Kubernetes is everywhere! In the public and private cloud, and from the enterprise to startups, the majority of IT executives around the world have explored Kubernetes, and how it has evolved the way many organisations are developing and deploying their applications. But what is scary about it, and how can organisations better leverage one of the greatest tools in the field while overcoming the biggest challenges facing CIOs when adopting Kubernetes?
[...]
Containers introduced a modern way to virtualise infrastructure that is more lightweight and focused on the cloud-native applications era. It allows users to divide up machines so that they can run multiple applications or OS instances on the same kernel and hardware while maintaining isolation among workloads. This ensures greater resource utilisation and shorter startup times by several orders of magnitude. Kubernetes, being the most widely used container orchestration tool, has largely simplified how organisations use containerised platforms for their applications.
I am THRILLED to announce a brand new collaboration featuring the amazing Nick from @The Linux Experiment! It's Games For Everyone, celebrating video games across all platforms
The "sched/core" scheduler updates landed on Monday into the Linux 5.16 kernel. Notable this pull request is the cluster-aware scheduling support.
The cluster scheduler support new to Linux 5.16 allows for enhancing the CPU scheduler's behavior for x86_64 and AArch64 having clusters of CPU cores that share an L2 cache or other mid-level resources.
The work was started to improve select 64-bit ARM SoCs like the Kunpeng 920 server chip with clusters of cores sharing an L3 cache. With the scheduler aware of the cluster topology it was able to make better scheduling decisions that improved the overall performance and efficiency of the system.
Microsoft has submitted their set of Hyper-V hypervisor updates today for the Linux 5.16 merge window. This time around it's noteworthy with the initial enablement work around Hyper-V "Isolation VM" support.
AMD today released Radeon Open eCosystem 4.5 (ROCm 4.5) as the latest version to their open-source GPU compute stack for Linux systems. ROCm 4.5 brings with it a number of new features and improvements but one area on the consumer Radeon side will leave some potential users frustrated.
First up when it comes to installing ROCm 4.5, they have added support for using the amdgpu-install / amdgpu-uninstall scripts just like the Radeon Software for Linux packaged driver. The amdgpu-install-based process aims to streamline the Radeon Open Compute install process and make it just like installing the packaged driver driver. It also makes it easy to uninstall too.
In all the hustle and bustle this year, I haven’t really made any blatherings here about the joys of using the Pi-Hole on my network-wide ad blocker. I installed this the “easy way” on a Raspberry Pi running Raspberry Pi OS. Since there isn’t a version that I can easily and quickly install on openSUSE, I went for the method I could deploy the quickest. I can testify that the Pi-Hole has been great, and more on that at another time.
For some time, the Web Interface was telling me that there was an upgrade available and since there wasn’t an easy button to make it happen, I put it off. Unfortunately, it wasn’t as easy as a remote secure shell into it and performing the update as written.
It’s pretty normal in many Organizations to use get servers to connect to Internet via a Proxy. In most cases it’s for updating apt-get or yum via proxy. However, quite often you might need to download packages directly using wget or curl and setting up apt-get or apt via proxy, wget via proxy, curl via proxy is a pain. What if you could simply setup a Proxy and just use any applications to use that using a simply command? I faced this many times and hence writing this guide. Note that if you’re only allowing apt-get via proxy then stick with configuring /etc/apt.conf or /etc/apt/conf.d/00proxy or something similar but if you need to allow different applications via a proxy then this method is best and simplest.
A couple of days ago I wrote a tutorial on how to do replication with MariaDB (or MySQL). This is a one-way replication: from master to slave; this means that the slave server receives the transactions form the master. But my client needs bidireccional replication, because we don’t know which server will receive the transaction and the same data has to be on both. Here I will show you how to configure master-master replication with MariaDB to achieve this.
Portainer is a program that helps you manage your docker containers. If you want to delete , stop, or restart a docker container; you can easily do so with the portainer user interface (rather than going SSH and typing all kinds of commands). You can adjust containers settings, manage resource, and manage from within inside the container to gain perspective.
Just think of Portainer as the GUI version to manage your containers compared to using CMD Line; while having powerful functions such as replication or amending containers on the go!
Also Portainer enables centralized configuration, management and security of Kubernetes and Docker environments, allowing you to deliver ‘Containers-as-a-Service’ to your users quickly, easily and securely.
In this article, we will install Portainer with Docker in CentOS 8
For designers want to check color contrast, there are a few handy little tools in Linux Desktop to do the job. Kontrast is the one designed for KDE though works on all Linux desktops.
GNOME has a stylish color contrast tool. Though it’s now in early stage which does not work well and freezes often at least in my case. Here I’ll introduce the KDE’s Kontrast.
If you’re reading this article, chances are, you’ve come across many different terms associated with the IP address on the internet.
In this article, we will cover the basic concepts and terms related to IP addresses that you’ve been wondering about. We will also explain how IP addresses work and where they fit into the big puzzle of the internet.
MongoDB is a free and open-source document-oriented database. Unlike relational databases, which store data in tables and require predefined schemas before adding new data, documents in MongoDB are unordered collections of key/value pairs with dynamic schemas (i.e., no fixed schema). As such, the same field can hold an integer, a string, or an object — it just depends on what you need for your application. Moreover, due to its dynamic nature, MongoDB works very well for storing JSON objects, making it great as a RESTful database.
While MongoDB supports secondary indexes, they are not required for every scenario. This means that reads may be slightly slower with MongoDB than some relational databases (because you need to read more fields from disk), but writes are generally faster because there is no index maintenance involved.
MongoDB is useful for any Linux user who needs to store and manage data (relational and unstructured), especially when you need scalability or high availability. The main reason that MongoDB is growing in popularity is that it provides the ability to store JSON documents, making it a great fit for hybrid Web applications that are used by both mobile clients (e.g., iPhone) and traditional desktop browsers (e.g., Firefox). Because these applications serve multiple client types with different data storage requirements, MongoDB can be an ideal fit because its schema-less design supports the dynamic nature of the data in these modern Web apps.
This tutorial I will show you how to install and configure the latest version DokuWiki CMS platform on Debian 9.2 release, in order to create online documentation websites.
DokuWiki is a free open source wiki application written completely in the PHP programming language and often deployed in Linux under Apache/Nginx web servers and PHP.
DokuWiki software platform requires no RDBMS SQL database to run. In exchange, it uses simple plain text files as backend in order to store all data. DokuWiki is a simple and flexible platform with a clean syntax that can be successfully used to deploy powerful and collaborative documentation websites.
Load Balancer falls under the EC2 service of AWS. A Network Load Balancer works at the fourth layer of the Open Systems Interconnection (OSI) model, the Transport Layer. It opens a TCP connection to the selected target on the port specified in the listener configuration. If there are unhealthy targets, then the Network Load Balancer stops routing requests to those unhealthy targets and starts sending the traffic to the healthy instances only in the same or different Availability Zone. Network Load Balancer supports static IP addresses, it allows registering targets by IP address i.e. targets outside the VPC of the load balancer can also be added, it scales to millions of requests per second. These are a few of the benefits of the Network Load Balancer. Network Load Balancer is also called a TCP Load Balancer as it works on TCP protocol.
In this tutorial, we will show you how to install MongoDB on Debian 11. For those of you who didn’t know, MongoDB is a NoSQL database that is simple, object-oriented, scalable, and dynamic database. It is also called a NoSQL database because it does not rely on a traditional table-based relational database structure. It stores data in JSON format instead of the table style method. It can be integrated easily with various programming languages.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the MongoDB NoSQL database on a Debian 11 (Bullseye).
In this tutorial guide we are going to install and configure Ruby on Rails on Rocky Linux 8.
Ruby on Rails is a server-side web application framework written in Ruby under the MIT license. Rails is model-view-controller framework providing default structures for databases, a web service and web pages. Ruby on Rails is used by notable organizations such Airbnb, GitHub, crunchbase, Bloomberg etc
Ruby on Rails is open source web development framework suitable for building dynamic web pages. Rails stands out among other web development frameworks because of its elegance, power and integrated approach to web applications.
Users want frequently used applications such as Email, Chat, and other productivity apps to automatically start when they log in to their devices. Auto-starting these apps at login streamlines the user experience as users don't have to manually start apps after logging into their devices.
The latest bundle of games is now available for the subscription service Humble Choice (formerly Humble Monthly) and it seems like quite a varied selection.
Here you pay for whatever tier you feel is the best value to get access to the Humble Trove (a ton of DRM-free games), a discount at the Humble Store and the ability to claim Steam keys (sometimes GOG keys) for multiple titles - the amount of which depends on what tier you buy into. As usual we shall tell you how you can expect each to run on Linux.
In the months since the KDE PIM July-August report there have been two patch releases for Kontact, and over 1400 changes made by more than 40 contributors have been integrated. Here are some of the highlights.
KOrganizer
A lot has happened over the last two months in KOrganizer development. First of all, Friedrich has been working on reviving the calendar decoration feature. This feature was introduced in 2007, but has since suffered from a lack of maintenance and multiple regressions.
Decorations allow you to display additional information inside the week view. Here is what it looked like back in 2007 when it was introduced.
We have Updated the MakuluLinux Droid ( android ) ISO, the new ISO contains all the new patches and fixes that have been developed over the last 2 months. If you already have Makulu Droid installed you already have the patches and therefore do not need to reinstall, However new users will now have these patches and new features upon new installation. You can grab the Makulu Droid from the Main menu above or in the download section.
Fedora 35 officially released for workstations, servers and spins. This release brings GNOME 41, KDE Plasma 5.23, new flavor and more. In this post we give you the things to look at and download/upgrade instructions.
The Fedora Project, a community-driven open source collaboration sponsored by Red Hat, Inc., today announced the general availability of Fedora Linux 35, the latest version of the fully open source Fedora operating system. The new features and enhancements in Fedora 35 are aimed at improving the overall experience for all levels of users - from beginner to advanced.
This release continues the Fedora Project's emphasis on delivering leading-edge open source technologies and includes updates spanning the Linux kernel to the desktop experience. Updates in Fedora 35 include...
The Fedora 35 release has been announced.
Today marks an exciting day as Fedora 35 has now been released, with WirePlumber as the default session manager for PipeWire! Under development by Collabora since 2019, and previously adopted in the automotive space by Automotive Grade Linux, WirePlumber has now officially entered the linux desktop space and is the recommended session manager to accompany PipeWire, with other distributions expected to follow very soon.
WirePlumber brings some new and interesting things to the desktop. Most notably, it introduces the ability to easily modify the overal behavior of PipeWire for different use cases, using Lua scripts. This allows power users as well as developers of use-case specific distributions or desktop environments to customize their multimedia experience and get the most out of PipeWire. Recently I gave a talk about how this Lua scripting mechanism works, which you can watch here.
Additionally, WirePlumber comes with a library that provides a high level object model to interface with objects in PipeWire, enabling application developers to more easily integrate PipeWire control functionality into their applications. This can help in transitioning away from the PulseAudio API in the forthcoming future, as most graphical applications like desktop environment sound settings dialogs and mixer applications are still using the PulseAudio API to interface with PipeWire.
Fedora 35 is now officially available and brings with it the GNOME 41 desktop environment, which has plenty of great improvements as usual.
After the release of the Fedora 35 beta at the end of September, Fedora 35 stable release is finally here with some exciting changes and improvements. This release continues the Fedora Project’s emphasis on delivering leading-edge open source technologies and includes updates spanning the Linux kernel to the desktop experience.
A couple of weeks after the beta release, Fedora 35 stable version has finally arrived! This version brings a few key improvements, many of which we will be looking at here.
Most notable of these improvements is the inclusion of the recently-released Gnome 41, accompanied by smaller upgrades such as Linux Kernel 5.14 and the completion of the transition to PipeWire.
Now, let’s have a look at some of these changes in brief along with some improvements introduced with Fedora 35.
Last week I participated the OpenPower Summit. I enjoyed it, even if I was on sick leave with a fever. There were many interesting talks, ranging from open source and education through Power10 to instruction development. All sessions were recorded. Hopefully recordings will also be shared, as I did not have the strength to visit all the sessions I wanted. And, as usual, some of the interesting talks were given in parallel.
The Linux Foundation's OS-Climate has announced that Airbus and EY have joined its cross-industry coalition seeking to accelerate the global transition to net zero through open data and open source decision-making tools for companies, investors, banks, and regulators. This follows the news in September that Red Hat (an IBM company) had joined and is contributing a world-class team of data scientists and developers to build the OS-Climate platform. Also announced is Airbus' contribution of a scenario analysis modeling platform to analyze the clean energy transition.
As modern digital infrastructure evolves towards cloud-native deployments and the hybrid multi-cloud, there is a growing need to simplify the operational complexity that results from the various layers of technology used in the process.
Modernizing the digital infrastructure presents significant challenges to operations (Ops) teams. In the old days, an Ops team used to be able to identify problems occurring in a given datacenter—and easily narrow it down to one box running mainly one application—with the whole infrastructure/application stack typically sourced through one vendor (sometimes two if the hardware is purchased separately).
Today, with the evolution into the hybrid multi-cloud environment, infrastructure is sourced through multiple vendors (on-premise private cloud), and applications typically live in multi-tenant environments (public or private clouds). So while the cloud-native infrastructure itself provides better redundancy and high availability capabilities, applications and services are still subject to all types of failures and hence the need for closed-loop automation solutions, both at the application and infrastructure levels.
As technology evolves, dated infrastructures can wreak havoc on businesses looking to scale their systems and operations. It is critical to have staff on board that are equipped to support the transition from legacy software to a platform that can handle an organization’s modern workload. Many organizations turn to microservices to increase scalability, time to market and DevOps agility.
While delivering on these promises, microservices architecture brings its own complexities to the table. Red Hat Training is dedicated to helping organizations and individuals develop and troubleshoot these applications using tools such as Apache Kafka and Red Hat AMQ Streams. We recently introduced a new training course, Developing Event-Driven Applications with Apache Kafka and Red Hat AMQ Streams (AD482), which teaches fundamental principles and features of these tools.
Red Hat and Intel are extending our long-standing collaboration to bring Industry 4.0 transformation to smart manufacturing and energy. By bringing together Red Hat’s expertise in open source software and Intel’s leading hardware architecture and software toolsets, we believe we can accelerate the efforts underway in the Industrial Control Systems (ICS) ecosystem across a range of use cases - thereby accelerating IT/OT transformation.
Pnmixer is not really a mixer, it is an alsa audio volume slider control for the systray. On my Lenovo PC, it has a "mute" checkbox that remains always ticked, even when audio is working. So, I have looked at alternatives... As Easy 3.1.3+ is now using pulseaudo and pipewire, I thought that a systray volume control designed to work with pulseaudio, rather than just alsa, would be the way to go. I found a couple; however, settled on 'volumeicon', which is only an alsa volume control.
I had previously compiled meson 0.59.2 in OE, then rolled back to 0.53.0, however, I did keep the 0.59.2 binary package, and have made it into a PET. That PET will be in the 'devx' SFS in the next release of EasyOS. With meson 0.59.2 in a running EasyOS, I was then able to compile the latest 'libcamera' and 'pipewire'. I have done that, and made them into PETs. They also will be in the next release of EasyOS. Well probably, it depends how successful setting up pipewire is. I have got is basically working, that will have to be the subject of a later blog post.
Pipewire does not replace pulseaudio, it uses the pulseaudio libraries. However, pipewire does completely replace 'jack'. Pipewire has /usr/bin/pipewire-pulse, which is a daemon that replaces the /usr/bin/pulseaudio daemon in the the pulseaudio package. I found that pipewire and pulseaudio must be configured to create a socket in the same path. So, if pipewire-pulse is running instead of pulseaudio daemon, applications such as 'pavucontrol' will recognise it.
Getting the latest version of a package into Debian involves checking when there are new versions available – fortunately (and not surprisingly) Debian has tools to make this simpler.
I have recently ran into the problem when an upstream beta version sorts higher than a newer non-beta version. Which is problematic, of course. This is due to Debian sorting something like 1.0b as later than a pure 1.0 version.
This month I accepted 341 and rejected 46 packages. The rejection is as high as last month. I hope everybody is aware that pressing just one key when accepting a package is much faster than writing an explanation why a package has to be rejected. Anyway, the overall number of packages that got accepted was 355.
This month I didn't have any particular focus. I just worked on issues in my info bubble.
Adlink unveiled a “AVA-3501” system used in the Indy Autonomous Challenge and announced a collaboration on 5G based C-V2X technology with Askey, III, and EOI using a similarly Ubuntu-on-Coffee Lake AVA-3510. Adlink also announced an edge visualization partnership with AUO.
Adlink has ramped up its involvement in autonomous vehicles in recent weeks with announcements of collaborations with Indy Autonomous Challenge, as well as several other companies working on C-V2X (Cellular Vehicle-to-Everything) technology. Today, it followed up by announcing a collaboration with optoelectronic firm AUO on edge visualization technologies for a list of applications led by automated vehicles and autonomous robots. An Adlink/AUO virtual forum on the topic started today and will run through Nov. 4 (see farther below).
MontaVista€® Software, LLC, a leader in commercial Embedded Linux€® products and engineering services, today announced the upcoming completion of a mission-critical project in the security certification-services area.
If you have trouble staying focused and getting work done, the Pomodoro Technique of working in 25-minute intervals with 5-minute breaks is pretty hard to beat. The only problem is that it requires a lot of input from the user, and all that timer-setting can get in the way of actually getting down to business. The absolute worst is when you find yourself working hard, but see that forgot to set the damn timer (ask us how we know). In essence, the tomato itself can only do so much — you have to actually use it and honor the timer, put in the work, and believe in the system.
Voltlog has designed an open-source hardware floor heating valve controller powered by an ESP32 WiFi module making it compatible with Tasmota open-source firmware, and by extension MQTT protocol and Home Assistant automation framework.
The board can control up to 10 valves triac controlled outputs and spring connectors for a floor home heating system, and also offers a one-wire srping connector, an I2C header, and safety features with two fuses, although it’s obviously not UL nor TUV certified.
There are a few things that make me proud of being part of the Purism team. One of them is the philosophy behind a company that makes respectful hardware and software, that is fully owned by the people using it.
Another truly beautiful aspect of Purism (which I discovered over the years) is how Purism is a pioneer in hardware manufacturing. It has built a business model that creates relationships between the people who directly finance this Social Purpose Corporation. This way Purism avoids any potential conflict of interests from private entities. It gives back all the intellectual property of its research and development to the people. This is done through the use of public owned licenses, also known as the Free Licenses.
The Magama is an open-source mail-server application daemon for SMTP, POP, IMAP, HTTP, and MOLETN.
It offers additional support for DMTP and DMAP.
Magama features webmail with JSON-RPC interface, which requires some work to install.
Inbucket app is a free, open-source disposable mail server that works without any database.
Inbucket supports many email protocols without depending on external dependencies. It accepts email and makes them ready via the web, and REST API.
The system supports HTTP, SMTP, and POP3 out of the post. It offers multiple mailboxes' management, attachment download, and a responsive simple web interface.
Germany-based Nextcloud is releasing an easy-to-use backup application for its productivity and collaboration platform that’s designed not for the big enterprise customers who pay its bills, but for home users and small business who generally use the product for free.
Announced today was Nextcloud Backup, a fully encrypted incremental backup solution that’s not only easy-to-use, but which offers a full set of features that includes a wide choice of backup options (including one that might surprise some folks) and the ability to search through a backup to find individual files and folders when a full restore isn’t needed.
Nextcloud said that the software is aimed squarely at home users, along with small mom and pop sized businesses, which are unlikely to ever become paying customers, except for some who might pay a small amount for a hosted version.
Last year, we mentioned Nextcloud as the swiss army knife of remote working tools, and rightly so.
Nextcloud offers a lot of tools to help you build the ultimate collaboration tool while taking control of your data. Of course, if you are looking for convenience without the need for self-hosting, Nextcloud may not be an immediate option for you.
However, if the lack of an easy-to-use backup tool was a deal-breaker for you, it might be a good idea to think it over.
Mozilla Firefox 94 is now available to download.
The latest update to the famed open source browser enables the OpenGL EGL backend by default under X11 for Intel. AMD and recent Mesa users (NVIDIA is still working to add support for EGL to its proprietary Linux driver).
Firefox 94.0 has been released. Linux users should see improved WebGL performance and reduced power consumption for many workloads. The about:unloads page shows the user information about open tabs and allows them to release system resources by unloading tabs without closing them. Site Isolation provides better protection against side-channel attacks. See the announcement for more new features in this release.
Love LibreOffice? Want to boost your skillset and learn new things? Then join the Month of LibreOffice! The software is a worldwide, community open source project – and many people who help to improve it, actually started out as regular users of the software.
So in November, we want to encourage you to get involved, join our community, and have fun. You can build up valuable skills for a future career – and you don’t need to be a programmer. There are many ways to help make LibreOffice awesome, as we’ll see in a moment.
One of the things we spent some time on early with Builder was creating built-in VIM emulation. Originally it was written in C, but then got converted to this nasty CSS for a couple of reasons. First, that keybindings in GTK 3 were largely done with CSS due to how we moved away from gtkrc in the 2.x to 3.x migration. And beyond that, CSS was the one way that’d let us share a lot of keybinding code between shortcut themes so we could support emacs, vim, sublime, etc.
One thing that didn’t work well was VIM’s “modes”. People often think of VIM as a single state (normal, insert, replace, visual, etc). In reality it’s a stack of them. Just look at the following state diagram if you’re going to actually to match things somewhat accurately. Doing this in a manner that would allow sharing between shortcut themes in Builder was simply beyond the amount of time we had to spend on it given all the other features that needed to land.
Suppose that you had a state machine implemented by NMI handlers, and that some of the transitions in this state machine need to wait for an RCU grace period to elapse. How could these state transitions be implemented?
Before we start, let's dispense with a couple of silly options. First, we clearly are not going to invoke synchronize_rcu() from within an NMI handler. This function can sleep, and we cannot sleep even within non-threaded interrupt handlers, let alone within NMI handlers. Second, we are not going to invoke call_rcu() from within an NMI handler. This function disables interrupts to exclude concurrent invocations on a single CPU, and disabling interrupts does nothing to keep NMI handlers from running. Worse yet, when running on rcu_nocbs CPUs (which offload callback invocations to rcuo kthreads), call_rcu() acquires a lock. Therefore, invoking call_rcu() from within an NMI handler would at best result in deadlock, and might also result in corruption of RCU's lists of callbacks.
While Ampere Altra and Altra Max processors are achieving great success using Arm Neoverse N1 based cores, as shared earlier this year Ampere has begun designing their own custom Arm server CPU cores for slated introduction in 2022. The first GCC compiler patch for that next-gen Ampere CPU was quietly posted on Monday.
An initial patch made it out providing support and basic tuning for Ampere's "Ampere-1" CPU. Ampere-1 isn't certainly the marketing name for their initial CPU core design but just what they are referring to at least initially for the GNU Compiler Collection target. Just as before IBM referred to their POWER10 GCC target as the 'future' target and then later on added in proper user-friendly string.
[David Given] frequently dives into retrocomputing, and we don’t just mean he refurbishes old computers. We mean things like creating a simulator and assembler for the OBP spaceflight computer, which was used in the OAO-3 Copernicus space telescope, pictured above. Far from being a niche and forgotten piece of technology, the On-Board Processor (OBP) was used in several spacecraft and succeeded by the Advanced On-board Processor (AOP), which in turn led to the NASA Standard Spaceflight Computer (NSSC-1), used in the Hubble Space Telescope. The OBP was also created entirely from NOR gates, which is pretty neat.
One thing [David] learned in the process is that while this vintage piece of design has its idiosyncrasies, in general, the architecture has many useful features and is pleasant to work with. It is a bit slow, however. It runs at a mere 250 kHz and many instructions take several cycles to complete.
Python is a popular language for many applications. Those that run as backend services, now in the 2020s, are often run inside containers. For that to work, though, you have to build a container.
Often, with microservice architectures, it makes sense to build a "root" base image, which all of your services get built on. Most of this article focuses on that base image since this is where it is easiest to make mistakes. However, I also cover the applications themselves because a good base without good applications isn't of much use.
Quickly and easily develop desktop, mobile, and web applications with Java, JavaScript, HTML5, PHP, C/C++ and more. Updated to 12.3
By default, Cryostat automatically recognizes discoverable, valid targets with remote Java Management Extensions (JMX) and JMX-RMI-enabled connectivity. Discoverability is based on various mechanisms, including Kubernetes API-based service endpoints and the Java Discovery Protocol (JDP).
With Cryostat 2.0, developers can now create connections by providing custom URLs for known potential Java application targets that are valid but not yet discoverable. You can save custom target definitions so they are available even after the Cryostat instance restarts. This feature is available on the Cryostat web front-end through the Create Target functionality introduced in this article.
Cryostat 2.0 also introduces the new clientlib directory. By adding target application JARs to this directory, you can specify custom connection protocols for any custom targets you create. We'll show you how to add a custom target that uses one such connection protocol.
The W3C has published Web Content Accessibility Guidelines (WCAG) and there are some great WCAG explainers in plain English, like this one from Web Accessibility In Mind (WebAIM).
The Khronos Group this morning is rolling out the provisional specification for ANARI 1.0, its newest royalty-free, industry-standard API.
ANARI is the Khronos API focused on analytic rendering and scalable 3D data visualization.
Vulkan 1.2.197 is out with a variety of documentation updates, clarifications to the specification, and other work. Plus there is one new extension this time around.
The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the NextArch Foundation. The new Foundation is a neutral home for open source developers and contributors to build next-generation architecture that can support compatibility between an increasing array of microservices.
The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced it has enhanced its free LFX Security offering so open source projects can secure their code and reduce non-inclusive language.
The LFX platform hosts community tools for security, fundraising, community growth, project health, mentorship and more. It supports projects and empowers open source teams to write better, more secure code, drive engagement and grow sustainable ecosystems.
"LFX supports projects and empowers open source teams by enabling them to write better, more secure code, drive engagement, and grow sustainable software ecosystems," the Linux Foundation says. Now, to address the growing threat of software supply chain attacks, the foundation is upgrading its LFX Security module to deal with these attacks.
The Linux Foundation, the nonprofit organization enabling mass innovation through open source, today announced the new Project OpenBytes spearheaded by Graviti. Project OpenBytes is dedicated to making open data more available and accessible through the creation of data standards and formats.
The Linux Foundation has announced the new Project OpenBytes spearheaded by Graviti. Project OpenBytes is dedicated to making open data more available and accessible through the creation of data standards and formats.
At the Linux Foundation Membership Summit this week, the Linux Foundation — the nonprofit tech consortium founded in 2000 to standardize Linux and support its growth — announced new projects: Project OpenBytes and the NextArch Foundation. OpenBytes is an “open data community” as well as a new data standard and format primarily for AI applications, while NextArch — which is spearheaded by Tencent — is dedicated to building software development architectures that support a range of environments.
Security updates have been issued by Debian (asterisk, bind9, glusterfs, and openjdk-11), Fedora (ansible and CuraEngine), openSUSE (mailman and opera), Oracle (binutils and flatpak), Red Hat (curl, flatpak, java-1.8.0-ibm, kernel, kernel-rt, libsolv, python3, samba, and webkit2gtk3), Scientific Linux (binutils and flatpak), SUSE (binutils and transfig), and Ubuntu (ceph and mailman).
Interesting Twitter thread on how cell phone metadata can be used to identify and track people who don’t want to be identified and tracked.
Linux and FreeBSD are being targeted by the latest version of Hive ransomware.
Hive ransomware was first observed in June 2021, with the FBI warning about it in late August. Initially the ransomware targeted Windows only, but the creators are looking to expand that.
According to the Slovak Internet security firm ESET, the Hive ransomware gang can now encrypt Linux and FreeBSD with new malware variants that have been specially developed for these platforms.
The world of cybersecurity is forever evolving at a rapid pace. Newer and more sophisticated attacks are emerging every day. Despite patching most of these threats, some of them continue to crawl around the web a lot longer. LemonDuck is one such example.
It's a cross-platform malware that targets Windows and Linux devices and acts as an entry point for other malicious tools. So what exactly is LemonDuck? How does it work?
A draft law in Kazakhstan would require foreign tech companies to open local offices and comply with content takedown demands within tight time frames, or have their services terminated. Advanced as a measure to protect children, the proposed law, “On Amendments and Changes to Legislative Acts on the Protection of the Rights of the Child,” is instead likely to undermine Kazakhs’ free expression and other human rights, and grant the government disproportionate censorship powers that are ripe for abuse.
Access Now urges the Kazakhstan government to reject the proposal, as it fails to align with human rights principles. We provide a set of recommendations below for the government to safeguard Kazakhs’ freedom of expression and opinion, the right to access and disseminate information, freedom of association, and other rights protected under Kazakhstan’s constitution and international human rights law.
[...]
Finally, the implementation of staff and data localization laws in other countries has demonstrated the pitfalls of this approach. We have seen governments using such regulations to gain leverage over social media giants and force them to comply with state-sponsored censorship and surveillance. The recent removal of Alexey Navalny’s app from Google and Apple stores, reportedly triggered by the threats of criminal prosecution and armed raids at Google’s local subsidiary offices in Russia, is one example of how local staff can be used to pressure companies into removing certain content without due process and in violation of human rights. Civil society has also raised similar concerns regarding a recently passed Internet law in Turkey (Law No. 5651), which forces social media companies with more than one million “daily users” to comply with the government’s requests for content removal. This dangerous law gravely undermines freedom of expression in Turkey, particularly in the absence of an independent judiciary where such orders can be successfully challenged.