Bonum Certa Men Certa

Links 17/1/2022: More Microsoft-Connected FUD Against Linux as Its Share Continues to Fall



  • GNU/Linux

    • Desktop/Laptop

      • 6 Reasons to Pick Linux Over Windows

        Almost all students do their work on laptops and PCs that run on Windows. Of course, some of you are lucky enough to afford something that runs on Apple’s macOS. While Windows is a popular OS, it’s far from being perfect. Few students are even aware that their PCs and laptops can run on various operating systems.

        One of the alternatives students often overlook is Linux. Many believe that this OS is hard to manage. That’s why they prefer to either buy or, in some cases, pirate Microsoft’s creation unless it comes pre-installed on the device, of course.

        It’s true that Linux is harder to install than its counterpart. But it has a lot more to offer than meets the eye. So, what exactly sets it apart?

      • 2022 is not going to be the year of Linux on the desktop

        It has been the time of year again when Linux fanboys emerge from their dust-filled server rooms to declare that 2022 might be the year that their favourite operating system will replace Windows on the desktop.

        TechRepublic said that there was no “denying the continued dominance of Linux in the enterprise space and the very slow (and subtle) growth of Linux on the desktop. And in just about every space (minus the smartphone arena), Linux made some serious gains."

        Developer Tim Wells insisted that the idea of the year of the Linux desktop is that there would come a year that the free and open source operating system would reach a stage that the average user could install and use it on their pc without running into problems.

    • Server

      • The Apache Weekly News Round-up: week ending 14 January 2022
      • January 2022 Web Server Survey [Ed: In Web servers, Microsoft down from 6.15% of top million domains to just 6.04% in one month]

        In the January 2022 survey we received responses from 1,167,715,133 sites across 269,835,071 unique domains and 11,700,892 web-facing computers. This reflects a loss of 1.15 million sites, but a gain of 1.51 million domains and 31,100 computers.

        nginx lost 7.33 million sites this month (-1.91%) but continues to be the most commonly used web server with 32.3% of all sites using it. Although nginx’s share has fallen, Apache is still more than eight percentage points behind after losing 3.70 million sites (-1.31%), which has taken its own market share down to 23.9%.

        nginx also leads in the domains metric, where it has a share of 26.6% compared with Apache’s 23.9%. This reflects a small reduction in nginx’s share – despite a modest gain of 25,400 domains – while Apache suffered the largest loss of 287,000 domains.

        The largest site and domain growth was seen by Pepyaka, which is a web server that has primarily been used by the Wix web development platform since it switched from using nginx in 2018. The number of sites using Pepyaka grew by 4.02 million to 7.30 million this month, while its domain count went up by 1.80 million to 3.30 million.

    • Audiocasts/Shows

      • LHS Episode #448: Grounding and Bonding Deep Dive

        Hello and welcome to the 448th installment of Linux in the Ham Shack. In this deep dive episode, the hosts invite guest Ward Silver, N0AX, who literally wrote the book on the subject to discuss every aspect of grounding and bonding. Topics range from household electrical safety to relative voltage, earth grounding, lighting mitigation and much more. Hope you find this episode interesting and informative as well as entertaining and also have a great week.

    • Kernel Space

      • Linux 5.17 Picks Up A Real-Time Analysis Tool - Phoronix

        A new tool added to the kernel source tree with Linux 5.17 is rtla to serve for real-time Linux performance and tracing analysis.

        Thanks to the work of kernel developer Daniel Bristot de Oliveira who is employed by Red Hat, the Real-Time Linux Analysis (RTLA) tool has been added to the kernel source tree.

        RTLA makes use of the Linux kernel's tracing capabilities to help analyze performance and tracing data. In particular, the rtla command has sub-options for reading information from the kernel's operating system noise "osnoise" and IRQ/thread timer latency "timerlat"tracers.

      • Some Tablets/Convertibles With Linux 5.17 Will Now Have Working Pen Support - Phoronix

        In addition to Linux 5.17 introducing Universal Stylus Initiative (USI) support for that new industry standard for styluses/pens that can work cross-device, the input subsystem updates for this kernel also add active pen support for a few more tablets.

        Moving forward hopefully we will see broad adoption of USI stylus support for nice cross-device compatibility and support. But for those with current tablets relying on Goodix or Silead drivers and have an active pen, the Linux 5.17 input subsystem updates present working pen support there with their respective devices.

      • Lenovo USB-C 7-in-1 Hub On Linux Review - Phoronix

        For those considering the Lenovo USB-C 7-in-1 Hub for connecting to your Lenovo laptop for enjoying USB-C power charging, HDMI output, and additional USB ports, it does work out on Linux. While there have been some users running into seemingly firmware-related issues, at least with my testing over the past month this $50~60 (USD) USB-C hub has been working out well under Linux.

      • Best of 2021 – Torvalds’ Bug Warning is a Lesson for Linux Users

        A recent, widely publicized case illustrated this point; Linux creator himself, Linus Torvalds, warned against the use of the Linux 5.12 release. He described a “nasty bug,” and wrote that the situation is a “mess,” due to the use of swap files when adding Linux updates. This nasty bug, in fact, had the potential to destroy entire root directories.

      • Epoch-alypse now: BBC iPlayer flaunts 2038 cutoff date ● The Register

        Feeling old yet? Let the Reg ruin your day for you. We are now substantially closer to the 2038 problem (5,849 days) than it has been since the Year 2000 problem (yep, 8,049 days since Y2K).

        Why do we mention it? Well, thanks to keen-eyed Reg reader Calum Morrison, we've spotted a bit of the former, and a hint of what lies beneath the Beeb's digital presence, when he sent in a snapshot that implies Old Auntie might be using a 32-bit Linux in iPlayer, and something with a kernel older than Linux 5.10, too.

      • Graphics Stack

        • Jason Ekstrand: Hello, Collabora!

          Ever since I announced that I was leaving Intel, there’s been a lot of speculation as to where I’d end up. I left it a bit quiet over the holidays but, now that we’re solidly in 2022, It’s time to let it spill. As of January 24, I’ll be at Collabora!

          For those of you that don’t know, Collabora is an open-source consultancy. They sell engineering services to companies who are making devices that run Linux and want to contribute to open-source technologies. They’ve worked on everything from automotive to gaming consoles to smart TVs to infotainment systems to VR platforms. I’m not an expert on what Collabora has done over the years so I’ll refer you to their brag sheet for that. Unlike some contract houses, Collabora doesn’t just do engineering for hire. They’re also an ideologically driven company that really believes in upstream and invests directly in upstream projects such as Mesa, Wayland, and others.

          My personal history with Collabora is as old as my history as an open-source software developer. My first real upstream work was on Wayland in early 2013. I jumped in with a cunning plan for running a graphics-enabled desktop Linux chroot on an Android device and absolutely no idea what I was getting myself into. Two of the people who not only helped me understand the underbelly of Linux window systems but also helped me learn to navigate the world of open-source software were Daniel Stone and Pekka Paalanen, both of whom were at Collabora then and still are today.

        • Collabora pulls in Jason Ekstrand to work on Linux graphics drivers | GamingOnLinux

          Jason Ekstrand, a name that many big Linux fans will know, who previously worked at Intel until very recently has announced today the move to open source consulting firm Collabora. Writing in a blog post, Ekstrand goes through some fun background on the decision to move and how it happened.

          Ekstrand has worked on a lot of different parts of Mesa, the set of open source graphics drivers that powers AMD GPUs, Intel, ARM and more.

    • Applications

      • Mumble 1.4 Released! New Plugin Framework, TalkingUI, PipeWire & Markdown Support | UbuntuHandbook

        The free open-source game chatting app Mumble released new major 1.4 version a day ago with exciting new features!

        Mumble is a high quality and low latency voice over IP (VoIP) app designed for gamers. By releasing v1.4.230, the first stable in v1.4, it now uses new versioning scheme of the form major.minor.build. The third component of version numbers may now much higher and discontinuous. Because there are snapshot (beta) builds in between stable versions.

        Mumber 1.4 introduced a new, general purpose plugin framework. Plugins are no longer restricted to positional data delivery and they can now be installed and updated at any time. See the documentation for more.

      • Mumble 1.4 Voice Chat App Released, Brings Many New Features

        For fans of the Mumble open-source VoIP communication program that is popular with gamers, Mumble 1.4 was released as their first major release in the last 2 years.

        Many multiplayer games offer text chat that gets in the way of gameplay by changing a player’s focus from playing the game to typing messages. Mumble is a powerful open-source client-server VoIP application that solves this problem. It’s available for all major platforms like Windows, Linux, and macOS.

        While it can be used for any kind of activity, it is primarily intended for gaming. It’s optimized for low-latency communications, making it perfect for intense game situations where every second counts. With Mumble, you can voice chat with your teammates, or anyone else, allowing you to stay focused on the game.

      • Open source voice-chat levels up with Mumble 1.4 out now | GamingOnLinux

        For those of you not wanting to use the likes of Discord for voice-chat, there’s also Mumble which is a free, open source, low latency, high quality voice chat application. It’s been around for a long time and it just had a big new stable release, the first of the Mumble 1.4.x series and it’s been over two years since the last. At least they didn’t leave us waiting ten years again like the 1.3 release huh?

        So what’s new? A lot! Of course there’s plenty of bug fixes, security updates and the usual assortment of smaller thing but a few bigger features were also added into this release.

      • Version 5.0 of the FFmpeg audio and video toolkit has been released.
      • FFmpeg 5.0 Aims To Be An LTS Release
        FFmpeg 5.0 has now been formally christened as for what is aiming to be a Long-Term Support (LTS) release for this widely-used, cross-platform and open-source multimedia library.

        FFmpeg 5.0 was tagged this weekend while out today is the formal announcement for this updated multimedia library that is widely depended upon throughout the industry.

      • Mini review – Annotator is a simple but powerful annotation tool for Linux - Real Linux User

        Some applications just need to be big and have to offer an extensive array of functionality to be of the right value for specific use cases, like LibreOffice, Krita. darktable and GIMP. But there are many situations that only require the right amount of functionality and nothing more. There are many very powerful mini apps available for Linux that only focus on a specific task and do that perfectly well. In this article you find a mini review for the application Annotator, a simple but powerful annotation tool for Linux.

        Annotator is a single task application originally developed by Trevor Williams for the elementary OS platform, but since it is available in Flatpak format it can be used on any other Linux distribution.

        Annotator is, as the name already suggests, an annotation tool. So the first question you probably have is what exactly annotation is and what do you need it for. It is actually very simple: an annotation is a note, an explanation, a side note, an indication, a clarification, or caption, which should ensure that the main text, screenshots, etc. or parts thereof are extra clarified, highlighted or brought under the required attention. The application Annotator is exactly doing that for image files (like screenshots, etc) in a simple and effective way. Annotator is not created for annotations on text files and documents.

      • The 8 Best Linux Download Managers for Faster Downloads

        No one likes to wait for slow downloads. Install these eight download managers to get lightning-fast download speed on Linux.

        But did you know that there are several open-source download managers for Linux currently in the market? As a Linux user, you must check out the following download managers that help extend the open-source ethic of Linux and rival premium alternatives in terms of efficiency and related features.

      • Best Free and Open Source Alternatives to Atlassian Jira - LinuxLinks

        Atlassian Corporation Plc is a software company founded in 2002 that develops products for software developers, project managers and other software development teams. It employs over 7,000 people and is headquartered in Sydney, Australia.

        Atlassian produces a range of proprietary software including software for collaboration, development, and issue tracking software for teams. Atlassian dominates several markets where it still has intense competition.

        Broadly speaking, they offer software in three large buckets: These are software development tools; help desk software, or IT service management; and workflow management software. When you think of Atlassian, think project management and collaboration tools.

        Many of their programs use a number of open source components. And their GitHub repositories hold lots of open source code. But their main range of software is proprietary. This series looks at free and open source alternatives to Atlassian’s products.

      • Micro: Modern and Intuitive Terminal-Based Text Editor

        Nano isn’t good as it should be, while vim seems quite complex for the beginner. There are many Text Editor for Linux users, and choosing the best one is quite debatable.

      • AuthPass is a KeePass compatible free Password manager for Windows, macOS, and Linux

        AuthPass is a multi-platform, free, and open-source password manager for all types of users.

        AuthPass is fully compatible with the popular open-source KeePass password manager, which many consider the father of open-source password managers.

        The app is written with Flutter which is gaining popularity among developers building for building mobile, desktop, and web apps.

    • Instructionals/Technical

      • Easily Understand Your Linux RAM Usage With Smem

        Linux memory usage can be difficult to interpret and hard to understand. With smem it’s easy to find out what memory a process is using, and which processes are using the most.

      • 5 scripts for getting started with the Nmap Scripting Engine | Enable Sysadmin

        Nmap is a popular tool for scanning and monitoring networks. There are many ways to find information using Nmap, from blogs and articles to formal training. Yet few of these learning tools discuss one of Nmap's most powerful features: The Nmap Scripting Engine (NSE).

        What is the NSE? This tool does two things. First, it allows the nmap command to accept options that specify scripted procedures as part of a scan. Second, it enables Nmap users to author and share scripts, which provides a robust and ever-evolving library of preconfigured scans.

      • Bash 02 – Variables and Such | Linux.org

        Within BASH, you can use variables. Variables are names that can represent specific information. If you remember your days in math, specifically some stage of algebra, you may recall variables. There were all the letters of the alphabet, mainly X and Y. In BASH, we can use variable names, not just letters.

        We will cover other topics to help manipulate the variables and even perform math functions. These can help you make better BASH Scripts that will calculate and manipulate data.

      • Different types of Backups



        In my previous post, I explained how I recently set up backups for my home server to be synced using Amazon's services. I received a (correct) comment on that by Iustin Pop which pointed out that while it is reasonably cheap to upload data into Amazon's offering, the reverse -- extracting data -- is not as cheap.

        He is right, in that extracting data from S3 Glacier Deep Archive costs over an order of magnitude more than it costs to store it there on a monthly basis -- in my case, I expect to have to pay somewhere in the vicinity of 300-400 USD for a full restore. However, I do not consider this to be a major problem, as these backups are only to fulfill the rarer of the two types of backups cases.

        There are two reasons why you should have backups.

        The first is the most common one: "oops, I shouldn't have deleted that file". This happens reasonably often; people will occasionally delete or edit a file that they did not mean to, and then they will want to recover their data. At my first job, a significant part of my job was to handle recovery requests from users who had accidentally deleted a file that they still needed.

      • Record your terminal session with Asciinema | Opensource.com

        Support calls are important and often satisfying in the end, but the act of clear communication can be arduous for everyone involved. If you've ever been on a support call, you've probably spent several minutes spelling out even the shortest commands and explaining in detail where the spaces and returns fall. While it's often easier to just seize control of a user's computer, that's not really the best way to educate. What you might try instead is sending a user a screen recording, but one that they can copy commands from and paste into their own terminal.

        Asciinema is an open source terminal session recorder. Similar to the script and scriptreplay commands, Asciinema records exactly what your terminal displays. It saves your "movie" recording to a text file and then replays it on demand. You can upload your movie to Asciinema.org and share them just as you would any other video on the internet, and you can even embed your movie into a webpage.

      • ​How to Upgrade Debian 10 Buster to Debian 11 Bullseye

        After more than two years of development, the new Debian stable version, Debian 11 codenamed “Bullseye”, was released on August 14, 2021, and it will be supported for five years.

        This release comes with a lot of new packages and major software upgrades. Debian 11 bullseye ships with Linux 5.10 LTS kernel with support for the exFAT filesystem and includes a newer version of desktop environments. This article shows how to upgrade your Debian 10 Buster system to Debian 11, Bullseye via command line.

      • How to Install and Setup MERN Stack with Nginx on Ubuntu 20.04

        Since this post shares cloud strategies with awesome people like you, naturally this post may contain affiliate links for products I use and love. If you click on those links and make a purchase, I'll earn some coffee money which I promise to drink while creating more helpful content like this.

      • How to Install Zabbix Agent on Rocky Linux/Alma Linux 8

        A Zabbix agent is a program that runs on a remote machine that needs to be monitored through the Zabbix server. The agent collects the data on the remote server and send back to Zabbix server when requested. Zabbix agent must be installed on all the remote systems that need to be monitor through the Zabbix server.

      • How To Install and Configure Zabbix Agent on Ubuntu 20.04

        A Zabbix agent is a program that runs on a remote machine that needs to be monitored through the Zabbix server. The agent collects the data on the remote server and send back to Zabbix server when requested. Zabbix agent must be installed on all the remote systems that need to be monitor through the Zabbix server.

      • How to Install Lighttpd with PHP in Ubuntu 20.04

        The concept of web servers has crossed the minds of most, if not all, Linux enthusiasts; especially the ones interested in pursuing web-based projects and careers. Due to the numerous web servers offered to the Linux community, you might feel like tossing a coin or rolling a dice to find the one that ‘might’ suit your web-based needs.

        Lighttpd is best attributed as a compatible, very flexible, fast, and secure web server. It is therefore optimized for high performance on whichever operating system environment hosts it.

        Also, this web server is indeed light such that it needs very few resources to run or execute its functional objectives like handling AJAX applications. This web server is BSD licensed, open-source, with flawless compatibility on UNIX-like systems.

        This article seeks to walk you through the installation and configuration of Lighttpd as an ideal web server for your Ubuntu 20.04 operating system.

      • How to self-host a Python package index using Pulp | Red Hat Developer

        Find out how developer teams use Pulp to maintain and share their own Python package repositories. Examples are based on the Operate First deployment.

      • How To Install Kate Editor on Ubuntu 20.04 LTS - idroot

        In this tutorial, we will show you how to install Kate Editor on Ubuntu 20.04 LTS. For those of you who didn’t know, The Kate Text Editor is an open-source and free text editor application that stands for KDE Advanced Text Editor. Kate lets you edit and view many files at the same time, both in tabs and split views, and comes with a wide variety of plugins, including an embedded terminal that lets you launch console commands directly from Kate. Kate editor is a cross-platform application available for Linux, MacOS & Microsoft Windows, It is available for both 32 bit and 64 bit operating systems.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of Kate Editor on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • How to Change Desktop Themes on Linux Mint

        Linux Mint is a great Linux distro for anyone starting out with Linux. It comes in three different flavors: Cinnamon, MATE, and Xfce, each catering to a different audience.

        Over the years, Linux Mint has undergone several changes, including a few cosmetic alterations that are a departure from its original visual appearance. As part of this change, Mint now lets you choose from a wide range of themes to customize your desktop to your preference.

        If you're just getting started with Mint, here's a guide demonstrating all the different ways to change themes.

      • How to install and use Firewalld on Almalinux 8 - Linux Shout

        Firewalls are one of the most essential parts of security when we are going online. Here we learn the steps and command to install, configure, and how to use FirewallD on AlmaLinux 8 using CLI or GUI.

        Many of us who are not already Linux would already be familiar with the firewall feature on Windows, where it is very easy to turn On or Off ports or services using GUI. However, what about Linux such as CentOS, Rocky Linux, RedHat, AlmaLinux, and more… If you are using full Linux Desktop then a firewall would already be there but in most of the cases without a graphical interface. Nevertheless, Debian, RedHat, Ubuntu, and other Linux systems provide the appropriate firewall GUI software directly from their respective repository to manage things with the help of mouse clicks.

        But what if you just want a basic OS installation with no graphical interface? Because minimal versions of Linux would not even have the CLI version of Firewall by default. Well, this is a very small problem, if you have an active internet connection and due to an in-built package manager under Linux, we can install a firewall with just a single command.

      • How to use Terraform Taint and Untaint - buildVirtual

        The Terraform taint and untaint commands are important to be aware of if you are a regular user of Terraform. The Terraform Taint command allows you to manually flag a resource as tainted, which means it will be destroyed and recreated on the next terraform apply. Terraform untaint allows you to remove that tainted condition from the resource.

        So, why is that useful? What are the use cases for terraform taint?

    • Games

      • Love cracking locks? Check out Museum of Mechanics: Lockpicking | GamingOnLinux

        Museum of Mechanics: Lockpicking is a wonderful little idea to bring together many different ways to crack locks from various styles in video games. Perhaps one of the greatest foes in gaming - the lock. Now it's time to beat it in many different forms.

      • Humble decides to BETRAY Linux gamers... and the rest of their paying customers, too. - Invidious
      • GOG finally update their store browsing with new filters | GamingOnLinux

        Game store GOG.com has finally updated the browsing experience for those of you who prefer getting your games there.

        When you go to search for a game now, much like Steam, there's plenty of new options to help sort through masses of games. It was a needed refresh too, since GOG has grown to have over 5,500 titles available across different platforms. When you go to the store pages you will now be able to filter across price range, genres, release date range, and a newly introduced tags system.

      • After 12 years development, business sim GearCity is officially out now | GamingOnLinux

        Built with FOSS tooling, GearCity is a complex and in-depth business simulator where you run your own car company. Developed by Visual Entertainment And Technologies, which is a solo outfit of just Eric Jones who outsourced some parts to contractors for artwork, translations, music and a few other bits.

        "GearCity is a realistic historically focused economic simulation of the global automobile industry. Unlike tycoon games, GearCity has not been simplified. It is a complex, realistic, in-depth management sim that will take several hours to grasp and hundreds of hours to master. Thousands of players across the globe and industry professionals from automotive engineers to economics professors have praised the game’s intricate details."

      • Wii U emulator Cemu plans to go open source and support Linux | GamingOnLinux

        Most emulators nowadays have their source code nicely open, and the vast majority of them fully support Linux too but Cemu has been a bit of a holdout. Not for long though.

        On their official roadmap, which many people emailed in excitedly, they put up their plans and who can blame people for being excited on this? Scrolling down a bit, a Linux port is clearly mentioned. It has been an "ongoing side-project" already but quite slow as it was low-priority and it depended on other things being done. The good news is that they say it's about "70%" of the way there already. Having Linux support of course will also be great for the Steam Deck, since it comes with SteamOS 3 (based on Arch Linux).

      • Popular Nintendo Video Game Emulator 'Cemu' Plans to Go Open-Source with Linux Support - It's FOSS News

        If you’re into retro gaming, you may have come across retro console emulators. For those unaware, they are basically software or hardware that allow the host system to run games designed for another system.

        Lately, Cemu has managed to grab the attention of the open-source community. It is one of the many retro console emulators out there that lets you play games tailored for Nintendo Wii U. However, as of now, it distinguishes itself from most of them in one major aspect, its closed-source nature, but that’s about to change.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Plasma 5.24 Beta goes live with protection to stop Discover removing Plasma | GamingOnLinux

          The latest release of the KDE Plasma desktop is close with the Plasma 5.24 Beta going live now with plenty of new features and fixes for this customizable environment. A full release is planned for February 8.

          Along with a lot of bug fixes, there's plenty of quality of life fixes across the whole desktop. The Breeze theme for example, will now properly respect your choice of accent colours for Folders, the Breeze colour scheme is now called "Breeze Classic" to distinguish from Breeze Light and Breeze Dark and more. The notification system also saw some updates. so that important notifications have a small orange strip to bring more attention to them, notifications about video files now display a thumbnail in the notification and when sending or receiving files via Bluetooth, a system notification is now always shown.

      • GNOME Desktop/GTK

        • GNOME Boxes review: no-frills and no-thrills desktop virtualization

          GNOME Boxes is an easy-to-use graphical virtual machine (VM) installer and launcher. It’s not a VM manager and offers practically no settings for micromanaging your VM. However, its easy-to-use design philosophy can also prevent its users from getting any use out of it.

          Boxes is built on top of Linux’s excellent KVM+QEMU/libvirt virtualization stack. The app is intended for users who’re overwhelmed by such alphabet-soups and just want to run a visualized operating system.

          KVM is a virtualization system from the Linux kernel project. You can expect high performance and a smoother upgrade experience compared to third-party alternatives like VirtualBox. QEMU and libvirt add management layers on top of KVM. Boxes sit on top of these tools.

          You’ll likely find references to Boxes being used to manage remote desktop sessions to remote machines. This functionality has been moved into the new Connections app. I believe it was a good decision to split the two use cases into separate apps. Connections looks and behaves almost identically to Boxes.

          The app is great for managing virtual machines with other recent versions of Linux. Everything works out of the box if you choose one of its presets for popular Linux distributions. You’re presumably already running Linux, so the end-users are maybe more likely to want to emulate Windows?

    • Distributions

      • Arch Family

        • 5 Great AUR Helpers for Arch Linux

          Arch Linux is the kind of Linux distro that gives you a scalpel and says, “have at it” without much of the hand-holding that other distros like Debian/Fedora provide. Its initial toolset, including the core/extra/community repositories provided by its signature package manager, may be limited, but that is intentional.

          It’s up to you to add what you want to it, and that is where the Arch User Repository (AUR) comes in useful. It is a repository that allows users to make their own PKGBUILD scripts and create packages that are not included in the official repositories. If you’ve ever wondered how you could get WhatsApp for Linux, Session, Slack, or other apps working on Arch, the AUR is where all of these are located.

      • IBM/Red Hat/Fedora

        • Using the no-cost Developer Subscription with the new Red Hat Enterprise Linux Image Builder hosted service

          We recently published "Introducing the hosted beta experience Red Hat Enterprise Linux Image Builder," hosted service as part of the Insights application suite. As a followup to that exciting announcement, we are pleased to share that this new service can be used with the no-cost Developer Subscription for Individuals, providing the benefits of Red Hat Enterprise Linux, Insights, and simple OS image creation to everyone!

          More information about this subscription offering is on Red Hat Developer site, "No-cost Red Hat Enterprise Linux Individual Developer Subscription: FAQs."

          Access to Image Builder requires a Red Hat account and at least one subscription of Red Hat Enterprise Linux. If you do not have either of these, you can easily request them at no cost.

        • Reduce the size of container images with DockerSlim | Red Hat Developer

          Containers are a great way to package your applications. Packaging your application codebase together with its dependencies creates a container image. The smaller the container image is, the faster your application will spin up for the first time, and the faster it will scale. But many container images are quite large, in the hundreds of megabytes—just search Docker Hub and prepare to be amazed at the image sizes.

          In this article, you'll learn how to optimize Docker container images for size using a project called DockerSlim. DockerSlim, which is open sourced under the Apache 2.0 license, won't change anything in your container image, but can still reduce its size—or minify it—by up to a factor of 30. For applications written in compiled languages, the size reduction can be even more dramatic. DockerSlim also makes your packages more secure by reducing the available attack surface.

        • 5 Kubernetes trends to watch in 2022 | The Enterprisers Project

          Kubernetes is growing up – and so are the teams that have been using it since its younger years.

          Those earlier adopters are coming into their own now, able to build on their experience and the growth of the cloud-native ecosystem to extend Kubernetes core capabilities in new ways.

          “We will continue to scale and expand our use of Kubernetes to address the hybrid, multi-cloud needs of our business,” says Eric ​​Drobisewski, senior architect at Liberty Mutual. “As we look ahead, the declarative API and strong reconciliation loop that Kubernetes provides will continue to be critical to unify and bring a more consistent approach to how we define, manage, and secure our digital capabilities across public and private cloud environments.”

          The Fortune 100 company’s accelerating Kubernetes usage as a platform for its broader hybrid cloud/multi-cloud infrastructure reflects one of the macro trends fueling soaring Kubernetes adoption across industries.

        • Linux Foundation, Red Hat Join Supply Chain Security Summit

          Last week the White House convened government and private sector stakeholders to discuss initiatives to improve the security of open source software and ways new collaboration could drive improvements.

        • Restarting and Offline Updates - Fedora Magazine

          A recurring question that goes around the internet is why Fedora Linux has to restart for updates. The truth is, Linux technically doesn’t need to restart for updates. But there is more than meets the eye. In this short guide we’ll look into why Fedora Linux asks you to restart for offline updates.

      • Canonical/Ubuntu Family

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Enforcing the pyramid of Open Source | daniel.haxx.se

        The well-known log4j security vulnerability of December 2021 triggered a lot of renewed discussions around software supply chain security, and sometimes it has also been said to be an Open Source related issue.

        This was not the first software component to have a serious security flaw, and it will not be the last.

        What can we do about it?

        This is the 10,000 dollar question that is really hard to answer. In this post I hope to help putting some light on to why it is such a hard problem. This comes from my view as an Open Source author and contributor since almost three decades now.

        In this post I’m going to talk about security as in how we make our products have less bugs in the code we write and land on purpose. There is also a lot to be said about infrastructure problems such as consumers not verifying dependencies so that when malicious actors purposely destroy a component, users of that don’t notice the problem or supply chain security issues that risk letting bad actors insert malicious code into components. But those are not covered in this blog post!

      • Content Management Systems (CMS)

      • Programming/Development

        • QuatBot released – Matrix Meeting Manager

          QuatBot is a Bot for use in text-chat. So there are no pretty screenshots of it in action, or what the UI looks like: pick your favorite Matrix client (I switch between nheko and neochat depending on which has a more recent release fixing bugs that annoy me).

        • AIfES releases exciting new version of TinyML library for Arduino

          Last July AIfES (Artificial Intelligence for Embedded Systems) from the Fraunhofer Institute for Microelectronic Circuits and Systems (IMS) was launched. This open source solution makes it possible to run, and even train, artificial neural networks (ANN) on almost any hardware, including the Arduino UNO.

          The team hasn’t stopped work on this exciting machine learning platform, and an update just landed that you’ll definitely want to check out.

        • Drew DeVault's blog: Status update, January 2022

          I also implemented an efficient path manipulation module for the standard library (something I would really have liked to have in C!), and progress continues on date/time support. We also have a new MIME module (just for Media Types, not all of MIME) and I expect a patch implementing net::uri to arrive in my inbox soon. I also finished up cmsg support (for sendmsg and recvmsg), which is necessary for the Wayland implementation I’m working on (and was a major pain in the ass). I spent some time working with another collaborator, who is developing a RISC-V kernel in our language, implementing a serial driver for the SiFive UART, plus improving the device tree loader and UEFI support.

        • Project audit experiences | Will's Blog

          Back in January 2020, I wrote How to pick up a project with an audit. I received some comments about it over the last couple of years, but I don't think I really did anything with them. Then Sumana sent an email asking whether I'd blogged about my experiences auditing projects and estimating how long it takes and things like that.

        • Hack The Web Without A Browser | Hackaday

          It is a classic problem. You want data for use in your program but it is on a webpage. Some websites have an API, of course, but usually, you are on your own. You can load the whole page via HTTP and parse it. Or you can use some tools to “scrape” the site. One interesting way to do this is woob — web outside of browsers.

        • The new Qt Quick Compiler technology

          It's been a while since we've heard about what goes on inside and around Qt QML, our engine to interpret the QML language (not counting the recent announcement, that is). The last post strictly about this topic was what Lars wrote in 2018.

          We've been so silent because we've been prototyping new ways to make your QML run faster, and some of them turned out to be dead ends. There is no tracing JIT after all. This isn't cool, so we were somewhat silent. But now there is something to say. And, mind you, it's not cool either. It's hot. But let me take a step back first.

        • Perl/Raku

        • Shell/Bash/Zsh/Ksh

          • Bash scripting(III)

            This is the third article of a series focused in Gnu Bash scripting. On the first article we’ve just created a simple script with commands, one after another. We also saw some variables use. The second article covered some bash control structures. This one will cover redirections, pipes, and command substitution.

  • Leftovers

    • Hardware

      • A Dodgy Dial Gets A Teardown And Some Oil | Hackaday

        The pulse-dial telephone and its associated mechanical exchange represents the pinnacle of late-19th and early-20th century electromechanical technology, but its vestiges have disappeared from view with astonishing rapidity. [Matthew Harrold] is a telecoms enthusiast who’s been kind enough to share with us the teardown and refurbishment of that most signature of pulse-dial components, a telephone dial. In this case it’s on a rather unusual instrument, a British GPO outdoor phone that would have been seen in all kinds of industrial and safety installations back in the day and can probably still be found in the wild today if you know where to look.

      • 3D Printed Magnetic Switches Promise Truly Custom Keyboards | Hackaday

        While most people are happy to type away at whatever keyboard their machine came with, for the keyboard enthusiast, there’s no stone to be left unturned in the quest for the perfect key switch mechanism. Enter [Riskable], with an innovative design for a 3D printed mechanism that delivers near-infinite adjustment without the use of springs or metallic contacts.

        The switching itself is performed by a Hall effect sensor, the specifics of which are detailed in a second repository. The primary project simply represents the printed components and magnets which make up the switch mechanism. Each switch uses three 4 x 2 mm magnets, a static one mounted on the switch housing and two on the switch’s moving slider. One is mounted below the static magnet oriented to attract it, while the other is above and repels it.

    • Integrity/Availability

      • Proprietary

        • Security

          • Security updates for Monday [LWN.net]

            Security updates have been issued by Debian (chromium, firefox-esr, ghostscript, libreswan, prosody, sphinxsearch, thunderbird, and uriparser), Fedora (cryptsetup, flatpak, kernel, mingw-uriparser, python-celery, python-kombu, and uriparser), Mageia (htmldoc, mbedtls, openexr, perl-CPAN, systemd, thunderbird, and vim), openSUSE (chromium and prosody), Red Hat (httpd, kernel, and samba), Scientific Linux (kernel), Slackware (expat), SUSE (ghostscript), and Ubuntu (pillow).

          • Domestic CCTV and audio recording | Pen Test Partners

            Last week, we had BBC Morning Live in to film a piece on the legalities and challenges of domestic CCTV systems. You can watch it on iPlayer here, starting at 10:30.

            It was sparked by a conversation we had with Radio 4 before Xmas, where a journalist had taken an interest in CCTV systems exposed on insecam.org.

            We had helped the journalist identify the homeowner with an exposed CCTV stream & they went to speak to them about it. Unsurprisingly, the homeowner had installed the system & left it exposed with default credentials. Whilst they could review their CCTV footage remotely on a mobile app, so could anyone else…

            It ended well though, as the homeowner took the system offline and secured it. One less exposed CCTV camera! The radio piece is here.

            As a reminder, if you don’t set a good, strong password for your CCTV system that you don’t use elsewhere, you run the risk of it being exposed and/or accessed remotely by nefarious parties.

          • Data & Society — Bounty Everything: Hackers and the Making of the Global Bug Marketplace

            In Bounty Everything: Hackers and the Making of the Global Bug Marketplace, researchers Ryan Ellis and Yuan Stevens provide a window into the working lives of hackers who participate in “bug bounty” programs—programs that hire hackers to discover and report bugs or other vulnerabilities in their systems. This report illuminates the risks and insecurities for hackers as gig workers, and how bounty programs rely on vulnerable workers to fix their vulnerable systems. Ellis and Stevens’s research offers a historical overview of bounty programs and an analysis of contemporary bug bounty platforms​​—the new intermediaries that now structure the vast majority of bounty work. The report draws directly from interviews with hackers, who recount that bounty programs seem willing to integrate a diverse workforce in their practices, but only on terms that deny them the job security and access enjoyed by core security workforces. These inequities go far beyond the difference experienced by temporary and permanent employees at companies such as Google and Apple, contend the authors. The global bug bounty workforce is doing piecework—they are paid for each bug, and the conditions under which a bug is paid vary greatly from one company to the next. Bounty Everything offers to reimagine how bounty programs can better serve the interests of both computer security and the workers that protect our digital world. Ellis & Stevens argue that if bounty programs are not designed and implemented properly, “this model can ironically perpetuate a world full of bugs that uses a global pool of insecure workers to prop up a business model centered on rapid iteration and perpetual beta.”

          • An Examination of the Bug Bounty Marketplace
          • Freexian’s report about Debian Long Term Support, December 2021

            Every month we review the work funded by Freexian’s Debian LTS offering. Please find the report for December below.

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

          • Privacy/Surveillance

    • Monopolies

      • Senators Should Avoid Making the Digital Economy More European - Disruptive Competition Project

        After years of calls from European leaders to introduce more industrial policy into competition enforcement, to promote the creation of national champions, and to assert European “digital sovereignty” (i.e. protectionism and increased barriers to trade), the European Commission introduced the Digital Markets Act (DMA) in December of 2020. The legislation is designed to create “contestability” for European digital rivals, and “fairness” for European business users of platform services, by imposing a series of obligations on companies designated as “gatekeepers”.

        European lawmakers have been quite explicit in their desire to target only U.S. platforms with the law’s obligations. These one-size-fits-all obligations are designed to make the designated “gatekeepers” less competitive, to open up their technology and infrastructure to rivals (sometimes for free), to share user data, and to redesign their products and services in ways that will make it easier for European businesses to compete. The DMA would prohibit a range of behaviour that is known to be pro-competitive and to create value for platform users, effectively giving rivals a leg-up competitively at gatekeepers’ expense. The allegedly pro-competitive effects of the DMA are built on questionable assumptions, at best.



Recent Techrights' Posts

Comparing U.E.F.I. to B.I.O.S. (Bloat and Insecurity to K.I.S.S.)
By Sami Tikkanen
New 'Slides' From Stallman Support (stallmansupport.org) Site
"In celebration of RMS's birthday, we've been playing a bit. We extracted some quotes from the various articles, comments, letters, writings, etc. and put them in the form of a slideshow in the home page."
Thailand: GNU/Linux Up to 6% of Desktops/Laptops, According to statCounter
Desktop Operating System Market Share Thailand
António Campinos is Still 'The Fucking President' (in His Own Words) After a Fake 'Election' in 2022 (He Bribed All the Voters to Keep His Seat)
António Campinos and the Administrative Council, whose delegates he clearly bribed with EPO budget in exchange for votes
Adrian von Bidder, homeworking & Debian unexplained deaths
Reprinted with permission from Daniel Pocock
Sainsbury’s Epic Downtime Seems to be Microsoft's Fault and Might Even Constitute a Data Breach (Legal Liability)
one of Britain's largest groceries (and beyond) chains
 
People Don't Just Kill Themselves (Same for Other Animals)
And recent reports about Boeing whistleblower John Barnett
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, March 18, 2024
IRC logs for Monday, March 18, 2024
Suicide Cluster Cover-up tactics & Debian exposed
Reprinted with permission from Daniel Pocock
Gemini Links 19/03/2024: A Society That Lost Focus and Abandoning Social Control Media
Links for the day
Matthias Kirschner, FSFE: Plagiarism & Child labour in YH4F
Reprinted with permission from Daniel Pocock
Linux Foundation Boasting About Being Connected to Bill Gates
Examples of boasting about the association
Alexandre Oliva's Article on Monstering Cults
"I'm told an earlier draft version of this post got published elsewhere. Please consider this IMHO improved version instead."
[Meme] 'Russian' Elections in Munich (Bavaria, Germany)
fake elections
Sainsbury's to Techrights: Yes, Our Web Site Broke Down, But We Cannot Say Which Part or Why
Windows TCO?
Plagiarism: Axel Beckert (ETH Zurich) & Debian Developer list hacking
Reprinted with permission from Daniel Pocock
Links 18/03/2024: Putin Cements Power
Links for the day
Flashback 2003: Debian has always had a toxic culture
Reprinted with permission from Daniel Pocock
[Meme] You Know You're Winning the Argument When...
EPO management starts cursing at everybody (which is what's happening)
Catspaw With Attitude
The posts "they" complain about merely point out the facts about this harassment and doxing
'Clown Computing' Businesses Are Waning and the Same Will Happen to 'G.A.I.' Businesses (the 'Hey Hi' Fame)
decrease in "HEY HI" (AI) hype
Free Software Needs Watchdogs, Too
Gentle lapdogs prevent self-regulation and transparency
Matthias Kirschner, FSFE analogous to identity fraud
Reprinted with permission from Daniel Pocock
Gemini Links 18/03/2024: LLM Inference and Can We Survive Technology?
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, March 17, 2024
IRC logs for Sunday, March 17, 2024
Links 17/03/2024: Microsoft Windows Shoves Ads Into Third-Party Software, More Countries Explore TikTok Ban
Links for the day
Molly Russell suicide & Debian Frans Pop, Lucy Wayland, social media deaths
Reprinted with permission from Daniel Pocock
Our Plans for Spring
Later this year we turn 18 and a few months from now our IRC community turns 16
Open Invention Network (OIN) Fails to Explain If Linux is Safe From Microsoft's Software Patent Royalties (Charges)
Keith Bergelt has not replied to queries on this very important matter
RedHat.com, Brought to You by Microsoft Staff
This is totally normal, right?
USPTO Corruption: People Who Don't Use Microsoft Will Be Penalised ~$400 for Each Patent Filing
Not joking!
The Hobbyists of Mozilla, Where the CEO is a Bigger Liability Than All Liabilities Combined
the hobbyist in chief earns much more than colleagues, to say the least; the number quadrupled in a matter of years
Jim Zemlin Says Linux Foundation Should Combat Fraud Together With the Gates Foundation. Maybe They Should Start With Jim's Wife.
There's a class action lawsuit for securities fraud
Not About Linux at All!
nobody bothers with the site anymore; it's marketing, and now even Linux
Links 17/03/2024: Abuses Against Human Rights, Tesla Settlement (and Crash)
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, March 16, 2024
IRC logs for Saturday, March 16, 2024
Under Taliban, GNU/Linux Share Nearly Doubled in Afghanistan, Windows Sank From About 90% to 68.5%
Suffice to say, we're not meaning to imply Taliban is "good"
Debian aggression: woman asked about her profession
Reprinted with permission from Daniel Pocock
Gemini Links 17/03/2024: Winter Can't Hurt Us Anymore and Playstation Plus
Links for the day