about “Linux 5.15-rc1″ says a lot about the general agenda of many publications, such as The Register with Microsoft operatives inside it



  30. Links 13/9/2021: First Linux 5.15 Release Candidate and Fedora 35 Beta Tomorrow

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts