It's no secret Windows is a ransomware magnet. According to VirusTotal, 95% of all ransomware attacks go after Microsoft's operating system. And anyone who follows Windows news has likely seen the numerous reports of ransomware raining on the operating system's parade wherever it can, including with regards to pedestrian functions such as Windows-based printing.
As such, it's little surprise that a business unwilling to tolerate ransomware headaches would make the move to abandon the OS altogether and go with a safer alternative, assuming they don't have a need for the specific functionalities Windows affords.
In addition to the Btrfs updates, the EXT4 and XFS file-system maintainers submitted their feature changes already for the in-development Linux 5.17 kernel.
The main feature change for XFS with Linux 5.17 is the mount code only trying to free stale CoW staging extents if the file-system unmounted cleanly. In turn this means XFS mount times should be lower, especially for file-systems supporting reflinks and having a large number of allocation groups.
Over the past two years work has been ramping up a lot on Compute Express Link (CXL) enablement for the Linux kernel and with the in-development Linux 5.17 there is more feature code landing.
The newest CXL subsystem support in place is CXL 2.0 memory hotplug handling, which is handled somewhat similarly to PCI. The ACPI SRAT Physical Address to Proximity Domain information is also extended for handling possible performance-class and memory-target nodes dynamically created from CXL memory.
Qualcomm only announced the Snapdragon 8 Gen 1 and X65 platforms at the end of November but already they have managed to provide timely mainline support for these latest high-end SoCs. This is great to see compared to the days of slow to materialize mainline support for new Arm SoCs, which still persists among some vendors with either belated mainline support or only focusing on vendor downstream kernels. The big batch of Arm SoC/platform changes have landed for Linux 5.17.
The big set of Arm platform/SoC changes is all ready for mainline Linux 5.17. New SoCs now supported by the mainline Linux 5.17 kernel include the Qualcomm Snapdragon 8 Gen 1, Snapdragon SDX65, NXP i.MX8ULP, Texas Instruments J721S2, and Renesas R-Car S4-8. Seeing prompt support for the Snapdragon 8 Gen 1 is exciting for that recently-announced SoC manufactured on a 4nm process and over the Snapdragon 888 advertises 20% better CPU performance and 30% more power efficient. Besides the SoCs itself, the reference boards for the new Qualcomm SoCs are also supported with Linux 5.17.
A patch merged into Mesa 22.0 on Tuesday for Intel's "ANV" open-source Vulkan Linux driver is helping bump up the perforrmance in modern games.
The one-line patch can help modern games both native and via Steam Play (Proton + DXVK) by a few percent. The change is simply increasing the binding table pool size from 4KB to 64KB.
Intel's new Arc Alchemist DG2 GPUs were meant to launch in Q1 2022 but now that's a mess and it's sometime in 2022, but Intel has been helping the Linux community by kick-starting their Xe HP pipeline optimization from the get-go so that Linux users wouldn't have to wait for compatibility.
But then rolls in Mesa 22.0 which will have pixel pipeline optimizations, boosts to OpenGL and Vulkan performance in Intel discrete GPUs -- offering up to 40% more performance. In something like Unigine Valley, there was a huge 40% performance gain in Mesa 22.0 with Intel DG2-448 hardware. DOTA2 for example, had up to 30% more performance while Xonotic had up to 14% more performance... impressive numbers.
The conventional method to download ISO is best when you have access to Graphical User Interface (GUI), but what to do when you just have a command-line interface? In this situation, you seek another system and get back with an ISO image, quite awful aha!
Maven is a popular open source build tool for used primarily for Java projects, designed to take much of the hard work out of the build process. Maven can also be used to build and manage projects written in C#, Ruby, Scala, and other languages. Maven uses a declarative approach, where the project structure and contents are described, rather then the task-based approach used in Ant or in traditional make files, for example. The Maven project is hosted by the Apache Software Foundation, where it was formerly part of the Jakarta Project.
In this guide, we will learn how to install Apache Maven on a Rocky Linux 8 server. This guide will also work for other RHEL 8 based systems like Alma Linux and Oracle Linux 8.
Node.js is an open-source, cross-platform, back-end JavaScript runtime environment that runs on the V8 engine and executes JavaScript code outside a web browser. Node. js is primarily used for non-blocking, event-driven servers, due to its single-threaded nature. It’s used for traditional web sites and back-end API services, but was designed with real-time, push-based architectures in mind. Node.js can be used both on the frontend and the backend.
NPM(Node Package Manager) is the default package manager for Node.js and also the largest repository for open-source Node.js packages.
In this tutorial we will learn how to install Node.js and npm on Rocky Linux 8 but it also works on other RHEL 8 based distributions.
One of Git’s core features is the ability to make multiple versions of your project. Often, these are used for short-term forks called “feature branches,” which get merged into master. However, sometimes it is necessary to have truly separate branches, which makes it harder to keep them in sync.
Apache, also known as Apache HTTP server, has been one of the most widely used web server applications globally for the past few decades. It is a free and open-source web application software maintained by the Apache Software Foundation. Apache provides some powerful features with dynamically loadable modules, easy integration with other software, and handling of static files, among other popular features.
In the tutorial, you will learn how to install and configure Apache (HTTPD) on Fedora 35 Workstation or Server with a free TLS/SSL certificate from Let’s Encrypt.
Java is a general-purpose, class-based, object-oriented multipurpose programming language that is popular due to the design of having lesser implementation dependencies, meaning that the compiled Java code can be run on all platforms that support Java without the need for recompilation. Java is also fast, secure, and reliable, therefore. It is widely used for developing Java applications in laptops, data centers, game consoles, scientific supercomputers, cell phones, etc.
JDK 17 (JDK 17) has brought forward new language enhancements, updates to the libraries, support for new Apple computers, removals and deprecations of legacy features, and work to ensure Java code written today will continue working without change in future JDK versions.
In the following tutorial, you will learn how to install the latest Oracle Java 17 (JDK 17) on Linux Mint 20.
For users wishing to install the OpenJDK 17 version, please see the tutorial How to Install OpenJDK 17 on Linux Mint 20.
The Thunderbolt hardware interface is a relatively new technology launched in 2011 by Apple and Intel. It’s an external hardware interface to connect your external peripheral devices to your laptop/ Desktop. Thunderbolt 1 and 2 used a Mini DisplayPort (MDP) connector illustrated in the image below. However, only a few laptop models and Macbooks shipped their products with the Thunderbolt 1/ 2 interface by this time. The main reason was that for laptop brands to use the interface on their products, they had to pay high copyright fees to Intel.
This article is part of a series about open source DevOps tools for C/C++ development. If you build up your project from the beginning on a powerful toolchain, you will benefit from a faster and safer development. Aside from that, it will be easier for you to get others involved in your project. In this article, I will prepare a C/C++ build system based on CMake and VSCodium. As usual, the related example code is available on GitHub.
It’s a quick and easy process to change a user password on a system using the Linux Operating System. That is, it’s straight forward if you know the commands, which might not be obvious if your background is with other operating systems such as Microsoft Windows. This article shows how to change your user password on a Linux system.
As there are many Linux distributions, with different desktop environments with can look and feel differently, this guide focuses on how to change your password from a shell prompt. The steps below will work from a shell session within a desktop session, or when connecting remotely using SSH, and will cover how to change your Linux password or reset your or another user password.
The article Why you should migrate your Java workloads to OpenShift described the benefits of moving a Java application to Red Hat OpenShift, and the tools that help in this effort. Now we'll walk through how to actually do the migration.
For this exercise, we're going to use the Red Hat JBoss Enterprise Application Platform (EAP) getting-started kitchen-sink application, but with some modifications to use MySQL as the database. You can find the source code in the eap-quickstarts GitHub repository.
ProtonUp-Qt is the fantastic and simple way to download and upgrade the Linux compatibility tools Proton-GE, Luxtorpeda, Boxtron or Roberta for Steam and works with both Lutris and Heroic Games Launcher too.
This allows you to easy get these external tools, and have them added to Steam directly so you can pick them as you preferred compatibility option for running games. Proton-GE can sometimes run games that the official Proton can not, Luxtorpeda gives you access to lots of native Linux game engines (like OpenMW for Morrowind), Boxtron for native DOSBox and Roberta for ScummVM. Add to that the ability to easily add newer Wine to Lutris and Heroic and Linux gaming looks easier than ever.
How about some better performance for emulating the PlayStation 2? That's what you're going to get with Vulkan support now hooked up nicely in PCSX2.
Writing on Twitter the official account said: "A lot of people were asking for a Vulkan renderer and courtesy of Stenzek (Duckstation) it is finally here! It performs better than OpenGL in a lot of cases on similar blending levels so it should make a couple of harder to run games much easier to play! Thanks Sten!".
The first major upgrade to Spring RTS in years is here with version 106.0, which has some major architectural changes to the popular game engine. For those who need something of a refresher: Spring RTS starting off life as TASpring to bring the classic Total Annihilation into 3D. It later expanded into a more generic RTS game engine, that has spawned a big community and multiple different games.
Seems this release took a while, as there were differing opinions on where to take Spring RTS next. They needed to do something though, as Spring was just falling behind on everything so thankfully one developer decided to tag a new release with all the previous development changes.
Slay the Spire, one of the games that helped to really push the popularity of deck-builders is back with a fresh Beta build, this time getting ready for the Steam Deck.
Bringing support for Steam Input, this should hopefully give Slay the Spire better gamepad support overall, not just for the Steam Deck but that's of course the biggest reason to do it right now. The update also additionally adds Finnish language support, and updates for other localizations. There's also a removal of "excessive" display config loading and an update for log4j to prevent any future security problems.
As we come closer to the February launch date of the Steam Deck, it appears Valve are now starting to actually go through and tick titles for their Deck Verified program.
Reports coming in that were noticed thanks to updates on SteamDB, showing that Portal 2 has been through verification. It's not exactly surprising, since it's Valve's own title and Portal 2 has long worked nicely on Linux with their native port. That, and it was recently upgraded to use DXVK-Native, to give it Vulkan support too.
It’s called ‘Extension Manager‘ and it lets you search for and install GNOME extensions without needing to use a web browser.
Yeah: no web browser — which is handy on Ubuntu 21.10 (and above) since you can’t install GNOME extensions using the bundled version Firefox as it’s a Snap and thus can’t (currently) talk to the chrome-gnome-shell connector integral to the whole process.
The GNOME Shell and Mutter have checked in their new development releases for the imminent GNOME 42 Alpha milestone.
There is a lot of work as usual with these new alpha releases, especially on the Mutter side a number of notable updates for when acting as a Wayland compositor. Below is a look at some of the changes that caught my attention.
GNOME Boxes is an easy-to-use virtualization software that lets you download operating systems from within the program or use ISO files to create new virtual machines.
It is also the only program that lets you test upcoming GNOME versions, just like we tried GNOME OS.
While it remains a simplified experience now, the upcoming version brings several UI updates to give you more control and customizations.
In a tweet, Felipe Borges (maintainer) shared some early development progress with Boxes 42 alpha build.
I tried it out to give you some key highlights here.
On January 11th 2022, the Emmabuntüs Collective is happy to announce the release of the Emmabuntüs Debian Edition 4 1.01 update (32 and 64 bits), based on the Debian 11.2 Bullseye distribution and supporting both Xfce and LXQt desktop environments.
This distribution was originally designed to facilitate the reconditioning of computers donated to humanitarian organizations, starting with the Emmaüs communities (which is where the distribution’s name obviously comes from), to promote the discovery of GNU/Linux by beginners, as well as to extend the lifespan of computer hardware, in order to reduce the waste induced by the over-consumption of raw materials.
This new update of our distribution brings the addition of the Ventoy utility as part of our reuse campaign launched in early September 2020 in collaboration with our friends from Debian-Facile and Tugaleres.com in France, as well as Blabla Linux in Belgium, as we have just put online a second version of our refurbishing USB flash drive now based on Ventoy.
How do you keep up with technology change, given the rapid pace of tech advances? For CIOs and IT leaders who are looking to improve their tech skills or want to learn about the latest developments, we’ve pulled together a reading list for 2022.
Peruse these titles for a thorough dive into key technologies and the related business and leadership challenges that your organizations may encounter.
Organizational change continues to speed up and deepen, accelerated by the uncertainty and new demands brought on by the pandemic. Technology executives and their teams are almost always key to these changes because these days, most major organizational changes have a large technological component.
The simple truth is that this puts you, as a tech leader, in a difficult position because for most people, most of the time, change is hard.
At the start of November of 2021, a new kind of software vulnerability was made public: "Trojan Source," in which certain Unicode bidirectional control characters are used to write obfuscated code. These control characters can be used to create text in which the logical order seen by a programming language implementation (such as a compiler or interpreter) differs from the visual order seen by a human reading the code.
Apache ActiveMQ is a highly popular message broker that features persistence, guaranteed message delivery, and high throughput. Apache ActiveMQ Artemis streamlines the classic message broker implementation for microservices architectures. This article is for developers transitioning from ActiveMQ Classic to ActiveMQ Artemis. We will show you how to get the two versions working together using Apache Camel K. Our example is based on Red Hat AMQ versions 6 and 7, and we will perform the steps on Red Hat OpenShift 4. Our code is written in Java. The integration process and techniques should be applicable to many other scenarios.
Some of the key factors that are important for system administrators during system maintenance are how long it takes to apply system patches or updates that require a reboot and how fast the system resources can be reconfigured without disrupting the existing workloads.
Boot time is an important component of system performance as users must wait for the boot operation to complete before they can use the device. It is the time taken for a device to be ready to operate after the power has been turned on. Slow boot times would make the system owners to refuse to apply any patches or updates that require a reboot.
Dynamic logical partitioning (DLPAR) is the capability of a logical partition (LPAR) to be reconfigured dynamically, without having to shut down the operating system that runs in the LPAR. DLPAR enables memory, CPU capacity, and I/O interfaces to be moved non-disruptively between LPARs within the same server. This support exists on IBM AIX since AIX 5L. System owners expect DLPAR operations to have minimal impact on the currently running workloads.
This blog talks about the AIX 7.3 system boot and DLPAR optimizations.
AIX 7.3 comes with an optimized boot phase which will have much shorter boot time when compared to a similar configuration with earlier AIX releases. AIX 7.3 has also significantly optimized the CPU and memory dynamic LPAR operations. Both were achieved by the redesign of the Lightweight Memory Trace (LMT) infrastructure.
LMT is a critical reliability, availability, and serviceability (RAS) function on AIX, which is ON by default. To enhance the boot phase, the LMT buffer allocation which occurs early in the boot phase was redesigned and optimized. In AIX 7.3, during boot, LMT will allocate only sufficient buffer size that is sufficient to capture traces during the boot. After the boot, the LMT buffers are resized in the background without holding the boot process, there by resulting in significant improvements in boot times.
The Linux Mint distro has been busy. Not only has it pushed out release 20.3, it's also announced a deal with Mozilla, meaning vanilla Mozilla versions of Firefox and Thunderbird.
It's very hard to estimate the relative popularity of Linux distributions. Aside from a couple of paid enterprise distros, they're all free downloads without serial numbers, activation nor any other tracking mechanisms. One of the only mechanisms is the Distrowatch popularity page, although vendors dispute its accuracy.
Saying that, Mint is in third or fourth place, outranking its own upstream distro, Ubuntu, which comes sixth. Each major version of Mint is based upon the long-term support version of Ubuntu: Mint 20 is based on Ubuntu 20.04.
Like most Linux distros, Mint offers Firefox as its default browser – and Mozilla’s email client, Thunderbird. The Mint team had built these apps itself, based on changes it inherited from its parent distro, Ubuntu. Now, Mint is switching away from Ubuntu’s versions of Firefox and Thunderbird to Mozilla’s versions – skipping an intermediary.
The Linux Mint distro has been busy. Not only has it pushed out release 20.3, it's also announced a deal with Mozilla, meaning vanilla Mozilla versions of Firefox and Thunderbird.
It's very hard to estimate the relative popularity of Linux distributions. Aside from a couple of paid enterprise distros, they're all free downloads without serial numbers, activation nor any other tracking mechanisms. One of the only mechanisms is the Distrowatch popularity page, although vendors dispute its accuracy.
 Ubuntu fans! It’s time to get excited about the next big release which is Ubuntu 22.04 LTS. Yes. It is a long term support release and it will be supported for five years till April 2027.
The upcoming LTS release brings several new features. If you are using Ubuntu 20.04 LTS, you will notice numerous visual changes. If you are using Ubuntu 21.10, you already have seen plenty of changes but there will still be a few new ones in the upcoming release.
Ubuntu Desktop on Raspberry Pi arrived officially with the Ubuntu 20.10 (Groovy Gorilla) release, but it was only recommended for the Raspberry Pi 4 models with 4GB or 8GB RAM, Raspberry Pi 400, as well as Raspberry Pi CM4 (Compute Module 4).
Well, that’s about to change as Canonical wants to make Ubuntu Desktop work smoothly on the Raspberry Pi 4 model with 2GB of RAM, and the secret to this performance boost is to enable the zswap feature in the Linux kernel.
Cisco Systems, Inc. is an American multinational technology corporation that focuses on networking hardware and software. It has over 75,000 employees with its headquarters in San Jose, California.
Cisco has been participating in open source development for almost 30 years including founding projects like OpenDaylight, FD.io, VPP, PNDA, SNAS, and OpenH264, and contributing to projects like OPNFV, Kubernetes, OpenStack, Ansible, Chef, Puppet, Maven, and many others.
Like web servers on the internet, you need VR servers. But worry not, I wrote one, and an article about it was published right here about a year ago. Then, of course, you need VR-enabled web browsers, but web browsers already do support video/audio streaming (WebRTC) and VR and AR both (WebXR). Furthermore, you need a bunch of 3D content, preferably in open source standard glTF format. And luckily, Sketchfab hosts 500,000+ free 3D models, published under Creative Commons licenses by a huge number of authors. Sketchfab isn't the only company doing that, but they provide REST API to search and download any of these models.
Being in VR for quite a while now, I can tell you first hand what I miss the most: The keyboard! I write code on the keyboard, but it disappears when I put on my VR goggles. You can imagine how disruptive taking VR gear off and on is. And not just that, I need to see my code in VR. And then why stop there? Why wouldn't I see every application in VR? Many people are using two or more displays. In VR, arrange windows wherever you look. That's better than any number of screens. And once that happens, you'll be able to talk metaverse for real.
We’re happy to announce that Linux App Summit will take place in Rovereto, Italy between the 29th and 30th of April.
Linux App Summit (LAS) is a conference focused on building a Linux application ecosystem. LAS aims to encourage the creation of quality applications, seek opportunities for compensation for FOSS developers, and foster a thriving market for the Linux operating system.
This year LAS will be held as a hybrid event and attendees will be able to join virtually or in person at our venue in Rovereto.
Everyone is invited to attend! Companies, journalists, and individuals who are interested in learning more about the Linux desktop application space and growing their user base are especially welcome.
The open source Rust programming language is being integrated into operating systems and application tooling, providing better efficiency and security.
These published opinions, some about the possibility of civil war carried out over years of terrorism, bombings and political assassinations, surfaced against the backdrop of the one-year anniversary Thursday of the deadly storming of the Capitol. A white mob egged on by Donald Trump tried to halt the time-honored electoral process of transferring power peacefully to a new president. It was anything but peaceful.
Unlike the turmoil of the 1960s antiwar and civil rights movements, 9/11, the Civil War and British Redcoats during the war of 1812, it marked the first time Americans invaded the citadel of American democracy, the guiding light of their own country. They nearly succeeded in overthrowing the government. All because of that pretend Boston Tea Party patriotism riot based on Trump pursuing his Holy Grail – the presidency – by repeatedly lying that he won reelection.
On January 5, four new members of the New York City Council arrived at Rikers for an unannounced tour. Council members Alexa Avilés, Sandy Nurse, Tiffany Cabán, and Shahana Hanif visited five of the island’s eight jails, including the isolation units that should already have been shuttered.1
I cannot pass the anniversary of that first news event of childhood without returning to your poem. How from my house I watched. And watching, watched my grief-stricken parents unable to speak. How I leaned into the screen, the chords of the cries, searching for what was recognizable of fingers and thighs, of bracelets and moustaches. Macabre arrangement of bodies with names like our own. I cannot pass without your words. Something about witnessing twice removed. About distances magnified by the shift into language. Of dailyness and my own children’s vernacular and the machine. Grinding us all in its jaws. I met a girl from the camp at a reading in Beirut. She asked if we could talk about the life of poetry. Our families are hauled off to the world of the dead and every day it is on screen. In Gaza we’re watching Ferguson and in Atlanta we’re watching Jerusalem watching Minneapolis watching. Their weapons and their training programs indistinguishable. The word almost flickers for a nanosecond. Here I note the shelf-life of self-censorship, legacy of our era. Some days poems are scrawled on pieces of cardboard and carried on our shoulders at the protest like martyrs. Here I should say something about hope. Here I should say something about living.
New research out Tuesday shows that the world's oceans last year were hotter than they've ever been in recorded history—part of a long-term warming trend driven primarily by planet-wrecking fossil fuel emissions.
"This finding really underscores the urgency of acting on climate now."
Before I go through my favorite unriggings, let me start by making a general point, which some people may miss. I focus much of my writing on ways that we rig the market to give money to the Bill Gates and Moderna billionaires of the world.
The idea of restructuring the market, so that these people do not get so rich, is not just a question of punishing the wealthy. When we give these people more money, in excess of what they contribute to the economy (we have to pay people something to develop mRNA vaccines, just not as much as we did), then we are generating more demand in the economy. This has the same effect on the economy as an increase in government spending.
Let me start 2022 by heading back—way, way back—for a moment.
There are plenty of good excuses to actually not know something: it would take decades of study, it’s of no interest or value, it would cost so much money to research it that you could have saved millions of lives instead.
There are, I think, fewer good justifications for pretending to yourself (not just to others) not to know something that you actually already know or would know with a moment’s consideration, something overwhelmingly established by widely acknowledged and clear evidence, regardless of what your television might tell you.
Disasters happened all year long. Whatever could go wrong went wrong. So, ’21, it’s simply true: We’re glad to see the back of you.
“If you are neutral in situations of injustice, you have chosen the side of the oppressor. If an elephant has its foot on the tail of a mouse and you say that you are neutral, the mouse will not appreciate your neutrality.” — Archbishop Desmond Tutu
When former South Korean dictator Chun Doo-hwan passed away on November 23, Western media were forthcoming about his brutality, including his direction of the 1980 Gwangju Massacre, in which at least several hundred opponents of his regime were slaughtered. But the US role in supporting successive dictatorships in South Korea and its involvement in the 1980 massacre to preserve South Korea’s status as an American vassal state were either erased entirely, or whitewashed to distance Washington’s efforts to suppress democratic uprisings in Korea.
Healthy democracies don’t hate their teachers. But the last year has made clear that powerful Americans do—on both sides of the political spectrum. And until this changes, our democracy, our children, and our futures are in grave danger.
Queer teens at one Texas school say they're approaching a crisis point after a recent onslaught of state legislation and school board actions targeting LGBTQ youth.
Although COVID-19 has been hard on everyone, it has not been an "equal opportunity" disease. The virus poses a greater threat to those who are already in poor health, many of whom are concentrated in poor countries with weak public-health systems. Moreover, not every country can spend one-quarter of its GDP to protect its economy, as the United States did. Developing and emerging economies have faced hard financial and fiscal constraints. And because of vaccine nationalism (hoarding by rich countries), they have had to scrounge for whatever doses they can get.
First, the good news. The economy did add jobs in December, 199,000 of them, with gains in most sectors. This was less than the 440,000-job increase that some economists expected. Still, the gains are an indication of a reasonably healthy economy.
And October and November jobs numbers were revised upward by the Bureau of Labor Statistics. Meanwhile, gains were seen across a number of key sectors. The leisure and hospitality sector was up, as expected given recent trends, as were business services and manufacturing.
His response to bad news was to hide it, which is in keeping with secretive traditions of the NHS, as it is with all large institutions protecting their own interests. In the case of the NHS, the secrecy may be less obvious because a sympathetic media has been giving wall-to-wall coverage to its heroic efforts to treat victims of the pandemic.
Reporting today focuses largely on the shortage of doctors and nurses, their numbers depleted by Covid-19. Much publicity is given to short-term fixes such as sending in the army and re-employing retired medical staff.
As the Omicron variant overwhelms healthcare systems across the country, Sen. Bernie Sanders and Rep. Ro Khanna are leading a call for the Biden administration to drastically expand its plans to distribute "one of the most effective tools the federal government has at its disposal"—rapid Covid-19 tests.
Sanders (I-Vt.), Khanna (D-Calif.), and Rep. Adam Schiff (D-Calif.) led more than 40 Democrats in the House and Senate in writing to the White House Sunday, urging officials "to take additional, immediate steps to eliminate existing barriers to Covid-19 rapid tests and ensure robust access to free over-the-counter rapid tests throughout the country for the duration of the pandemic."
As U.S. Covid-19 cases surge amid an unprecedented wave of Omicron variant infections, National Institute of Allergy and Infectious Diseases Director Dr. Anthony Fauci on Tuesday parried a salvo of attacks by Republican senators, led by Rand Paul, who object to his expert-endorsed countermeasures against the unrelenting pandemic.
"I have... threats upon my life, harassment of my family and my children with obscene phone calls because people are lying about me."
Members of the National Nurses United, the nation's largest union of RNs, will hold demonstrations across the country on Thursday, January 13 to advocate for safer working conditions in hospitals and demand President Joe Biden fufill his campaign promises of protecting nurses and public health.
"As we enter year three of the deadliest pandemic in our lifetimes, nurses are enraged to see that, for our government and our employers, it's all about what's good for business, not what's good for public health," said NNU president Zenei Triunfo-Cortez, RN.
The Biden administration said Tuesday that it will contribute roughly $308 million to humanitarian assistance efforts in Afghanistan, where millions are on the brink of starvation and at risk of freezing to death in the aftermath of the U.S.-led war.
But the newly announced aid falls far short of estimates of the war-torn country's immediate needs and pales in comparison to the $9.4 billion in Afghan government assets that the Biden administration is refusing to unfreeze, despite growing pressure from progressive members of Congress and human rights advocates.
Due to problems tied to the ongoing Covid-19 pandemic, the American Red Cross on Tuesday declared its first-ever national blood shortage crisis, warning that already, "doctors have been forced to make difficult decisions about who receives blood transfusions and who will need to wait."
"We're doing everything we can to increase blood donations to ensure every patient can receive medical treatments without delay, but we cannot do it without more donors."
The European Space Agency (ESA) is inviting applications from attackers who fancy having a crack at its OPS-SAT spacecraft.
It's all in the name of ethical hacking, of course. The plan is to improve the resilience and security of space assets by understanding the threats dreamed up by security professionals and members of the public alike.
OPS-SAT has, according to ESA, "a flight computer 10 times more powerful than any current ESA spacecraft" and the CubeSat has been in orbit since 2019, providing a test bed for software experiments.
It is therefore the ideal candidate for l33t h4x0rs to turn their attention to, while ESA engineers ensure the environment is kept under control.
In a great many ransomware attacks, the criminals who pillage the victim’s network are not the same crooks who gained the initial access to the victim organization. More commonly, the infected PC or stolen VPN credentials the gang used to break in were purchased from a cybercriminal middleman known as an initial access broker. This post examines some of the clues left behind by “Wazawaka,” the hacker handle chosen by a major access broker in the Russian-speaking cybercrime scene.
Technical details and exploitation notes have been published for a remote-code-execution vulnerability in Sonicwall SMA 100 series VPN appliances.
The information was released today by infosec outfit Rapid7. This comes about a month after Sonicwall issued a patch for the security hole, which was discovered and privately disclosed by Rapid7's Jake Baines to Sonicwall in October.
If you haven't yet applied the update, now would be a good time before it's widely exploited. So far there is no evidence the programming flaw, which is present in SMA 200, 210, 400, 410 and 500v products as well as the 100, has been abused in the wild, Sonicwall said.
I see this as another manifestation of the security problems that stem from all controls becoming software controls. Back when the physical buttons actually did things — like turn the power, the Wi-Fi, or the camera on and off — you could actually know that something was on or off. Now that software controls those functions, you can never be sure.
Online forums are abuzz with reports that LastPass sent emails to users describing unauthorized login attempts with their master passwords, after one user posted about the issue on Hacker News. LastPass has since said it hasn’t leaked user information, leaving people with a lot of questions.
Greg Sadetsky, the Montreal-based technologist who wrote the post on Hacker News, calls himself a part-time involuntary “security mensch.” “I think I’m pretty paranoid,” he told Input, before adding that he has a habit of ending conversations with a reminder not to use the same password twice (“not all conversations, though,” he assured me). In the past month alone, he tells me he’s uncovered security vulnerabilities in both a COVID test company lab and the app that controls the lights above the World Trade Center. “I just want these things fixed,” he said. So on December 27, when Sadetsky got a concerning email from his password manager, he spoke up.
Sadetsky wrote that LastPass had alerted him of a login attempt using his account’s master password with this message: "Someone just used your master password to try to log in to your account from a device or location we didn't recognize.”
He considers the incident particularly concerning because the password was used only on LastPass and stored only in an encrypted password manager called KeePassX. Sadetsky says he had gone through a scrupulous extra step to use a second password manager to generate and encrypt the key to his LastPass password manager.
COULD IT BE A KEYBOARD SNIFFER? — The last time he’d accessed the master password, he says, was in 2017. He copied it from KeePassX and pasted it into LastPass. He initially reasoned that malware, like a clipboard sniffer, could have gotten his password when he copied and pasted it over four years ago. But when his post developed traction and more people reported the same issue, he says he considered that explanation less likely.
It’s unlikely to be an issue with KeePassX, either. KeePassX encrypts passwords, scrambling them in a way that is unreadable and unusable by hackers.
HACKED FROM THE SAME PLACE — Another notable detail is the similarity in IP addresses that attempted the logins. In the email alert, LastPass included the IP address from which the login attempt took place, and Sadetsky found four other users who had received alerts involving startlingly similar IP addresses. At least five users’ accounts had experienced log-in attempts from foreign IP addresses in the 160.116 range. But at least five other Hacker News users reported similar LastPass alerts involving IP addresses that did not fit with the rest.
We're going to be cleaning up Apache Log4j security problems for months to come, but the real problem isn't that it was open-source software. It's how we track and use open-source code.
When security vulnerabilities were found in the extremely popular open-source Apache Log4j logging library, we knew we were in trouble. What we didn't know was just how much trouble we were in. We know now. Just ask the Belgian defence ministry. In this ongoing security disaster, many people blame open source for all our troubles.
In the Financial Times (FT), Richard Waters, the newspaper's west coast editor, wrung his hands, saying it's a "little alarming to discover that, more than two decades into the open-source era, glaring security holes sometimes surprise even the experts."
Surprising? I think not. It's software. It always has bugs. Sometimes they're really bad bugs. As security maven Bruce Schneier said over 20 years ago: "Security is a process, not a product." There's no surprise here.
As governments around the world unite in efforts to undermine encryption, Access Now is joining the Global Encryption Coalition (GEC) in the fight to prevent this critical technology from being weakened.
Encryption helps people across the globe communicate freely and securely, and is a necessary tool to protect human rights in the digital age.
“2020 and 2021 — years that saw an unprecedented rise in online activity owing to the pandemic, also witnessed an increase in proposals threatening encryption and jeopardising our online safety,” said Namrata Maheshwari, Asia Pacific Policy Counsel at Access Now. “We are committed to changing this narrative in partnership with the Global Encryption Coalition.”
In joining the GEC, Access Now joins over 250 civil society organizations, technologists, industry associations, and companies to defend encryption.
Late January of this year will mark the first anniversary of the entry into force of the UN Treaty on the Prohibition of Nuclear Weapons.€ This momentous international agreement, the result of a lengthy struggle by the International Campaign to Abolish Nuclear Weapons (ICAN) and by many non-nuclear nations, bans developing, testing, producing, acquiring, possessing, stockpiling, and threatening to use nuclear weapons.€ Adopted by an overwhelming vote of the official representatives of the world's nations at a UN conference in July 2017, the treaty was subsequently signed by 86 nations.€ It received the required 50 national ratifications by late October 2020, and, on January 22, 2021, became international law.
Right from the start, the world’s nine nuclear powers—the United States, Russia, China, Britain, France, Israel, India, Pakistan, and North Korea—expressed their opposition to such a treaty. They pressed other nations to boycott the crucial 2017 UN conference and refused to attend it when it occurred. Indeed, three of them (the United States, Britain, and France) issued a statement declaring that they would never ratify the treaty. Not surprisingly, then, none of the nuclear powers has signed the agreement or indicated any sympathy for it.
Even so, the Treaty on the Prohibition of Nuclear Weapons has acquired considerable momentum over the past year. During that time, an additional nine nations ratified it, thus becoming parties to the treaty. And dozens more, having signed it, are expected to ratify it in the near future. Furthermore, the governments of two NATO nations, Norway and Germany, have broken free from the U.S. government’s oppositional stance to the treaty and agreed to attend the first meeting of the countries that are parties to it.
Yet, despite the pundits, the polls, the stringent warnings, threats, and denunciations, the simple truth remains that the future is ours to decide and will not be decided by a single politician, political party, or cluster of alternative reality organizations.
There is nothing to cavalierly dismiss about the storming of the U.S. Capitol by Trump’s disgruntled and facetiously-informed supporters. It was, after all, the first time the Capitol had been invaded since the British did so in 1814. And yes, “invaded” is an accurate description for smashing your way into a building by breaking down the doors and kicking out the windows. It was, and remains, a horrific act of violence that resulted in death and injury to many, particularly those tasked with ensuring the security of the building and the continuance of democracy’s activities within.
John Ryan, a legal affairs journalist, often sits alone in the front row of the court gallery during pretrial hearings at the Guantánamo Bay detention camp. Three panes of glass separate him from the five men accused of orchestrating the attacks of September 11, 2001, as well as the defense and prosecution lawyers, judge, guards, court staff, and witnesses. Television monitors relay the scene and audio with a 40-second delay, should any classified information be uttered, which is flagged by a flashing red light behind the judge’s bench. “It’s a little bit disjointed,” Ryan said. “I think it is important just to be there. It’s hard to articulate. It just feels weird to me that the front row would be empty.” Reporting for this story was supported by a fellowship from the Ira A. Lipman Center for Journalism and Civil and Human Rights at the Columbia Graduate School of Journalism.
Twenty years ago today, the U.S. military began imprisoning Muslim men at Guantánamo Bay in Cuba. We speak with the prison’s former Muslim chaplain, James Yee, who was jailed and held in solitary confinement for 76 days after being falsely accused of espionage. All charges were eventually dropped, and he received an honorable discharge. Yee describes how boys as young as 12 to 15 years old were treated as enemy combatants on the prison complex and the widespread Islamophobia that put even Muslim Americans under heavy surveillance. “During my time I was there, it was clear that these individuals were not in any way associated with terrorism whatsoever,” says Yee.
Human rights defenders marked the 20th anniversary of the opening of the U.S. military prison at Guantánamo Bay, Cuba under the administration of former President George W. Bush by noting that three American presidents have come and gone without anyone being held accountable for the horrific crimes that have occurred there, while calling on the fourth—Joe Biden—to finally close what one advocate called an "indelible stain" on the nation.
"President Biden needs to fulfill his pledge to finally end this shameful chapter of American history."€
At a recent demonstration outside the White House calling for the closure of the US military prison at the Guantánamo Bay naval base, a teenager approached a colleague to ask what the protest was all about. He told her he had never heard of the detention facility.
Democratic Congresswoman Ilhan Omar wrote in a new op-ed that Tuesday—the 20th anniversary of the opening of the U.S. offshore prison at the Guantánamo Bay naval base—should be "a day to reflect, and to act" and urged younger Americans to heap pressure on President Joe Biden to finally close the facility
While "Congress has acted to frustrate rather than facilitate closing Guantánamo," at least most of the work to shutter the prison can be done by Biden, Omar (D-Minn.) argued in her op-ed at Teen Vogue.
While praising President Joe Biden for taking steps Monday to reverse a Trump administration policy that opened up millions of acres in the Western Arctic for oil drilling, environmental justice advocates argued that only a comprehensive federal ban on new fossil fuel leasing can adequately protect public lands and waters and stave off the worst impacts of the climate crisis.
"We urge the Biden administration... to phase out all new leasing for fossil fuels on our public lands."
Congressional Democrats on Tuesday faced new pressure to bar sitting lawmakers from trading stocks amid reports that Republican House Minority Leader Kevin McCarthy is considering enacting such a ban if the GOP wins control of the House in the upcoming midterms.
Seen by progressives as an obvious political ploy rather than a genuine reform effort, news of McCarthy's (R-Calif.) potential endorsement of a stock trading ban comes just weeks after House Speaker Nancy Pelosi (D-Calif.) defended current rules that allow members of Congress to hold and trade individual stocks while in office—a status quo that has helped turn Capitol Hill into a veritable hotbed of insider trading.
Over 150 advocacy groups from across the Empire State Tuesday sent a letter to New York legislative leaders urging them to follow in the footsteps of places like North Dakota, Germany, and Costa Rica and pass legislation allowing the creation of public banks that would help "advance racial equity and ensure a just recovery for all New Yorkers."
"We need to divest from destructive Wall Street banks and invest in our communities!"
The 2022 midterms are still 10 months away—but if much of the media is to be believed, the fight is already over before it’s even begun.
Since March 2019, Hong Kong has confronted the greatest challenge to its relatively free and open civil society since it was transferred from British to Chinese rule in 1997. In incidents spanning more than a year, local police faced off against enormous crowds of young demonstrators fighting a losing battle to maintain the city’s autonomy within the People’s Republic of China. Using batons and more than 10,000 canisters of tear gas, officers crushed the protest movement in 2020, but the repression has continued: By February 2021, more than 10,000 Hong Kongers had been arrested in connection with these demonstrations, and over a quarter of those had been prosecuted, while tens of thousands more had sought asylum in Britain, Canada, or Australia.
One year ago, millions of Americans watched as white supremacists and domestic terrorists, emboldened, funded and organized by then-president Donald Trump, his staff and elected officials at every level of our government, attacked the heart of American democracy.€
Donald Trump had hoped to reverse his election loss in a single, decisive, dramatic confrontation between his supporters and the republic’s, broadcast live around the world. His plan backfired, filling our screens with vivid illustrations of authoritarianism’s most repugnant ills: chaos, lawlessness, violence, racism, fascismand all manner of hatred run amok. The blatancy of the subversion provoked an immediate backlash, even among some Republicans.
Had he studied democratic erosion before becoming a practitioner, Trump would know that effective authoritarians tighten their grips on government gradually, stealthilyundermining courts, legislatures, election officials, news organizations, political opposition and other institutions strong enough to check them.
Exasperated with NATO expansion and growing ambitions in the Black Sea region, Moscow has decided to challenge the US-led Western alliance in an area of crucial geopolitical importance to Russia.
What might have been a rousing national kickoff not only of a 2022 federal voting rights push but also the campaigns to elect Stacey Abrams Georgia governor and reelect Senator Raphael Warnock has turned out to be anything but that. Days after blasting President Joe Biden for insufficient urgency on passing some kind of voting rights bill, a coalition of crucial Georgia voting groups—the Black Voters Matter Fund, the Asian American Advocacy Fund, the New Georgia Project Action Fund, and the GALEO Impact Action Fund, which organizes Latinos—announced that its leaders would not attend his Atlanta events with Vice President Kamala Harris on Tuesday. Abrams herself endorsed the visit, but said she would miss it because of a “scheduling conflict.”
A listener called into my program yesterday and asked, "Is Donald Trump the Antichrist?"
In 1956, the former commissioner of the Internal Revenue Service made a surprising political turn: He announced in an essay in The Washington Post that he saw taxation as a Marxist scheme to “bring capitalism to its knees.” Even though T. Coleman Andrews had served in government only a year before, under Republican President Dwight D. Eisenhower, once out of Washington he turned against the entire enterprise of the modern state. Any progressive or liberal, he insisted, was “either a dupe or, at heart, a dictator.”
Janine Jackson interviewed Craig Aaron about the future of local journalism for the January 7, 2022, episode of CounterSpin. This is a lightly edited transcript.
When she reported to work for her first day at Armour and Company’s meatpacking plant in 1941, Addie L. Wyatt was not planning on becoming a labor activist. She didn’t even really want to be a butcher, but after spending weeks applying for work as a typist and being rejected each time, the young Southern transplant was growing desperate. The meatpacking workers at Armour’s sprawling Chicago facility had a union, the United Packinghouse Workers of America (UPWA), and drew a good wage; Wyatt had a family to support, so despite her lack of butchering experience, the five-foot tall, 100-pound 17-year-old decided to give it a shot. An exasperated foreman tossed her off the line, but as she was leaving, Wyatt noticed a group of white women waiting to apply for clerical positions. She slipped in and took the typing test with them, passing easily thanks to skills she’d acquired in a high school typing course. Those who had passed were told to report to work on Monday, but when Wyatt showed up, she was instead directed to the factory floor, and told to join the other Black women canning stew. At Armour—and in so many other places then—Black women were not welcome in the front office.
Six forest activists were arrested early Monday morning in the course of a nonviolent direct action that shut down logging for the day in Jackson Demonstration State Forest (JDSF). Activists blocked all entrances to timber harvest plan (THP)€ 1-19-00224-MEN, known as Red Tail, keeping out logging crews from several private companies working under contract with Calfire, the agency in charge of JDSF.€ € The three men and three women were cited for “trespass” and “false imprisonment”, given a court date, and released on site.
These were the first arrests since the nonstop protests erupted in JDSF in April 2021, including tree-sits, frequent gate blockades, and work stoppages on active logging sites. However, until now Calfire has declined to arrest forest defenders. Monday, however, the loggers initiated four ‘citizens’ arrests’ at the gate. Two more arrests were made by Calfire on a road inside the THP. The activists had refused orders to move away from the gate because the loggers had refused to identify themselves. When Calfire officers Comer and Dudley arrived, they took over and performed the actual arrests requested by the loggers and security personnel.
Several prominent Georgia-based advocacy groups are planning to boycott President Joe Biden's voting rights speech in Atlanta on Tuesday, criticizing the event as yet another symbolic gesture in the face of concrete threats to the franchise nationwide.
"We don't need even more photo ops," Cliff Albright, co-founder of Black Voters Matter, told reporters during a press conference on Monday. "We need action, and that action is in the form of the John Lewis Voting Rights [Advancement] Act as well as the Freedom to Vote Act, and we need that immediately."
Workers' rights advocates on Tuesday applauded a decision by the National Labor Relations Board to hold a new union election at an Amazon warehouse in Bessemer, Alabama nearly a year after employees accused the multinational company of union-busting conduct that unfairly influenced the result of the previous election.
"A reminder of the shameful anti-union behavior of Bezos and Amazon management and the need to pass the Pro Act bill to protect workers' rights to form a union."
Access Now and the #KeepItOn coalition condemn the use of internet shutdowns in Kazakhstan to crush protests and provide cover for state violence, and are calling on authorities and telecommunication providers to immediately restore full and permanent access to the internet.
For more than a week, authorities in Kazakhstan have been arbitrarily manipulating and disrupting internet access across the country, leaving much of the population disconnected and uncertain about whether or when the internet will be fully accessible in the future. While the international community’s ability to connect with people on the ground has been fractured, a timeline of escalating events can be identified.
Here’s what’s happened so far, plus tools and resources to help those impacted by the shutdowns and violence.
Today the EPO publishes two more case studies and a podcast in its series on how technology transfer from university research teams can create new companies, new jobs and new markets. The series includes examples from Austria, Italy, Ireland, Sweden and Turkey. Each case study provides advice for researchers and small and medium-sized enterprises (SMEs) to help them make better use of the patent system. They show how companies can adapt their patent strategy as it grows, in response to threats and opportunities, whilst balancing cashflow issues in the fragile early years.
The first case study is about Blubrake, a spin-off from the Politecnico di Milano which developed an award-winning anti-lock braking system for e-bikes and e-cargos. Incubator e-Novia provided industrial expertise combined with a smart patenting strategy, helping to turn university researchers into entrepreneurs and their technology into a market success. Despite the economic crisis caused by the COVID-19 pandemic, the company has been growing fast by providing safety to green mobility. The accompanying podcast features Blubrake's co-founder and general manager Fabio Todeschini along with technology transfer expert Massimiliano Granieri, who also wrote the case study, and examines Blubrake's journey from research lab to market from their perspective.
