Bonum Certa Men Certa

Links 2/2/2022: Red Hat CFO Quits (Many Top-Level Resignations Lately) and GNU Screen Has New Release



  • GNU/Linux

    • Desktop/Laptop

      • System76’s New ‘Kudu’ Laptop Starts at $1799 Featuring Ryzen 9 and RTX 3060

        System76 teased their ‘Kudu’ laptop a few weeks back. And, now, it is finally available to order in its full glory!

        The new Kudu laptop lineup is tailored for multitaskers and modest gamers that may not require top-of-the-line RTX graphics.

        Let me mention the key highlights of the laptop.

      • Getting rid of the need for the usecase Linux distribution | Christian F.K. Schaller

        There was an article on Open for Everyone today about Nobara, a Fedora-based distribution optimized for gaming. So I have no beef with Tomas Crider or any other creator/maintainer of a distribution targeting a specific use case. In fact they are usually trying to solve or work around real problems and make things easier for people. That said I have for years felt that the need for these things is a failing in itself and it has been a goal for me in the context of Fedora Workstation to figure out what we can do to remove the need for ‘usecase distros’. So I thought it would be of interest if I talk a bit about how I been viewing these things and the concrete efforts we taken to reduce the need for usecase oriented distributions. It is worth noting that the usecase distributions have of course proven useful for this too, in the sense that they to some degree also function as a very detailed ‘bug report’ for why the general case OS is not enough. Before I start, you might say, but isn’t Fedora Workstation as usecase OS too? You often talk about having a developer focus? Yes, developers are something we care deeply about, but for instance that doesn’t mean we pre-install 50 IDEs in Fedora Workstation. Fedora Workstation should be a great general purpose OS out of the box and then we should have tools like GNOME Software and Toolbx available to let you quickly and easily tweak it into your ideal development system. But at the same time by being a general purpose OS at heart, it should be equally easy to install Steam and Lutris to start gaming or install Carla and Ardour to start doing audio production. Or install OBS Studio to do video streaming.

        Looking back over the years one of the first conclusions I drew from looking at all the usecase distributions out there was that they often where mostly the standard distro, but with a carefully procured list of pre-installed software, for instance the old Fedora game spin was exactly that, a copy of Fedora with a lot of games pre-installed. So why was this valuable to people? For those of us who have been around for a while we remember that the average linux ‘app store’ was a very basic GUI which listed available software by name (usually quite cryptic names) and at best with a small icon. There was almost no other metadata available and search functionality was limited at best. So finding software was not simple, at it was usually more of a ‘search the internet and if you find something interesting see if its packaged for your distro’. So the usecase distros who focused on having procured pre-installed software, be that games, or pro-audio software or graphics tools ot whatever was their focus was basically responding to the fact that finding software was non-trivial and a lot of people maybe missed out on software that could be useful to them since it they simply never learned about its existence. So when we kicked of the creation of GNOME Software one of the big focuses early on was to create a system for providing good metadata and displaying that metadata in a useful manner. So as an end user the most obvious change was of course the more rich UI of GNOME Software, but maybe just as important was the creation of AppStream, which was a specification for how applications to ship with metadata to allow GNOME Software and others to display much more in-depth information about the application and provide screenshots and so on.

    • Server

      • Most Reliable Hosting Company Sites in January 2022 [Ed: GNU/Linux still dominating]

        Aruba kicked off 2022 with the most reliable hosting company site in January, continuing to top the table from December 2021. The top six hosting company sites each responded to all of Netcraft’s requests in January and were separated by average connection time. Aruba provides hosting, cloud and digital signature services, fibre optic internet, digital preservation, and much more. The company has data centres across Europe in the UK, Germany, Czechia, Poland, Italy and France.

    • Videos/Audiocasts/Shows

    • Kernel Space

      • Intel Arc GPUs could give gamers a reason to drop Windows 11 for Linux | TechRadar

        Intel's developers are working on bringing Resizable BAR (or ReBAR) to its upcoming ARC graphics cards for Linux, which is great news for PC gamers who are looking to jump ship from another operating system like Windows 11.

        As reported by Phoronix, DG2/Alchemist support has already been spotted within the Linux kernel and Mesa drivers already, but performance optimization is still a bit shaky. A set of patches for small BAR recovery support for the Intel kernel graphics driver have already been released last week for testing and are currently under review, so we're expecting to see them introduced in the Linux V5.18 kernel.

        A note within the patch states that "Starting from DG2 we will have resizable BAR support for device local-memory, but in some cases the final BAR size might still be smaller than the total local-memory size. In such cases only part of local-memory will be CPU accessible, while the remainder is only accessible via the GPU. This series adds the basic enablers needed to ensure that the entire local-memory range is usable."

        For those unaware, ReBAR is a PCI Express interface technology that can boost the frame rate performance by removing the 256MB block read limiter, allowing your CPU to have full access to the frame buffer. What this means is that rather than smaller, 'chopped up' sections of data being sent from the CPU to the GPU, the GPU can now ask for much larger files or data chunks and get them sent by the CPU all at once.

      • Linux 5.16.5 Released To Fix Up Btrfs' Botched Up Defragging - Phoronix

        Linux 5.16.5 is out today and making it a notable point release is it fixed up the rather botched state of the Btrfs file-system code for the v5.16 kernel.

        Linux 5.16 had a refactoring of the Btrfs file-system defrag code and this sadly ended up regressing things, which fortunately are fixed now for v5.16.5. Btrfs up to now on Linux 5.16 was consuming high amounts of I/O and causing performance degradation of the system.

      • Kasper: a tool for finding speculative-execution vulnerabilities

        The Systems and Network Security Group at Vrije Universiteit Amsterdam has announced a tool called Kasper that is able to scan the kernel source and locate speculative-execution vulnerabilities...

      • kasper - VUSec

        We present Kasper, a transient (or speculative) execution gadget scanner. It uses taint analysis policies to model an attacker capable of exploiting arbitrary software/hardware vulnerabilities on a transient path. Namely, it models an attacker capable of controlling data (e.g., via memory massaging or value injection a la LVI), accessing secrets (e.g., via out-of-bounds or use-after-free accesses), and leaking these secrets (e.g., via cache-based, MDS-based, or port contention-based covert channels). As a result, Kasper discovered 1,379 previously unknown gadgets in the heavily-hardened Linux kernel. We confirm our findings by demonstrating an end-to-end proof-of-concept exploit for one of the gadgets found.

      • Linux kernel patches “performance can be harmful” bug in video driver

        Very loosely speaking, these types of bug – perhaps they’re better described as “performance costs” – are a side effect of the ever-increasing demand for ever-faster CPUs, especially now that the average computer or mobile phone has multiple processor chips, typically with multiple cores, or processing subunits, built into each chip.

        Back in the olden days (by which I mean the era of chips like the Inmos Transputer), received wisdom said that the best way to do what is known in the jargon as “parallel computing”, where you split one big job into lots of smaller ones and work on them at the same time, was to have a large number of small and cheap processors that didn’t share any resources.

      • Graphics Stack

        • NVIDIA 510.47.03 Graphics Driver Released with Linux Kernel 5.17 and Vulkan 1.3 Support

          Two major changes are included in the NVIDIA 510.47.03 graphics driver that you should be aware of if you own an NVIDIA GPU. The first one is support for the upcoming Linux 5.17 kernel series, and the second one is support for the recently released Vulkan 1.3 graphics API.

          Also new in this release is support for the NVIDIA GeForce RTX 3050 graphics card, AV1 decode support for the NVIDIA VDPAU driver, an indicator for Resizable BAR support on compatible systems, a GUI control for setting Image Sharpening values in the app profiles page of the nvidia-settings control panel, and an application profile to avoid an image corruption issue in the Blender app.

        • NVIDIA 510.47.03 is out adding Vulkan 1.3, GeForce RTX 3050 support

          Ready for a brand new driver release? NVIDIA has released version 510.47.03 as a new stable update adding in new features, new hardware support and bug fixes. This is building on top of the NVIDIA 510.39.01 Beta driver released earlier in January.

          Some of what's new specifically to this version includes: Vulkan 1.3 support, a new daemon "nvidia-powerd" that provides support for Dynamic Boost, an application profile to get around an image corruption issue in Blender, an installer update for Kernel 5.17 and support for the new NVIDIA GeForce RTX 3050.

    • Applications

      • Scribus 1.5.8 Brings in Optimization and Reliability Improvements, Preparing for Qt6 Transition

        Scribus, the popular Qt-based publishing app, has just released version 1.5.8. Although this release is relatively minor, it does have a few key improvements and features.

        Let’s take a look at them!

      • System Monitoring Center v1.2.1 Releases With GUI Tweaks, Reduced CPU Load, and ARM Support - It's FOSS News

        Last year, we featured System Monitoring Center as one of our app highlights.

        It is an all-in-one open-source app that helps you monitor essential system resources at a glance. You would also get plenty of details that you miss with the default system monitoring app in your Linux distribution.

        At the time of covering it, the app was in the beta phase. However, it is finally out of data with its newest v1.2.1 release!

        [...]

        Overall, the latest stable update provides you with additional information. For instance, the support for voltage and current sensors was added to the app, making the data much more valuable to advanced users monitoring their systems.

        The information for exhaust fans is still something to be added, considering the developer does not have a desktop PC to test it.

        I tested it out but did not find any data for the fans. And, even when using GNOME’s Vitals shell extension, I get no fan data. So, I’m not sure what it takes to read the fan data on Linux.

    • Instructionals/Technical

      • Multiple Ways To Restart Pods In Kubernetes [How To]

        Pods are the smallest deployable units in Kubernetes. A pod is a group of one or more containers. You need to have kubectl tool installed along with the minikube cluster at first.

      • Linux crontab tutorial with Examples

        If you already have some experience as a Linux system administrator, chances are you know what cron is and what it does. If you’re just starting working with Linux, it’s essential knowledge that will certainly serve you later. Either way, if you already have the knowledge, this article will refresh it. If not, you will get a guide to start you up. So you’re only expected to have some basic knowledge of Linux systems and, as usual, a desire to learn.

        Cron’s name comes from Chronos, the Greek personification of time. And it’s a very inspired choice, because cron helps you schedule different tasks you want your system to perform at given times. If you used Windows systems, chances are you stumbled across the Scheduled Tasks tool. Generally speaking, the purpose is the same, the differences are…well, too many to name here.

      • Terraform Count Examples - buildVirtual

        The Terraform count meta argument allows you to deploy multiple resources using the same Terraform configuration block. This is useful when you need to deploy things like virtual machines (perhaps for Azure Virtual Desktop), which have the same configuration.

      • How to Install Apache ActiveMQ on Ubuntu 20.04 – VITUX

        Apache ActiveMQ is an open-source message broker written in Java. It supports several cross-language clients and protocols.

        The Apache ActiveMQ message broker is a fast, reliable, scalable, and totally integrated open source messaging platform for handling lots of messages (ingest) or lots of consumers (dispatch). It uses memory as the storage format; it can be configured to store data persistently on a disk if necessary. The initial startup time can be slow due to the fact that ActiveMQ will load all historical information into memory. However, after the first startup period, which could take up to several minutes depending on how much history you have stored in your queues and other configuration settings, performance starts to scale well up until a point when we consider other factors such as system resources.

        Based on its origins as an experience of just moving from an in-house messaging solution to a commercial product, ActiveMQ can be considered as one of those products that have been constantly developed and improved, offering extremely high quality and solid stability.

        ActiveMQ provides both a simple embedded broker and a fully deployed, highly available enterprise solution. Its most important features and strengths are high availability and failover (a setup with one broker can survive up to 99.999% of message loss), support for many ways of connecting clients (including web consoles, command-line tools, and libraries, JMS client libraries, etc.), clustering across physical boundaries, load balancing through multiple internal queues per topic, flexible configuration such as persistent or non-persistent messages according to the need, the persistence of data by file or database, security implementation based on JAAS authentication model which also supports LDAP implementation.

      • How to install MuseScore on a Chromebook

        Today we are looking at how to install MuseScore on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • How to get the current Date and Time in Python

        Python is a popular programming language widely used in today’s world providing versatility in different related sectors. One of the cool things that we can do with python is to get the current date and time.

        Using the datetime module which is preinstalled in python, we can manipulate date and time like getting the current date and time in different ways. In this article, we are going to show the different examples to get the current date and time in python.

      • How to use patsplit (GNU AWK)

        patsplit was introduced in version 4.0 of GNU AWK. It's a string splitter, and it allows you to dissect a string more flexibly than you can with AWK's substr function.

        Given a string, patsplit breaks the string into pieces that match a regex and stores the pieces in an array. It returns the number of pieces.

      • Install NetBeans IDE on Rocky Linux 8 - kifarunix.com

        In this tutorial, we will cover how to install NetBeans IDE on Rocky Linux 8. NetBeans IDE is a free and open source extensible Java IDE (Integrated Development Environment) that enable software developers to quickly and easily develop Java desktop, Java EE, and web applications, as well as HTML5 applications with HTML, JavaScript, and CSS. The IDE also provides a great set of tools for PHP, Ruby and C/C++ developers.

        Want to run NetBeans IDE on Rocky Linux 8 desktop? This guide will take you through how to install NetBeans IDE on Rocky Linux 8.

      • How to set up Kubernetes Cluster on Ubuntu 20.04 with kubeadm and CRI-O – Citizix

        Kubernetes is an open-source container orchestration system for automating software deployment, scaling, and management. Google originally designed Kubernetes, but the Cloud Native Computing Foundation now maintains the project. It groups containers that make up an application into logical units for easy management and discovery.

        Kubeadm is a tool used to build Kubernetes (K8s) clusters. Kubeadm performs the actions necessary to get a minimum viable cluster up and running quickly.

        In this guide we will learn how to use kubeadm to set up a kubernetes cluster in Ubuntu 20.04.

      • How to install Wire Desktop on Zorin OS 16 - Invidious

        In this video, we are looking at how to install Wire Desktop on Zorin OS 16.

      • How To Install RethinkDB on Ubuntu 20.04 LTS - idroot

        In this tutorial, we will show you how to install RethinkDB on Ubuntu 20.04 LTS. For those of you who didn’t know, RethinkDB is a free and open-source NoSQL database system that makes it easier for building real-time apps. It uses JSON to load the applications into and read the database. RethinkDB is built to store JSON documents and you can scale it to multiple machines easily. It is easy to set up and has a simple query language that supports table joins and group by.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the RethinkDB open source and scalable database on Ubuntu 20.04 (Focal Fossa). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.

      • How To Configure LAMP Server With Clear Linux OS

        Welcome Again, Today we will discuss how to install LAMP Server with ClearOS Linux. In the previous tutorial, we have discussed a brief introduction of Intel’s Linux OS. Let’s see what we can do with OS. Why not start with the LAPM server which is the very basic requirement for most of the projects.

      • How To Install Mixxx 2.3.2 On Ubuntu / Fedora | Tips On UNIX

        Mixxx is Free DJ software that gives you everything you need to perform live DJ mixes. It is available for multiple operating systems (ie) Windows, Linux, and macOS.

        Mixxx recently released their stable version 2.3.2 about three months after the 2.3.1 stable release. , this release has a lot of fixes and improvements.

        This tutorial will be helpful for beginners to install mixxx 2.3.2 on Ubuntu 20.04, Ubuntu 22.04, and Fedora 35.

      • How to Install and Run Linux on Chromebook in 2022

        Linux operating system is becoming very popular among users due to its incredible performance and many features packed in a tiny package and apart from everything else, this operating system is free. Now people are often confused about how to install Linux on your laptop, desktop PC, notebook, or Chromebook. On a laptop or desktop PC, it’s easy to figure out how to install the various Linux distros but if you ever need to install Linux on your Chromebook, things get more difficult. So, in this guide, I will explain to you how you can install Linux on your Chromebook.

      • How to Install CRI-O Container Runtime on Ubuntu 20.04

        CRI-O is an OCI-based implementation of Kubernetes Container Runtime Interface (CRI) Developed to provide an integration path between OCI-compliant runtimes and the Kubelet. It is a lightweight container runtime environment. A container runtime is the software that is responsible for running the containers. When installing kubernetes, you need to install a container runtime into each node in the cluster so that Pods can run there.

      • How to Create and Use MacVLAN Network in Docker

        In Docker, a common question that usually comes up is “How do I expose my containers directly to my local physical network?” This is especially so when you are running monitoring applications that are collecting network statistics and want to connect container to legacy applications. A possible solution to this question is to create and implement the macvlan network type.

        Macvlan networks are special virtual networks that allow you to create “clones” of the physical network interface attached to your Linux servers and attach containers directly your LAN. To ensure this happens, simple designate a physical network interface on your server to a macvlan network which has its own subnet and gateway.

        In this guide, we will demonstrate how you can create and use mavlan networks in Docker.

      • How To Search In Vim / Vi [Vim Tutorial] | Itsubuntu.com

        Vim is a popular open-source Unix text editor. In this article, we will discuss how to perform search operations in Vim / Vi.

      • How to Install The Latest Mixxx 2.3.2 via PPA in Ubuntu 22.04 / 20.04 | UbuntuHandbook

        Free open-source DJ software Mixxx released version 2.3.2 with some important fixes. Here’s how to install it in Ubuntu via PPA.

        Mixxx 2.3.2 added controller mapping for Pioneer DDJ SB3, re-enabled the color sorting for playlists feature, which is missing in v2.3.0. It also fixed writing of track metadata on Windows to prevent data loss when exporting, as well as playlist export issue on Linux. For more, see the release page.

      • How to get started with the ed text editor | Enable Sysadmin

        For as well-loved as the vi command is, it's the ed command that's considered the standard Unix text editor. It was the very first text editor for Unix, and it's available on even the most modern Linux systems.

        Unlike text editors you may be used to on Linux or another system, ed doesn't open a window or even a screen of its own. That's because it's a functional editor that you can control either interactively or with a script. If you're already familiar with sed, then you'll find ed easy to learn. If you're new to both, ed can give you a different perspective on how you can process and modify data on your system.

      • How to install PHP Composer on Rocky Linux 8 / Alma Linux 8 - A Dependency Manager for PHP!

        Hello, friends. Long time no write. This time, I will show you how to install PHP Composer on Rocky Linux 8. PHP Composer is a fundamental tool for PHP, so it is always useful to know how to install it quickly.

      • How to install Flatpak on Fedora 35 – NextGenTips

        In this tutorial, we are going to learn how to install Flatpak on Fedora 35.

        Flatpak is a utility for software deployment and package management for Linux. Flatpak offers a sandbox environment in which users can run application software in isolation from the rest of the system.

        Flatpak can be used by all kinds of desktop environments and aims to be agnostic as possible regarding how applications are built.

        Flatpak runtimes and applications are built as OCI images and are distributed with Fedora registry

        Flatpaks are a new way of deploying applications.

      • How to install Flatpak on Debian 11 – NextGenTips

        In this tutorial, we are going to learn how to install Flatpak on Debian 11.

        Flatpak is a utility for software deployment and package management for Linux. Flatpak offers a sandbox environment in which users can run application software in isolation from the rest of the system.

        Flatpak can be used by all kinds of desktop environments and aims to be agnostic as possible regarding how applications are built.

      • Install KDE Plasma Desktop on Ubuntu 22.04 LTS - LinuxCapable

        The name KDE comes from “K Desktop Environment.” It is a free, open-source desktop environment for those unfamiliar with KDE Desktop. It provides Linux users with an alternative graphical interface to customize their desktop environment and applications for everyday use enhancement.

        In Ubuntu’s case, this is GNOME. Besides the graphical enhancements and changes, it is also a lightweight, fast, smooth environment with superior performance compared to native shipped desktops with some Linux Distributions.

        In the following tutorial, you will have learned how to install KDE Desktop Environment on Ubuntu 22.04 LTS Jammy Jellyfish.

      • Install GCC (build-essential) on Ubuntu€ 20.04 LTS - LinuxCapable

        GCC, better known as The GNU Compiler Collection, is a set of compilers, development tools, and front ends such as C, C++, Objective-C, Fortran, Ada, Go, and D. GCC is open-source and is widely used as it was the original compiler for GNU and currently is in use to compile the Linux Kernel along with many other projects.

        In the following tutorial, you will learn how to install GCC on Ubuntu 20.04 LTS Focal Fossa desktop or server.

      • Install CMake on Debian 11 Bullseye - LinuxCapable

        CMake is a free, open-source, and cross-platform compiler designed to build native environments, generate wrappers, build executables in arbitrary combinations. CMake is popular due to its cross-platform so that developers using the build system work the way they’re used to.

        In the following tutorial, you will learn how to install CMake on Debian 11 Bullseye Desktop or Server.

      • Install MATE Desktop on Ubuntu 22.04 LTS - LinuxCapable

        For those not familiar with MATE Desktop Environment, it continues GNOME 2. It is famous for being lightweight, fast, and stable that runs on Linux and most BSD operating systems. MATE is also an excellent choice for a lower-end system or those looking to remain efficient on system resources. Also, a dedicated Ubuntu MATE edition exists for this desktop environment, enticing users to switch from Ubuntu altogether.

        In the following tutorial, you will have learned how to install MATE Desktop on Ubuntu 22.04 LTS.

      • Install NetBeans IDE on Debian 11 - kifarunix.com

        In this tutorial, we will cover how to install NetBeans IDE on Debian 11. NetBeans IDE is a free and open source extensible Java IDE (Integrated Development Environment) that enable software developers to quickly and easily develop Java desktop, Java EE, and web applications, as well as HTML5 applications with HTML, JavaScript, and CSS. The IDE also provides a great set of tools for PHP, Ruby and C/C++ developers.

        Want to run NetBeans IDE on Debian 11 desktop? This guide will take you through how to install NetBeans IDE on Debian 11.

      • Install NetBeans IDE on Ubuntu 22.04 - kifarunix.com

        In this tutorial, you will learn how to install NetBeans IDE on Ubuntu 22.04. NetBeans IDE is a free and open source extensible Java IDE (Integrated Development Environment) that enable software developers to quickly and easily develop Java desktop, Java EE, and web applications, as well as HTML5 applications with HTML, JavaScript, and CSS. The IDE also provides a great set of tools for PHP, Ruby and C/C++ developers.

      • A to Z Linux Commands

        There are numerous Linux commands out there. There are a subset of built-in shell commands like cd and then there are the ones from GNU coreutils like less. In addition to that there are additional CLI utilities like curl, wget etc.

        On Linux Handbook, we have covered over 80 Linux commands with practical examples. This is a collection of all the Linux commands we have covered so far.

        The commands have been organized in alphabetical order so that it is easy for you to find the commands from the index.

      • Capturing Packets with Tcpdump and analyzing them with Wireshark on Ubuntu

        In this guide, I will show you how to analyze network Packets on Linux. I will use the Tools Tcpdump and Wireshark. This tutorial uses Ubuntu as OS, but it is applicable to other Linux distributions too.

      • How to Delete Speific Lines from File in Linux Command Line

        The task is simple. You have to delete specific lines from a text file in Linux terminal.

        You can use a text editor like Vim or Nano, enter the file and delete the desired lines. However, this approach is not suitable for automation using bash scripts.

        Instead, you can use the powerful sed command line editor and delete lines that match specific criteria. And of course, you can use sed in your shell scripts.

        Let me show a few use cases.

    • Games

      • Can you survive six of your deadliest foes?

        Marvel Comics Spider-Man: The Sinister Six, the first supported game of the Hypno engine, is ready for public testing!

        Get ready to defeat Spidey’s arch-enemies: Dr. Octopus, Hobgoblin, Shocker, Chameleon, Mysterio, and Vulture!

        [...]

        ScummVM currently supports the English and Spanish releases out of the box. Support for the Hebrew release will be available soon. A German release also exists, but we need help finding a copy before it can be supported.

      • AMD FidelityFX Super Resolution support comes to Valve's Gamescope Compositor

        Gamescope, Valve's Wayland compositor that assists the process of running games on the Linux platform, has now blended support for AMD FidelityFX Super Resolution, also known as AMD FSR.

        Valve's Gamescope was created from Valve's SteamOS Compositor (file name "steamcompmgr") as a micro-compositor that supplies the most satisfactory gaming performance with the Wayland setting. This process incorporates operating as a nested compositor on a standard Linux desktop. Gamescope is already supporting the integration of integer scaling and other components and will include AMD FSR in its already robust settings. AMD FidelityFX Super Resolution is the company's open-source image upscaling procedure that delivers increased graphical results for next-gen gamers and users.

      • Valve's Gamescope Compositor Adds AMD FidelityFX Super Resolution Support - Phoronix

        Valve's Gamescope as a Wayland compositor for running games on Linux now has integrated support for AMD FidelityFX Super Resolution (FSR).

        Gamescope is what was developed from Valve's SteamOS Compositor (steamcompmgr) as a micro-compositor focused on delivering the best gaming performance atop Wayland -- including working as a nested compositor on a regular Linux desktop. Gamescope has supported integrated integer scaling and other features while now adds AMD FSR to its toolset. FidelityFX Super Resolution is AMD's open-source image upscaling technique that has been offering great results for gamers.

    • Distributions

      • SUSE/OpenSUSE

        • SUSE support goes multi-colored off Q4 2021 results

          Multi-platform support & a commitment to containers are among the rosy financials for the German multinational.

        • Rancher Desktop 1.0.0 Has Arrived

          We are happy to announce the 1.0.0 release of Rancher Desktop. This release has been months in the making since development on Rancher Desktop began. After starting small and learning what users needed, we were able to adjust its path and develop the features needed for a 1.0.0 stable community release.

          But wait – what is Rancher Desktop again? It’s an open source app for desktop Kubernetes and container management on Mac, Windows and Linux.

        • Rancher Desktop 1.0 Released

          According to the announcement from Matt Farina, “At SUSE, we want to make the experience of working with Kubernetes on your desktop easier and simpler. Those who develop applications or package them up to run in Kubernetes need an easy-to-use local environment.”

      • IBM/Red Hat/Fedora

        • Build a FIX engine using Quickfix/J and Quarkus

          If you have spent any time in a trading organization, whether foreign exchange (FX), commodities, or equities, there's a good chance you've encountered the Financial Information eXchange (FIX) protocol. FIX is a socket-based, asynchronous message protocol designed for electronic trading. The protocol is implemented and used across all the major exchanges, such as NYSE, NASDAQ, CME, and ICE. FIX provides an API to broker-dealers and retail customers to obtain security definitions, submit and manage orders, and receive events such as trades.

          This article guides you through the steps to develop a basic application that can exchange financial information over the FIX protocol in a Java application using the QuickFIX/J engine. We'll use Quarkus to gain access to the many conveniences this framework offers.

        • Stories from the amazing world of release-monitoring.org #12

          The realm of release-monitoring.org looks quiet from the top of my tower but there are plenty of activities happening below. I turn back from the window and went back to my table, various papers lying on it. All the bugs from Bugcronomicon with a few of my notes lying around. There is a lot of them ending on my table! I’m trying to address them all, but there are too many of them.

          [...]

          As you might already know, Anitya is using social_auth-flask as the authentication library to authenticate users with external authentication servers (in our case it’s Fedora Account System (FAS)). As you can see in the repository, this library hasn’t been updated for a long time and now we are hitting some issues. I tried to fix this and my pull request got merged, but the contributor with permissions to release a new version isn’t active anymore.

          So, what is the issue? If you try to login to purgatory (staging instance of Anitya), you will be treated with an Internal Server Error, which is caused by the issue mentioned above.

          The conclave of mages decided to migrate to another authentication library and this work is currently in progress. Until the migration is done, I don’t want to release a new version of Anitya in production. I’m sorry for the inconveniences that this situation is causing.

        • 3 ways I configure SSH for privacy | Opensource.com

          SSH (Secure Shell) is a protocol that enables you to create a verified and private connection, securing the channel using cryptographic keys, to launch a remote shell on another machine. Using this connection, you can execute remote commands, initiate secure file transfers, forward sockets and displays and services, and much more.

          Before the appearance of SSH, most remote administration was done over telnet, and to be fair, once you could establish a remote session, you could do practically whatever you need. The problem with this protocol was that traffic traveled unencrypted as pure plaintext. It didn't take much effort to use a traffic sniffer to see all the packets within a session, including those containing a username and password.

          With SSH, thanks to the use of asymmetric keys, the sessions between the apparatus involved in the communication are encrypted. And nowadays this is more relevant than ever, with all the cloud servers getting administered from all over the world.

        • View your Linux server's network connections with netstat | Opensource.com

          I shared some important first steps to help manage your personal Linux server in a previous article. I briefly mentioned monitoring network connections for listening ports, and I want to expand on this by using the netstat command for Linux systems.

          Service monitoring and port scanning are standard industry practices. There's very good software like Prometheus to help automate the process, and SELinux to help contextualize and protect system access. However, I believe that understanding how your server connects to other networks and devices is key to establishing a baseline of what's normal for your server, which helps you recognize abnormalities that may suggest a bug or intrusion. As a beginner, I've discovered that the netstat command provides important insight into my server, both for monitoring and network troubleshooting.

          Netstat and similar network monitoring tools, grouped together in the net-tools package, display information about active network connections. Because services running on open ports are often vulnerable to exploitation, practicing regular network monitoring can help you detect suspicious activity early.

        • Hybrid work: 5 tips for prioritizing the employee experience

          Companies everywhere talk about how important the customer experience is, and they’re not wrong – it’s a top priority for us, too, because without our customers, we’d be out of business. But at Clario, we place just a little more importance on driving an exceptional employee experience.

          I’ve found that employees who are invested, feel recognized and challenged, have a sense of fun, and feel tied to the mission of the organization tend to deliver an outstanding customer experience. The quality of the product they deliver is better, the way they support customers is better, and they’re more empathetic toward the customer and what they experience every day. When you have invested employees, all of that comes a little easier.

          Having a superior employee experience is important for a variety of reasons, especially given today’s hypercompetitive job market. It’s easier than ever to find a new job, which is why it’s so critical to work on elevating the experience your own employees have every day. We do this by cultivating a workforce that values diversity and inclusion and ensuring that they’re doing meaningful work, feel recognized, are compensated well, and have a transparent career path.

        • Transitioning Red Hat’s finance leadership

          Later this year, Laurie Krebs, Red Hat’s senior vice president and chief finance officer (CFO), will retire after five years with the company. Carolyn Nash, currently vice president of global finance, transformations and operations, will be promoted to senior vice president and CFO replacing Laurie on April 1st. Until her retirement in July, Laurie will work with Carolyn to ensure a smooth transition.

        • Performance troubleshooting with the RHEL Web Console

          The Web Console in RHEL is a great place to start troubleshooting a potential performance issue on a RHEL system. Learn in this post how the Web Console can show you current real time performance information, historical graphs of performance metrics, and more.

        • Growing the open source talent pipeline with HBCUs

          When conversations around DEI within the technology industry are brought up, often what you hear is a lack of a strong pipeline or challenges with finding qualified, diverse talent to fill job openings. Having a diverse talent pool is no longer a nice-to-have, it’s a must-have in order to maintain innovation and continue to drive business forward. At Red Hat, we face the same issues and what we have found is that in order to find diverse talent, we need to go to where the talent is.

      • Canonical/Ubuntu Family

        • Linux Lite 5.8 Released with Minor Improvements

          Jerry Bezencon has announced the release of Linux Lite 5.8, a lightweight desktop distribution based on Ubuntu.

          Linux Lite is a Linux distro based on Ubuntu and comes with a super lightweight Xfce desktop environment. It is specifically developed to ease Windows users and more precisely those with old machines into the world of Linux.

          The distro targeted an audience with ancient PCs. Thanks to its lightweight nature, it can run on almost any ancient computer.

          Today, Linux Lite 5.8 finally becomes available as an incremental update to the previous release in the Linux Lite 5.x series.

        • Linux Lite 5.8 Officially Released

          Linux Lite 5.8 is now available for download. Linux Lite 5.8 is based on Ubuntu 20.04.3 LTS. Linux Lite is a free and lightweight operating system based on the Ubuntu LTS (Long term Support) series of releases.

        • Linux Mint Monthly News – January 2022

          We received donations from 730 people in December and 695 in January. I have to tell you it’s a real pleasure to see these numbers, especially after a release. Aside from helping us financially this is a huge motivational boost for everyone involved. I like to imagine 700 people in a room with smiles on their face who came just because they enjoyed what we worked on. We all contributed something in the team, whether it’s a performance improvement in Cinnamon, a new desktop utility tool, a system fix, an idea… we had fun and we made a lot of people happy, and that is a fantastic feeling. Many thanks to you all for your donations and for your support.

          As you know Linux Mint 20.3 is out and it was the last 20.x release. The next development cycle comes with a fair share of ideas and exciting new features, but also some really ambitious items when it comes to the foundations and the technology we’re using under the hood. For instance, we’re currently working on rebasing Cinnamon’s window manager and Javascript interpreter on more modern versions of mutter and GJS.

          The LMDE project continues. LMDE stands for Linux Mint Debian Edition and consists in making a distribution which is almost identical to Linux Mint but based on Debian instead of Ubuntu. It’s an interesting exercise because it forces us to test the compatibility of our own software stack with Debian and it shows us exactly why and how we rely on Ubuntu and where we find ourselves without it. Ubuntu, as a package base, but also as a set of improvements, additional packages and bug fixes on top of Debian, is a major component of Linux Mint. Although LMDE shows us why Ubuntu is the best alternative for us it also shows us how easy it is to port our work to a different base and how close to Linux Mint that gets us. We work on LMDE primarily for us, to get that information. It is not a priority, certainly not compared to Linux Mint itself, but it is an important project nonetheless.

        • Bare metal Kubernetes as a Service: Canonical MAAS and SpectroCloud Webinar | Ubuntu

          Developers want Kubernetes infrastructure that is fast, consistent, and without limits! Platform engineering, IT, and DevOps teams are adopting Kubernetes as a Service (KaaS) now more than ever before to streamline efficiency for dev teams and operations. But what happens when the requirement involves deploying clusters directly on top of bare metal servers and making sure the experience for multiple global dev teams is the same… everywhere?

        • Artificial Intelligence (AI)-Generated Art Created in Space as Prelude To Celestium Global Art and STEM Project

          Award-winning artist Cecilie Waagner Falkenstrøm and her tech team at ARTificial Mind are advancing the next epoch of digital art with a first of its kind artificial intelligence (AI) artwork created in space.

        • Artificial Intelligence (AI)-Generated Art Created in Space as Prelude To Celestium Global Art and STEM Project

          Thanks to Canonical’s Ubuntu Core, Celestium could run in a system with tight computing resources all while ensuring immutability and containment alongside its complex AI software compatibility. In addition to this, thanks to its minimal image size it was possible to use a satellite link with limited bandwidth in order to get this artwork into space.

    • Devices/Embedded

      • 4K digital signage player drives up to four displays, offers 2.5GbE networking - CNX Software

        Axiomtek DSP511 is a Tiger Lake UP3 based digital signage player with four 4K-capable HDMI 2.0 ports as well as a 2.5GbE port designed for smart retail applications such as interactive advertisement or AI precision marketing.

        The DSP511 supports up to 64GB RAM via two DDR4-3200 SO-DIMM sockets, M.2 SATA and NVMe storage, as well as wireless expansion with optional WiFi, Bluetooth, and or 5G/4G LTE cellular connectivity.

      • Open Hardware/Modding

        • Create this card-dealing robot to streamline your poker nights | Arduino Blog

          If you’ve ever dealt cards the “wrong way” among serious poker players, then you know that some people do not take the dealing process lightly. You must deal cards in the proper order, one to each player before starting back at the first, without ever showing a card. If that sounds like a hassle to you, you can build this card-dealing robot designed by Mr Innovative.

          This simple robot accepts a standard deck of playing cards and deals a preset number of cards to a preset number of players. We would like to see it have some sort of interface to select the number of players and how many cards they receive, but that would be easy to add to the design. It is small enough to fit on any card table and can deal at a fast pace without flinging cards too far.

        • A New Way to Connect with Arduino Cloud | Arduino Blog

          As Arduino Cloud continues to evolve and we see more and more people adopting the platform, we wanted to make sure there was a strong focal point for newcomers to find out what it’s all about. Which is why we just released cloud.arduino.cc, to give you a one-stop shop for learning everything about Arduino Cloud.

          [...]

          There’s also a whole section dedicated to use cases, which we’re particularly excited about. Use cases are an excellent place to learn what you can do with the Cloud, and to get inspiration. But they’re also an excellent showcase of what people in the Arduino Community have achieved.

          So to that end, we’re always keen to hear from anyone out there who has a working example of an Arduino Cloud project, and wants to show it off. Get in touch if you think your project might be suitable for an official Arduino Cloud use case.

    • Free, Libre, and Open Source Software

      • Introducing Watchtower

        The web app gives a bird’s-eye view over the progress on your video project, whether it’s a feature film animation or a documentary short. In fact, you can head over to a demo project and see for yourself.

        Once you have your list of sequences and shots, you can start storyboarding and that’s where Watchtower becomes instantly useful: you can see the stage of every shot on the timeline, there’s color coding for sequences, and at any given time you can watch the entire film as long as your shots and assets have been uploaded.

        So if you have some shots as storyboard images, some parts as previsualizations, and some parts as color-graded renders, you can still watch the entire thing to get a sense of how your story is developing, which is great for review too.

        [...]

        Watchtower is a free/libre (GPLv3) web app written in Vue.js. It has been primarily designed to work on top of Kitsu, a free/libre (AGPLv3) collaboration platform for management of video production.

      • curl with rust

        I did an online presentation with this name for the Rust Linz meetup, on January 27 2022.

      • syslog-ng relaunch

        syslog-ng has been around for decades: I started coding the first version of syslog-ng in September 1998, circa 24 years ago. The adoption of syslog-ng skyrocketed soon after that: people installed it in place of the traditional syslogd across the globe. It was packaged for Debian, Gentoo, SUSE and even commercial UNIXes. It became a default logging daemon in some of these Linux distributions. Commercial products started embedding it as a system component. Over the years however I feel that syslog-ng has become a trusted piece of infrastructure, few people really care about. I set out to change that.

      • Peter Czanik: Working with JSON logs from sudo in syslog-ng

        This weekend I am going to give a talk about sudo in the security track of FOSDEM. I will talk a few words about logging at each major point I mention, but I cannot go into too much detail there. So, consider this blog both as a teaser and an extension to my FOSDEM talk. You will learn how to work with JSON formatted logs in syslog-ng and also about new sudo features along the way. You will also learn about JSON logging in sudo, chroot support, logging sub-commands, and how to work with these logs in syslog-ng.

      • Web Browsers

        • Mozilla

          • Keep your multiple online lives private with Multi-Account Containers Add-on on Mozilla VPN

            At Mozilla, online privacy has always been one of our top priorities. Recently we announced Total Cookie Protection on Firefox Focus to combat cross-site tracking, and last year we introduced Firefox Relay, a privacy-first product that hides your real email address to help protect your identity. We are always looking for ways to offer privacy within our family of products and, after a successful rollout in English in November we’re combining one of our users’ favorite Firefox Add-ons, Multi-Account Containers, with Mozilla VPN, our fast and easy-to-use VPN service, to offer a unique, privacy solution that is only available in Firefox. In addition, today’s Mozilla VPN release includes the multi-hop feature available on Android and iOS.

          • Shaw Joins Firefox’s Trusted Recursive Resolver Program

            Today, Mozilla, the maker of Firefox, and Shaw Communications Inc. have announced that Shaw is the first Internet Service Provider (ISP) in Canada to provide Firefox users with encrypted Domain Name System (DNS) services through Mozilla’s Trusted Recursive Resolver (TRR) Program.

            For more than 35 years, DNS has served as a key mechanism for accessing sites and services on the internet. Functioning as the internet’s address book, DNS matches website names, like Firefox.com and Shaw.ca, to their corresponding internet protocol (IP) addresses so that browsers can load the correct website.

      • SaaS/Back End/Databases

        • PostgreSQL: German PostgreSQL Conference 2022 & Call for Papers

          Announcing the German PostgreSQL Conference 2022 & Call for Papers

          PGConf.de 2022 is the sequel of the highly successful German PostgreSQL conferences 2011, 2013, 2015, 2018 and 2019. We'll stay in Leipzig, at the same nice hotel and conference location as in 2019, in the middle of the town.

      • Productivity Software/LibreOffice/Calligra

        • New Colibre's Chart Type Design

          Currently Colibre is following the monoline theme guide as described in a previous post. There is a part that is still out of the guide, namely the chart images. On a whim to fill the Lunar New Year holiday, I redrawn almost the entirety of this chart. The reference goes back to the Galaxy icon theme.

      • FSFE

        • Let's celebrate together the next I Love Free Software Day!

          Every 14th of February, people around the world celebrate the “I Love Free Software Day”. On this day we show our love for Free Software and thank all the people contributing to software freedom. This year, we are organising a whole event dedicated to Free Software games.

          Although many of us depend on Free Software every day, contributors to those projects usually remain invisible. This is one of the main reasons that drive us to celebrate this day. We want to highlight the valuable work of all the people who contribute to software freedom, and take the time to say thank you!

          There are three different ways you can join us for this celebration. Spoiler alert: all of them are a lot of fun!

      • FSF

        • Artist collective Hundred Rabbits to keynote LibrePlanet: "Living Liberation"

          "Living on the water, often away from civilization, Internet connection and distribution routes, we could not bring our digital creations to life without the capability to repair devices and fix software ourselves," said artist collective Hundred Rabbits when speaking about their keynote, which will be held on March 20, at this year's LibrePlanet conference, organized by the FSF.

          Hundred Rabbits is a small artist collective consisting of Rek (they), a writer and cartoonist, and Devine (they), a programmer, artist, and musician. They travel the globe together with their sailboat named "Pino" while creating and adapting software to fit their needs. They learned, with a lack of energy resources and Internet access, they needed to make adjustments to the way they were using their technology. Besides sharing their experiences about living on the water, they also document their use of various technologies and their art. In addition to blogs, cartoons, and music, they create and publish free (as in freedom) software projects. They say, "helping users to fix their issues and modify the software to better suit their needs, encourages people to help each other to find solutions, and submit revisions for everyone to enjoy."

        • GNU Projects

          • GNU Screen v.4.9.0 [Savannah]
            I'm announcing availability of GNU Screen v.4.9.0 
            Screen is a full-screen window manager that multiplexes a 
            physical terminal between several processes, typically 
            interactive shells. 
            New in this release: 
              * Hardstatus option for used encoding (escape string '%e') 
              * OpenBSD uses native openpty() from its utils.h 
              * Fixes: 
                - fix combining char handling that could lead to a segfault 
                - CVE-2021-26937: possible denial of service via a crafted UTF-8 character sequence (bug #60030) 
                - make screen exit code be 0 when checking --help 
                - session names limit is 80 symbols (bug #61534) 
                - option -X ignores specified user in multiuser env (bug #37437) 
                - a lot of reformations/fixes/cleanups (man page and source code) 
            For full list of changes see 
            https://git.savannah.gnu.org/cgit/screen.git/log/?h=v.4.9.0 
            Release is available for download at: 
            https://ftp.gnu.org/gnu/screen/ 
            or your closest mirror (may have some delay) 
            https://ftpmirror.gnu.org/screen/ 
            Thanks to everybody who contributed patches and helped to test development git-version. 
            Keep sending bugreports or any regressions. 
            Have a lot of fun with GNU Screen 4.9.0 ;-) 
            Cheers, 
            Alex
            
      • Programming/Development

        • Dirk Eddelbuettel: #35: apt install rstudio quarto

          Many of us have been running RStudio off our local machines for as long as binaries have been provided. Which is by now probably a bit over a decade. Time flies.

          And as nice it is to have matching binaries, in my case in the .deb format used on Debian or Ubuntu, it is wee bit a painful to manually download a file and then install it. Twice the pain if you are lucky enough to be on a system where you can also run RStudio Server. And now three times as painful as you may need a matching quarto-cli binary for the nice quarto service.

          So wouldn’t it be nice to have an apt-getable repo? And to autoMAGICall get updated versions when they are available? Oh yes. And I had been bugging JJ from day one. And JJ would almost listen intendly, nod briefly and firmly, and issue an assured we will look into it. Well, they are still looking…

        • Mocking non-virtual functions in C++ with gMock & PowerFake

          I’ve not written anything here in about 4 years, and many things have changed in the meantime. After becoming a father and start rising my twins, I was less active in the community. But I hope this will change in future.

          Recently, I’ve put some effort to enhance PowerFake further to fix some known issues and enhance its feature set, and also provide some brief docs! Among other things, I figured that Google Test/Google Mock are pretty popular; while I personally prefer Boost Test / FakeIt. Therefore, I also decided to look into integrating with Google Mock (gMock); and I was able to put something together for it. So, it is now possible to mock non-virtual member functions, static member functions and free functions using gMock too.

        • Qt commercial licensing simplified!

          The Qt Company has invested heavily in developing new features and functionality and acquiring new technology to expand our product offering. The feedback from the market has been that our license offerings, terms, and conditions are complex and challenging to understand. Therefore, we are streamlining and simplifying our commercial offering. One of our primary goals is to "make it easy to do business with us,” and we believe that the changes outlined in this blog post will put us on the path to our goal.

        • Qt Announces Changes To Simplify Its Commercial Licensing - Phoronix

          The Qt Company continues to look for ways to diversify its product offering and improve its financial performance. In addition to the recent change making it easier to add ads into Qt apps, The Qt Company announced today a simplification of their commercial licensing.

          [...]

          Qt for Application Development pricing starts out at $302 USD per month per user at the professional level or $329 USD per month per user for their enterprise edition with extra functionality. Qt Design Studio meanwhile starts out at $180 USD per month per user. Their pricing for those interested can be found here.

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • Open Letter to Biden: Cybersecurity for FOSS needs copyleft and consumers' right to repair

          Inspired by the log4j situation, The White House recently met with Big Tech on the issue of security vulnerabilities in FOSS used in the nation's infrastructure. While we are glad these issues have received attention at the highest levels of the administration, we are concerned that representation in these discussions is skewed. Hobbyists, and communities organized around public interest and consumer rights, who both use and develop a large portion of FOSS, were not represented. Additionally, the entities represented at the meeting were biased toward copyleft-unfriendly organizations. Unsurprisingly, these entities focused on Software Bill of Materials (SBOM) as a panacea for the problem of FOSS security. While SBOMs are a useful small step toward hardening the nation's software infrastructure, we believe the proper solution is to favor copylefted FOSS.

          Consumers must have access to source code, the right to modify and reinstall it (or hire anyone they'd like in the free market to do so). Without these rights, businesses, individuals, and the government — all of whom rely on software as part of their critical infrastructure — cannot identify and repair security vulnerabilities. Furthermore, the widespread incorporation of non-copyleft FOSS, which companies can and do proprietarize, creates a false sense of security — as many users may not realize that “FOSS inside” (as listed on their SBOM) does not mean the software is any better than proprietary software.

        • macOS Monterey Users Dealing with Update that Drains Battery
        • Security

          • Security updates for Tuesday [LWN.net]

            Security updates have been issued by Debian (ipython), Fedora (kernel and usbview), Gentoo (webkit-gtk), Oracle (java-1.8.0-openjdk), Red Hat (kpatch-patch and samba), Scientific Linux (samba), Slackware (kernel), SUSE (kernel and samba), and Ubuntu (samba).

          • Linux Firmware Updating Growth Continues Amid Security Updates

            The Linux Vendor Firmware Service (LVFS) for delivering firmware updates with the fwupd client for system and component firmware updates from Linux continues experiencing massive growth. Q4'2021 by far saw the most usage ever and that has continued into 2022 with serving more than two million firmware downloads the past month.

          • Samba 'Fruit' Bug Allows RCE, Full Root User Access | Threatpost

            The issue in the file-sharing and interop platform also affects Red Hat, SUSE Linux and Ubuntu packages.

            A critical severity vulnerability in the Samba platform could allow attackers to gain remote code execution with root privileges on servers.

          • Samba Releases Security Updates | CISA

            The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An attacker could exploit one of these vulnerabilities to take control of an affected system.

          • New Samba Bug Allows Remote Attackers to Execute Arbitrary Code as Root

            Samba has issued software updates to address multiple security vulnerabilities that, if successfully exploited, could allow remote attackers to execute arbitrary code with the highest privileges on affected installations.

            Chief among them is CVE-2021-44142, which impacts all versions of Samba before 4.13.17 and concerns an out-of-bounds heap read/write vulnerability in the VFS module "vfs_fruit" that provides compatibility with Apple SMB clients.

          • The Linux Foundation Releases The State of Software Bill of Materials (SBOM) and Cybersecurity Readiness Research
          • The Linux Foundation Releases The State of Software Bill of Materials (SBOM) and Cybersecurity Readiness Research - Linux Foundation

            The Linux Foundation, the nonprofit organization enabling mass innovation through open source, in partnership with OpenSSF, SPDX, and OpenChain, today announced the availability of the first in a series of research projects to understand the challenges and opportunities for securing software supply chains. “The State of Software Bill of Materials and Cybersecurity Readiness” reports on the extent of organizational SBOM readiness and adoption tied to cybersecurity efforts. The study comes on the heels of both the U.S. Administration’s Executive Order on Improving the Nation’s Cybersecurity and the recent White House Open Source Security Summit. Its timing coincides with increasing recognition across the globe of the importance of identifying software components and helping accelerate response to newly discovered software vulnerabilities.

          • Linux Foundation Survey Sees Rise in SBOM Use
          • Enhancing Supply Chain Security for Embedded Systems: Renode Dashboard for Zephyr RTOS Adds New Software Bill of Materials (SBOM) Capabilities by Default - Linux.com [Ed: LF works for monopolies (sponsors). Sometimes, just sometimes, that work also helps Linux and its users. Sometimes…]

            A Software Bill of Materials (or SBOM) makes the information about the software components running on a system available. Transparency and summarization are needed in embedded systems with resource constraints and where updates may have significant deployment or recall costs.

          • OpenSSF Launches Alpha-Omega Project With $5M Investment From Microsoft And Google [Ed: Linux Foundation takes money from Microsoft again; this isn't about security]
          • Securing the open source ecosystem: SBOMs are no longer optional [Ed: Puff piece at ZDNet. Steven Vaughan-Nichols (SJVN) is once again publishing spam for sponsors. This isn’t journalism but marketing … and this site is unsuitable for reporting]

            In the last year and a half, one cybersecurity mess after another -- the SolarWinds software supply chain attack, the log4j vulnerability, the npm bad code injection -- have made it clear that we must clean up our software supply chain. That's impossible to do with proprietary software, since its creators won't let you know what's inside a program. But with open-source programs, it can be done.

            Here's the progress we've made so far, according to the Linux Foundation in its new The State of Software Bill of Materials and Cybersecurity Readiness report.

          • Privacy/Surveillance

            • Who has access to your leased Tesla? [Ed: The reality of buying a so-called 'modern' of 'smart' car]

              Whilst we’re there, one of the other impacts of the lease company being the ‘owner’ of the vehicle in the app is that they have access to vehicle position and other more personal data. One of my colleagues checked a couple of vehicle lease contracts and there was nothing in there to cover their access to that data.

              In theory, the leasing company could track you in real time, unlock and lock your vehicle, revoke your access to your car and more. What steps are they taking to protect your privacy from their employees and 3rd parties?

              This matter of personal data would also be resolved if the driver of the vehicle was granted ‘owner’ status in the app and the lease company was to revoke that access once the vehicle was returned.

            • FBI Releases PIN on Potential Cyber Activities During the 2022 Beijing Winter Olympics and Paralympics

              The Federal Bureau of Investigation (FBI) has released a Private Industry Notification (PIN) to warn entities associated with the February 2022 Beijing Winter Olympics and March 2022 Paralympics that malicious cyber actors could use a broad range of cyber activities to disrupt these events. These activities include distributed denial-of-service attacks, ransomware, malware, social engineering, data theft or leaks, phishing campaigns, disinformation campaigns, and insider threats. [...] The FBI urges all athletes to keep their personal cell phone at home and use a temporary phone while attending the events.

    • Environment

      • How The Hunga Tonga Volcano Eruption Was Felt Around The World | Hackaday

        On the 14th of January, 2022, the Hunga Tonga-Hunga Ha’apai volcano began a gigantic eruption that would go on to peak in ferocity the next day. The uninhabited island volcano would quickly make headlines as the country of Tonga was cut off the world and tsunamis bore out from the eurption zone.

        In a volcanic event of this size, the effects can be felt around the world. With modern instruments, they can be properly understood too. Let’s take a look at how the effects of the Hunga Tonga eruption were captured and measured across the globe.

    • Finance

      • McDonald’s turns to child labor and then pays them less than the normal minimum wage.

        That way, McDonald’s can pay the children about half what they’d pay a worker over 18 (Several dollars an hour less and no benefits package.), while the adults/parents go unemployed. It’s not that there is a labor shortage. It’s that companies don’t want to pay anything. McDonald’s isn’t happy that they have to hire anyone at all. They’ve been trying to “solve the problem” for a while now with ordering kiosks, apps the spy on you, and now a deal for voice recognition, so no human has to take your drive through orders. They even expect that customers will put RFID stickers on their windshield so it has their usual order on the screen when they pull up. (Out of good taste, I’ve omitted these links to the spam farm called ZDNet which have been paid to talk this dystopian nightmare up.)

        [...]

        Thanks largely to Trump, we got outright junk insurance and Christian Health Care Sharing scams that don’t actually cover you when you get sick (and which appeal to millions and millions of rubes who buy it until they go to the hospital once and are left with 25 times their maximum annual out of pocket had they bought an Obamacare plan), but at least companies that served you garbage that makes you sick over time used to have to hire people.

      • Could Linux Inventor Linus Torvalds, Be The Founder of Bitcoin?

        Linus Torvalds, the creator of Linux, is alleged to be Satoshi Nakamoto, the father of Bitcoin. Is he kidding, or is it just reality?

        [...]

        Recently, a Bitcoin wallet that had $24 million from the Satoshi period became active after 10.5 years. that’s certainly not the only bitcoin wallet. Also, about $9.8 billion in Bitcoin is stored in the five most popular wallets. However, the wallets haven’t been used in around ten years.

    • Internet Policy/Net Neutrality

      • Update: internet access, censorship, and the Myanmar coup

        On behalf of 168 civil society organizations in Myanmar, Access Now joined the Norwegian Forum for Development and Environment and the Centre for Research on Multinational Corporations in calling on the Prime Minister of Norway to stop the sale of Telenor Myanmar. As the majority shareholder in Telenor Group, the Norwegian state must put pressure on Telenor to comply with human rights and responsible business obligations. A failure to act now will “stain Norway’s reputation as a long-time defender of peace and human rights globally.”

      • Gauhati HC allows IFF's intervention application in petition challenging the constitutionality of internet shutdown rules #KeepItOn

        Recently, we updated you that the Gauhati High Court has agreed to hear an intervention application filed by IFF in proceedings challenging the constitutionality of the Temporary Suspension of Telecom Services (Public Emergency or Public Safety) Rules, 2017 (‘Rules’) issued under the Indian Telegraph Act, 1885 (‘Telegraph Act’). At a hearing dated January 31, 2022, this Application has been allowed by the Gauhati High Court, and IFF has been impleaded in the case. This means that IFF is now allowed to assist the Court with oral and written submissions at every stage of the proceedings.

        Background

        The State of Assam suspended mobile internet services for a week in December 2019 in response to widespread protests against the enactment of the Citizenship (Amendment) Act, 2019. When several individuals approached the Gauhati High Court questioning the legality of the suspension, the Court stepped in and directed restoration of mobile internet services on December 19, 2019. The Court held that the State Government had failed to demonstrate how the law and order situation necessitated an internet suspension. On February 20, 2020, the Gauhati High Court dismissed review petitions filed against the order dated December 19, 2019 and disposed of all but one petition challenging the suspension of mobile internet services.

        That one petition was a public interest litigation filed by Mr Ajit Bhuyan, which challenged the constitutionality of the Temporary Suspension of Telecom Services (Public Emergency or Public Safety) Rules, 2017 (‘2017 Rules’) in addition to the suspension of internet in December 2019. This petition was taken up for hearing by the Court and was first heard on February 20, 2020 where the State of Assam and the Union Government were permitted to file a reply.

    • Monopolies

      • Me on App Store Monopolies and Security

        There are two bills working their way through Congress that would force companies like Apple to allow competitive app stores. Apple hates this, since it would break its monopoly, and it’s making a variety of security arguments to bolster its argument.

      • Letter to the US Senate Judiciary Committee on App Stores

        S.2992 bars large tech companies from unfairly preferencing their own products on platforms they own or control. S.2710 prohibits forcing app developers to use a specific in-app payment system owned or controlled by the owner of the app store. Both have size thresholds to ensure these limits only apply to extremely large firms.

        I would like to address some of the unfounded security concerns raised about these bills. It’s simply not true that this legislation puts user privacy and security at risk. In fact, it’s fairer to say that this legislation puts those companies’ extractive business-models at risk. Their claims about risks to privacy and security are both false and disingenuous, and motivated by their own self-interest and not the public interest. App store monopolies cannot protect users from every risk, and they frequently prevent the distribution of important tools that actually enhance security. Furthermore, the alleged risks of third-party app stores and “side-loading” apps pale in comparison to their benefits. These bills will encourage competition, prevent monopolist extortion, and guarantee users a new right to digital self-determination.

      • Copyrights

        • William James on the Stream of Consciousness (1890) – The Public Domain Review

          First published as a standalone volume on February 2, 1922, James Joyce’s Ulysses turns one hundred this week. Even if you have never immersed yourself in the modern reimagining of Homer’s seafaring epic, a related phrase may have drifted across your awareness: the name for a narrative technique employed by Joyce, Djuna Barnes, Jean Toomer, Virginia Woolf, and myriad other writers that rub shoulders within the ever-bulging periodic and aesthetic borders of modernist literature: stream of consciousness. Scholars believe “stream of consciousness” was first used as a description of literary style by the British writer May Sinclair, during a review of Dorothy Richardson’s novels for The Egoist in 1918. Eschewing the “philosophical cant of the nineteenth century” — mannered depictions of the world that passed for “realism” — May prefers the mess of the mind. “Reality is thick and deep, too thick and too deep, and at the same time too fluid to be cut with any convenient carving-knife.” To capture this fluidity, the novelist must “plunge in”, which Richardson does in her monumental thirteen-novel Pilgrimage sequence. “In this series there is no drama, no situation, no set scene. Nothing happens. It is just life going on and going. It is Miriam Henderson’s stream of consciousness going on and on”, writes May. Although James Wood and others have argued that there is nothing uniquely modernist about representing “the movement of the mind” upon the page, the psychological theory of mind that informs May’s review can be traced to a chapter in William James’ The Principles of Psychology (1890). Harvard professor, physician, investigator of psychic communication, “father of American psychology”, and the brother of novelist Henry James, William James begins “The Stream of Thought” by acknowledging that any psychological vocabulary will be rough-hewn when it comes to the fine-cut facets of mental phenomena, comparing what follows to “a painter’s first charcoal sketch upon his canvas, in which no niceties appear”. But the psychologist is being modest, for he immediately launches into a polished discussion of “anesthetic somnambulists”, subconscious personages, and the possibility of thoughts existing without a thinker. This is all a preface for the larger concept: that our minds seem to ebb and flow with ideas, while emotions behave almost tidally, rising and falling in relation to intangible forces, as if a moon presses gravitationally upon our psychic seas. James



Recent Techrights' Posts

Good Gains for Android for GNU/Linux in New Zealand This Year
Notice that GNU/Linux rose to its highest point (this month)
2024 a Record Year for Android (Almost 50% "Market Share"), Which is Now Bigger in Europe Than Microsoft Windows
a look at Europe
Wishing for a Wikileaks Renaissance in 2025
as a site that facilitates whistleblowers, hosting large leaks
[Meme] Getting Banned From Social Control Media 2 Days or Two Weeks Before Leaving Office
Seems like interference using dinners with an insurrectionist
Jimmy Carter on Globalisation of "Tech"
Carter's legacy in the area of science (and technology)
The True Importance of Diversification
Monopoly or monoculture breed fragility
This New Talk Helps Explain Why Crimes at the European Patent Office (EPO) and Patent Policy Deficits Remain Unaddressed by the European Commission
Corporations write and enforce the law
Enshittification is Everywhere
Computer Science has been reduced to just "computer" (spyphone)
Move to GNU/Linux and Save the Planet, CCC Talk Explains
video of the talk
The Free Software Foundation (FSF) Tells Us All to "Keep Putting Pressure on Microsoft"
"Grassroots organization against a corporation as large as Microsoft is never easy"
 
A Free Software Foundation (FSF) Led by Dr. Richard Stallman Can Still Raise a Lot of Money
Give people more time (e.g. until end of January) and maybe hit the target
Is Microsoft's Plundering of Africa Coming to an End?
Microsoft had many layoffs in Africa this year
Microsoft Windows Down From 23% to 20% This Year in Asia (Android Up From 54% to Almost 60%)
Less and less of Windows, more of the Linux-powered Android
15 Years Ago Mozilla Firefox Had Over 50% of the Slovakian Market, Now Google's Chrome Has Over 70%
Peaked at 72.4% earlier this year
Remembering When Photography Meant Realistic Captures of Reality, Not "Hey Hi" (AI) and 'Instagrammed' (Filtered, Manipulated)
Fake pictures predate the "hey hi" hype; Instagram in particular was full of these
Apple's Main Stronghold (North America) at Risk From GNU/Linux
Apple had several rounds of layoffs in the US this year
statCounter: Microsoft Windows Down a Percent This Year in South America, GNU/Linux Up to 3.2%
Microsoft down, freedom up
The Threat of Googlebombing and LLMs
There are many Carters, but search engines and LLMs lack the "logic" (or common sense) to tell the difference
Social Control Media (Not Just TikTok) is a "Modern Challenge" to Democracy
Society is worse off with Social Control Networks
IBM's Bad Leadership is a Threat to GNU/Linux
We worry that since Red Hat controls so much of the GNU/Linux stack difficulties at IBM will result in divestment
Putting Some Eggs in the Geminispace Basket
Do not bet on the future of the Web
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 29, 2024
IRC logs for Sunday, December 29, 2024
Gemini Links 30/12/2024: Countdown to New Year, Tinylogging, and LLM Hype
Links for the day
Incredible! Beta'News' Now Runs Ads as 'Articles' About 'Hey Hi' (AI), Written by LLMs
Does it get any more rogue than this?
Our Most Relaxing Christmas Ever?
this Christmas was our most calm every (in recent memory at least)
Bad Year for Microsoft in India (and Another All-Time Low, Windows at 12% "Market Share")
Microsoft is the next Intel
Keeping Online Even During Wars
the Internet is still quite robust
Fascistic Regimes and Their Justices Will Leverage Social Control Networks to Their Advantage (Power Grab), They Won't Protect Constituents From Them
"controlling the voices and all the narratives, including the press because they too buy into the lies that it is a communications medium"
New Year's Resolution for Techrights: No More Very Short Posts
If we publish memes, as above, then we'll try to at least contextualise them somewhat
Links 29/12/2024: Phytium Sells Chinese CPUs and Landing Gear Malfunction Crashes Plane in Korea
Links for the day
Links 29/12/2024: Facebook Wants More Bots and Slop, Whistleblowers and Bloggers Under Attack
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Saturday, December 28, 2024
IRC logs for Saturday, December 28, 2024
Gemini Links 29/12/2024: Supernatural Mystery and Mechanical People
Links for the day
Links 28/12/2024: Standards Emphasised, Putin Implicitly Admits Taking Down Passenger Plane
Links for the day
Links 28/12/2024: BRICS-Controlled Social Control Media Defended by GOP, "Paper Passport Is Dying"
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, December 27, 2024
IRC logs for Friday, December 27, 2024
Links 28/12/2024: Having Bosses, Ada's Dependent Types
Links for the day