10.15.21

Gemini version available ♊︎

Links 15/10/2021: Pine64′s New PinePhone Pro and Ubuntu 22.04 LTS Codename

Posted in News Roundup at 1:08 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • The Dell Inspiron 15 3501 supports Linux

        With the Inspiron 15 3501, Dell has a 15.6-inch office laptop in its lineup with its technology housed in a slim, matte-black plastic case. The chassis lacks stability: The lid and the base unit in particular can be twisted a bit too much. The matte display (Full HD, IPS) offers stable viewing angles, good contrast, and decent color reproduction. However, the brightness and color-space coverage are too low.

        The built-in combination of the Core i7-1165G7 processor, 16 GB of RAM (dual-channel mode), and a 512 GB NVMe SSD (M.2 2230) equips the laptop for office and Internet applications. If the storage space isn’t enough, an additional 2.5-inch storage drive can be installed. You can also replace or expand the RAM.

    • Server

      • Google adds VM support to Anthos, admits not everyone is ready for containerised everything [Ed: Kubernetes becoming increasingly just an openwashing shim for proprietary software with back doors]

        Google has added support for workloads running in virtual machines to its Anthos hybrid Kubernetes platform.

        “While we have seen many customers make the leap to containerization, some are not quite ready to move completely off of virtual machines,” wrote Google Application Modernization Platform vice-presidents Jeff Reed and Chen Goldberg.

        “They want a unified development platform where developers can build, modify, and deploy applications residing in both containers and VMs in a common, shared environment,” the pair added.

    • Benchmarks

      • The “What If” Performance Cost To Kernel Page Table Isolation On AMD CPUs – Phoronix

        Made public this week by CPU security researchers at Graz University of Technology and CISPA Helmholtz Center for Information Security was the research paper published “AMD Prefetch Attacks through Power and Time”. The paper points to AMD CPUs suffering from a side-channel leakage vulnerability through timing and power variations of the PREFETCH instruction. The paper argues that AMD CPUs should activate stronger page table isolation by default. AMD has now published their security response where they are not recommending any mitigation changes at this time. But what if Kernel Page Table Isolation (KPTI/PTI) proves necessary for AMD CPUs? Here are some initial benchmarks showing what that performance impact could look like.

    • Applications

      • Excellent System Utilities: Pingnoo – traceroute/ping analyser

        Essential System Utilities is a series of articles highlighting essential system tools. These are small utilities, useful for system administrators as well as regular users of Linux based systems.

        The series examines both graphical and text based open source utilities. For details of all tools in this series, please check the table at the bottom.

        This article looks at Pingnoo, an open-source cross-platform application for analysing and measuring the round trip time (latency) between two hosts. It offers a graphical representation for traceroute and ping output.

    • Instructionals/Technical

      • 10 Things To Do After Installing Ubuntu 21.10

        Once you’ve installed Ubuntu 21.10 check out this list of post-install tasks, all designed to help improve your default Ubuntu experience.

        This is the latest instalment in our ‘things to do‘ series and, as always, it is written for those who want to use Ubuntu as it comes, not make foundational changes that affect the operating system’s overall stability.

        Those who try Ubuntu 21.10 and decide it’s not for them — which is fine; it’s not for everyone — should switch to an Ubuntu flavour (or, more dramatically, a different distro) that better suits their needs.

        All of the tasks listed below are there as a guide, not a rule book; don’t feel like you have to follow every item. Pick out the tips that make sense for you, and ignore anything that doesn’t.

        Finally, if there’s an essential ‘thing’ you do after you install Ubuntu that is not included on our list, do share it down in the comments for other readers to learn from!

      • Top 10 Things to Do After Installing Ubuntu 21.10 Desktop | UbuntuHandbook

        Everyone needs to tweak the default desktop environment before getting ready to work! And here are the top 10 things that I’ve done after installing Ubuntu 21.10 Impish Indri.

      • How to Upgrade to Ubuntu 21.10 From 21.04

        Here’s how you can upgrade from Ubuntu 21.04 to Ubuntu 21.10 “Impish Indri”.

      • Access AlmaLinux 8 remote desktop using Windows RDP – Linux Shout

        Do you want to use Windows 7/8/10/11 RDP to connect and access Almalinux 8 GUI remote desktop? Then here is the way to do that by installing XRDP.

        RDP is the in-built feature of the Windows operating system, however, on Linux, we don’t have this feature. But we can get this with the help of XRDP, an open-source implementation of remote desktop protocols developed by Microsoft.

      • How to Install Zoom in Debian-Based Linux Distros

        Zoom is one of the most popular applications for online meetings. Seeing its most significant user spike in 2020 during the COVID-19 lockdown, the communication platform integrates cloud video conferencing, media sharing, and real-time messaging into a simple application.

        Zoom has become a go-to software for hosting webinars, creating conference rooms, and organizing online meetings on all platforms including Linux distros.

        In today’s article, we present you with the quickest guide on how to install the latest version of Zoom on your Ubuntu machine. Not to worry, the same instructions apply to all Debian-based operating systems.

      • How to Install MATE Desktop 1.26 on Fedora 35 – LinuxCapable

        For those not familiar with MATE Desktop Environment, it is the continuation of GNOME 2. It is famous for being lightweight, fast, and stable that runs on Linux and most BSD operating systems. MATE is also an excellent choice for a lower-end system or those looking to remain efficient on system resources. The newest version of MATE Desktop includes Wayland support for a swathe of desktop components and applications.

      • How to Upgrade From Ubuntu 21.04 to Ubuntu 21.10 Impish Indri | UbuntuHandbook

        Ubuntu 21.10 officially released! Here’s what’s new and how to upgrade from the previous Ubuntu 21.04.

        Ubuntu 21.10, codenamed “Impish Indri”, is the new short-term release with 9 months support. It features Linux Kernel 5.13 with new hardware support. And it ships GNOME Desktop 40 with a redesigned activities overview screen. Workspaces are now arranged horizontally. Three-finger touchpad gestures are supported out-of-the-box to toggle overview and switch workspaces.

        For Ubuntu Server 21.10, it integrates OpenStack Xena, QEMU 6.0, PHP8, libvirt 7.6, Kubernetes, and Ceph with advanced life-cycle management tools.

      • How to Upgrade Ubuntu 21.04 to Ubuntu 21.10 Impish Indri – LinuxCapable

        Ubuntu has officially released the Ubuntu 21.10 codenamed Impish Indri. This has seen the introduction of GNOME 40 as the default desktop, and sadly GNOME 41 did not make the final cut. The release also introduces Linux Kernel 5.13 among new applications and other back-end performance improvements.

      • How to create database migration in Laravel – Anto ./ Online
      • How to install the Vidiot video editor on Linux

        Are you in need of a simple non-linear video editor for Linux? Consider checking out Vidiot. It’s a straightforward editor tool targeted at new users. It does basic things like compositing, changing speed, transitions, titles, and other essential things a user would want when editing.

        The Vidiot video editor works on Linux, and the developer has ported the program to Ubuntu and Debian via a downloadable DEB package. Additionally, the users can install the application via a standalone TarGZ archive and a Snap package via the Snap store. Here’s how to get it working on your Linux system.

      • How to install and configure docker In Centos 8 – Citizix

        Docker is an open source containerization platform. It enables developers to package applications into containers—standardized executable components combining application source code with the operating system (OS) libraries and dependencies required to run that code in any environment.

        Docker is a set of platform as a service products that use OS-level virtualization to deliver software in packages called containers. Containers are isolated from one another and bundle their own software, libraries and configuration files; they can communicate with each other through well-defined channels.

        In this guide we are going to explore various options to install docker in Centos 8…

      • How to install RPG Paper Maker on a Chromebook

        Today we are looking at how to install RPG Paper Maker on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

    • Desktop Environments/WMs

      • Effective Tips To Improve Linux Environment

        Many people have used the Windows environment for several years and before they migrate to Linux, they feel like they are in a different world. Linux was released in 1991 and has been a free, open-source OS that has gained immense popularity in the world of technology. It offers several benefits to the users but to enjoy better performance, you need to pay attention to Linux installation. Domain brokerage service experts have seen a rise in the number of buyers running their systems on a Linux environment. It is important to ensure that the environment runs smoothly and effectively so as to avoid any challenges to the crucial applications. Let us take a look at some tips to improve the Linux environment.

        There are several background elements and services running on every server in Linux. But all these components are not always necessary. Such extras will take up a lot of CPU and RAM space. It is best to incapacitate them with the startup script which starts the unnecessary services in the booting time. Once you disable the extra services, it is possible for you to make more memory space available, boost the performance of the OS, and cut the start-up time.

      • K Desktop Environment/KDE SC/Qt

        • KDE Plasma 5.23 Continues the Trend of Incremental Improvements

          The new KDE Plasma 5.23 release offers users a more beautiful Plasma desktop and immersive experience for its 25th Anniversary.

          Let’s start with some clarification: KDE Plasma 5.23 desktop environment has just been released, but if you were expecting a revolution in how you use your desktop, that is not the release for you.

          This release is mainly focused on small but very useful features and incremental improvements. And to be honest, it has done a brilliant job with this task. So let’s go through the updates.

        • Congrats KDE

          If you you like open source you embrace it fully and embrace that it is about freedom, and part of that freedom is to make a desktop for people that don’t mind options.. you like a different desktop with less options?, great we in open source also made that for you enjoy.. and a ton of other things in between, that is what is great about it.. freedom to experiment.. freedom to choose..

          The vast majority of the Designers in KDE do their work in their free time without any more compensation than an occasional thank you, back in my time we were no more than 2-3 people at any given time…

          Please stop comparing us to the likes of Apple and Microsoft, 2-3 designers can’t do the work that you expect from multiple hundreds ? The simple fact that sometimes we nail things better is bloody amazing.. so… Yeah… c’mon we do it for the users not to get random abuse online…

        • Kdenlive on TV for a main national Italian broadcaster

          Our beloved application was able to deliver the content keeping to a deadline (which on TV is always very tight), at the requested quality standard, and in the required format. Also, Kdenlive allowed us to quickly carry out a lot of the modifications the network asked for to better adjust the content to their internal policy.

          But this is not the end of our quest for quality and improvement, in fact, it is only the beginning. It is, however, a sign we are moving in the right direction. But we cannot carry on without you, our community. You help us improve, and we would love to share your recent productions with the world. Send us your work and help us and others learn how Kdenlive is being used and how the community is growing.

        • Kubuntu 21.10 Impish Indri Released

          The Kubuntu Team is happy to announce that Kubuntu 21.10 has been released, featuring the ‘beautiful’ KDE Plasma 5.22: simple by default, powerful when needed.

          Codenamed “Impish Indri”, Kubuntu 21.10 continues our tradition of giving you Friendly Computing by integrating the latest and greatest open source technologies into a high-quality, easy-to-use Linux distribution.

          The team has been hard at work through this cycle, introducing new features and fixing bugs.

          Under the hood, there have been updates to many core packages, including a new 5.13-based kernel, KDE Frameworks 5.86, KDE Plasma 5.22 and KDE Gear 21.08.

    • Distributions

      • Screenshots/Screencasts

      • Arch Family

        • Arch Linux vs Ubuntu: which to choose?

          Arch Linux and Ubuntu are two major Linux distributions that both get a lot of attention, have dedicated fanbases, and are used base-distributions for other systems that are forked off of them… But, how they do things are quite different, and some users might find one more to their liking than the other.

          It’s no secret to anyone who has followed previous articles I’ve written on Ghacks, that I love Arch Linux and its derivatives… But, that’s not to say that Ubuntu and Ubuntu-based systems are something I don’t use. Actually, I have multiple Ubuntu systems running as I write this, and zero Arch based systems. I use Ubuntu as a server distribution right now, on three different servers. I love the APT system for package management, and I find Ubuntu stable and secure, with a huge support community for any issues I may face.

      • IBM/Red Hat/Fedora

        • My Fedora Linux home network part 1 – the data server

          The following article is the first of a series about how I’ve used the Fedora Linux operating system to create a home network. My goal is to demonstrate a few ways that Fedora Linux can be useful to a home user or a Small Office / Home Office (SOHO) user and to encourage more people to test, implement and use Fedora Linux. There is also demand in the workforce for Information Technology (IT) professionals who are ready to step into duties that require familiarity with Linux. With Linux, you can start without big investments. You can use what equipment you have and grow with your idea

        • A new conceptual model for Fedora

          It’s no news now that Fedora has a new logo, and what you may not realize is that we do not have a new website – when we began the new logo rollout process, we simply updated the logo in-place on our pre-existing website.

          The thing is – and this is regardless of the underlying code or framework under-girding the website, which I have no issues with – the messaging and content on the current getfedora.org website has not kept pace with the developments, goals, and general narrative of the Fedora project. We have a lot of different initiatives, developments, and collaborations happening at what I find at times is a dizzying pace that is challenging to keep up with. The number of different fronts that Fedora development takes place on and the low, technical level they occur at makes it difficult to understand the big picture of what exactly Fedora is, and why and how would one want to use it.

        • 3 ways to manage RPG character sheets with open source

          It’s that time of year again for gamers everywhere.

          Tomorrow is Free RPG Day, a day when publishers across the tabletop role-playing game industry release games for players both new and experienced, and they’re all completely free. Although Free RPG Day was canceled in 2020, it’s back this year as a live event with some virtual support by way of free RPG sampler downloads from Dungeon Crawl Classics and Paizo. And if the event’s virtual offerings aren’t enough, you might check out my list of open source tabletop RPGs.

          Over the past two years, like most people, I’ve been playing my tabletop games online. I use open source video conferencing and some shared mapping software. Don’t get me wrong: I love my pen and paper for analog games. To this day, I rarely leave home without my 2E5 quad book so I can sketch out dungeon maps on the go. But I find my computer desk gets pretty cluttered between RPG sourcebooks, splat books, random tables, dice tower, dice, and character sheets. To clear some space, I’ve recently adopted a digital system for my character sheets, for both my player characters and non-player characters when I DM.

        • Reach your open source community with content marketing [Ed: IBM has totally lost direction; this is how they think of Free software...]

          Both startups and more established firms are increasingly turning to content marketing as a way of reaching prospective customers.

          However, corporate marketers often consider the open source software (OSS) community a challenge to reach. This article features ways your technology and content marketing teams can work together to target and reach the community around an OSS project your organization supports.

        • Why digital transformation demands a change in leadership mindset

          Recently a key retail executive forecast that their industry will change more in the next five years than it has in the past fifty. Another executive believes society will change more in the next fifty years than it has in the last three hundred. A recent headline declared that, “We are approaching the fastest, deepest, most consequential technological disruption in history”, and Ray Kurzweil, Google’s Director of Engineering and co-Founder of Singularity University, has said that there will be fourteen internet size revolutions in the next decade. Whichever way you look at it, things are shifting… fast.

          When you speak with the visionaries and entrepreneurs actually building the solutions of tomorrow, from on-demand retail to vertical farms, and ask how far into this new era we are, almost universally the reply is: “only one percent”. Imagine then, where we will be ten years from now? How about 50?

          Major industries, from medicine to energy to travel to entertainment, are radically transforming, putting pressure on others such as manufacturing, construction, transportation, finance, education…frankly, all of it. What an extraordinary opportunity this presents.

        • DevSecOps lessons learned during a pandemic | The Enterprisers Project

          As we’ve seen over the past year and a half, the pandemic has accelerated digital transformation and forever changed workplace culture. Increased reliance on digital tools has elevated the value of DevSecOps, as enterprises of all sizes and across all industries realize the importance of automating and integrating security at every phase of the software development lifecycle – from initial design through integration, testing, deployment, and product delivery.

          My engineering team was no exception to this shift – we had to quickly prepare to build a new Virtana SaaS platform and deliver several new modules, all while working remotely.

          Here I’ll share some observations, pain points, and lessons learned to help others intelligently embrace DevSecOps best practices within their teams.

      • Devuan Family

        • Devuan debuts version 4.0 – as usual without a hint of the hated systemd

          The team of self-described “veteran Unix admins” who opposed Debian’s adoption of systemd instead of sysvinit init, have released a fourth version of their alternative Linux distro, “Devuan”.

          Devuan Chimaera 4.0 is based on Debian 11.1, and version 5.10 of the Linux Kernel. That version of the kernel enjoys long-term support until 2026, and Debian 11.1 will also be tended to until that year. Devuan’s devs are clearly thinking long-term!

      • Canonical/Ubuntu Family

        • Ubuntu 22.04 LTS Codename is a Jolly Good Choice

          The new name was posted on Launchpad, home of Ubuntu development, as is tradition. But what does the codename tell us? Can we glean anything from this mercurially minded moniker?

          Jammy is an interesting adjective. Broadly speaking it means to be filled with jam (what American’s call jelly) or something that has the consistency of jam. But the word ‘jammy’ is also used informally in the UK to mean someone or something that is very lucky or fortunate, e.g., “that jammy cat had an extra plate of milk!”.

        • Ubuntu 21.10 Impish Indri Released with Flavors Download Links, Mirrors and Torrents

          Congratulations to Ubuntu community, finally Ubuntu 21.10 Impish Indri released Thursday, 14 October 2021! This latest operating system is released for Desktop, Server, and Internet of Things computers. Canonical published all information at its official website. However, this article will help you to download Ubuntu including Flavors from Kubuntu to Kylin, verify their checksums, make bootable medium, and install it to your machine.

        • Canonical launches Ubuntu 21.10 for desktop and server

          The latest version of the world’s most popular Linux distribution, Ubuntu 21.10, codenamed ‘Impish Indy’, has landed on Canonical’s download channels.

          The highlight of the release is the inclusion of GNOME 40 as the default desktop environment, bringing aboard a horizontal workspace switcher and application launcher, and also a set of new touchpad gestures.

        • Canonical Releases Ubuntu Linux 21.10 Impish Indri
        • Ubuntu 21.10 Available, News and Download

          We are launching today and to crown the day, here is Ubuntu 21.10 ‘Impish Indri’ , a new intermediate version of «the distribution of the people» that … does not point ways, no sir. But let’s go in parts.

          Ubuntu 21.10 is the run of Ubuntu 21.04 ‘Hiruste Hippo’ launched last April and like this one, whose cycle ends next January, will consist of only nine months of support, although the upgrade procedure to the next Ubuntu version will be ready quite a bit. before that time comes.

          What’s new in Ubuntu 21.10

          Among the general news of Ubuntu 21.10, extendable to the rest of the family, is the kernel Linux 5.13 and Mesa 21.2 as prominent components. In the case of Ubuntum, in addition, Wayland is maintained by default even when using the proprietary Nvidia drivers, as this version comes with that support ready.

          Ubuntu 21.10 also stands out for finally dressing GNOME 40 and although GNOME 41 came out recently, it is not enough to ask the distro not to adopt it. Now that could have been prepared because time to spare, too. But it’s not a bad deal either. In fact, with GNOME comes almost all the new features at the desktop level.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • ThreatMapper: Open source platform for scanning runtime environments – Help Net Security

        Deepfence announced open source availability of ThreatMapper, a signature offering that automatically scans, maps and ranks application vulnerabilities across serverless, Kubernetes, container and multi-cloud environments.

      • Web Browsers

        • Mozilla

          • Jan-Erik Rediger: Fenix Physical Device Testing

            The Firefox for Android (Fenix) project runs extensive tests on every pull request and when merging code back into the main branch.

            While many tests run within an isolated Java environment, Fenix also contains a multitude of UI tests. They allow testing the full application, interaction with the UI and other events. Running these requires the Android emulator running or a physical Android device connected. To run these tests in the CI environment the Fenix team relies on the Firebase test lab, a cloud-based testing service offering access to a range of physical and virtual devices to run Android applications on.

            To speed up development, the automatically scheduled tests associated with a pull request are only run on virtual devices. These are quick to spin up, there is basically no upper limit of devices that can spawn on the cloud infrastructure and they usually produce the same result as running the test on a physical device.

          • CTCFT 2021-10-18 Agenda

            After the CTCFT this week, we are going to try an experimental social hour. The hour will be coordinated in the #ctcft stream of the rust-lang Zulip. The idea is to create breakout rooms where people can gather to talk, hack together, or just chill.

          • Hacked! Unravelling a data breach

            The bottom line: If you get snagged in a data breach, tie up any loose threads quickly to protect yourself, and stay on top of monitoring your accounts for suspicious activity.

          • Dyn async traits, part 5

            If you’re willing to use nightly, you can already model async functions in traits by using GATs and impl Trait — this is what the Embassy async runtime does, and it’s also what the real-async-trait crate does. One shortcoming, though, is that your trait doesn’t support dynamic dispatch. In the previous posts of this series, I have been exploring some of the reasons for that limitation, and what kind of primitive capabilities need to be exposed in the language to overcome it. My thought was that we could try to stabilize those primitive capabilities with the plan of enabling experimentation. I am still in favor of this plan, but I realized something yesterday: using procedural macros, you can ALMOST do this experimentation today! Unfortunately, it doesn’t quite work owing to some relatively obscure rules in the Rust type system (perhaps some clever readers will find a workaround; that said, these are rules I have wanted to change for a while).

      • Productivity Software/LibreOffice/Calligra

        • LibreOffice 7.2.2 for Slackware-current is available

          LibreOffice Community Edition 7.2.2 was released yesterday and I have uploaded a new set packages for Slackware-current.

          The document conversion libraries have been split off and made available via the Document Liberation Project : documentliberation.org . It is the home for a growing community of developers ‘united to free users from vendor lock-in of content‘. Software like Calligra, Inkscape and Scribus also make good use of the document format conversion capabilities these libraries offer.

      • Programming/Development

        • Josef Strzibny: Organizing business logic in Rails with contexts

          Rails programmers have almost always tried to figure out the golden approach to business logic in their applications. From getting better at object-oriented design, to service objects, all the way to entirely new ideas like Trailblazer or leaving Active Record altogether. Here’s one more design approach that’s clean yet railsy.

        • Status update, October 2021

          On this dreary morning here in Amsterdam, I’ve made my cup of coffee and snuggled my cat, and so I’m pleased to share some FOSS news with you. Some cool news today! We’re preparing for a new core product launch at sr.ht, cool updates for our secret programming language, plus news for visurf.

          Simon Ser has been hard at work on expanding his soju and gamja projects for the purpose of creating a new core sourcehut product: chat.sr.ht. We’re rolling this out in a private beta at first, to seek a fuller understanding of the system’s performance characteristics, to make sure everything is well-tested and reliable, and to make plans for scaling, maintenance, and general availability. In short, chat.sr.ht is a hosted IRC bouncer which is being made available to all paid sr.ht users, and a kind of webchat gateway which will be offered to unpaid and anonymous users. I’m pretty excited about it, and looking forward to posting a more detailed announcement in a couple of weeks. In other sourcehut news, work on GraphQL continues, with paste.sr.ht landing and todo.sr.ht’s writable API in progress.

          Our programming langauge project grew some interesting features this month as well, the most notable of which is probably reflection. I wrote an earlier blog post which goes over this in some detail. There’s also ongoing work to develop the standard library’s time and date support, riscv64 support is essentially done, and we’ve overhauled the grammar for switch and match statements to reduce a level of indentation for typical code. In the coming weeks, I hope to see date/time support and reflection fleshed out much more, and to see some more development on the self-hosted compiler.

          [...]

          The goal of this project is to provide a conservative CSS toolkit which allows you to build web interfaces which are compatible with marginalized browsers like Netsurf and Lynx.

        • Perl/Raku

          • Monthly Report – September

            The month of September is very special to me personaly.

            Why?

            Well, I got married in the very same month 18 years ago. The best part is, I choose the day 11 to get married. I have never missed my wedding anniversary, thanks to all the TV news channel.

          • My Favorite Warnings: uninitialized | Tom Wyant [blogs.perl.org]

            This warning was touched on in A Belated Introduction, but I thought it deserved its own entry.

            When a Perl scalar comes into being, be it an actual scalar variable or an array or hash entry, its value is undef. Now, the results of operating on an undef value are perfectly well-defined: in a nuneric context it is 0, in a string context it is ”, and in a Boolean context it is false.

            The thing is, if you actually operate on such a value, did you mean to do it, or did you forget to initialize something, or initialize the wrong thing, or operate on the wrong thing? Because of the latter possibilities Perl will warn about such operations if the uninitialized warning is enabled.

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • Client-side content scanning as an unworkable, insecure disaster for democracy • The Register

          Fourteen of the world’s leading computer security and cryptography experts have released a paper arguing against the use of client-side scanning because it creates security and privacy risks.

          Client-side scanning (CSS, not to be confused with Cascading Style Sheets) involves analyzing data on a mobile device or personal computer prior to the application of encryption for secure network transit or remote storage. CSS in theory provides a way to look for unlawful content while also allowing data to be protected off-device.

          Apple in August proposed a CSS system by which it would analyze photos destined for iCloud backup on customers’ devices to look for child sexual abuse material (CSAM), only to backtrack in the face of objections from the security community and many advocacy organizations.

          The paper [PDF], “Bugs in our Pockets: The Risks of Client-Side Scanning,” elaborates on the concerns raised immediately following Apple’s CSAM scanning announcement with an extensive analysis of the technology.

        • Vivaldi Adblock is mostly Adblock Plus and ublock-origin.

          The Vivaldi browser has a built-in ad blocker.

          However, the company hasn’t been extremely forthcoming about how it works.

          However, it seems to accept any list in adblock plus format, and Vivaldi seems to have implemented Webkit Content Blockers as well.

          Vivaldi includes a list called “DuckDuckGo Tracker Radar”, which leads to what seems to be a Webkit Content Blocker format list mirrored by Vivaldi.

          In my testing, the DuckDuckGo Tracker Radar seems to largely duplicate what Fanboy’s Ultimate List already had in it.

          While Fanboy’s Ultimate List is not in Vivaldi by default, you can add it by going to Vivaldi Menu/Settings/Privacy, and then select “Block Trackers and Ads”, and then I would suggest de-selecting everything in both columns that Vivaldi defaults to having on, then clicking + under Ad Blocking Sources, then adding https://www.fanboy.co.nz/r/fanboy-ultimate.txt and then Import. It should tell you it brought in a bunch of ad blocking rules.

        • This week’s Windows 11 patch didn’t fix AMD performance woes • The Register

          Windows 11 received its first bundle of fixes this week, but AMD users hoping for respite from performance issues that have dogged their PCs were to be disappointed. In fact, for some, performance might have actually got a bit worse.

          It wasn’t the news AMD fangirls and fanboys were hoping for. After AMD noted performance issues with Microsoft’s latest operating system, a fix had been expected to drop during October. Alas, that fix didn’t turn up in this week’s first Cumulative Update for the GA code. In fact, according to hardware site TechPowerUp, things might have even deteriorated.

        • Microsoft’s first Windows “11” update addresses AMD CPU scheduling problems. Ends up making them worse. – BaronHK’s Rants

          Microsoft released their first “Windows 11” update.

          It was deployed to try to correct the AMD CPU problems that Windows “11” created on Ryzen, which tripled L3 CPU cache latency and slowed the processor down by an average of 15%.

          The update ended up making the problem worse. Doubling the cache latency from where it already was at launch.

          “Early adopters” of Microsoft’s latest broken operating system are seeing much worse performance than they were on Windows 10, even on the Intel side, as Microsoft’s “virtualization based security” was already wreaking havoc on video game performance.

        • Pseudo-Open Source

        • Security

          • White House ransomware summit calls for virtual asset crackdown, without mentioning cryptocurrency [Ed: They need to crack down on Microsoft Windows, instead; they use their NSA back doors as a ruse to protect big banks. Microsoft has infiltrated think tanks about ransomware, so now instead of tackling the security breaches themselves (which can lead to sabotage or worse) they treat it like a financial transaction issue.]

            The 30-nation gabfest convened under the auspices of the US National Security Council’s Counter-Ransomware Initiative has ended with agreement that increased regulation of virtual assets is required to curb the digital coins’ allure to criminals.

            A joint statement issued after the event’s conclusion opens with anodyne observations about the need for good infosec, international collaboration, and the benefits of private sector engagement.

            The first mention of concrete action comes in a section of the statement entitled “Countering Illicit Finance” – and while the document never mentions cryptocurrencies, it’s plain they’re a target.

            “Taking action to disrupt the ransomware business model requires concerted efforts to address illicit finance risks posed by all value transfer systems, including virtual assets, the primary instrument criminals use for ransomware payments and subsequent money laundering.”

          • Thingiverse suffers breach of 228,000 email addresses • The Register

            Thingiverse, a site that hosts free-to-use 3D printer designs, has suffered a data breach – and at least 228,000 unlucky users’ email addresses have been circulating on black-hat crime forums.

            News of the breach came from Have I Been Pwned (HIBP), whose maintainer Troy Hunt uploaded the 228,000 breached email addresses to the site after being tipped off to their circulation on the forums.

            Hunt claimed on Twitter that in excess of two million addresses were in the breach. He qualified that by saying the majority were email addresses that appeared to be generated by Thingiverse itself, judging from their format: webdev+$username@makerbot[.]com.

            HIBP’s maintainer also claimed that some of the data included poorly encrypted passwords: one he highlighted was an unsalted SHA-1 hash which resolved to the password “test123″.

          • Thingiverse Data Leaked — Check Your Passwords | Hackaday

            Every week seems to bring another set of high-profile data leaks, and this time it’s the turn of a service that should be of concern to many in our community. A database backup from the popular 3D model sharing website Thingiverse has leaked online, containing 228,000 email addresses, full names, addresses, and passwords stored as unsalted SHA-1 or bcrypt hashes. If you have an account with Thingiverse it is probably worth your while to head over to Have I Been Pwned to search on your email address, and just to be sure you should also change your password on the site. Our informal testing suggests that not all accounts appear to be contained in the leak, which appears to relate to comments left on the site.

          • New PureBoot Feature: Scanning Root for Tampering – Purism

            With the latest PureBoot R19 pre-release we have added a number of new changes including improved GUI workflows and new security features and published a ROM image so the wider community can test it before it turns into the next stable release. To test it, existing PureBoot users can download the R19-pre1 .rom file that corresponds to their Librem computer and flash it like any other PureBoot release.

            In this post I want to highlight a new experimental security feature we added in this release that will extend the tamper detection PureBoot already does with the boot firmware and the /boot directory into the main root file system. This will allow you to detect attacks that modify system binaries (like /bin/bash) with backdoored versions. I also want to give some background on this feature and my thought process behind it so people understand where I’m coming from and why I made the design decisions I did.

          • Privacy/Surveillance

            • We need to talk about digital ID: why the World Bank must recognize the harm in Afghanistan and beyond – Access Now

              With two of the world’s most influential power brokers meeting this week, what they failed to put on the agenda speaks volumes. Every year the World Bank and International Monetary Fund holds an annual summit to discuss the challenges and choices that determine whether we will have a sustainable and inclusive world. This year, they chose not to discuss digital identity programs, even though the World Bank itself funds and promotes these “Big ID” systems — including the systems the Taliban reportedly seized in Afghanistan. Instead of ignoring the urgent human rights concerns these systems raise, these international agencies should be doing everything in their power to prevent further rights abuse, marginalization, and exclusion.

              Consider what’s happening in Afghanistan today. The World Bank offered technical advice and promoted Afghanistan’s biometric digital identity program as part of its efforts to help women. But without sufficient human rights protections built in from the outset, a digital ID and its associated databases can be turned against the holder. Now, with the Taliban in charge, the very systems that were supposed to help women could make them more vulnerable. Those especially at risk: women human rights defenders, gender justice activists, and journalists.

    • Finance

    • Censorship/Free Speech

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. Jim Zemlin Has Deleted All of His Tweets

    The Linux Foundation‘s Jim Zemlin seems to have become rather publicity-shy (screenshots above are self-explanatory; latest snapshot), but years ago he could not contain his excitement about Microsoft, which he said was "loved" by what it was attacking. Days ago it became apparent that Microsoft’s patent troll is still attacking Linux with patents and Zemlin’s decision to appoint Microsoft as the At-Large Director (in effect bossing Linus Torvalds) at the ‘Linux’ Foundation’s Board of Directors is already backfiring. She not only gets her whole salary from Microsoft but also allegedly protects sexual predators who assault women… by hiring them despite repeated warnings; if the leadership of the ‘Linux’ Foundation protects sexual predators who strangle women (even paying them a salary and giving them management positions), how can the ‘Linux’ Foundation ever claim to represent inclusion and diversity?



  2. Microsoft GitHub Exposé — Part IX — Microsoft's Chief Architect of GitHub Copilot Sought to be Arrested One Day After Techrights Article About Him

    Balabhadra (Alex) Graveley has warrant for his arrest, albeit only after a lot of harm and damage had already been done (to multiple people) and Microsoft started paying him



  3. The Committee on Patent Law (PLC) Informed About Overlooked Issues “Which Might Have a Bearing on the Validity of EPO Patents.”

    In a publication circulated or prepared last week the Central Staff Committee (CSC) of the EPO explains a situation never explored in so-called 'media' (the very little that's left of it)



  4. Links 6/12/2021: HowTos and Patents

    Links for the day



  5. IRC Proceedings: Sunday, December 05, 2021

    IRC logs for Sunday, December 05, 2021



  6. Gemini Space/Protocol: Taking IRC Logs to the Next Level

    Tonight we begin the migration to GemText for our daily IRC logs, having already made them available over gemini://



  7. Links 6/12/2021: Gnuastro 0.16 and Linux 5.16 RC4

    Links for the day



  8. Links 5/12/2021: Touchpad Gestures in XWayland

    Links for the day



  9. Society Needs to Take Back Computing, Data, and Networks

    Why GemText needs to become 'the new HTML' (but remain very simple) in order for cyberspace to be taken away from state-connected and military-funded corporations that spy on people and abuse society at large



  10. [Meme] Meanwhile in Austria...

    With lobbyists-led leadership one might be led to believe that a treaty strictly requiring ratification by the UK is somehow feasible (even if technically and legally it's moot already)



  11. The EPO's Web Site is a Parade of Endless Lies and Celebration of Gross Violations of the Law

    The EPO's noise site (formerly it had a "news" section, but it has not been honest for about a decade) is a torrent of lies, cover-up, and promotion of crimes; maybe the lies are obvious for everybody to see (at least EPO insiders), but nevertheless a rebuttal seems necessary



  12. The Letter EPO Management Does Not Want Applicants to See (or Respond to)

    A letter from the Munich Staff Committee at the EPO highlights the worrying extent of neglect of patent quality under Benoît Battistelli and António Campinos; the management of the EPO did not even bother replying to that letter (instead it was busy outsourcing the EPO to Microsoft)



  13. IRC Proceedings: Saturday, December 04, 2021

    IRC logs for Saturday, December 04, 2021



  14. EPO-Bribed IAM 'Media' Has Praised Quality, Which Even EPO Staff (Examiners) Does Not Praise

    It's easy to see something is terribly wrong when the people who do the actual work do not agree with the media's praise of their work (a praise motivated by a nefarious, alternate agenda)



  15. Tux Machines is 17.5 Years Old Today

    Tux Machines -- our 'sister site' for GNU/Linux news -- started in 2004. We're soon entering 2022.



  16. Approaching 100

    We'll soon have 100 files in Git; if that matters at all...



  17. Improving Gemini by Posting IRC Logs (and Scrollback) as GemText

    Our adoption of Gemini and of GemText increases; with nearly 100,000 page requests in the first 3 days of Decembe (over gemini://) it’s clear that the growing potential of the protocol is realised, hence the rapid growth too; Gemini is great for self-hosting, which is in turn essential when publishing suppressed and controversial information (subject to censorship through blackmail and other ‘creative’ means)



  18. Links 4/12/2021: IPFire 2.27 Core Update 162 and Genode OS Framework 21.11

    Links for the day



  19. Links 4/12/2021: Gedit Plans and More

    Links for the day



  20. Links 4/12/2021: Turnip Becomes Vulkan 1.1 Conformant

    Links for the day



  21. IRC Proceedings: Friday, December 03, 2021

    IRC logs for Friday, December 03, 2021



  22. Links 4/12/2021: EndeavourOS Atlantis, Krita 5.0.0 Beta 5, Istio 1.11.5, and Wine 6.23; International Day Against DRM (IDAD) on December 10th

    Links for the day



  23. Another Gemini Milestone: 1,500 Active Capsules

    This page from Balázs Botond plots a graph, based on these statistics that now (as of minutes ago) say: “We successfully connected recently to 1500 of them.” Less than a fortnight ago more than 1,800 capsules overall were registered by Lupa, almost quadrupling in a single year



  24. [Meme] António Campinos and Socialist Posturing

    Staff of the EPO isn’t as gullible as António Campinos needs it to be



  25. António Campinos as EPO President is Considered Worse Than Benoît Battistelli (in Some Regards) After 3.5 Years in Europe's Second-Largest Institution

    The EPO's demise at the hands of people who don't understand patents and don't care what the EPO exists for is a real crisis which European media is unwilling to even speak about; today we share some internal publications and comment on them



  26. Media Coverage for Sale

    Today we're highlighting a couple of new examples (there are many other examples which can be found any day of the year) demonstrating that the World Wide Web is like a corporate spamfarm in "news" clothing



  27. Links 3/12/2021: GNU Poke 1.4 and KDDockWidgets 1.5.0

    Links for the day



  28. IRC Proceedings: Thursday, December 02, 2021

    IRC logs for Thursday, December 02, 2021



  29. Links 3/12/2021: Nitrux 1.7.1 and Xen 4.16 Released

    Links for the day



  30. Links 2/12/2021: OpenSUSE Leap 15.4 Alpha, Qt Creator 6

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts