11.25.21

Gemini version available ♊︎

Links 25/11/2021: LibreOffice 7.2.3 and Mesa 21.2.6 Released

Posted in News Roundup at 1:54 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Audiocasts/Shows

    • Kernel Space

      • Graphics Stack

        • mesa 21.2.6
          Hi List,
          
          It's a bit late, but here is mesa 21.2.6. Since 21.3.0 is now available,
          I think this will be the last 21.2 release (there should be 21.3.1 next
          week), barring any serious regressions in 21.2.6.
          
          Being that it's the night before a holiday here in the States, I'll let
          the press delve into all of the gory details of what's in here :) I'll
          see you all again as release manager next year for 22.0.
          
          Cheers,
          Dylan
          
        • Mesa 21.2.6 Released As Likely The Last Of The Series – Phoronix

          With Mesa 21.3 having released last week and its first point release due next week, Mesa 21.2.6 has been published as likely the last update to that N-1 series for these open-source OpenGL/Vulkan drivers.

          Mesa 21.2.6 ships with various Intel OpenGL/Vulkan driver fixes, a few RadeonSI fixes, continued compatibility improvements for the Zink OpenGL-on-Vulkan, a few ACO compiler back-end fixes, and other minor fixes throughout. The Zink changes are perhaps most significant and then mostly the other usual AMD and Intel fixing churn.

    • Applications

      • Wireshark 3.6 Released With Support For World of Warcraft “WOWW” Protocol, Many Others

        Wireshark as the very useful and powerful open-source packet analyzer for networking and other communication protocols is out with a shiny new release.

        Wireshark 3.6 adds support for importing captures from text files based on regular expressions, much improved RTP player support, adding of USB Link Layer reassembly, improvements to the user’s guide and documentation, support for decoding the Vector Informatik Binary Log File (BLF) file format, many protocol updates, and a lot of new protocols are now supported by Wireshark.

    • Instructionals/Technical

      • Touching Firefox on Linux | sunweaver’s NET

        More as a reminder to myself, but possibly also helpful to other people who want to use Firefox on a tablet running Debian…

        Without the below adjustment, finger gestures in Firefox running on a tablet result in image moving, text highlighting, etc. (operations related to copy+paste). Not the intuitively expected behaviour…

      • How to Install and Use Tmux (Terminal Multiplexer) in Linux System

        Tmux is one of the most used and useful terminal tools for Linux and Unix-like operating systems. Mostly system admins, server admins, and power Linux users use this wonderful terminal tool for more productivity and efficiency. The term Tmux is the shortened form of Terminal multiplexer that can handle multiple terminal tabs and windows simultaneously on the Linux system. The inbuilt system generates a serial number to monitor and look up each active Tmux window on the system. Though this fascinating tool was first released in 2007, from then the demand for this tool is now high. Installing and using the Tmux terminal tool is easy for both Linux server and desktop distributions.

      • Install WPS Office on Ubuntu 20.04/Debian 11 – kifarunix.com

        In this tutorial, you will learn how to install WPS Office on Ubuntu 20.04/Debian 11 desktop systems. WPS Office is a lightweight, feature-rich comprehensive office suite with high compatibility. Capable of handling texts in Writer, Presentation, Spreadsheet and PDF files. It serves as a handy and professional consultant to help you improve work efficiently.

        WPS can be used on Linux as perfect replace of LibreOffice and more so, saves the Linux enthusiasts of having to rely on running external Windows machines just for the purposes of working with documents only.

      • FreeAptitude – Be more productive with Bash aliases

        Aliases are one of the most interesting features provided by a Bash shell, and probably the last to be regularly adopted. Usually, they are intended as a way to create shortcuts to execute the most used commands followed by the options that are not assumed by default from the command itself. However, there is a more appealing way to write them that boost our productivity when executing either frequent or infrequent tasks.

      • Upgrade Ubuntu 20.04 To 22.04 LTS Jammy using Command or GUI

        Learn the commands that will fully Upgrade your Ubuntu 20.04 LTS Desktop or Server to Ubuntu 22.04 LTS set to launch in April 2022. However, even before that if anybody would like to upgrade to test the same, here are the steps to follow.

        Here in this tutorial, we will learn the simple command line and Graphical steps on how to upgrade to Ubuntu 22.04 from the previous LTS 20.04 version.

      • Install Kubernetes Using Minikube In CentOS Linux – OSTechNix

        Kubernetes can be installed and configured in a variety of ways, including on personal computers, physical servers, virtual machines, and as a cloud service. We will learn how to install a single node Kubernetes cluster using Minikube in CentOS Linux.

        For the purpose of this guide, we will install Minikube on CentOS 7 natively running on top of the virtual machine layer. Before installing Kubernetes, you need to have a basic understanding of Kubernetes and its architecture and containers. Please refer to our previous article attached below to know about the concepts.

      • How To Install Eclipse IDE on Debian 11 – idroot

        In this tutorial, we will show you how to install Eclipse IDE on Debian 11. For those of you who didn’t know, Eclipse is an open-source integrated development environment (IDE) that helps programmers develop software applications and software components by providing developers with tools to compile code, and many more. It supports many plugins to enhance the capabilities to use for other programming languages development environments such as PHP, C++, and JavaScript.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Eclipse on a Debian 11 (Bullseye).

      • How to install KVM server on Debian 9/10 Headless Server – nixCraft

        Kernel-based Virtual Machine (KVM) is a virtualization module for the Linux kernel that turns it into a hypervisor. How can I install KVM with bridged networking, setup guest operating system as the back-end virtualization technology for non-graphic Debain Linux 9.x/10.x server?

        You can use KVM to run multiple operating systems such as Windows, *BSD, Linux distribution using virtual machines. Each virtual machine has its private disk, graphics card, a network card and more.

      • How to install RVM- Ruby Version Manager on Ubuntu 20.04 LTS

        RVM- Ruby Version Manager is a tool meant to use the command line for installing and managing the various ruby versions easily. Here we see the commands for installation of RVM on Ubuntu 20.04 LTS Focal fossa.

      • How to stop Firefox from auto updating in Linux

        In Linux, Firefox has this bad habit of wanting to update itself when you’re not ready to perform that task. And it will not let you open a new tab or window until you allow it to apply the update. I find it very annoying. There are any number of knobs you can tune to disable this feature in about:config, but there’s no guarantee that they’ll work as expected. And if you use more than one Firefox profile, as most power users do, you’ll have to tune about:config for each profile. In this post, I’ll show you how to do it system-wide, and it’s guaranteed to work.

        With the default setting, Firefox will download and install the update in the background, and then throw up the prompt shown here when you want to open a new tab or window. That means you won’t be able to open that new tab or window until you agree to restart Firefox. And that almost always happens when I’m in the middle of doing something very important and not ready to restart Firefox.

      • How to Use lshw in Linux (With a Practical Example) – CloudSavvy IT

        What if there was a command which would let you, in an easy-to-read format, view all of the hardware in your Linux system? Welcome to lshw, the great tool often overlooked even by seasoned Linux professionals.

      • How to Set Hostname in Docker Compose

        Wondering how to set hostname in Docker Compose? I’ll show you that.

      • How to Index Your Docker Image’s Dependencies With Syft – CloudSavvy IT

        Syft is a CLI utility that generates a Software Bill of Materials (SBOM) for container images. An SBOM is a catalogue of dependencies used by your image. It gives you visibility into the “materials” that form your image’s filesystem.

        Producing an SBOM can help you identify overly complex package supply chains that put you at risk of dependency confusion attacks. Distributing an SBOM alongside your image informs users of what lies below the surface. This provides a useful starting point when tightening supply chain security.

        Syft is developed by Anchore which also offers a complete container scanning engine. The Syft CLI is capable of extracting package lists from images using popular operating systems and programming languages. Both Docker and OCI images are supported.

      • How to Mount or Symlink a Single File in a Docker Container – CloudSavvy IT

        Docker volume and bind mounts are used to bind directories on the host OS to locations in the container’s file system. While they’re commonly used to mount entire directories, you can also use them to symlink individual files.

      • How (and Why) to Run Docker Inside Docker – CloudSavvy IT

        Running Docker inside Docker lets you build images and start containers within an already containerized environment. There are two possible approaches to achieve this depending on whether you want to start child or sibling containers.

        Access to Docker from inside a Docker container is most often desirable in the context of CI and CD systems. It’s common to host the agents that run your pipeline inside a Docker container. You’ll end up using a Docker-in-Docker strategy if one of your pipeline stages then builds an image or interacts with containers.

    • Games

      • Real-time explosive tower defense arrives in Sky Fleet on December 17 | GamingOnLinux

        Build up an army and speed around the skies in your air ship in Sky Fleet, the action-based tower defense game arriving on Steam on December 17.

        You build up your squad, place down various defences and engage in fast-paced real-time shoot-outs, while speeding around various floating islands. At the same time you need to deal with resources, so it plays out quite like an RTS, as you and enemies compete for them to try and assault their stronghold.

      • Nina Aquila: Legal Eagle adds Linux support in the new update | GamingOnLinux

        Along with a major upgrade to the base game, Nina Aquila: Legal Eagle, Season One now has native Linux support. This game was originally available via itch.io and Newgrounds, where it was quite popular, with the Steam version bundling all content together.

        Update version 5 added Linux support, new animations, Steam Cloud support, improved performance for low-spec machines and various other improvements.

      • Valheim gets a new patch, plus teasers for Mistlands and Caves | GamingOnLinux

        Iron Gate are showing off more of what’s to come with the next major upgrade for Valheim, along with a small content patch. First up we have patch 0.205.5 which is out now and it includes a new armour set, along with something stirring in the swamps – oh no, it’s scary enough.

      • Godot Engine gets AMD FidelityFX Super Resolution | GamingOnLinux

        The free and open source Godot Engine recently had support for AMD FidelityFX Super Resolution merged into the code, ready for the next big release. A wonderful case of open source tech meeting together.

        What is FidelityFX Super Resolution (FSR)? Put simply: a fancy upscaler. FSR allows you to bring down the rendering resolution and have FSR boost it up to a higher resolution, giving you a clear picture. The result is that you should see better performance than simply using the native resolution – something 4K users seem quite happy about.

      • Humble puts up the Best of Sandbox bundle with some good picks | GamingOnLinux

        They might not actually be the “best” but still pretty good. The Humble Best of Sandbox Bundle is live now. This time around is a pretty interesting mix, both with games that have Linux native builds and others that work just fine with the Steam Play Proton compatibility layer.

      • Steam Play Proton 6.3-8 out with initial BattlEye support, CEG DRM and more games | GamingOnLinux

        Probably one of the more exciting releases of Proton lately, with lots of what was previously in Proton Experimental now in the main release with Proton 6.3-8 out now. Be sure to check out our full Steam Play guide if you need more info.

        A big addition is the start of support for BattlEye games. Before getting overly excited though, this is just the start of it with only Mount & Blade II: Bannerlord and ARK: Survival Evolved confirmed to be supported by Valve. This is what was previously announced, with developers only needing to get in touch with BattlEye to have it turned on.

        We also have the older CEG DRM now hooked up and working, bringing with it more classics working that relied on it.

        On top of that there’s even support for NVIDIA DLSS for games that use DirectX 11 and 12, although it still needs you to make some manual adjustments to turn it on for now which includes using this launch option PROTON_ENABLE_NVAPI=1 %command% and also setting dxgi.nvapiHack = False in a DXVK configuration file.

    • Desktop Environments/WMs

      • GNOME Desktop/GTK

        • This GTK App Checks Contrast Ratio Between 2 Colors in Ubuntu Linux

          Designers and website developers may sometimes need to check WCAG color contrast to make web content more accessible to people with disabilities.

          Without using an online website each time, Linux has a stylish GTK4 app “Contrast” which allows to check whether the contrast between two colors meet the WCAG requirements.

          The app has a simple user interface that displays one color as background and another as font color of the text. By clicking on the double arrow icon between two color codes, it reverses background color as text font and font color as background.

    • Distributions

      • Alpine Linux 3.15 bids a fond farewell to MIPS64 support

        The compact Linux distribution Alpine has gained the latest LTS Linux kernel with the update to version 3.15, but fans must say goodbye to support for the MIPS64 architecture.

        The release is the first in the 3.15 stable series and, as well as the 5.15 LTS Linux kernel, received a raft of updated tools and components, including the 16.13 LTS version of Node.js (version 17 is also included) and GNOME 41.

        There is also some initial support for UEFI secure boot on x86_64, but the time has come to say goodbye to the MIPS64 port.

        “The architecture is EOL,” notes the release blog. “The mips64 builder is gone. There is no way we can build any packages anymore, we can no longer fix any security issues, so it’s prudent to officially decommission mips64.”

      • New Releases

        • MX Linux has Released a New Edition for Newer Hardware – It’s FOSS News

          MX Linux 21 was officially unveiled last month while introducing a new Fluxbox edition. However, the Advanced Hardware Support (AHS) ISO was not a part of it.

          Recently, MX Linux announced the availability of MX Linux 21 AHS and a new AHS repo for existing MX Linux 21 users.

          In this article, let us explore more about it.

        • Endless OS 4.0 is a Long-Term Support Version with Usability Improvements – It’s FOSS News

          Endless OS is a Debian-based Linux distro that focuses on bundling several important applications and resources to help make the most out of your computer without needing an internet connection.

          It is primarily tailored for education and for users who do not have constant access to the internet. And, if you are connected to the internet, there are tools to help you browse the web and stay in touch with friends/family.

          And, their latest release, Endless OS 4.0, is a Long-Term Support version that comes with several improvements. Let us take a brief look at it.

        • Endless OS 4.0 is Out as a Long-Term Supported Release

          Rebuilt on the base of Debian 11 Bullseye, Endless OS 4.0 is here with improved app grid navigation, fast user switching, and many other improvements.

          The developers of Endless OS have just announced the release of Endless OS 4.0. It’s a major update and it focuses mainly on helping users to take advantage of their internet connection when they suppose to have it.

        • Endless OS 4.0.0 Release Notes | Endless OS Support Site

          What’s new in this major release of Endless OS?

      • Arch Family

      • IBM/Red Hat/Fedora

        • Five data centers, 150TB images downloaded weekly, 1m+ cores – Now, that’s a storage challenge [Ed: "Sponsored by Red Hat" it says at the bottom. The Register has become a total joke, running ads as though they're articles. This is not journalism but churnalism.]

          For the last eight years, Red Hat Ceph has been at the heart of Workday’s storage strategy, in a collaboration that has spawned upstream contributions from the Workday and Red Hat engineering teams that the entire community benefit from.

        • How we implemented an authorization cache for Envoy proxy

          This is the second article in a two-part series about an authorization cache we developed for the Envoy open source proxy as a part of Google Summer of Code 2021. The first article in the series showed the design of our cache, based on Proxy-Wasm and integrated with Red Hat 3scale API Management. In this part, we focus on the implementation aspect of the design described in the previous article (check it out if you haven’t already).

        • Build and extend containerized applications with Project Thoth

          Container technologies have created a de facto industry standard for developing, deploying, and shipping applications. Containers make it possible to provide more maintainable and self-sustaining runnable units that can be directly managed using cluster orchestrators such as Kubernetes and Red Hat OpenShift.

          This article is for developers interested in using intelligent package management to control the quality of container images and provide more robust containerized runtime environments. Our discussion is based on Project Thoth for Python, one of the world’s most popular programming languages. The ideas we present can be generalized to other language ecosystems.

        • 9 ways to show gratitude to your team

          Your company can have the most innovative tech on the block, but it won’t amount to much if you don’t have a solid team behind you that feels supported. The Great Resignation is at least somewhat reflective of people finally realizing their worth and proves how important it is for leaders to show employees how much they are appreciated.

          Showing gratitude is especially pertinent this year as many employees work from home and don’t get to experience the camaraderie of in-office relationships and support they may have previously enjoyed. Sharing your thanks with employees helps to boost morale. And gratified employees will take more pride in their work.

        • 5 automation and RPA must-reads

          When you say “automation,” some IT people picture job-stealing robots. IT leaders will need to know how to allay that worry in the months and years to come. But here’s a piece of good news: Some forward-looking IT leaders are finding automation actually has talent retention benefits, as David Egts, chief technologist, North America Public Sector, Red Hat, recently wrote.

          “Automation is an effective way to help businesses become more resilient, but it also helps retain the key talent you have and attract new talent to up-level your team,” Egts notes. How? Teams that have made progress on the automation journey are seeing benefits including an increased sense of belonging, for example:

          “Many organizations have gone from siloed automation to automation communities of practice that span these silos. Instead of tasks being manually executed or even automated in isolated pockets of an organization, an automation community of practice lets everyone share their best ideas and build on each other’s work.

          So rather than belonging to the employee, the processes belong to the community of practice with authorship attribution back to the author. Plus, the community contributors identify with the community because their contributions and spans of influence visibly and positively impact the entire organization in ways they couldn’t do as individuals,” said Egts.

        • Top 15 articles sysadmins are thankful for | Enable Sysadmin

          Enable Sysadmin has published hundreds of articles; these are the favorites sysadmins turn to month after month.

        • What are you thankful for at work?
        • Tomasz Torcz: ACME & FreeIPA – super easy

          This post will be short. Recent FreeIPA versions contain ACME server implementation, which makes TLS certificate issuance a breeze.

        • Mark J. Wielaard » Blog Archive » Valgrind 3.18.1

          3.18.1 fixes a number of bugs and adds support for glibc-2.34, and for new platforms x86/FreeBSD and amd64/FreeBSD. Debuginfo reading is faster, and Rust demangling has been improved. For PPC64, ISA 3.1 support has been completed, and some newer ARM64 and S390 instructions are also supported. See the release notes for details of changes. Note, 3.18.0 had no formal release — it was pulled at the last minute due to a packaging problem.

        • CPE Weekly Update – Week of November 22nd – 26th – Fedora Community Blog

          Purpose of this team is to take care of day to day business regarding CentOS and Fedora Infrastructure and Fedora release engineering work. It’s responsible for services running in Fedora and CentOS infrastructure and preparing things for the new Fedora release (mirrors, mass branching, new namespaces etc.). The ARC (which is a subset of the team) investigates possible initiatives that CPE might take on.

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Productivity Software/LibreOffice/Calligra

        • LibreOffice 7.2.3 Released with More Than 100 Bug Fixes, Download and Update Now

          Released in mid-August 2021, the LibreOffice 7.2 office suite series comes with many new features and improvements, such as native support for Apple M1 machines, improved interoperability with the MS Office document formats, and dozens of UI enhancements for a better user experience.

          LibreOffice 7.2.3 is here today one and a half months after the LibreOffice 7.2.2 point release to fix even more bugs and security issues. A total of 112 bug fixes and improvements to document compatibility are included in this update.

        • The Document Foundation announces LibreOffice 7.2.3 Community

          The Document Foundation announces LibreOffice 7.2.3 Community, the second minor release of the LibreOffice 7.2 family targeted at technology enthusiasts and power users, which is available for download from https://www.libreoffice.org/download/. This version includes 112 bug fixes and improvements to document compatibility.

          LibreOffice 7.2.3 Community is also available for Apple Silicon from this link: https://download.documentfoundation.org/libreoffice/stable/7.2.3/mac/aarch64/.

          For enterprise-class deployments, TDF strongly recommends the LibreOffice Enterprise family of applications from ecosystem partners, with long-term support options, professional assistance, custom features and Service Level Agreements: https://www.libreoffice.org/download/libreoffice-in-business/.

          LibreOffice Community and the LibreOffice Enterprise family of products are based on the LibreOffice Technology platform, the result of years of development efforts with the objective of providing a state of the art office suite not only for the desktop but also for mobile and the cloud.

        • Czech translation of the LibreOffice Draw Guide 7.1

          Our team has finished translating the LibreOffice Draw Guide 7.1. As usual, it was a team effort, namely: translations by Petr Kuběj, Zdeněk Crhonek, Radomír Strnad, Ludmila Chládková; text corrections by Marcela Tomešová, Martin Kasper, Eva Kmochová, Věra Dvořáková; localized pictures by Roman Toman; and technical support from Miloš Šrámek. Thanks to all of the team for their work!

      • Education

        • 10 Best Free and Open Source Linux Educational Games

          Educational games are games designed to teach people, typically children, about a certain subject or help them learn a skill as they play. Sometimes this type of software is known as games edutainment because they combine education and entertainment.

          This type of software aids the ‘normal’ learning process, either by helping the individual to absorb new information, or as a support for recalling information already learned. Educational programs, especially those for the youngest students, are often designed with the idea of ‘learn through play’. Many children are easily bored, and they are much more likely to be attentive if they find the activity or task to be enjoyable.

      • FSFE

        • Upcycling Android: Keep using your phone with Free Software

          It is the European Week for Waste Reduction, a week that is dedicated to promoting the reuse of products and materials and to helping save resources and reduce waste in everyday life. The FSFE joins in with the new initiative “Upcycling Android” – an initiative to help saving resources by reusing one of our most valuable devices of our daily life, our phones.

          Every year, manufacturers produce 1.5 billion phones worldwide – and unfortunately, probably almost as many are thrown away after what is usually a far too short hardware lifespan. The short lifespan of these phones often stems from so-called “software obsolescence”, the situation in which users are faced with the dilemma of either buying new hardware or living with outdated software. The environmental consequences of these short hardware lifespans can be dire. To help users in overcoming this problem, with Upcycling Android we enable people to upcycle Android phones with Free Software. Every time we keep using our current phone instead of buying a new one we help avoid the production of new phones and the growing disposal of e-waste.

      • Public Services/Government

        • Schleswig-Holstein dumps Vole in favour of open source

          The north-German state of Schleswig-Holstein plans to switch to open-source software, reports Mike Saunders from LibreOffice.

          By the end of 2026, Microsoft Office is to be replaced by LibreOffice on all 25,000 computers used by civil servants and employees (including teachers), and the Windows operating system is to be replaced by GNU/Linux.

          Apparently it is a done deal and already codified by the Schleswig-Holstein state parliament.

          The state’s digital minister Jan Philipp Albrecht said that part of the transition to open source is already in the works, and pointed out that 90 percent of state administration conferencing is conducted using the open source video conferencing platform Jitsi.

        • 25,000 German state computers will bid goodbye to Windows and say Hello to Linux

          The German state of Schleswig-Holstein has decided that it’s done with closed, proprietary Windows and is moving to open-source Linux/GNU by the end of the year 2026.

          The first step will be in the form of migrating around 25,000 computers to The Document Foundation’s LibreOffice from Microsoft’s Office suite of applications and then eventually moving all these devices over to Linux by dumping Windows entirely. These 25,000 computers are going to be “used by civil servants and employees (including teachers)” essentially implying that a large part of the state-run administration and the education sector will be embracing the open-source way.

      • Programming/Development

        • NVIDIA’s Open-Source Image Scaling SDK 1.0 Released – Phoronix

          Last week NVIDIA announced the Image Scaling SDK as an open-source, cross-platform GPU image upscaling implementation that with their own hardware makes use of DLSS. Following the brief exposure over the past week, NVIDIA Image Scaling SDK 1.0 has been formally christened.

          The NVIDIA Image Scaling SDK can work on the likes of Intel and AMD Radeon hardware via the SDK’s generic compute shaders that are MIT licensed. Integrating the NVIDIA Image Scaling SDK does require integration on part of the game/engine developer.

        • Tips for formatting when printing to console from C++ | Opensource.com

          When I started writing, I did it primarily for the purpose of documenting for myself. When it comes to programming, I’m incredibly forgetful, so I began to write down useful code snippets, special characteristics, and common mistakes in the programming languages I use. This article perfectly fits the original idea as it covers common use cases of formatting when printing to console from C++.

        • Rust

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • When the IoT vendor goes bust

          Over recent years, legislation has started to emerge to protect consumers from unethical behaviour from IoT vendors. Far too many smart devices didn’t charge for a subscription to the online platform that made the device ‘smart’. As a result, manufacturers had a perverse incentive to end-of-life product in order to sell you their next great smart thing.

          A good example of this was the Revolv home hub: Google’s Nest division acquired the firm behind the $300 hub. Two years later, they shut the platform down, leaving consumers with a pile of useless electronics, orphaned from the platform. Uproar ensued, resulting in the US FTC investigating. Fortunately for Revolv owners, the FTC ruled in their favour and made Google compensate hub owners.

          Sonos owners will recall a similar kerfuffle around their ‘recycle mode’ that killed the device when one traded up for a newer product, among many negative press stories around the length of product support.

          Existing and planned regulation for IoT is increasingly having manufacturers state up front how long they will support the product for. Whilst some legislation is focussed on the longevity of product security updates, others focus on length of platform support.

          This is good: it will allow consumers to make informed decisions about the smart products they buy. I, for one, don’t expect to be replacing a smart door lock after a couple of years simply because the manufacturer wanted to sell me a newer version.

        • Security

          • Researchers Detail Privilege Escalation Bugs Reported in Oracle VirtualBox

            A now-patched vulnerability affecting Oracle VM VirtualBox could be potentially exploited by an adversary to compromise the hypervisor and cause a denial-of-service (DoS) condition.

            “Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox,” the advisory reads. “Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DoS) of Oracle VM VirtualBox”

          • How the SAML Standard Provides Single Sign-On Services – CloudSavvy IT

            Single Sign-On and zero trust networks depend on securely passing identification details back and forth between users, identity providers, and service providers. SAML is the glue that lets that happen.

          • Security updates for Thursday

            Security updates have been issued by Fedora (busybox, getdata, and php), Mageia (couchdb, freerdp, openexr, postgresql, python-reportlab, and rsh), openSUSE (bind, java-1_8_0-openjdk, and kernel), SUSE (java-1_7_0-openjdk), and Ubuntu (icu).

          • What is the OSI Model – 7 Layers of OSI Model Explained

            International Organization for Standardization (ISO) developed the OSI model in 1984.

            OSI model is an acronym for Open System Interconnect.

            The OSI model is a model that allows us to categorize network communications and divide different activities of the network in seven conceptual layers.
            This model tries to explain how the data of an application passes through the device and out in the physical network using the seven conceptual steps or layers.

            In simpler words, it explains how one application performs different steps to communicate its data to another application running on a different device.

            The OSI model was created for creating a common industry standard, which could have helped inter-operability between different vendors.

            However, this model did not gain a lot of popularity. So it is used as a reference or a teaching tool today. The OSI model does not directly match the networking systems we use in reality, but it is still useful because it describes the several processes used in electronic communication.

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

            • New Linux malware hides in cron jobs with invalid dates [Ed: This is not a "Linux" issue; it's about applications that run over the Web and have holes in them, maybe because admins do not patch them]

              Security researchers have discovered a new remote access trojan (RAT) for Linux that keeps an almost invisible profile by hiding in tasks scheduled for execution on a non-existent day, February 31st.

              Dubbed CronRAT, the malware is currently targeting web stores and enables attackers to steal credit card data by deploying online payment skimmers on Linux servers.

          • Privacy/Surveillance

            • SUCCESS! New German government calls for European ban on biometric mass surveillance – Reclaim Your Face

              The newly-agreed German government coalition has called for a Europe-wide ban on public facial recognition and other biometric surveillance. This echoes the core demands of the Reclaim Your Face campaign which EDRi has co-led since 2020, through which over 65 civil society groups ask the EU and their national governments to outlaw biometric data mass surveillance.

              Today, 24 November 2021, the new German government announced their highly-anticipated coalition deal, including the strongest commitments seen so far in Europe to “rule … out” “biometric recognition in public”. They further called to “reject comprehensive video surveillance and the use of biometric recording for surveillance purposes”.

              The center-left Social Democrats (SPD), the environmentalist Greens and the business-focused Free Democrats (FDP) jointly emphasised the vital importance of anonymity in public as well as online. Their statement echoes the demands of over 65 groups in the Reclaim Your Face campaign, co-led by EDRi.

    • Censorship/Free Speech

      • Dead and Alive: Affidavits filed by States and High Courts reveal 470 pending cases under the struck down S.66A

        The People’s Union of Civil Liberties (PUCL), with IFF’s legal assistance, had filed an application in the Supreme Court (SC) seeking directions to ensure that authorities do not prosecute individuals under S.66A of the Information Technology Act, 2000 (IT Act, 2000), which the SC had struck down in Shreya Singhal vs Union of India (2015). On Aug 8th, 2021, SC issued notice to all States/UTs and High Courts. 8 HCs and 6 States have replied to the application and they demonstrate the widespread non-compliance with the decision in Shreya Singhal. We await responses from other States/UTs and High Courts.

        [...]

        In March 2015, S.66A was declared unconstitutional by the Hon’ble Supreme Court in Shreya Singhal v. Union Of India as it violated the right to freedom of expression guaranteed under Article 19(1)(a) of the Constitution of India. The Court found that S. 66A was vague and could be arbitrarily interpreted to penalize even innocent speech. Significantly, the Court found that the provision was not ‘severable’ i.e., no part of the section could be saved and the provision as a whole was declared unconstitutional. This means that the provision was void ab initio i.e was deemed to never have existed on the statute books. The effect should have been that Courts ought to have dismissed all pending cases under S.66A, and authorities ought not to have instituted fresh cases under S. 66A.

        However, the story did not end there. In 2018, a study by Apar Gupta and Abhinav Sekhri highlighted that authorities continued to prosecute individuals under S.66A even after Shreya Singhal. Subsequently, in 2019, PUCL, one of the original petitioners in Shreya Singhal, approached the Supreme Court seeking directions to ensure the implementation of Shreya Singhal. In February 2019, the Supreme Court directed the Union of India to ensure compliance with its decision by making available copies of the judgment to Chief Secretaries of States/UTs across the country. The Chief Secretaries, in turn, were directed to sensitise police departments across the country.

    • Internet Policy/Net Neutrality

      • Burkina Faso must immediately end its internet shutdown

        ccess Now and the #KeepItOn coalition are demanding that the government of Burkina Faso reinstate internet access for all, and without exception.

        It has now been five days since authorities shut down the internet on November 20, citing vague “public safety” and “national defence” reasons. Today, the Kaboré government has extended the blackout until November 27.

        “The #KeepItOn coalition is outraged that the government of Burkina Faso shut down the internet,” said Felicia Anthonio, Campaigner and #KeepItOn Lead at Access Now. “Authorities made a bad decision earlier this week when they disconnected millions, but today’s 96-hour extension truly reflects their blatant contempt for human rights.”

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

Leave a Comment

You must be logged in to post a comment.

DecorWhat Else is New


  1. IRC Proceedings: Monday, December 06, 2021

    IRC logs for Monday, December 06, 2021



  2. [Meme] Rowing to the Bottom of the Ocean

    The EPO‘s Steve Rowan (VP1) is failing EPO staff and sort of “firing” workers during times of crisis (not at all a crisis to the EPO’s coffers)



  3. EPO Gradually Reduced to 'Fee Collection Agency' Which Eliminates Its Very Own Staff

    Mr. Redundancies and Mr. Cloud are outsourcing EPO jobs to Microsoft and Serco as if the EPO is an American corporation, providing no comfort to long-serving EPO staff



  4. Linux Foundation 2021 Annual Report Made on an Apple Mac Using Proprietary Software

    Yes, you’re reading this correctly. They still reject both “Linux” and “Open Source” (no dogfooding). This annual report is badly compressed; each page of the PDF is, on average, almost a megabyte in size (58.8 MB for a report of this scale is unreasonable and discriminates against people in countries with slow Internet connections); notice how they’re milking the brand in the first page (straight after the cover page, the 1991 ‘creation myth’, ignoring GNU); remember that this foundation is named after a trademark which is not even its own!



  5. Links 7/12/2021: OpenIndiana Hipster 2021.10 and AppStream 0.15

    Links for the day



  6. Microsoft “Defender” Pretender Attacks Random Software That Uses NSIS for installation; “Super Duper Secure Mode” for Edge is a Laugh

    Guest post by Ryan, reprinted with permission



  7. Links 6/12/2021: LibreOffice Maintenance Releases, Firefox 95 Finalised

    Links for the day



  8. “Wintel” “Secure” uEFI Firmware Used to Store Persistent Malware, and Security Theater Boot is Worthless

    Guest post by Ryan, reprinted with permission



  9. No Linux Foundation IRS Disclosures Since 2018

    The publicly-available records or IRS information about the Linux Foundation is suspiciously behind; compared to other organisations with a "tax-exempt" status the Linux Foundation is one year behind already



  10. Jim Zemlin Has Deleted All of His Tweets

    The Linux Foundation‘s Jim Zemlin seems to have become rather publicity-shy (screenshots above are self-explanatory; latest snapshot), but years ago he could not contain his excitement about Microsoft, which he said was "loved" by what it was attacking. Days ago it became apparent that Microsoft’s patent troll is still attacking Linux with patents and Zemlin’s decision to appoint Microsoft as the At-Large Director (in effect bossing Linus Torvalds) at the ‘Linux’ Foundation’s Board of Directors is already backfiring. She not only gets her whole salary from Microsoft but also allegedly protects sexual predators who assault women… by hiring them despite repeated warnings; if the leadership of the ‘Linux’ Foundation protects sexual predators who strangle women (even paying them a salary and giving them management positions), how can the ‘Linux’ Foundation ever claim to represent inclusion and diversity?



  11. Microsoft GitHub Exposé — Part IX — Microsoft's Chief Architect of GitHub Copilot Sought to be Arrested One Day After Techrights Article About Him

    Balabhadra (Alex) Graveley has warrant for his arrest, albeit only after a lot of harm and damage had already been done (to multiple people) and Microsoft started paying him



  12. The Committee on Patent Law (PLC) Informed About Overlooked Issues “Which Might Have a Bearing on the Validity of EPO Patents.”

    In a publication circulated or prepared last week the Central Staff Committee (CSC) of the EPO explains a situation never explored in so-called 'media' (the very little that's left of it)



  13. Links 6/12/2021: HowTos and Patents

    Links for the day



  14. IRC Proceedings: Sunday, December 05, 2021

    IRC logs for Sunday, December 05, 2021



  15. Gemini Space/Protocol: Taking IRC Logs to the Next Level

    Tonight we begin the migration to GemText for our daily IRC logs, having already made them available over gemini://



  16. Links 6/12/2021: Gnuastro 0.16 and Linux 5.16 RC4

    Links for the day



  17. Links 5/12/2021: Touchpad Gestures in XWayland

    Links for the day



  18. Society Needs to Take Back Computing, Data, and Networks

    Why GemText needs to become 'the new HTML' (but remain very simple) in order for cyberspace to be taken away from state-connected and military-funded corporations that spy on people and abuse society at large



  19. [Meme] Meanwhile in Austria...

    With lobbyists-led leadership one might be led to believe that a treaty strictly requiring ratification by the UK is somehow feasible (even if technically and legally it's moot already)



  20. The EPO's Web Site is a Parade of Endless Lies and Celebration of Gross Violations of the Law

    The EPO's noise site (formerly it had a "news" section, but it has not been honest for about a decade) is a torrent of lies, cover-up, and promotion of crimes; maybe the lies are obvious for everybody to see (at least EPO insiders), but nevertheless a rebuttal seems necessary



  21. The Letter EPO Management Does Not Want Applicants to See (or Respond to)

    A letter from the Munich Staff Committee at the EPO highlights the worrying extent of neglect of patent quality under Benoît Battistelli and António Campinos; the management of the EPO did not even bother replying to that letter (instead it was busy outsourcing the EPO to Microsoft)



  22. IRC Proceedings: Saturday, December 04, 2021

    IRC logs for Saturday, December 04, 2021



  23. EPO-Bribed IAM 'Media' Has Praised Quality, Which Even EPO Staff (Examiners) Does Not Praise

    It's easy to see something is terribly wrong when the people who do the actual work do not agree with the media's praise of their work (a praise motivated by a nefarious, alternate agenda)



  24. Tux Machines is 17.5 Years Old Today

    Tux Machines -- our 'sister site' for GNU/Linux news -- started in 2004. We're soon entering 2022.



  25. Approaching 100

    We'll soon have 100 files in Git; if that matters at all...



  26. Improving Gemini by Posting IRC Logs (and Scrollback) as GemText

    Our adoption of Gemini and of GemText increases; with nearly 100,000 page requests in the first 3 days of Decembe (over gemini://) it’s clear that the growing potential of the protocol is realised, hence the rapid growth too; Gemini is great for self-hosting, which is in turn essential when publishing suppressed and controversial information (subject to censorship through blackmail and other ‘creative’ means)



  27. Links 4/12/2021: IPFire 2.27 Core Update 162 and Genode OS Framework 21.11

    Links for the day



  28. Links 4/12/2021: Gedit Plans and More

    Links for the day



  29. Links 4/12/2021: Turnip Becomes Vulkan 1.1 Conformant

    Links for the day



  30. IRC Proceedings: Friday, December 03, 2021

    IRC logs for Friday, December 03, 2021


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts