11.09.21

Gemini version available ♊︎

Links 10/11/2021: KDE Plasma 5.23.3 and Ncurses 6.3

Posted in News Roundup at 7:36 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Desktop/Laptop

      • Exclusive: IGEL’s Linux OS Pact With HP Is A ‘Secure End Point Game-Changer’

        IGEL has inked a blockbuster pact with $57 billion PC behemoth HP Inc. that in one fell swoop puts IGEL’s secure endpoint Linux operating system into the hands of tens of thousands of HP resellers worldwide.

        HP is now preinstalling the IGEL OS on its top-selling thin client devices, with an eye towards moving it to HP’s mobile thin clients in the future, said IGEL.

        IGEL said the pact means HP partners can now get the IGEL OS through HP distributors around the world as an HP SKU on HP t430, t540 and t640 thin clients.

        “This marries the best Linux software for cloud workspaces with the industry’s leading hardware,” said IGEL CEO Jed Ayres in an exclusive interview with CRN. “This is a defining moment in our quest to be the standard operating system for cloud-delivered desktops with our secure Linux-based IGEL OS. This is recognition that we are first and foremost a software company that is setting the pace for what is a once-in-a-generation architectural change as the industry moves to cloud workspaces.”

    • Server

      • CIS-Harden your Ubuntu in Google Cloud | Ubuntu

        CIS Benchmarks are best practices for the secure configuration of a target system. The Center for Internet Security, Inc. (CIS®) is the authority backing CIS Benchmarks. Ubuntu Pro is entitled to be CIS compliant and packaged with CIS toolings from Canonical.

      • InAccel: Benefit from Enterprise FPGA acceleration on Kubernetes using SUSE Rancher
      • SUSE Rancher and Dell Container Storage Modules (CSM) | SUSE Communities

        Extend enterprise storage capabilities to SUSE Rancher, RKE2, RKE and K3S Kubernetes for cloud-native stateful applications with Dell Container Storage Modules (CSM). Dell CSMs enable simple and consistent integration and automation experiences. It reduces management complexity so developers can independently consume enterprise storage with ease and automate daily operations such as provisioning, snapshotting, replication, observability, authorization and, resiliency. The CSI Drivers by Dell EMC implement an interface between CSI (CSI spec v1.3) enabled Container Orchestrator (CO) and Dell EMC Storage Arrays (Dell PowerStore, PowerScale, PowerFlex, PowerMax and Unity). It is a plug-in that is installed into Kubernetes to provide persistent storage using Dell storage system.

      • Kubernetes Community Elects Four Members to Its Steering Committee

        The Cloud Native Computing Foundation’s Kubernetes project announced the election of four members to the Kubernetes Steering Committee which oversees the governance of the Kubernetes project. The announcement was made in a blog by Kaslin Fields, a CNCF ambassador and a developer advocate at Google.

        Kubernetes is considered to be the de facto standard for managing containers, and is widely used in enterprise cloud native infrastructures.

      • Non-root Containers And Devices

        The user/group ID related security settings in Pod’s securityContext trigger a problem when users want to deploy containers that use accelerator devices (via Kubernetes Device Plugins) on Linux. In this blog post I talk about the problem and describe the work done so far to address it. It’s not meant to be a long story about getting the k/k issue fixed.

        Instead, this post aims to raise awareness of the issue and to highlight important device use-cases too. This is needed as Kubernetes works on new related features such as support for user namespaces.

    • Audiocasts/Shows

      • Kubuntu 21.10 Quick overview #Shorts – Invidious

        A Quick overview of Kubuntu 21.10

      • Xmonad Needs Your Support – Invidious

        Xmonad recently had its biggest release in years! And with the big release, the Xmonad team have put all a call to the community asking for your help. They are asking for artwork contributions via a logo contest (with a cash prize for the winner), and they are asking for GitHub sponsorships to help fund future development.

      • PopOS Working On A New Rust Desktop Environment!! – Invidious

        Until now PopOS has been using Gnome as their desktop environment with heavy modifications but that may change at some point in the future as they’re reportedly working on a new DE written in Rust

      • Enterprise Linux Security Episode 7 – ELevate – Invidious

        Remaining on legacy Linux distributions can lead to additional security risks as time goes on, and migrating to a newer and better supported distribution can be a very difficult endeavor for most administrators. In this episode, Jay and Joao are joined by Jack from AlmaLinux, and we talk about ELevate – a tool that can be used to migrate from a distribution in the Enterprise Linux family to another Enterprise Linux distribution.

    • Kernel Space

      • Xen With Linux 5.16 Will Allow For Faster Booting Of Guests – Phoronix

        Xen para-virtualized guests booting on the Linux 5.16 kernel should see noticeably quicker boot times.

        Sent out today were the Xen patches for Linux 5.16. Besides having some code lcean-ups, para-virtualized interrupt masking made simpler, Xen “pciback” driver support for Arm, and other smaller enhancements, there is also work to speed-up guest booting. In particular, the booting up of Xen PV (para-virtualized) guests should be much quicker with Linux 5.16 and beyond.

      • More Of Intel’s CXL Enablement Code Arrives For Linux 5.16 – Phoronix

        Intel’s open-source Linux engineers continue to be quite busy bringing up CXL interconnect support within the mainline kernel. For the in-development Linux 5.16 is another batch of code landing.

      • Linux kernel 5.10.78 compiled

        Ha ha, that was a short-lived release! EasyOS version 3.1.9 was announced yesterday, and pulled down after being online only a few hours:

        https://bkhome.org/news/202111/easyos-version-319-released.html

        The issue was awful behaviour of Firefox on my Acer Aspire 1 laptop. Perhaps it is a GPU-related problem.
        I have decided not to try and jump over two big puddles. Instead, will jump over just one big puddle, which is the move to pulseaudio. This is bound to have issues. The addition of an extra browser, Firefox or Chrome, in the build, can wait until later.

      • Linux 5.16 Has Early Preparations For Supporting FGKASLR – Phoronix

        Being worked on for more than a year by Intel and other kernel developers has been FGKASLR to enhance kernel security. While the Linux kernel has long supported Address Space Layout Randomization (ASLR) to make memory addresses less predictable, FGKASLR ups the security much more by placing that randomization at the function level. It’s looking like FGKASLR could be mainlined soon.

        FGKASLR isn’t being picked up for Linux 5.16 but there is preparation work landing in this kernel so hopefully the feature isn’t too far out. Finer Grained Kernel Address Space Layout Randomization (or sometimes referred to as Function Granular KASLR) allows for function reordering on top of the base address randomization of ASLR.

        FGKASLR ups the security against kernel attacks requiring known memory locations within the kernel but can cause minor (~1%) performance penalties. Since being first announced in 2020, FGKASLR has been undergoing several rounds of review.

      • Linux 5.16 to bring mainline support to Raspberry Pi 4 Compute Module – and the nifty devices built around it

        While folks straddling the worlds of both Windows and Linux will appreciate the shiny NTFS support in version 5.15 of the open-source kernel, Arm device users may find more to appreciate in the following release.

        Linux kernel 5.16 will include mainline support for the Raspberry Pi 4 Compute Module, as well as the Apple M1 chip’s PCI Express controller as Linux inches its way towards a full Linux desktop on M1 Macs.

        This means it should be possible to run a mainline 5.16 kernel on a Raspberry Pi 4 Compute Module without any extra build steps or patches.

        The Raspberry Pi 4 Compute Module is targeted more at system integrators than end-users. Even tinier than the credit-card sized Pi 4, the Compute Modules are designed to plug into larger IO boards, enabling the Pi to power specialist gadgets. The Raspberry Pi Foundation naturally offers one of these boards, and third parties are free to design and flog their own.

      • AMD

        • AMD EPYC 7003 Series Performance Across Autumn 2021 Linux Distributions

          These five Linux distributions were benchmarked on the same EPYC server comprised of two AMD EPYC 75F3 processors for a combined 64 cores / 128 threads, an ASRockRack ROME2D16-2T motherboard, 16 x 8GB DDR4-3200 memory, and a 1TB WD_BLACK SN850 NVMe solid-state drive.

          The five Linux distributions under test was Alma Linux 8.4 (RHEL 8.4 alternative), CentOS Stream for tracking the latest upstream work ahead of RHEL 9, Clear Linux 35150 for Intel’s latest optimized Linux distribution, Fedora Server 35, and then Ubuntu 21.10. Each of the five Linux distributions were cleanly installed on this server and benchmarking them in their out-of-the-box / default configuration for seeing how these latest Linux distributions compete on the current-generation AMD server platform.

    • Nvidia

    • Applications

      • LXD 4.20 Containers Released, Provides Ability for Live Migration

        LXD 4.20 users will be happy to see in this release the initial implementation of live migration and core scheduling support.

        LXD is a next generation system container manager. The simplest way to define LXD is to say it’s an extension of LXC.

        Technically LXD is a REST API that connects to libxlc, the LXC software library. As you know, LXC, short for “Linux containers”, is a solution for virtualizing software at the operating system level within the Linux kernel.

    • Instructionals/Technical

      • Linux Mint’s Sticky Note App Looks Great Now! Here’s how to get it in Ubuntu | UbuntuHandbook

        For those looking for Google Keep or Windows Sticky Notes style desktop noting app, Linux Mint’s “sticky” is a good choice for Ubuntu Linux.

        Linux Mint maintains some great apps. Sticky is one of them that sticks an electronic version of Post-it Note on your desktop. It’s GTK3 app written in Python3 and works on most desktop environments.

        With it, you may create as many notes as possible on desktop. And, it allows to set different color palette for each note: Blue, Green, Magenta, Orange, Purple, Red, Teal, and Yellow.

      • Getting Started with Docker: Portainer CE – LinuxLinks

        There are some great tools that make Docker easier to use.

        One of our favourites is Portainer. It’s a lightweight and easy to use management UI that lets us easily manage our different Docker environments. Its simple graphical interface is accessed with a web browser. The community edition is free and open source software. Portainer works with Docker, Docker Swarm and Kubernetes. It can be deployed in the cloud on prem or at the edge.

        Portainer supports a wide range of features for managing the Docker containers, such as managing the creation and deletion of Swarm services, user authentication, authorizations, connecting, executing commands in the console of running containers, and viewing containers’ logs.

        Portainer consists of a single container that can run on any cluster.

      • exa: A Modern Replacement for the ls Command

        I bet you have used the ls command in Linux. It’s one of the first command you use while learning Linux commands.

        The simple ls command is quite handy for listing directory content. I never really though any command could replace it until I discovered exa.

      • How To Install KeePass on Linux Mint 20 – idroot

        In this tutorial, we will show you how to install KeePass on Linux Mint 20. For those of you who didn’t know, KeePass is an open-source cross-platform password manager filled with multiple amazing features. It lets you save as many passwords as you wish hence freeing you from the hassle of memorizing and recalling your passwords every time you wish to access an account. If you are using LastPass, Bitwarden, AnyPAssword, and many others, then importing passwords from them is also possible in KeePass. The KeePass password manager can also be used very efficiently with the Windows, macOS, iOS, or even Android operating systems.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of a KeePass password manager on a Linux Mint 20 (Ulyana).

      • How to install VMware Workstation on Ubuntu 20.04 – Unixcop the Unix / Linux the admins deams

        VMware Workstation Pro (known as VMware Workstation until release of VMware Workstation 12 in 2015) is a hosted hypervisor that runs on x64 versions of Windows and Linux operating systems.

        It enables users to set up virtual machines (VMs) on a single physical machine and use them simultaneously along with the host machine. Each virtual machine can execute its own operating system.

        In this tutorial, we will illustrate how to install VMware Workstation on Ubuntu systems.

      • Linux Essentials – nano (command-line text editor) – Invidious

        When you’re working with Linux servers, you may or may not always have access to a GUI, which is why it’s important to learn at least one command-line text editor. In this video, we’ll explore the core fundamentals of nano. nano is a text editor that’s among the easiest to learn.

      • Sequence – making PatternDB creation for syslog-ng easier – Blog – syslog-ng Community – syslog-ng Community

        We are well into the 21st century, but most of the log messages still arrive in an unstructured format. For well over a decade, syslog-ng had a solution to turn unstructured messages into name-value pairs, called PatternDB. However, creating a pattern database for PatternDB from scratch is a source of major pain. Or rather, it was: sequence-rtg – a fork of the sequence log analyzer – provides a new hope! It can easily create ready-to-use patterns for your most frequent log messages.

        Sequence-rtg is still in beta phase, and therefore is a bit rough around the edges. However, once you deal with the initial struggles of creating the database, it works just fine. Especially if you have lots of log messages. My experience was that the more log messages and larger batch sizes I had, the better quality patterns were generated.

    • Games

      • Pokemon Time Capsule | Hackaday

        The precious Pokemon we spent hours capturing in the early nineties remain trapped, not just by pokeballs, but within a cartridge ravaged by time. Generally, Pokemon games before the GameBoy Advance era had SRAM and a small coin cell to save state as NVRAM (Non-volatile random access memory) was more expensive. These coin cells last 10-15 years, and many of the Pokemon games came out 20 years ago. [9943246367] decided to ditch the battery and swap the SRAM for a proper NVRAM on a Pokemon Yellow cartridge, 23 years later.

    • Desktop Environments/WMs

      • Felt Qt (might delete later)*: Two non-Gtk Linux desktops have put out new versions

        There are loads of Linux desktops to choose from, but the majority use some version of GNOME’s Gtk. Only a handful favour the Qt toolkit, and two of them just released new versions.

        Release 14.0.11 of the Trinity Desktop Environment (TDE) just appeared. TDE was forked from KDE 3 by a team who didn’t care for KDE 4′s focus on widgets.

        They may have had a point; Linux supremo Linus Torvalds was sceptical about them as well.

        KDE adopted widgets when they were trendy, soon after Windows Vista, but Microsoft dumped them again after Windows 7. TDE is admittedly one of the more niche options, but it’s good to see signs of life.

      • K Desktop Environment/KDE SC/Qt

        • KDE Plasma 5.23.3 Further Improves the Wayland Session, Ports Plasma 5.24’s Focus Ring Feature

          Coming two weeks after KDE Plasma 5.23.2, the KDE Plasma 5.23.3 point release is here to further improve the Plasma Wayland session by making the Mozilla Firefox web browser more responsive to files that are being dragged and dropped, fix the panel’s auto-hide animation, address a Plasma crash that occurred when turning an external display off and back on again, as well as to fix a Plasma hang that occurred when hovering the Digital Clock applet to view the tooltip.

        • KDE Plasma 5.23.3, Bugfix Release for November

          Today KDE releases a bugfix update to KDE Plasma 5, versioned 5.23.3.

          Plasma 5.23 was released in October 2021 with many feature refinements and new modules to complete the desktop experience.

          This release adds two weeks’ worth of new translations and fixes from KDE’s contributors. The bugfixes are typically small but important and include…

        • Fixing Adaptive Transparency PART 2/2: THE FIX – Kockatoo Tube
        • OpenUK Awards 2021, COP26 and KDE – Jonathan Esk-Riddell’s Diary

          The OpenUk awards reconise and celebrate the best in open tech in the UK over the last year. We have a bunch of awards this year and the shortlists are up. I’ve clerked the judges into tracking down the gossip on all the shortlisted nominees and we do have final winners which will be announced at the ceremony on Thursday evening.

          The ceremony is at COP26 in Glasgow, Scotland. This is the UN conference to try to get international agreement on mitigating the worst affects of the climate crisis. We’ll be one of the last events there.

          I’ll be making announcement about KDE’s sustainability effort in front of the politicians and tech audience which I’m very excited about.

          You can sign up to watch the day event on sustainability in tech. The evening award ceremony will have its video published shortly after the event.

    • Distributions

      • IBM/Red Hat/Fedora

        • Red Hat collaborates with NVIDIA to deliver record-breaking STAC-A2 Market Risk benchmark

          We are happy to announce a record-breaking performance with NVIDIA in the STAC-A2 benchmark, affirming Red Hat OpenShift’s ability to run compute heavy, high performance workloads. The Securities Technology Analysis Center (STAC®) facilitates a large group of financial firms and technology vendors that produces benchmark standards which enable high-value technology research and testing software for multiple financial applications.

          Red Hat and NVIDIA collaborated to create this latest STAC-A2 entrant, and STAC performed an independent, third-party audit. These are the first public STAC-A2 results using Red Hat OpenShift. Compared to all other publicly reported results to-date, this solution based on Red Hat OpenShift and NVIDIA DGX A100 set several new records for performance metrics and energy efficiency…

        • Improving the performance and space efficiency of SELinux

          Performance is important when it comes to security features such as SELinux. While the performance impact of typical workloads has been long known to be small for most workloads (see for example the SELinux benchmarks of Fedora 31 by Phoronix), certain specific operations are slower than they could be.

          In addition, there are also memory and disk space usage issues, which can lead to unnecessarily large virtual machine images or minimum memory requirements.

          In this post, I will present some of these gaps that I found and fixed upstream. Together, these improvements:

        • Biometric authentication with WebAuthn and SSO

          Providing users with secure, convenient authentication that doesn’t rely solely on passwords is a challenge for many application developers and administrators. Passwords can be compromised through leaks, or cracked by malicious intruders, and strong passwords may be too complex for users to remember.

          WebAuthn support in version 7.5 of Red Hat’s single sign-on technology (SSO) makes it possible to use biometric data for user authentication. With WebAuthn, users can authenticate using a fingerprint scanner or face recognition, features available in most modern smartphones and laptops.

          This article shows you how to configure Red Hat’s SSO to use WebAuthn for biometric user authentication. Our example is based on a JavaScript application built using the React framework, along with the Google WebAuthn emulator.

        • Automating JDK Flight Recorder in containers

          This article is part of a series of hands-on guides to using Cryostat 2.0, or JDK Flight Recorder for containers. This article introduces Cryostat’s new API for automated rules. We’ll walk through two use cases highlighting the API’s compact but powerful rule definitions. You’ll see how to use rule definitions to specify a match expression for one or more target Java applications, and how to configure the type of flight recording you want to start on these targets.

          Once you’ve created a rule, Cryostat immediately matches it against all existing discovered targets and starts your flight recording. Cryostat will also apply the rule to newly discovered targets that match its definition. You can create multiple rules to match different subsets of targets or to layer different recording options for your needs.

          The automated rules API is brand new in Cryostat 2.0, and we haven’t yet developed the user interface (UI) for it. For now, we’ll use curl to interact with the Cryostat HTTP API directly.

        • 4 realities IT leaders should know about remote developers now

          The pandemic brought a lot of change in the way teams interact with each other. Along with many workers being forced into home office setups came new challenges – with communication, remote workstation access, and cybersecurity (now of heightened importance). Hopefully, by now your organization has figured out a way to support remote work. But this isn’t temporary; a more distributed and remote-capable workforce is where things are headed.

          As IT leaders think about remote and hybrid models of work for teams, and adopt tools for virtual meetings and file sharing, it’s vital to consider the individual needs of a valuable team role – the developer. Here are a four factors to consider:

        • 3 essential soft skills IT pros need

          IT continues to be one of the fastest-growing employment sectors. However, as remote work environments become increasingly common and technology becomes further intertwined with other business functions, the role of the IT professional is evolving.

          As today’s IT professionals engage with more colleagues throughout the business, their skills must extend well beyond technical expertise. Over 40 percent of respondents to a recent study by West Monroe admitted encountering IT professionals who struggle with collaboration, hampering productivity. As a result, hiring managers are looking for IT prospects with comprehensive soft skills to add greater value to their business.

        • What is a technical marketing manager?

          First off, from one organization to the next, there will be different names for these roles and different alignments of responsibilities. Red Hat is a unique company with a unique culture, so this may not represent how technical marketing works in your organization.

          My work revolves around three roles: product marketer (PMM), technical marketing manager (TMM), and product manager (PM).

          Product managers work as a lead for their product or feature. They help write features with engineering, cast vision for their roadmap, and work with marketing to build a story that ties the market problem together with the component designed to fix it.

          Product marketers help define the message: Why would an organization care about the feature we are building? What business problems do we need to address? I’ll leave a more in-depth overview of these roles to others, but in short, that is their purview.

      • Debian Family

        • Raspberry Pi OS: Now running on Debian ‘bullseye’ Linux

          Debian 11, dubbed ‘bullseye’ and the successor to ‘buster’, arrived in August and now the makers of the Raspberry Pi have finally updated Raspberry Pi (RPi) OS to this version.

          The move to Debian 11 for Raspberry Pi OS took a little longer than expected and doesn’t bring a huge amount of changes from the Debian side. However, there are several changes that come from the RPi side.

        • Raspberry Pi OS hits the bullseye

          The latest Raspberry Pi OS release switches to Debian 11 “bullseye” and offers the GTK+3 UI toolkit and the “mutter” window manager, which requires 2GB RAM. Meanwhile, the upcoming Linux 5.16 will include mainline support for the RPi CM4.

          Raspberry Pi announced the release of a new version of Raspberry Pi OS (formerly Raspbian), which advances to the Debian 11 “bullseye” release. Debian 11.0 was released in August as a major upgrade from the two-year old Debian buster.

        • Debian 11 Based Raspberry Pi OS 2021-10-30 Update Available to Download – itsfoss.net

          Debian 11 Based Raspberry Pi OS 2021-10-30 Update Available to Download, Raspberry Pi OS is a Debian-based distribution custom-built for Raspberry Pi computers. The development team have published a new version of Raspberry Pi OS which carries the code name “Bullseye”.

          The new version is based on Debian 11 and upgrades a number of desktop components. “All of the desktop components and applications are now using version 3 of the GTK+ user interface toolkit. GTK+ is a layer of software that applications can use to draw standard user interface components (known as ‘widgets’) such as buttons, menus and the like, so that all applications have a consistent look and feel. Up until now, most of the desktop has used version 2 of the GTK+ toolkit, but increasing numbers of Debian applications are using GTK+3, so to try and keep things consistent, we’ve upgraded all our software and the desktop itself to the newer version. GTK+3 has been around for several years now, and people have occasionally asked why we didn’t move to it before now. The simple answer is that many things are much easier to do with GTK+2 than with GTK+3, particularly when it comes to customising the appearance of widgets – GTK+3 has removed several useful features which we relied upon. It has ended up being necessary to find work-arounds to a lot of these – hopefully no one will notice them and everything will still work as before!” Additional details can be found in the project’s release announcement.

        • Bullseye – the new version of Raspberry Pi OS

          Every two years, Debian Linux, on which Raspberry Pi OS is based, gets a major version upgrade. Debian ‘buster’ has been the basis of Raspberry Pi OS since its release in 2019, and Debian ‘bullseye’ was released in August. (As some of you may know, Debian name their versions after characters in Disney/Pixar’s Toy Story films – Bullseye was Woody’s horse in Toy Story 2.)

      • Canonical/Ubuntu Family

        • Developers can now launch Linux instances on Apple M1 | TechRadar

          Canonical, the power behind the development of Ubuntu, has launched the latest version of Multipass that will now let M1 Macbook users run Ubuntu virtual machines (VMs), with minimal fuss.

          Multipass is a lightweight VM manager for Linux, Windows and macOS, which helps developers spin up a fresh Linux environment with a single command.

          According to Canonical, with the support for M1 MacBooks, Multipass will help get developers running Linux faster than any other option on the market.

        • Canonical Transforms Linux on Mac

          On the heels of Apple’s announcement of a new line of game-changing M1 MacBooks, Canonical is bringing fast and easy Linux to the M1 platform. Multipass, the quickest way to run Linux cross-platform, received an update last week allowing M1 users to run Ubuntu VMs with minimal set-up. Multipass can download and launch a virtual machine image with one command, and developers on M1 can now get running on Linux in as little as 20 seconds.

        • Ubuntu’s publisher brings Linux support to M1 Macs with ‘Multipass’

          Canonical, Ubuntu’s publisher, announced today “the quickest way” to run Linux cross-platforms on M1 Macs. With Multipass, users can launch a virtual machine image with one command and have Linux running on an M1 Mac in as little as 20 seconds.

          Although Canonical claims to be the first platform to transform the M1 Mac on a Linux computer, the folks over at Linux Kernel have been improving its platform monthly to offer the best experience possible on the Mac. Last month, the creators of the project said Linux is now “usable as a basic desktop.”

        • Apple Silicon version of Canonical’s Multipass is here • The Register
        • Going Ubuntu on an M1 Mac with Multipass: Thanks VM, it’s Linux on the desktop

          An Apple Silicon version of Canonical’s Multipass has arrived, adding another way of firing up Linux on an M1-powered Mac.

          Although getting a full desktop on an M1 Mac is tricky at present (although not too far off) firing up a virtual machine on the platform allows developers to code against the operating system from the comfort of their new gizmos.

          We first looked at Multipass in 2019, and found it a handy tool in Windows 10 for when a full-fat Hyper-V session was overkill and Windows System for Linux failed to cut the mustard. While the evolution of WSL into a lightweight VM-based Linux platform might have somewhat cut the need for Multipass on Windows, the arrival of the M1 chip has opened up another front. Hence Multipass on the M1 Mac.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • 20 Open-source Low-code platforms for 2021/ 2022

        Low-code is a software development trending topic, in summary, it is an approach that speeds up the software products cycle with minimal hand-coding as it automates the repeated process and code.

        Some may argue that Low-code developments platforms aim to help non-professional or citizen developers to build apps quickly; however, many enterprises are using Low-code because of its productivity.

        Low-code development is a RAD “Rapid Application Development” approach, but with more organized was, as it streamlines the software production and automates all steps.

      • Restyaboard: Open-source self-hosted project management system for teams

        If you are an avid user of Trello, then likely, you searched for an open-source alternative. Trello is a feature-rich web-based project management system for teams.

        Although it is free to use, it is not open-source or even self-hosted.

        Here, we offer you an alternative, that matches almost all Trello features and more, Restyaboard.

      • Grocy: An Open-source ERP for Grocery stores

        We often see general-purpose open-source ERP solutions, but on a rare occasion, we witness a customized specific one like Grocy.

      • Web Browsers

        • Top 9 lightweight web browsers for Linux

          Open source web browsers have come a long way since the introduction of Firefox, Chrome, and Chromium. Current web browsers are advanced to manage graphics, videos, apps, and many more. However, this makes web browsers consume a lot of hardware resources like RAM and storage space. On the other hand, mainstream browsers like Firefox and Chromium work quite well on systems with modern hardware resources.

          However, Linux operating systems running on old PC or laptops require light browsers to work fast and seamlessly. That is one of the reasons why most of the Linux OS like Ubuntu, Fedora, Centos, Linux Mint come with Firefox Mozilla as the default browser. However, Firefox might still not be as lightweight as we would like.

        • Mozilla

          • Tor Browser 11.0 Comes Based on Firefox ESR 91

            Tor Browser 11 is now the new stable version available to all those Internet users who seek to avoid, that their web communications are easy to track.

            Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. The Tor Browser is a web browser that anonymizes your web traffic using the Tor network, making it easy to protect your identity online.

          • Audio fix at bootup

            EasyOS runs fine, except as I reported yesterday, Firefox behaves very badly, with window going blank, freezing, hanging the entire desktop. So, for now, have built Easy 3.1.9.2, with only SeaMonkey. Now, about that sound problem…

          • Firefox: the first major browser to be available in the Windows Store [Ed: Mozilla associates Firefox with the monopoly of Microsoft… and that DRM store. I think they do a fine job tarnishing what’s left of the brand.]

            As of today, Firefox desktop is the first major browser to become available in the Windows Store for Windows 10 and Windows 11 users. Previously, if you were on Windows and wanted to use Firefox, you had to download it from the internet and go through a clunky process from Microsoft. Now that Microsoft has changed its Store policies, choosing Firefox as your desktop browser is even more seamless – and it comes with all the latest Firefox features.

      • SaaS/Back End/Databases

        • Pgpool-II 4.3 beta1 is now released.

          Pgpool Global Development Group is pleased to announce the availability of Pgpool-II 4.3 beta1. This is not intended to be used in production but is close to the release version. So users are encouraged to test it out.

      • FSF

        • Join us for the International Day Against DRM (IDAD) 2021 community planning meeting

          Each year, the Free Software Foundation (FSF) stages the International Day Against DRM (IDAD), and this year, we want to work with the community more closely than ever before and bridge the gap between anti-DRM activists, those involved with the software freedom movement, and everyday individuals. Together, we’ll stand up against DRM on December 10th.

          As one of the most memorable parts of last year’s Day Against DRM was our informal advocacy strategy session held over BigBlueButton, we want to begin our public planning of the event with a similar meeting. We’re inviting you to collaborate with us in the preparation for this year’s IDAD, sharing suggestions and anti-DRM activism methods, as well as organizing online satellite events.

        • Faulty DRM breaks dozens of games on Intel’s Alder Lake CPUs

          Longtime Ars readers probably remember some of the many cases in which overly onerous DRM prevented game owners from playing their legitimate purchases. We’re seeing that situation play out again today, this time thanks to how some DRM systems interact with the unique features of Intel’s 12th-generation “Alder Lake” CPUs.

          Intel’s Alder Lake big.little CPU design, tested: It’s a barn burner
          We’ve already covered how Alder Lake’s hybrid “big.little” design splits the CPU’s workload into high-powered “performance” (P) cores and low-powered “efficiency” (E) cores. But after hinting at the potential issue in a developer FAQ last month, Intel is now confirming that some games contain DRM that Intel says “may incorrectly recognize 12th Generation Intel Core Processors efficient-cores (E-cores) as another system.” That issue can lead to games that “may crash during launch or gameplay or unexpectedly shut down,” Intel says.

          PC Mag’s Chris Stobing explained that the issue arises from the DRM middleware treating the two different types of cores as two distinct systems. “Once it detects that some portion of the load has been split between the P- and E-cores, it sees the new cores as a new license holder (a separate system) and force-quits the game to prevent what it believes is two PCs trying to play one game on the same key,” he said.

        • GNU Projects

          • ncurses 6.3
             Announcing ncurses 6.3
            
            Overview
            
               The  ncurses  (new  curses)  library  is  a free software emulation of
               curses  in  System  V  Release  4.0 (SVr4), and more. It uses terminfo
               format,  supports  pads  and  color  and multiple highlights and forms
               characters and function-key mapping, and has all the other SVr4-curses
               enhancements  over  BSD curses. SVr4 curses became the basis of X/Open
               Curses.
            
               In  mid-June  1995,  the  maintainer of 4.4BSD curses declared that he
               considered  4.4BSD curses obsolete, and encouraged the keepers of unix
               releases such as BSD/OS, FreeBSD and NetBSD to switch over to ncurses.
            
               Since 1995, ncurses has been ported to many systems:
                 * It is used in almost every system based on the Linux kernel (aside
                   from some embedded applications).
                 * It  is  used  as the system curses library on OpenBSD, FreeBSD and
                   MacOS.
                 * It  is used in environments such as Cygwin and MinGW. The first of
                   these was EMX on OS/2 Warp.
                 * It is used (though usually not as the system curses) on all of the
                   vendor  unix  systems,  e.g.,  AIX,  HP-UX,  IRIX64, SCO, Solaris,
                   Tru64.
                 * It should work readily on any ANSI/POSIX-conforming unix.
            
               The distribution includes the library and support utilities, including
                 * captoinfo, a termcap conversion tool
                 * clear, utility for clearing the screen
                 * infocmp, the terminfo decompiler
                 * tabs, set tabs on a terminal
                 * tic, the terminfo compiler
                 * toe, list (table of) terminfo entries
                 * tput,  utility  for  retrieving  terminal  capabilities  in  shell
                   scripts
                 * tset, to initialize the terminal
            
               Full manual pages are provided for the library and tools.
            
               The ncurses distribution is available at ncurses' homepage:
            
                 ftp://ftp.invisible-island.net/ncurses/ or
                 https://invisible-mirror.net/archives/ncurses/ .
            
               It is also available via anonymous FTP at the GNU distribution site
            
                 ftp://ftp.gnu.org/gnu/ncurses/ .
            
          • Ncurses 6.3 Released With Experimental Windows Terminal Driver

            A new version of the Ncurses text-based user interface library is now available and most notable is a new but experimental driver for supporting the Windows Terminal.

            Ncurses 6.3 ships with an experimental driver for handling the Windows Terminal for enjoying Ncurses TUIs under that terminal.

        • Licensing/Legal

          • SFC Files GPL Enforcement Suit Against Vizio Advancing Novel Legal Theories

            Software Freedom Conservancy filed a lawsuit in late October 2021 against Vizio, claiming violation of the GPL and LGPL with respect to its SmartCast TVs. The complaint is here. The complaint is styled first as a claim of breach of contract, and then a claim for declaratory relief.

            Lawsuits to enforce GPL are still quite rare, and among them, this one is radically different in its legal structure from those that have come before. In fact, it conflicts with much of the conventional wisdom about enforcement of licenses like GPL, even principles previously enunciated by the Software Freedom Law Center and the Free Software Foundation–who have had their disagreements with Software Freedom Conservancy in the past.

      • Programming/Development

        • Benjamin Mako Hill: The Hidden Costs of Requiring Accounts

          This question has been a source of disagreement among people who start or manage online communities for decades. Requiring accounts makes some sense since users contributing without accounts are a common source of vandalism, harassment, and low quality content. In theory, creating an account can deter these kinds of attacks while still making it pretty quick and easy for newcomers to join. Also, an account requirement seems unlikely to affect contributors who already have accounts and are typically the source of most valuable contributions. Creating accounts might even help community members build deeper relationships and commitments to the group in ways that lead them to stick around longer and contribute more.

        • Nibble Stew: Typesetting a whole book part III, the analog edition

          In earlier editions (part 1, part 2) we looked at typesetting a full book to a PDF file. This is fun and all, but until you actually hold a physical copy in your hands you don’t really know how good the end result is. Puddings, eatings and all that.

          So I decided to examine how would you go about printing and binding an entire book. For text I used P. G. Wodehouse’s The Inimitable Jeeves. It has roughly 220 pages which is a good amount for perfect binding. Typesetting it in LibreOffice only took a few hours. To make things even simpler I used only one font, the Palatino lookalike P052 that comes packaged with Ghostscript. As the Jeeves stories take place in the 1920s something like Century would have been more period accurate but we’ll have to work with what we got.

          The only printer I had access to was an A4 laser printer that could only print on one side of the page. Thus to keep things as simple as possible the page size became A5, which is easy to obtain by folding A4 paper in half. None of the printer dialogs seemed to do the imposition I needed (single page saddle fold, basically) so I had to convert the A5 originals to A4 printable sheets with a custom Python script (using PyPDF2)

        • GCC 12 Lands Support For -march=armv9-a – Phoronix

          After announcing ARMv9 earlier this year and the likes of the Cortex-X2, the open-source code compilers has been preparing for this evolutionary advancement over ARMv8.

          LLVM/Clang has been working on Armv9-A enablement and the GNU toolchain from Binutils to the GNU Compiler Collection have also been preparing their new code. As of today GCC 12 hit the stage of being able to target -march=armv9-a as of this commit. Using “-march=armv9-a” is used for targeting the ARMv9-A ISA and enabling the new instructions available. Tuning is currently based on the existing ARMv8 Cortex-A53. This is an important step for supporting the next-gen Arm architecture.

        • mrcal 2.0: triangulation and stereo

          mrcal is my big toolkit for geometric computer vision: making models (camera calibration) and using models (mapping, ranging, etc).

          Since the release of mrcal 1.0 back in February I’ve been busy using the tools in the field, fixing things and improving things. Today I’m happy to finally be able to announce the release of mrcal 2.0.

          A big part of this release is maintenance and cleanup that resulted from me heavily using the tools over the course of this past year, and improving whatever was bugging me. The most notable result of that effort, is that splined models are no longer “experimental”. They work well and they’re awesome. Go try them.

          And there’re a number of new features, most notably nice dense stereo support and nice sparse triangulation support (with uncertainty propagation!) These are awesome. Go try them.

        • Joachim Breitner: How to audit an Internet Computer canister

          I was recently called upon by Origyn to audit the source code of some of their Internet Computer canisters (“canisters” are services or smart contracts on the Internet Computer), which were written in the Motoko programming language. Both the application model of the Internet Computer as well as Motoko bring with them their own particular pitfalls and possible sources for bugs. So given that I was involved in the creation of both, they reached out to me.

          In the course of that audit work I collected a list of things to watch out for, and general advice around them. Origyn generously allowed me to share that list here, in the hope that it will be helpful to the wider community.

        • Ruby

          • Ruby 3.1.0 Preview 1 Released

            Ruby 3.1 merges YJIT, a new in-process JIT compiler developed by Shopify.

            Since Ruby 2.6 introduced MJIT in 2018, its performance greatly improved, and finally we achieved Ruby3x3 last year. But even though Optcarrot has shown impressive speedups, the JIT hasn’t benefited real world business applications.

            Recently Shopify contributed many Ruby improvements to speed up their Rails application. YJIT is an important contribution, and aims to improve the performance of Rails applications.

            Though MJIT is a method-based JIT compiler and uses an external C compiler, YJIT uses Basic Block Versioning and includes JIT compiler inside it. With Lazy Basic Block Versioning (LBBV) it first compiles the beginning of a method, and incrementally compiles the rest when the type of arguments and variables are dynamically determined. See YJIT: a basic block versioning JIT compiler for CRuby for a detailed introduction.

            With this technology, YJIT achieves both fast warmup time and performance improvements on most real-world software, up to 22% on railsbench, 39% on liquid-render.

            YJIT is still an experimental feature, and as such, it is disabled by default. If you want to use this, specify the –yjit command-line option to enable YJIT. It is also limited to macOS & Linux on x86-64 platforms for now.

          • Jakub Kadlčík: Rebuilding the entire RubyGems in Copr

            From the 166 699 Gems hosted on RubyGems.org, 98 816 of them were successfully built in Copr for Fedora Rawhide. That makes a 59.3% success rate. For the rest of them, it is important to distinguish in what build phase they failed. Out of 67 883 failures, 62 717 of them happened while converting their Gemfile into spec and only 5 166 when building the actual RPM packages. It means that if a Gem can be properly converted to a spec file, there is a 95% probability for it to be successfully built into RPM.

        • Python

          • How to package your Python code | Opensource.com

            You’ve spent weeks perfecting your code. You’ve tested it and sent it to some close developer friends for quality assurance. You’ve posted all the source code on your personal Git server, and you’ve received helpful bug reports from a few brave early adopters. And now you’re ready to make your Python code available to the world.

        • Shell/Bash/Zsh/Ksh

          • A quick cross-file comparison with AWK

            I really like AWK. It allows me to do simple, effective, ad hoc processing of data files, as this post will demonstrate. If AWK was a football club I’d be an ardent supporter: “Carn the mighty AWK!”

  • Leftovers

    • How to Prepare for Power Outages | WIRED

      I LIVE IN the Philadelphia area, and that puts me in the direct line of fire for two major water-type attacks. We get the remnants of hurricanes in the summertime and what’s known as nor’easters in the winter. (For those not from the Northeast, that’s a cyclone of cold frozen hatred that hovers up our coast.) Sure, they each bring their own brand of natural strife, but they also make us vulnerable to every geek’s nightmare: the dreaded power outage. And since my place fully runs on electricity (no gas or oil), I’ve had to develop a playbook for those dark times.

      Whether it’s feet of snow or downed power lines, we need our electricity. Having been a Cub Scout as a lad, I am thankfully well prepared, but I realize that there are probably many people out there that aren’t. This guide is for you to bookmark forever.

    • This $0 Filament Drybox Needs Nearly No Parts | Hackaday

      [Spacefan]’s solution uses a filament roll’s own packing materials and a single 3D-printed part to create a sealed environment for a single roll. The roll lives inside a plastic bag (potentially the same one it was sealed in) and filament exits through a small hole and 3D-printed fitting that also uses a bit of spare PTFE tubing. The box doubles as a convenient container for it all. It doesn’t have as much to offer as this other DIY drybox solution, but sure is simple.

      [...]

      While we appreciate the idea, this design is sure to put a lot of friction on the spool itself. It will be a lot of extra work to pull filament off the spool, which needs to turn inside a bag, inside a box, and that extra work will be done by the 3D printer’s extruder, a part that should ideally be working as little as possible. The re-use of materials is a great idea, but it does look to us like the idea could use some improvement.

    • Development Of Magnetic Locking Idea Shows Great Progress | Hackaday

      No matter how its done, with whatever level of fakery, magnetic levitation just looks cool. We don’t know about you, but merely walking past the tackiest gadget shop, the displays of levitating and rotating objects always catches our eye. Superconductors aside, these devices are pretty much all operating in the same way; an object with a permanent rare-earth magnet is held in a stable position between a pair of electromagnets one above and one below, with some control electronics to adjust the field strength and close the loop.

      But, there may be another way, albeit a rather special case, where a magnet can not only be levitated, but locked in place using a rotating magnetic field. The video shows a demonstration of how the mass of a magnet can be used to phase lock it against a rotating field. In essence, the magnet will want to rotate to align with the rotating magnetic field, but its mass will mean there is a time delay for the force to act and rotation to occur, which will lag the rotating magnetic field, and if it is phased just so, the rotation will be cancelled and the magnet will be locked in a stable position. Essentially the inertia of the magnet can be leveraged to counteract magnet’s tendency to rapidly rotate to find a stable position in the field.

    • Science

      • NASA’s New Moon Missions Are Happening Really Soon | Hackaday

        NASA first landed a human on the moon back in 1969, and last achieved the feat in December 1972. In the intervening years, there have been few other missions to Earth’s primary natural satellite. A smattering of uncrewed craft have crashed into the surface, while a mere handful of missions have achieved a soft landing, with none successful from 1976 to 2013.

        However, NASA aims to resume missions to the lunar surface, albeit in an uncrewed capacity at this stage. And you won’t have to wait very long, either. The world’s premier space agency aims to once again fly to the Moon beginning in February 2022.

    • Hardware

      • Teardown: Analog Radionic Analyzer | Hackaday

        Have you ever looked up a recipe online, and before you got to the ingredients, you had to scroll through somebody’s meandering life story? You just want to know how many cans of tomato paste to buy, but instead you’re reading about cozy winter nights at grandma’s house? Well, that’s where you are right now, friend. Except instead of wanting to know what goes in a lasagna, you just want to see the inside of some weirdo alternative medicine gadget. I get it, and wouldn’t blame you for skipping ahead, but I would be remiss to start this month’s teardown without a bit of explanation as to how it came into my possession.

        So if you’ll indulge me for a moment, I’ll tell you a story about an exceptionally generous patron, and the incredible wealth of sham medical hokum that they have bestowed upon the Hackaday community…

      • European server sales sink to 4-year low: Cloud, software-defined and chip shortage blamed
      • Not Your Average Nixie Tube Clock | Hackaday

        When it comes to Nixie clocks, we all pretty much know what to expect: a bunch of Nixies with some RGB LEDs underneath, a wooden case of some sort, and maybe some brass gears or fittings for that authentic steampunk look. It’s not that we don’t appreciate these builds, but the convergent designs can be a little much sometimes. Thankfully, this 60-tube Nixie clock bears that mold, and in a big way.

        The key to [limpkin]’s design is the IN-9 Nixie, which is the long, skinny tube that used to show up as linear indicators; think bar graph displays on bench multimeters or the VU meters on mixing boards. [limpkin] realized that 60 on the tubes could be arranged radially to represent hours or minutes, and potentially so much more. The length of the segment that lights up in the IN-9 is controlled by the current through the tube, so [limpkin] designed a simple driver for each segment that takes a PWM signal as its input. The job of a 60-channel, 14-bit PWM controller fell to an FPGA. An ESP8266 — all the rage five years ago when he started the project — took care of timekeeping and control, as well as driving a more traditional clock display of four 7-segment LEDs in the center of the clock face.

      • Visualizing Audio With An LCD VU Meter | Hackaday

        We all love seeing data represented in pretty ways — whether it’s necessary or not. Take VU meters for example. They’re a super useful tool for audio editors to balance signals, but they also look really cool, even if you’re only listening to music. Who didn’t use a Winamp skin with a built-in VU meter back in the day? Even after the demise of everyone’s favorite media player, we still see these great graphs popping up all over the place.

        Most recently, we’ve seen VU meters circle back around to have a bit of a retro vibe in this awesome Arduino-controlled LCD VU meter built by [mircemk]. Based on the KTAudio VU Meter project, it features an ultra-wide LCD, audio input, and volume knob, all tidily wrapped up in a case whose color scheme that can only conjure images of the famed Altair 8800, or an old Tektronix oscilloscope. The LCD itself is fairly responsive — but you can judge for yourself in the video below. The signature fading that so commonly accompanies screen refreshes on LCDs such as this one really adds to the retro effect.

    • Integrity/Availability

      • Proprietary

        • Microsoft OneDrive will no longer be compatible with millions of Windows PCs

          Millions of Windows users could lose access to their online cloud storage within weeks as Microsoft looks to encourage upgrading to the latest software.

          The tech giant has warned that the OneDrive app will stop syncing with Windows 7, 8 and 8.1 on March 1, 2022, meaning users only have a few weeks to upgrade to a newer version or possibly lose access to their files.

        • Security

          • Security Researchers Reveal Activity Targeting ManageEngine ADSelfService Plus

            On September 16, CISA released a joint alert on exploitation of a vulnerability (CVE-2021-40539) in ManageEngine ADSelfService Plus. On November 8, security researchers from Palo Alto Networks and Microsoft Threat Intelligence Center (MSTIC) released separate reports on targeted attacks against ManageEngine ADSelfService Plus.

          • Time based username enumeration | Pen Test Partners

            Back in the day, it used to be easy to enumerate email addresses from forgotten password forms. Differences in the response made it easy to check if accounts existed.

            After that, you could brute force the password if there weren’t lockouts in place, or if there were, you could lockout a lot of user accounts. Password stuffing from breach data has made compromise easier, though it’s still useful to enumerate accounts in more targeted attacks from time to time.

            I was reminded of blind SQL injection, where differences in response time can reveal whether an injected statement was successful or not. This got me thinking about using similar techniques to enumerate usernames

          • Google’s Pixel 6 fingerprint reader is rubbish because of ‘enhanced security algorithms’
          • Multiple BusyBox Security Bugs Threaten Embedded Linux Devices | Threatpost

            Researchers discovered 14 vulnerabilities in the ‘Swiss Army Knife’ of the embedded OS used in many OT and IoT environments. They allow RCE, denial of service and data leaks.

            Researchers have discovered 14 critical vulnerabilities in a popular program used in embedded Linux applications, all of which allow for denial of service (DoS) and 10 that also enable remote code execution (RCE), they said.

            One of the flaws also could allow devices to leak info, according to researchers from JFrog Security and Claroty Research, in a report shared with Threatpost on Tuesday.

          • Unboxing BusyBox – 14 new vulnerabilities uncovered by Claroty and JFrog | MarketScreener

            Embedded devices with limited memory and storage resources are likely to leverage a tool such as BusyBox, which is marketed as the Swiss Army Knife of embedded Linux. BusyBox is a software suite of many useful Unix utilities, known as applets, that are packaged as a single executable file. Within BusyBox you can find a full-fledged shell, a DHCP client/server, and small utilities such as cp, ls, grep, and others. You’re likely to find many OT and IoT devices running BusyBox, including popular programmable logic controllers (PLCs), human-machine interfaces (HMIs), and remote terminal units (RTUs)-many of which now run on Linux.

          • Security updates for Tuesday

            Security updates have been issued by Arch Linux (firefox, grafana, jenkins, opera, and thunderbird), Debian (botan1.10 and ckeditor), openSUSE (chromium, kernel, qemu, and rubygem-activerecord-5_1), SUSE (qemu and rubygem-activerecord-5_1), and Ubuntu (docker.io, kernel, linux, linux-aws, linux-aws-5.11, linux-azure, linux-azure-5.11, linux-gcp, linux-gcp-5.11, linux-hwe-5.11, linux-kvm, linux-oem-5.13, linux-oracle, linux-oracle-5.11, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gke, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, and linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-gcp-4.15, linux-hwe, linux-kvm, linux-oracle, linux-raspi2, linux-snapdragon).

          • Privacy/Surveillance

            • Double win! Court rejects NSO’s attempts to silence victims and derail surveillance lawsuit

              On Monday, the United States Court of Appeals for the Ninth Circuit allowed WhatsApp’s lawsuit against Israeli spyware firm NSO Group to advance, and rejected NSO Group’s attempt to block briefs filed by civil society. In its ruling, a three-judge panel of an appeals court in San Francisco, California, affirmed a lower court’s decision to deny NSO Group’s motion to dismiss the lawsuit. Additionally, judges accepted the brief submitted by Access Now on behalf of eight civil society organizations, despite NSO Group’s objections claiming it introduced “disputed facts,” as well as another brief by three law professors.

              “We commend the Court for denying NSO Group’s attempts to silence its victims and derail WhatsApp’s lawsuit, which rightly puts the spyware peddler in the hot seat for enabling its government clients to violate human rights with impunity,” said Natalia Krapiva, Tech Legal Counsel at Access Now. “Now that the case proceeds into the discovery stage, it would be hard for NSO to hide its abuses behind the shroud of secrecy.”

              [...]

              Front Line Defenders also recently announced it had uncovered the hacking (confirmed by the Citizen Lab and Amnesty International) of six Palestinian human rights defenders’ devices with NSO Group’s Pegasus spyware, as part of a broader assault on Palestinian civil society. Three of the targeted human rights defenders come from prominent Palestinian civil society groups that Israeli authorities have designated as “terrorist organizations,” leading Access Now and civil society to raise serious questions about whether Israeli authorities were involved in the Pegasus targeting.

    • Environment

      • COP26 and Climate Hypocrisy with Charlie Robinson

        In this episode, Whitney is joined by Charlie Robinson to talk about some of the key takeaways from the COP26 climate conference not being covered by the media and how many COP26 attendees engage in obvious hypocrisy when it comes to the policies they publicly promote and their personal actions.

    • Censorship/Free Speech

      • IFF questions Tripura Police’s notice to Twitter

        On November 3, 2021, in connection with a case registered under the stringent Unlawful Activities Prevention Act, 1967, the West Agartala Police issued a notice to Twitter Inc under Section 91 of the Code of Criminal Procedure. By way of the notice, the Police directed Twitter Inc. to block 68 Twitter pages/accounts and sought information related to them, including personal information such as browsing details and user registration details. We wrote to the Police pointing out that the notice dated November 3, 2021, is vague and that the Police is not empowered to direct blocking of pages/accounts on Twitter. We have sought immediate withdrawal of the notice.

    • Monopolies

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. IRC Proceedings: Monday, January 24, 2022

    IRC logs for Monday, January 24, 2022



  2. Links 25/1/2022: GPL Settlement With Patrick McHardy, Godot 4.0 Alpha 1, and DXVK 1.9.4 Released

    Links for the day



  3. Proprietary Software is Pollution

    "My daughter asked me about why are we throwing away some bits of technology," Dr. Andy Farnell says. "This is my attempt to put into words for "ordinary" people what I tried to explain to a 6 year old."



  4. Microsoft GitHub Exposé — Part XV — Cover-Up and Defamation

    Defamation of one’s victims might be another offence to add to the long list of offences committed by Microsoft’s Chief Architect of GitHub Copilot, Balabhadra (Alex) Graveley; attempting to discredit the police report is a new low and can get Mr. Graveley even deeper in trouble (Microsoft protecting him only makes matters worse)



  5. [Meme] Alexander Ramsay and Team UPC Inciting Politicians to Break the Law and Violate Constitutions, Based on Misinformation, Fake News, and Deliberate Lies Wrapped up as 'Studies'

    The EPO‘s law-breaking leadership (Benoît Battistelli, António Campinos and their corrupt cronies), helped by liars who don't enjoy diplomatic immunity, are cooperating to undermine courts across the EU, in effect replacing them with EPO puppets who are patent maximalists (Europe’s equivalents of James Rodney Gilstrap and Alan D Albright, a Donald Trump appointee, in the Eastern and Western Districts of Texas, respectively)



  6. Has the Administrative Council Belatedly Realised What Its Job in the European Patent Organisation Really Is?

    The "Mafia" which took over the EPO (the EPO's own workers call it "Mafia") isn't getting its way with a proposal, so it's preventing the states from even voting on it!



  7. [Meme] Team UPC is Celebrating a Pyrrhic Victory

    Pyrrhic victory best describes what's happening at the moment (it’s a lobbying tactic, faking/staging things to help false prophecies be fulfilled, based on hopes and wishes alone), for faking something without bothering to explain the legal basis is going to lead to further escalations and complaints (already impending)



  8. Links 24/1/2022: Scribus 1.5.8 and LXLE Reviewed

    Links for the day



  9. IRC Proceedings: Sunday, January 23, 2022

    IRC logs for Sunday, January 23, 2022



  10. [Meme] Team UPC Congratulating Itself

    The barrage of fake news and misinformation about the UPC deliberately leaves out all the obvious and very important facts; even the EPO‘s António Campinos and Breton (Benoît Battistelli‘s buddy) participated in the lying



  11. Links 24/1/2022: pgBadger 11.7 Released, Catch-up With Patents

    Links for the day



  12. The Demonisation and Stereotyping of Coders Not Working for Big Corporations (or 'The System')

    The war on encrypted communication (or secure communications) carries on despite a lack of evidence that encryption stands in the way of crime investigations (most criminals use none of it)



  13. On the 'Peak Hacker' Series

    Hacker culture, unlike Ludditism, is ultimately a movement for justice, for equality, and for human rights through personal and collective emancipation; Dr. Farnell has done a good job explaining where we stand and his splendid series has come to a close



  14. Links 23/1/2022: First RC of Linux 5.17 and Sway 1.7 Released

    Links for the day



  15. Peak Code — Part III: After Code

    "Surveillance perimeters, smart TVs (Telescreens built to Orwell's original blueprint) watched over our living rooms. Mandatory smart everything kept us 'trustless'. Safe search, safe thoughts. We withdrew. Inside, we went quietly mad."



  16. IRC Proceedings: Saturday, January 22, 2022

    IRC logs for Saturday, January 22, 2022



  17. Links 23/1/2022: MongoDB 5.2, BuddyPress 10.0.0, and GNU Parallel 20220122

    Links for the day



  18. A Parade of Fake News About the UPC Does Not Change the General Consensus or the Simple Facts

    European Patents (EPs) from the EPO are granted in violation of the EPC; Courts are now targeted by António Campinos and the minions he associates with (mostly parasitic litigation firms and monopolists), for they want puppets for “judges” and for invalid patents to be magically rendered “valid” and “enforceable”



  19. Welcome to 2022: Intentional Lies Are 'Benefits' and 'Alternative Facts'

    A crooks-run EPO, together with the patent litigation cabal that we’ve dubbed ‘Team UPC’ (it has nothing to do with science or with innovation), is spreading tons of misinformation; the lies are designed to make the law-breaking seem OK, knowing that Benoît Battistelli and António Campinos are practically above the law, so perjury as well as gross violations of the EPC and constitutions won’t scare them (prosecution as deterrence just isn’t there, which is another inherent problem with the UPC)



  20. From Software Eating the World to the Pentagon Eating All the Software

    “Software is eating the world,” according to Marc Andreessen (co-founder of Netscape), but the Empire Strikes Back (not the movie, the actual empire) by hijacking all code by proxy, via Microsoft, just as it grabbed a lot of the world’s communications via Skype, bypassing the world's many national telecoms; coders need to fight back rather than participate in racist (imperial) shams such as GitHub



  21. Links 22/1/2022: Skrooge 2.27.0 and Ray-Tracing Stuff

    Links for the day



  22. IRC Proceedings: Friday, January 21, 2022

    IRC logs for Friday, January 21, 2022



  23. Peak Code — Part II: Lost Source

    "Debian and Mozilla played along. They were made “Yeoman Freeholders” in return for rewriting their charters to “work closely with the new Ministry in the interests of all stakeholders” – or some-such vacuous spout… because no one remembers… after that it started."



  24. Links 22/1/2022: Ubuntu MATE 21.10 for GPD Pocket 3, MINISFORUM Preloads GNU/Linux

    Links for the day



  25. Computer Users Should be Operators, But Instead They're Being Operated by Vendors and Governments

    Computers have been turned into hostile black boxes (unlike Blackbox) that distrust the person who purchased them; moreover, from a legislative point of view, encryption (i.e. computer security) is perceived and treated by governments like a threat instead of something imperative — a necessity for society’s empowerment (privacy is about control and people in positions of unjust power want total and complete control)



  26. Peak Code — Part I: Before the Wars

    Article/series by Dr. Andy Farnell: "in the period between 1960 and 2060 people had mistaken what they called "The Internet" for a communications system, when it had in fact been an Ideal and a Battleground all along - the site of the 100 years info-war."



  27. Links 21/1/2022: RISC-V Development Board and Rust 1.58.1

    Links for the day



  28. IRC Proceedings: Thursday, January 20, 2022

    IRC logs for Thursday, January 20, 2022



  29. Gemini Lets You Control the Presentation Layer to Suit Your Own Needs

    In Gemini (or the Web as seen through Gemini clients such as Kristall) the user comes first; it's not sites/capsules that tell the user how pages are presented/rendered, as they decide only on structural/semantic aspects



  30. The Future of Techrights

    Futures are difficult to predict, but our general vision for the years ahead revolves around more community involvement and less (none or decreased) reliance on third parties, especially monopolistic corporations, mostly because they oppress the population via the network and via electronic devices


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts