Instructionals/Technical

• TechRepublic ☛ How to create groups and add permissions in the OTRS ticketing system | TechRepublic

  OTRS is a very powerful open-source ticketing help desk solution that any business would be smart to consider. I recently walked you through the installation of OTRS and now it’s time to dive in and start getting the system ready for work.

• How to flatten (“unpivot”) a data table

  I gave an example of flattening in an earlier BASHing data post, but in that case I ignored blank data items, i.e. unfilled spaces in the data table. The following code replaces blanks with “nodata” and again uses pipes as separators in its output. It assumes the table has tab-separated fields, i.e. the table is a TSV. See that earlier BASHing data post for an explanation of how the AWK command works.

• Linux Made Simple ☛ How to install TupiTube Desk on a Chromebook in 2022

  Today we are looking at how to install TupiTube Desk on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

• 21 Examples to Manage Secrets using AWS Secrets Manager CLI

  Using AWS Secrets manager you can store, retrieve, rotate and manage secrets such as database credentials, API keys and other sensitive information used by your application.

• UNIX Cop ☛ Input Variable for Terraform

• UNIX Cop ☛ How to Delete Terraform Resources

  Infrastructure as Code is used to maintain Terraform-created cloud resources. IaC is supposed to be used for all resource adjustments, installation, and deletion. Manual updates via the web console are strictly followed by teams who’ve already used Terraform for infrastructure management.

  In this post, you’ll learn how to handle the deletion of Terraform-managed cloud infrastructure resources as well as how to avoid some frequent issues.

• UNIX Cop ☛ Input Variable for Terraform Part-2

  Keeping everything in the same file when dealing with a big number of variables might be difficult. As a result, it’s typical to isolate your variables into their own file.

Games

• Screen Rant ☛ Atari VCS Review: Niche, But Fine (If You Can Afford It)

  The Atari VCS is an interesting piece of hardware that will likely appeal to older players who remember the company fondly, but a somewhat obtuse menu system and overall lack of exclusive, exciting content make it more of a niche (and expensive) purchase than other available consoles. The retro video game classics on display are just as enjoyable as they have always been (especially with the traditional Atari Joystick) but, apart from providing a concise way to own a preserved form of those original 2600 and Atari Arcade titles, the Atari VCS doesn’t offer much that isn’t available elsewhere.

  The Atari VCS isn’t just a gaming console, it also functions as a mini PC and streaming device. Netflix, Hulu, and other services are all readily available, and players can even utilize the VCS to play games through services like Google Stadia and Amazon Luna. In PC Mode, the Atari VCS allows players to access their existing game libraries, use emulators, and can even run different kinds of PC operating systems like Windows and Ubuntu. The console itself comes with an AMD Ryzen R1606G processor and includes an open M.2 SSD socket for users who want to increase the Atari VCS’ internal storage and memory.

Distributions

• IBM/Red Hat/Fedora

  • Red Hat CEO Paul Cormier: Open Source Drives the Cloud and Edge

    I spoke with Paul Cormier, CEO of Red Hat, about how open source’s innovation enables edge computing, and why hybrid cloud is now the operative model going forward.

  • Red Hat Official ☛ Bringing more voices to the table: Red Hat Academy’s efforts to improve representation and inclusivity in the tech industry [Ed: Thugs from IBM are trying very hard today to pose as an ethical company (several examples of this so far). Maybe timed to coincide with an embarrassing decision showing that Red Hat attacks the community?]

    At Red Hat, we believe that good ideas can come from anyone, anywhere, regardless of job title or hierarchy. Diversity fuels our inclusive culture by bringing in many perspectives and ideas, challenging our assumptions, and inspiring innovation. With 105+ offices in 40+ countries, plus many Red Hatters working remotely, we work collaboratively in globally distributed teams. Our projects benefit from having many different cultures and perspectives represented. Diversity, equity, and inclusion are essential as we strive to best understand and serve our customers around the world.

  • CentOS ☛ CentOS Community Newsletter, March 2022

    Pierre-Yves Chibon posted a proposal to centos-devel about making GitLab available to CentOS SIGs. People involved with Special Interest Groups are encouraged to read the proposal and respond with questions or details of whether this proposal would help their SIG.

    [...]

    Sadly, we did not attract new volunteers to contribute to the SIGs purposes, but at the same time, we didn’t lose any.

• Debian Family

  • IT Wire ☛ Debian developer demoted, quits after two decades with project

    A developer who had more than two decades of service in the Debian GNU/Linux project was stripped of his status in December leading to him deciding to leave the project.

    Norbert Preining told iTWire in response to a query he decided that having been graded down to Debian maintainer was not something he wanted after all these years. He has now joined the Arch Linux project.

    “The teams and colleagues I have actively worked with, in particular the TeX team and the Qt/KDE team, have been excellent and welcoming, and I will miss working with them,” he said.

    “Only the ‘political’ side of Debian is, unfortunately, creating such a toxic atmosphere.”

    Asked if the situation that led to his demotion was around political correctness, Preining said: “Yes, more or less. I will not go into details here, since I have decided that I [will] let it rest and will write a long blog about the events including complete quotes from debian-private and DAM argumentation later on. I want to be sure that I don’t write in anger but from a settled and relaxed distance.”

    Debian-private is a mailing list only for developers; DAM is the Debian account manager team which can decide who is a member of the project and can take subsequent actions such as approving and expelling project members.

  • Debian Developer Demoted, Quits After Two Decades With Project – Slashdot

    A developer who had more than two decades of service in the Debian GNU/Linux project was stripped of his status in December leading to him deciding to leave the project. Norbert Preining told iTWire in response to a query he decided that having been graded down to Debian maintainer was not something he wanted after all these years. He has now joined the Arch Linux project.

    Preining said what basically happened was that the [Debian account manager (DAM) team] thought he was bullying members of the project. “I guess they are referring to my run-in with Martina Ferrari where she called me out in very strange and unfounded ways, which started a long lasting disagreement between her and me, and the blog post about Lars [Wirzenius, a project member] which was nothing more than a selection of quotes from Lars’ own blogs,” he added.

Free, Libre, and Open Source Software

• Daniel Stenberg ☛ webinar: getting started with libcurl

  It is an introduction to doing Internet transfers using libcurl, may 30-35 minutes presentation followed by a Q&A session where I can answer all and any questions you may have.

• SaaS/Back End/Databases

  • PostgreSQL ☛ PostgreSQL: pgAdmin 4 v6.7 Released

    The pgAdmin Development Team is pleased to announce pgAdmin 4 version 6.7. This release of pgAdmin 4 includes 4 bug fixes. For more details please see the release notes.

    pgAdmin is the leading Open Source graphical management tool for PostgreSQL. For more information, please see the website.

  • PostgreSQL ☛ PostgreSQL: pgAdmin 4 v6.6 Released

    The pgAdmin Development Team is pleased to announce pgAdmin 4 version 6.6. This release of pgAdmin 4 includes 13 bug fixes and new features. For more details please see the release notes.

    pgAdmin is the leading Open Source graphical management tool for PostgreSQL. For more information, please see the website.

  • PostgreSQL ☛ PostgreSQL: PostgreSQL Anonymizer 0.10: An improved engine and a brand new tutorial

    PostgreSQL Anonymizer is an extension that hides or replaces personally identifiable information (PII) or commercially sensitive data from a PostgreSQL database.

    The extension supports 3 different anonymization strategies: Dynamic Masking, Static Masking and Anonymous Dumps. It also offers a large choice of Masking Functions such as Substitution, Randomization, Faking, Pseudonymization, Partial Scrambling, Shuffling, Noise Addition and Generalization.

  • PostgreSQL ☛ PostgreSQL: pg_dumpbinary v2.7

    pg_dumpbinary is a program used to dump a PostgreSQL database with data dumped in binary format. The resulting dump must be restored using pg_restorebinary that is provided with this tool.

• Programming/Development

  • Go 1.18 is released! – The Go Programming Language

    Today the Go team is thrilled to release Go 1.18, which you can get by visiting the download page.

    Go 1.18 is a massive release that includes new features, performance improvements, and our biggest change ever to the language. It isn’t a stretch to say that the design for parts of Go 1.18 started over a decade ago when we first released Go.

  • Go 1.18 Release Notes – The Go Programming Language

    The latest Go release, version 1.18, is a significant release, including changes to the language, implementation of the toolchain, runtime, and libraries. Go 1.18 arrives seven months after Go 1.17. As always, the release maintains the Go 1 promise of compatibility. We expect almost all Go programs to continue to compile and run as before.

  • Barry Kauler ☛ Xephyr nested server missing

    Last night I built EasyOS 3.4.2 and uploaded it …woke up this morning and decided to test it a bit more before announcing. Aaaargh! …the Dunfell desktop in a container doesn’t work!

  • Perl/Raku

    • Perl ☛ Perl Weekly Challenge 156: Pernicious and Weird Numbers

Integrity/Availability

• Proprietary

  • Pseudo-Open Source

    • Privatisation/Privateering

      • Linux Foundation

        • CPO Mag ☛ Linux Foundation Census of Open Source Software Libraries: Identifying Vulnerabilities in the Most Common Components of FOSS – CPO Magazine [Ed: Acting more like Microsoft proxy than a guardian of security]

          The Linux Foundation and Harvard Lab have released the second in a series of studies of the most commonly used and most critical software packages in the regular operations of Linux servers. This second study focuses on what open source software is most commonly deployed in both private and public organizations, with an eye toward better evaluating potential vulnerabilities and where security support should be concentrated.

  • Security

    • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

      • Bleeping Computer ☛ New Linux botnet exploits Log4J, uses DNS tunneling for comms [Ed: Anything to distract from absolutely appalling news about Microsoft holes and exploits, in media that's partly controlled by Microsoft]

        A recently discovered botnet under active development targets Linux systems, attempting to ensnare them into an army of bots ready to steal sensitive info, installing rootkits, creating reverse shells, and acting as web traffic proxies.

Linux Lingers, Anbox Cloud Smartphone Brain Booty, Critical Census Supports Security | LinuxInsider

Old-time Linux is back again. It is not uncommon for open-source software to stop in its tracks. Community and team-based projects sometimes lose developers, enthusiasm, or funding. Hundreds of Linux distributions exist. Some come and go all the time, often unnoticed.

Usually, others take their place and the open-source software world goes on. It is much rarer, however, to see fading distributions return in full glory. That scenario happened at least three times in February. They’re back: Slackware, Peppermint, and Slax Linux.

Desktop/Laptop

• Make Use Of ☛ 10 Things You Can Do on Linux but Not on Windows

  Linux has gained significant popularity in the last decade or so. Despite having a relatively low market share compared to Windows, it is well-adapted to the evolving user requirements through its constant development.

  Linux has some state-of-the-art features that other operating systems lack for now. Such features, along with its solid support, are continuously growing within its community.

  So, let’s take a look at 10 things you can do on Linux that you can’t do on Windows.

Audiocasts/Shows

• Video ☛ YouTube Vanced Is Dead And Google Killed It – Invidious

  YouTube Vanced has been around for years and now Google has finally decided it’s time for it to go, but why did it happen now and not years ago.

• Video ☛ Zorin OS 16.1 Core overview | Make your computer better. – Invidious

  In this video, I am going to show an overview of Zorin OS 16.1 core and some of the applications pre-installed.

• Video ☛ Unboxing Silver Play Button And The Journey To Get Here – Invidious

  UPS just delivered me a black box that says “YouTube” on the front.

• Video ☛ Fedora is the new Ubuntu – Fedora Long Term Review – Invidious

Applications

• Linux Links ☛ 9 Best Free and Open Source Lightweight Graphical Web Browsers

  Current desktop machines are equipped with multi-core processors, gigabytes of system RAM and the ability to run many programs simultaneously. With the huge range of system resources available it is not surprising the software bloat phenomenon is witnessed. This is a process where successive versions of an application consume more system resources than necessary, or offer an ever-increasing number of features that the majority of users do not use or need.

  The field of web browsers is dominated by Google Chrome, Mozilla Firefox, and Safari. To try to counter software bloat, the developers of these browsers make use of plug-ins, extensions or add-ons. This means that the extra functionality offered by these tools are made available to only those who actually need them. Nevertheless, these web browsers still have one thing in common; they do not have a small footprint. Whilst they run fast on a well specified modern PC, there are many users that are using much more limited hardware. These low spec machines can be extremely popular.

• Make Use Of ☛ How to Use SongRec: The Best Shazam Client for Identifying Songs on Linux

  When you think of music recognition, Shazam is probably the first service that springs to mind. It’s completely free to use and available for Android and iOS on the mobile and macOS and Windows on the desktop side of things. Linux, unfortunately, doesn’t get a desktop client.

  So how do you recognize music on Linux, then? Well, as its turns out, there’s an unofficial Shazam client to help you with music recognition on Linux. It’s called SongRec, and it can do a lot more than the official Shazam service.

  Follow along as we demonstrate its use on Linux.

Instructionals/Technical

• MakeTech Easier ☛ What Is the Yggdrasil Network and How to Install It

  The Yggdrasil Network is an IPv6 overlay network that aims to create a decentralized and encrypted mesh network. It does this by treating networks as leaves in a binary tree. Being an overlay network, Yggdrasil also serves as a virtual private network (VPN) that allows its users to securely interact with each other.

  Furthermore, Yggdrasil is free, relatively easy to set up and is also available to a wide array of platforms. This makes Yggdrasil a strong alternative for people who are interested in having a secure, private connection with other people.

• A Easy Way How To Install GIT ( Complete Guide )

  Git is the most commonly used and popular distributed version control platform that is used by many commercial and open-source projects. Using Git, you can collaborate with your project developers. Moreover, you can keep track of code changes, create branches, revert to previous stages, and more.

  We will see in this tutorial how to install Git on the Ubuntu 20.04 system using the command line.

• How to Install Checkmk on Ubuntu 20.04 | LinuxHostSupport

  In this tutorial, we are going to show you how to install Checkmk monitoring software on Ubuntu 20.04.

  Checkmk is a free open-source monitoring server tool written in C++ and Python. It is a leading tool for infrastructure and application monitoring that has a simple configuration, flexibility, and scalability. With Checkmk we can monitor web servers, database servers, cloud infrastructure, network services, containers, and many more things.

  Installing Checkmk monitoring tool on Ubuntu 20.04 is a very easy and straightforward process, which can take up to 10 minutes. Let’s get started with the installation. Enjoy!

• HowTo Forge ☛ How to Install Matomo Web Analytics on Debian 11

  Matomo, formerly known as Piwik is a free and open-source web analytics application developed by a community of developers. It is used to track your website and give detailed information on your website and its visitors, including the search engines and keywords they used, the language they speak, which pages they like, the files they download and so much more. It offers a lot of features including, Google AdWords, Facebook Ads, Yahoo, Search Marketing, Tracking and Reporting API, and Cost Per Click (CPC).

  In this tutorial, I will show you how to install Matomo on Debian 11 with an Apache2 web server and a free Let’s Encrypt SSL certificate.

• HowTo Forge ☛ How to Install UVdesk Helpdesk System on Rocky Linux 8

  UVdesk is an open-source Saas-based helpdesk system for companies to interact with their customers and offer round-the-clock support. Its features include tickets management, knowledgebase support, canned replies, and automatic ticket generation based on emails. Uvdesk’s capabilities can be extended using external modules. You can automate certain actions based on specific triggers to improve your workflow.

  In this tutorial, you will learn how to install Uvdesk on a Rocky Linux 8 based server using Nginx, MySQL and PHP.

• How to Install Clickhouse on Ubuntu 20.04 | LinuxCloudVPS Blog

  ClickHouse is a fast and open-source column-oriented database management system developed by Yandex. It allows generating analytical data reports in real-time and is built to process analytical queries while including high-availability features that work across clusters. If you are looking for a powerful column-oriented database system with a high-availability system that can manage large volumes of data, you should consider using ClickHouse as your database system of choice. In this tutorial, we will show you how to install Clickhouse on Ubuntu 20.04.

• Ubuntu Handbook ☛ How to Limit CPU Usage of Your Apps in Ubuntu 22.04 | 20.04 | UbuntuHandbook

  Want to limit the cpu usage of an app or process? It’s easy to do the trick in Ubuntu Linux via the LimitCPU tool.

  LimitCPU is a simple command line tool that monitors a process and makes sure its CPU usage stays at or below a given percentage, by sending SIGSTOP and SIGCONT POSIX signals to process. All the children processes and threads of the specified process will share the same percentage of CPU.

  LimitCPU is the direct child of the old CPUlimit. It’s available in the system repositories of all current Ubuntu repositories, though the package name is cpulimit.

• ID Root ☛ How To Install AnyDesk on AlmaLinux 8

  In this tutorial, we will show you how to install AnyDesk on AlmaLinux 8. For those of you who didn’t know, AnyDesk is a remote desktop application designed to be reliable and fast. It helps us to easily and quickly establish a connection between computers to remotely access and share the screen. AnyDesk is available for Linux, FreeBSD, Raspberry Pi, Windows, Chrome OS, macOS, Android, and iOS.

  This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the AnyDesk remote desktop application on an AlmaLinux 8. You can follow the same instructions for CentOS and Rocky Linux.

Games

• GamingOnLinux ☛ Google announces Steam for ChromeOS Chromebooks in ‘Alpha’

  It’s finally here in Alpha, Google and Valve have brought Steam to ChromeOS giving even more platforms using Linux a chance to get their gaming on.

• GamingOnLinux ☛ Google talk about their ‘Windows emulator’ for Stadia and they use DXVK already

  During the ongoing Google for Games Developer Summit 2022 Keynote, one of the Google team just did a talk on “How to write a Windows emulator for Linux from scratch” to help Stadia.

  They already have some existing work available to developers who want it, including their “Stadia Porting Toolkit” which actually uses DXVK to translate Direct3D to Vulkan (since Stadia is a Linux system). However, this translator seems to be their newer approach to running Windows games on Stadia.

• GamingOnLinux ☛ Hyperbolica is a new Non-Euclidean adventure out now | GamingOnLinux

  Do you love games that might split your brain in half? Hyperbolica might just do that with the mind-bending world design based on Non-Euclidean curved space.

  It’s a thoroughly quirky adventure, with a layout that’s similar to HyperRogue that shares the hyperbolic geometry style to it. However, these are vastly different games. While HyperRogue is a roguelike, Hyperbolica is a story-based adventure filled with exploration, mini-games and more.

• GamingOnLinux ☛ Two Point Hospital: Speedy Recovery expansion is out now

  Two Point Studios might be currently working on Two Point Campus but they’re not done with their modern take on Theme Hospital with the Two Point Hospital: Speedy Recovery DLC out now.

  Speedy Recovery brings with it a new game mode, where you take command of an “extraordinary fleet of innovative and unorthodox ambulances”. As incidents pop up via a new ‘Dispatch’ button, you use your new fleet of vehicles to deliver patients to hospitals all over Two Point County while you also cure their ailments. Actually sounds like a pretty great little expansion, much more interesting than the previous additions.

• Godot Engine ☛ Godot Engine – Dev snapshot: Godot 3.5 beta 2

  It’s already been 2 months since 3.5 beta 1! Between biweekly 4.0 alpha builds and maintenance releases for the stable branch (3.4.3, 3.4.4 RC 1), the release team – i.e. me – is spread thin… but these two months gave time for a lot of improvements in the 3.x branch and this new 3.5 beta 2 should be worth the wait!

  This is a big update with close to 350 commits from 82 contributors since the previous beta! Some of the main highlights added in beta 2 are physics interpolation for 3D, and a new OccluderShaderPolygon for your 3D occlusion needs.

Desktop Environments/WMs

• K Desktop Environment/KDE SC/Qt

  • SoK’22 Week 8: Random and Uniform Placement of the Animal Cards

    In my previous blog, I mentioned the initialization of the Left / Right click activity inside GCompris and its basic layout.

    Since my last blog, there has been significant progress. With the help of mentors Allon, Timothee, Johnny, and Harsh, I have solved the random placing of animal cards, avoiding overlapping issues.

• GNOME Desktop/GTK

  • Make Use Of ☛ 10 Must Have GNOME Shell Extensions for Customizing Your Linux Desktop in 2022

    Want to customize and tweak your GNOME desktop? These GNOME shell extensions will get you started.

    If you are new to Linux and chose GNOME as your desktop environment but are finding the desktop monotonous, the experience slow, and are after a change, you should consider installing GNOME shell extensions.

    Here are the 10 best and must-have free GNOME shell extensions to spice up your Linux user experience and breathe some life into your distro with a fresher look and feel.

Distributions

• Canonical/Ubuntu Family

  • Ubuntu ☛ What are Linux containers?

    Over the last decade, containers have become an essential part of running infrastructure more efficiently. Containers enable productivity, automation, and cost-effective deployments. But there are different types of containers to consider, and this blog explains what Linux containers are, and how they differ from application containers.

Devices/Embedded

• My Accidental Convergence Setup

  I’ve been gradually tweaking my PineDA (Pinephone PDA) and molding it into my ideal personal computing interface. Well as close to ideal as I can get with my limited skills. One thing that has dawned on me without planning it at all is that it is a pretty great convergence setup. As in I can easily go from using it on device to using it on a different device with larger display and full size keyboard just by logging in via SSH.

• Linux Gizmos ☛ Raspberry Pi CM4 powered gateway with dual M.2 B-key slots starts at $333

  OnLogic has opened preorders for a $333-and-up “Factor 201” industrial gateway based on the Raspberry Pi CM4 with 2x M.2 B-key, 4x USB, HDMI, COM, and 2x GbE with optional PoE-PD. An upcoming “Factor 202” will add analog and digital I/O.

  A year ago on Pi Day, OnLogic teased a One Tough Pi industrial gateway based on the Raspberry Pi Compute Module 4. One Pi Day later, the company has opened pre-orders on the system, now called the Factor 201, with shipments due “in the coming weeks.” The Vermont-based company has also revealed full specs for a Factor 202 model that will launch later this year with DIO and ADC features.

• Open Hardware/Modding

  • Arduino ☛ Arduino device uses tinyML to help wearers recover from shoulder injury | Arduino Blog

    Shoulder injuries can be quite complex and require months of careful physical therapy to overcome, which is what led to Roni Bandini to build a tinyML-powered wearable that monitors a patient’s rotator cuff movements to aid in the recovery process. His system is designed around a Nano 33 BLE Sense and its onboard accelerometer that measures both the types and frequencies of certain shoulder motions.

    After 3D printing a small case to house the Arduino along with a battery pack and an OLED display, Bandini created a new project using the Edge Impulse Studio. The impulse takes in time-series three-axis accelerometer data, runs it through a spectral analysis block, and then infers the current movement being performed by the wearer.

  • Arduino ☛ This spinning disk produces animations using a single LED | Arduino Blog

    Nipkow displays are a special kind of persistence-of-vision device in that they use a spiral of tiny cutouts on a large spinning disk along with a single point of color generation to make an image. Maker Mac70 has come up with his own 3D-printed version, which integrates an Arduino Mega 2560 board, a fast motor, and sensors to create a machine that can show either static images or short animations — all with just one LED.

    The base of the Nipkow display is a 12V DC motor that is able to spin the disk quickly enough so that each colored dot appears as one image. Synchronization was achieved by taking an infrared object sensor and pointing it towards the edge of the disk. A small reflective strip then signals to the Arduino that one rotation has been completed and the next frame can be drawn.

• Mobile Systems/Mobile Applications

  • Notebook Check ☛ Xiaomi reveals 65-inch entry in the TV P1E series with Android TV 10 – NotebookCheck.net News

  • Notebook Check ☛ Xiaomi 12 launches globally with Android 12 and a Snapdragon 8 Gen 1 as Xiaomi takes the fight to the Samsung Galaxy S22 – NotebookCheck.net News

  • Ghacks ☛ Brave Browser for Android removes support for Tab Stack view – gHacks Tech News

  • Kim Kommando ☛ Update your Android! Message upgrades, pay with your voice and more

  • Liliputing ☛ E Ink’s Digital paper Tablet is a white-label Android tablet with an ePaper display and pen support – Liliputing

  • Android Headlines ☛ Unlocked Samsung Galaxy S10 Units Finally Get Android 12

  • Android app deals of the day: Star Vikings Forever, OXXO, Lucid Launcher Pro, more – 9to5Toys

  • Android Police ☛ The first Paranoid Android Sapphire beta build is here

Integrity/Availability

• Proprietary

  • Pseudo-Open Source

    • Privatisation/Privateering

      • Linux Foundation

        • SDTimes ☛ Linux Foundation launches cloud native developer bootcamp

          The Cloud Native Developer Bootcamp works to provide developers, cloud architects, and others who are new to cloud native technologies with the tools needed to be successful in designing, building, and deploying cloud native applications

  • Security

    • CISA ☛ Updated: Kubernetes Hardening Guide | CISA [Ed: Taking security advice from the NSA? Well, if they want us to use Kubernetes, then maybe Kubernetes does not exactly enhance security (or worse yet — it undermines it)]

      The National Security Agency (NSA) and CISA have updated their joint Cybersecurity Technical Report (CTR): Kubernetes Hardening Guide, originally released in August 2021, based on valuable feedback and inputs from the cybersecurity community.

    • New on-demand class: Secure the Edge with K3s and Traefik Proxy

      On February 8, Robert Sirchia and I taught a Master Class for the SUSE and Rancher Community that explained how to use K3s with Traefik Proxy.

    • LWN ☛ A remotely exploitable OpenSSL/LibreSSL vulnerability

      The OpenSSL project has disclosed a vulnerability wherein an attacker presenting a malicious certificate can cause the execution of an infinite loop. It is thus a denial-of-service vulnerability for any application — server or client — that handles certificates from untrusted sources. The OpenSSL 3.0.2 and 1.1.1n releases contain fixes for the problem.

    • USCERT ☛ CISA Adds 15 Known Exploited Vulnerability to Catalog [Ed: The real security problem is Microsoft; watch this list]

    • USCERT ☛
      Russian State-Sponsored Cyber Actors Access Network Misconfigured with Default MFA Protocols [Ed: Russia loves Microsoft Windows because it puts plenty of holes in its targets]

      CISA and the Federal Bureau of Investigation (FBI) have released a joint Cybersecurity Advisory that details how Russian state-sponsored cyber actors accessed a network with misconfigured default multifactor authentication (MFA) protocols. The actors then exploited a critical Windows Print Spooler vulnerability, “PrintNightmare” (CVE-2021-34527), to run arbitrary code with system privileges. The advisory provides observed tactics, techniques, and procedures, as well as indicators of compromise and mitigations to protect against this threat.

    • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

      • 9to5Google ☛ Dirty Pipe: What you need to know about the major exploit affecting Pixel 6 and Galaxy S22 devices [Updated] [Ed: Microsoft friendly media finding new excuses to recycle last week's panic (see the above issues; more severe issues]

      • InfoSecurity Magazine ☛ Dirty Pipe Exploit Rings Alarm Bells in the Linux Community

      • Dirty Pipe Flaw in Linux Kernel Lets Hackers Overwrite Root Files, Escalate Privileges

      • PC Perspective ☛ LINUX HAS BEEN SMOKED BY A DIRTY PIPE

      • India ☛ Android Smartphone Users, Watch Out for This New Security Risk Called ‘Dirty Pipe’

      • Tom’s Hardware ☛ QNAP Issues Warning Over Dirty Pipe Linux Exploit

      • JFrog : DirtyPipe (CVE-2022-0847) – the new DirtyCoW?

      • Chrome Uboxed ☛ Dirty Pipe vulnerability: Is your Chromebook affected?

      • ‘Dirty Pipe’ vulnerability can leave your Galaxy S22 open to hacker attacks

      • Linux has a big hole

      • Giz China ☛ ANDROID 12 FLAW ALLOWS HACKING SOME SMARTPHONES INCLUDING GALAXY S22

      • Android smartphones affected by vulnerability in Linux

      • Expert Reacted On ‘Dirty Pipe’ Linux Vulnerability

      • Dirty Pipe Vulnerability: Everything You Should be Knowing

      • XDA ☛ PSA: Dirty Pipe, the Linux kernel root vulnerability, can be abused on the Samsung Galaxy S22 and Google Pixel 6 Pro

      • Android Police ☛ Pixel 6 Pro and Galaxy S22 fully owned in Dirty Pipe exploit demo

      • Nasty Linux netfilter firewall security hole found

      • Threat Post ☛ Most QNAP NAS Devices Affected by ‘Dirty Pipe’ Linux Flaw

      • TechRadar ☛ QNAP NAS devices vulnerable to dangerous ‘DirtyPipe’ Linux bug

      • Dark Reading ☛ NAS Vendor Says Several of Its Products Likely Contain Linux ‘Dirty Pipe’ Flaw

Server

• Hackaday ☛ Run Your Own Server For Fun (and Zero Profit) | Hackaday

  It seems there’s a service for everything, but sometimes you simply learn more by doing it yourself. If you haven’t enjoyed the somewhat anachronistic pleasures of running your own server and hosting your own darn website, well, today you’re in luck!

  Yes, we’re going to take an old computer of some sort and turn it into a web server for hosting all of your projects at home. You could just as easily use a Raspberry Pi –even a Zero W would work — or really anything that’ll run Linux, but be aware that not all computing platforms are created equally as we’ll discuss shortly.

  Yes, we’re going to roll our own in this article series. There are a lot of moving parts, so we’re going to have to cover a lot of material. Don’t worry- it’s not incredibly complicated. And you don’t have to do things the way we say. There’s flexibility at every turn, and you’re encouraged to forge your own path. That’s part of the fun!

Audiocasts/Shows

• Document Foundation ☛ Heiko Tietze (TDF) on Mentoring Designers – Sustain Design Podcast – The Document Foundation Blog

  Following our appearance on the Sustain FOSS podcast, Heiko Tietze from The Document Foundation talked on the sister Sustain Design podcast about mentoring designers in the LibreOffice project, and other UI/UX topics.

• Video ☛ Top 5 Terminal Emulators – Invidious

  There are many terminal apps available that you can use while working with the command-line, but which one should you consider using? In this video, Jay from LearnLinuxTV shows you his top 5 favorite terminal emulators.

• Video ☛ KaOS 2022.02 Quick overview #Shorts – Invidious

  A Quick overview of KaOS 2022.02.

Applications

• HowTo Forge ☛ Three Tools to Scan a Linux Server for Viruses, Malware and Rootkits

  Servers connected to the Internet see a constant number of attacks and scans throughout the day. While a firewall and regular system updates are a good first defense to keep the system secure, you should also regularly check that no attacker came in. The tools described in this tutorial are made for these reason tests, they scan for malware, viruses, and rootkits. They should be run regularly, e.g. every night, and send you reports by e-mail. You can also use Chkrootkit, Rkhunter, and ISPProtect to scan a system if you have suspicious activities such as high load, suspicious processes or if the server suddenly starts sending malware.

Instructionals/Technical

• OSNote ☛ How to Use RSYNC to Backup Data on Ubuntu – OSNote

  Loss of valuable data and not being able to recover it is the most painful incident that can happen to any of us. To take precautions against this problem, a backup copy of the data needs to be created. A data backup is a copy of valuable data kept on your devices, such as computers, phones, or tablets, that is used to recover the valuable data that has been lost. Data loss is caused in a variety of ways, including failure of hard drives, ransomware, and even human error. Whatever the disaster, a backup of data could provide the relief you need to restore the data on your devices. It’s usually kept in a safe, different location from the original device, such as the cloud. One of the approaches we use in Linux to back up our data is using “rsync”. In this article on Ubuntu 20.04, we use the rsync approach to back up data.

  The “rsync ” is a command-line application that is used for the transfer of files from local to local, local to remote places, and vice versa. It enables rapid progressive file transfer by sending the difference between the source and destination files.

• How to Install Neovim Editor on Ubuntu 20.04

  Neovim is an extendable Vim-based text editor. It can be extended using plugins and APIs. It can also be hosted on the cloud for teamwork. It is compatible with the Vim editing model and Vimscript.

  Neovim is 30% lighter than regular Vim. It comes with an excellent modern interface. Neovim has a built-in terminal emulator for efficient work.

  I am using Ubuntu 20.04, and I will show you the installation of Neovim on Ubuntu 20.04 LTS edition. The instructions discussed here are compatible with all Debian-based Distributions incl. Ubuntu, Linux Mint, Xubuntu, etc.

• Add your personal aliases to bashrc the smart way | ArcoLinux

  Since we always use skel to copy/paste the files from /etc/skel to your home directory, the bashrc is overwritten every time.

• ID Root ☛ How To Install GIMP on AlmaLinux 8 – idroot

  In this tutorial, we will show you how to install GIMP on AlmaLinux 8. For those of you who didn’t know, GIMP (GNU Image Manipulation Program) free and open-source image editor and alternative to Photoshop from Adobe and comes with numerous professional editing functions for images and photos. GIMP is available for Linux, Windows, OS X, and some other OS.

  This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the GIMP open-source image editor on an AlmaLinux 8. You can follow the same instructions for CentOS and Rocky Linux.

• Vitux ☛ How to Install and Use SSHGuard on Ubuntu 20.04 – VITUX

  SSHGuard is an open-source daemon that is used to enhance the security of ssh as well as other network protocols. Moreover, it is used to prevent brute force attacks. It will continuously monitor and keep the track record of the system logs which helps in tracking the continuous login attempts or malicious activity. Once it detects such activity then it will immediately block the IP using firewall backends such as pf, iptables, and ipfw. Then it will unblock the IP after a set interval of time. Several log formats such as raw log file, Syslog-ng, and Syslog are supported by SSHGuard as well as provide extra layer protection to several services postfix, Sendmail, vsftpd, etc. including ssh.

  In this tutorial, you will learn to install SSHGuard and configure the system to prevent brute force attacks in Ubuntu 20.04. Let’s begin with the installation.

• Its FOSS ☛ How to Install Docker in Fedora Linux [Beginner's tutorial]

  Docker is one of the awesome technologies which is essential for developers and sysadmins these days. Containers have a wide range of applications and they play an important role in numerous areas.

  I am not going in the advantages of Docker in this article. This tutorial will cover the steps to install Docker in Fedora.

• How to Start & Stop Service using Command Prompt – TecAdmin

  A service is used for continuous running processes on any operating system. Generally, it is used for task automation, listening for specific events on a system.

  Any Windows system user can stop, start or restart a Service in two ways. You can easily manage the service state using the graphical user interface. In this tutorial, we will discuss about another option to manage the service using the command-line interface.

• How to Check and Install Security Updates on RHEL 6/7/8 – ByteXD

  Linux is always regarded as the most secure operating system because the code is open source.

  Therefore, researchers and developers can find bugs and send patches, making it much safer over time. However, that doesn’t mean that you sit back, relax, and enjoy the services after installing a Linux distribution like RHEL. No! You need to ensure the system is up-to-date with the latest security updates and patches.

  This post will give you a detailed guide on checking and installing the latest security updates for RHEL 6/7/8 systems. We will also show you how to automatically set up your system to install any security updates and patches.

• Red Hat Official ☛ Configure Apache HAProxy to balance web server traffic | Enable Sysadmin

  Prevent bottlenecks on web servers by using load balancing to distribute traffic.

• Add your personal aliases to fish the smart way | ArcoLinux

  Since we always use skel to copy/paste the files from /etc/skel to your home directory, the config.fish is overwritten every time.

• Add your personal aliases to zsh the smart way | ArcoLinux

  Since we always use skel to copy/paste the files from /etc/skel to your home directory, the .zshrc is overwritten every time.

• UNIX Cop ☛ How to Disable kdump and Reclaim Missing RAM On CentOS 8 – Unix / Linux the admins Tutorials

  In this article, We will show you how to disable kdump and reclaim missing RAM on CentOS 8.

  kdump is a feature of the Linux kernel that creates crash dumps in the event of a kernel crash. When triggered, kdump exports a memory image (also known as vmcore) that can be analyzed for the purposes of debugging and determining the cause of a crash.

  The dumped image of main memory, exported as an Executable and Linkable Format (ELF) object, can be accessed either directly through /proc/vmcore during the handling of a kernel crash, or it can be automatically saved to a locally accessible file system, to a raw device, or to a remote system accessible over network.

• Citizix ☛ Getting started with Kubernetes – Kubernetes Components

  A Kubernetes cluster is made of control plane nodes and worker nodes. And the nodes are made up of a number of components with specific functionalities

  Kubernetes follows a client-server architecture. It’s possible to have a multi-master setup (for high availability), but by default there is a single master server which acts as a controlling node and point of contact. The master server consists of various components including a kube-apiserver, an etcd storage, a kube-controller-manager, a cloud-controller-manager, a kube-scheduler, and a DNS server for Kubernetes services. Node components include kubelet and kube-proxy on top of a container runtime like docker.

• UNIX Cop ☛ OSQuery system information Centos Rhel 8 – Unix / Linux the admins Tutorials

  osquery is an operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. The tools make low-level operating system analytics and monitoring both performant and intuitive.

  osquery exposes an operating system as a high-performance relational database. This allows you to write SQL queries to explore operating system data. For example, with osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events, or file hashes.

• How to Install Setuptools for Python on Linux

Games

• Boiling Steam ☛ Steam Deck First Impressions

  Something is definitely strange in the neighborhood: FedEx was swift and perfect, delivering my Steam Deck during lunch on Friday! I got the order email on Monday in the second round and tried to prepare myself to wait for the next week to receive it. Instead, I was pleasantly surprised (we’re cool now FedEx!) and got the whole weekend to play on my new Steam Deck. I’ll have lots more to come, but first, I wanted to share some early impressions.

  Before diving in, let me say that I (and I think the rest of the staff here) have been feeling a bit left out of the big Deck launch. We did not have a review unit, and while I was very lucky to get in a reservation so quickly, we did not have a unit in the first round of orders either. This is one of the most significant events in Linux and, more broadly, PC gaming for a very long time, sure to go down as a before/after type moment.

• GamingOnLinux ☛ Here’s some of the latest Steam Deck Verified titles including the popular Valheim

  Currently across games, software and DLC there’s a total of 1,352 that are either Verified (740) or Playable (612).

• GamingOnLinux ☛ Space Invaders gets reinvented with Beat Invaders and it’s slick | GamingOnLinux

  Wow, I didn’t think I would be playing a fresh version of Space Invaders in 2022 but here I am sucked right into the new Beat Invaders from developer Raffaele Picca. Note: key provided by the developer.

  An arcade classic, reinvented for the modern era with neon visuals and a seriously good soundtrack that makes the action really come alive. This is a very musical game. The enemies movements and firing rates change with the music’s beat and tempo too, so you end up getting completely absorbed by it. Especially in the later game, where the music gets faster and more complex leading to a thorough challenge.

• GamingOnLinux ☛ Action-shooter The Ascent is Steam Deck Verified, adds a little tweak for Deck players | GamingOnLinux

  The Ascent is a solo and co-op top-down looter-shooter from Neon Giant and Curve Games. It got Steam Deck Verified, and so the developer made a fun little tweak for players on Deck.

  “The Ascent is a solo and co-op Action-shooter RPG, set on Veles, a packed cyberpunk world. Welcome to The Ascent Group arcology, a corporate-run metropolis stretching high into the sky and filled with creatures from all over the galaxy. You play as a worker, enslaved by the company that owns you and everyone else in your district. One day, you are suddenly caught in a vortex of catastrophic events: The Ascent Group shuts down for unknown reasons and the survival of your district is threatened. You must take up arms and embark on a new mission to find out what started it all.”

• GamingOnLinux ☛ Steam Deck update fixes buying games for some, touch input on ‘Digital’ keyboard theme | GamingOnLinux

  Valve has released the latest small update for the Steam Deck to fix up a couple of nuisances, a few of which were definitely annoying me.

• GamingOnLinux ☛ Double Fine say Psychonauts 2 for Linux and macOS still coming | GamingOnLinux

  While they’re now pretty late on it, Double Fine say that the Linux and macOS dedicated builds of Psychonauts 2 are still actually on the way.

• Boiling Steam ☛ New Steam Games with Native Linux Clients – 2022-03-15 Edition – Boiling Steam

  Between 2022-03-08 and 2022-03-15 there were 30 New Steam games released with Native Linux clients. For reference, during the same time, there were 280 games released for Windows on Steam, so the Linux versions represent about 10.7 % of total released titles. Here’s a quick pick of the most interesting ones

• What’s The State of Play With Linux Online Poker Rooms – LinuxBuz

  Although it may not be the most commonly used operating system, there’s no doubt that Linux has grown in popularity in recent years. Recent reports indicate that over 1.2 million active Linux users are currently utilizing the gaming platform Steam, and the numbers are continuing to grow.

• FOSSBytes ☛ [Update] Apex Legends Is Borked Again On Steam Deck & Linux

  Steam Deck fans and the Linux community were entranced when Apex Legends finally started working on the Steam Deck and got the Deck verified badge. However, some of the recent reports on Protondb suggest that the game has stopped working.

• CNX Software ☛ Doom ported to Raspberry Pi RP2040 – CNX Software

  Doom has been ported to all sorts of platforms, including ESP32 platforms with 4MB PSRAM but “RP2040 doom” port of Doom to the Raspberry Pi RP2040 is more challenging, since RAM is limited to the measly 264KB built-in into the microcontroller, and for boards with only 2MB flash like the Raspberry Pi Pico, storage capacity becomes an issue.

  But Graham Sanderson solved all those issues by compressing the data, changing the code to use less RAM, making full use of the two Arm Cortex-M0+ cores, both overclocked at 270 MHz, in order to run Doom (DOOM1.WAD) on Raspberry Pi Pico at 320×240 resolution @ 60 fps, and the full Ultimate Doom and DOOM II WADs expected to fit into Raspberry Pi RP2040 boards with 8MB SPI flash.

• [Older] New Gadgets: Thumby (Tiny Game Console) & the Sony MZ-N505 (MiniDisc Recorder/Player)

  Overall, the Thumby is largely a novelty thing to say “look at this neat thing on my keychain, it’s the world’s smallest game console!” I can legitimately see myself playig Tinysaur Run if I was really bored though since I don’t have video games on my phone and don’t carry my Gameboy/GBA/Vita/Switch around most of the time. I’m quite enamored with this little nifty guy, more than the average person would be.

  I’ll have to look into programming it (which was the main reason I was interested in it in the first place) and also check out some community-made games. Maybe the community will have figured out how to make more legitimately playable games.

• Ubuntu Pit ☛ Top 5 Best Simulation Games for Linux: Live Out Another Life

  Among all the popular gaming genres, simulation games are always special. In a simulation game, you play the roles of different characters holding various professions. So, here, you can experience your favorite career and understand the task for the profession genuinely. That’s why from young to adults, we all love simulation games. Well, Linux users often be in difficulties finding the best Simulation games for Linux. And that’s what we are talking about here in this content.

Distributions

• Its FOSS ☛ The C4C Linux Distro Rises from the Grave

  When I started writing for It’s FOSS, I covered a Christian Linux distro. It’s been six years since I did so. Let’s take a quick look and see what has changed for the project in that amount of time.

  When we first encountered Computers4Christians, they were a Christian group that refurbished old computers by adding Linux and donated them to their local community. They gave away over 1,000 systems. The group created their own version of Linux, based on Lubuntu, named the Computers4Christians Linux Project.

• Solène: Reproducible clean $HOME in OpenBSD using impermanence

  Let me present you my latest project: home-impermanence, under this name is a reference to the NixOS community project impermanence. The name may not be obvious about what it is doing, let me explain.

• New Releases

  • IPFire 2.27 – Core Update 165 is available for testing

    Another update is ready for testing: IPFire 2.27 – Core Update 165. It comes with various updates for the firewall engine that improve its performance and increase its flexibility, as well as with an updated toolchain, Python 3.10 and various more bug and security fixes.

    The firewall engine has received various improvements for better performance, faster ruleset reloads, and easier code for developers…

• SUSE/OpenSUSE

  • CubicleNate ☛ openSUSE on the Raspberry Pi 400 – CubicleNate’s Techpad

    It was just over a year ago that there was an incredible buzz over the release of the Pi 400. In 2022, this ARM based computer is still a fantastic device that I highly recommend for just about anyone that wants to projects of any kind. I was late to the party in adding the Pi400 to my “cubicle” but better late than never. The Pi400 hearkens back to the age of the personal microcomputer from the 1980s where the keyboard and motherboard are contained in one device with the business end of the machine on the back side of it.

    I have an almost unhealthy obsession with the openSUSE project and absolutely adore this Raspberry Pi. Putting together the fun, flexibility, ease of management and reliability of openSUSE with the low cost and highly capable hardware seems like the absolute perfect combination.

    openSUSE is touted as the “makers choice” distribution and many makers out there love Single Board Computers like the Raspberry Pi. The combination of a makers’ choice distro and a very common SBC used by makers seems like the perfect fit.

• Arch Family

  • The Register UK ☛ Arch Linux turns 20: Small, simple, great documentation

    Arch Linux, arguably the most widely known rolling-release distribution, just celebrated its 20th anniversary. The project has commemorated its first public release, 0.1, with a snapshot of its original homepage.

    A few years back, The Reg looked at “the last refuge of the DIY Linux user” and liked it. Arch has several virtues that have helped it to survive and quietly thrive, largely out of the limelight.

• IBM/Red Hat/Fedora

  • CPE Quarterly Update Q4 2021

    This is a summary of the work done on initiatives by the CPE Team. Every quarter, the team together with CentOS and Fedora community representatives, choose initiatives to work on. The CPE Team is then split into multiple smaller sub-teams for initiatives and a dedicated team for day to day infrastructure and release engineering work.

  • The NeuroFedora Blog: Next Open NeuroFedora meeting: 28 March 1300 UTC

    Please join us at the next regular Open NeuroFedora team meeting on Monday 28 March at 1300 UTC The meeting is a public meeting, and open for everyone to attend.

  • Peter Czanik: I’m an IBM Power Champion for 2022

    I’m happy to announce that I became an IBM Power Champion for the year 2022. This blog is long overdue, however with the conflict raging in our neighbor country, Ukraine, I just did not feel the strength to write about anything. In this blog I try to introduce myself and share my plans for this year.

  • Manage Java versions with SDKMan

    Java is more than just a programming language: It’s also a runtime.

    Applications written in Java are compiled to Java bytecode then interpreted by a Java Virtual Machine (JVM), which is why you can write Java on one platform and have it run on all other platforms.

    A challenge can arise, however, when a programming language and an application develop at different rates. It’s possible for Java (the language) to increment its version number at the same time your favorite application continues to use an older version, at least for a while.

    If you have two must-have applications, each of which uses a different version of Java, you may want to install both an old version and a new version of Java on the same system. If you’re a Java developer, this is particularly common, because you might contribute code to several projects, each of which requires a different version of Java.

    The SDKMan project makes it easy to manage different versions of Java and related languages, including Groovy, Scala, Kotlin, and more.

  • Choose the best camel for your integration ride, Part 2

    This article is the second installment of a series that helps you choose among the many open source integration runtime provided by the Apache Camel framework. Part 1 of the series introduced the landscape of Camel runtime options and explained the use case and historical needs addressed by each runtime. This article expands on the advantages and recommended uses for the main runtimes currently supported by the Apache Camel project: Apache Karaf (OSGi), Spring Boot, Quarkus, and Camel K.

    Camel’s light footprint and versatility also allow for other types of deployment. For instance, you might embed Camel directly as a library to empower your existing application with integration abilities. Or, for similar reasons, you might deploy Camel in an existing web container.

    This series doesn’t intend to enumerate all the available Camel permutations. We’re simply covering the most common community-supported runtimes to run Camel in the enterprise, whether standalone or using a containerized environment such as Kubernetes.

  • Preview: Clustering support for JBoss EAP on Azure App Service [Ed: IBM Red Hat pushing Microsoft's proprietary garbage while asking us to cancel GNU's founder]

    Clustering support for Red Hat JBoss Enterprise Application Platform (JBoss EAP) on Azure App Service is now available in public preview. JBoss EAP has been available as a supported runtime on both Azure virtual machines (via the Azure Marketplace) and Azure App Service since June 2021.

  • Enterprisers Project ☛ Hybrid work: 5 tips for a flexible future

    Gone are the days when millions of people traveled to their offices five days a week. In today’s employment culture, workplace approaches vary from one business to another. As organizations learn the pros and cons of remote work, many are now formalizing their long-term strategies.

    Flexible work has become one of the most talked-about workplace trends, and employers are under pressure to maximize the opportunities it presents. While working from home is no longer considered an occasional perk, success for each stakeholder requires much more than simply doing office-based tasks outside the office.

  • Enterprisers Project ☛ Digital transformation: 4 pillars for success

    If you ask a room full of IT leaders to define digital transformation you’d likely get a variety of responses touching on areas such as strategy, operations, and complexity. These elements certainly are at play, but in my view, the most important component of digital transformation is creating a compelling customer experience – and continuing to do so as new technologies scale and enterprise complexity increases.

  • LWN ☛ Red Hat fails to take WeMakeFedora.org [Ed: See my take on this self-harming SLAPP. The closing words are: “Complainant [Red Hat/IBM] having failed to establish all three elements required under the ICANN Policy, the Panel concludes that relief shall be DENIED and declares that the Complaint was brought in bad faith and constitutes an abuse of the administrative proceeding.”]

    Red Hat recently filed a request to have the domain name WeMakeFedora.org transferred from its current owner, Daniel Pocock, alleging trademark violations, bad faith, and more. The judgment that came back will not have been to the company’s liking…

  • Red Hat Official ☛ Red Hat’s commitment to equal pay [Ed: Typical lies and hogwash from IBM (Red Hat); there are lawsuits to that effect and Red Hat has long been slow to adopt female workers at higher or engineering levels]

    For Red Hat, diversity, equity and inclusion are core tenets of our culture and the foundation of the company that we strive to be. And as part of that, one area we have been focused on for several years is pay equity. In recognition of Equal Pay Day, taking place in the U.S. today and in the spirit of transparency, I wanted to share the steps and tools that have worked for us — many of them we consider to be essential for businesses wishing to commit to closing the pay gap.

Devices/Embedded

• CNX Software ☛ 802.11ah WiFi HaLow development board launched for $99 (Crowdfunding) – CNX Software

  When 802.11.ah WiFi operating in the 900 MHz frequency range for low-power long-range communication was announced in 2014, then named WiFi HaLow in 2016, I naively assumed it would soon compete against other LPWAN standards like LoRaWAN or Sigfox.

  However, over the next few years, we did not see much interest in the wireless standard. But it may be picking up now, as Gateworks recently announced a Newracom NRC7292 based 802.11ah WiFi HaLow Mini PCIe module for their Arm Linux SBC’s, and a company called TELEDATICS has now introduced the Halo TD-XPAH 802.11ah Hallow development board featuring an AzureWave AW-HM482 module.

• CNX Software ☛ QuartzPro64 SBC coming soon with RK3588 SoC, 16GB RAM, $300+ price tag – CNX Software

  As expected, Pine64 has now unveiled its own Rockchip RK3588 SBC with the QuartzPro64, joining many others from Radxa to Banana Pi, and lesser-known companies such as Mixtile and Mekotronics.

  The QuartzPro64 single board computer will be equipped with 16GB RAM, 64GB eMMC flash, and with a large 180×180 mm form factor, offers plenty of ports including two HDMI outputs, one HDMI input, two SATA ports, two Gigabit Ethernet RJ45 connectors, and more.

• Linux Gizmos ☛ Pine64 previews RK3588-based QuartzPro64 SBC

  Pine64 has unveiled a “QuartzPro64” SBC based on the octa-core Rockchip RK3588. The SBC will ship with 16GB LPDDR4X, 64GB eMMC, PCIe Gen3, HDMI in, 2x HDMI out, MIPI-DSI/CSI, 2x SATA, 2x GbE, and 4x USB including Type-C with DP.

  Pine64 has posted preliminary specs for its much-anticipated SBC based on the Rockchip RK3588. The feature-rich, 180 x 180mm QuartzPro64 will initially be sold only to Pine64 community developers via the coupon system the company used for the early versions of the RK3566-based PineNote and RK3399-powered PinePhone Pro smartphone. Pricing has not been determined, but Pine64 expects the board to cost more than $300, which it says will be based on cost or a possible vendor subsidy.

• Mobile Systems/Mobile Applications

  • Librem 5 First Impression

    just received the Purism Librem 5 that I paid for years ago (I think it was 2018). The process of getting the basic setup done was typical (choosing keyboard language, connecting to wifi, etc). Then I tried doing things. One thing I did was update to the latest PureOS release which gave me a list of the latest Debian packages installed which is nice.

    The first problem I found was the lack of notification when the phone is trying to do something. I’d select to launch an app, nothing would happen, then a few seconds later it would appear. When I go to the PureOS app store and get a list of apps in a category nothing happens for ages (shows a blank list) then it might show actual apps, or it might not. I don’t know what it’s doing, maybe downloading a list of apps, if so it should display how many apps have had their summary data downloaded or how many KB of data have been downloaded so I know if it’s doing something and how long it might take.

Free, Libre, and Open Source Software

• The Register UK ☛ ReactOS now supports SMP • The Register

  ReactOS, the open-source project for creating a binary-compatible drop-in replacement for Windows, has crossed a crucial milestone with a first look at symmetric multiprocessing (SMP) support.

  The developers are clear: this is a work in progress and not yet in the trunk, but persuading the operating system to run in SMP mode to the point where one can get to the familiar face of the Windows XP Task Manager is an impressive achievement.

• Web Browsers

  • Chromium

    • Google ☛ How Chrome Became Highest Scoring Browser on Speedometer, Ever

• FSFE

  • Germany: 100 days of coalition agreement – hardly one day for Free Software – FSFE

    At the end of the week, the new German government will have been in office for 100 days. The coalition agreement contains ambitious statements on the use of Free Software (also known as Open Source), but so far nothing has been implemented. On the contrary: dependencies are to be further cemented.

    Just 100 days ago, the new government set out to finally drive forward the digitisation of Germany. Fortunately the use of Free Software is to play a major role. The FSFE has been demanding for a long time: “Public Money? Public Code!” – an implementation of the principle finally seems tangible.

    [...]

    SAP and Arvato, for example, want to offer Microsoft products to German administrations and the new government is open to this. The cloud strategy based on “open interfaces as well as strict security and transparency requirements”, which was still mentioned in the coalition treaty, is thus moving further and further away.

• FSF

  • GNU Projects

    • LWN ☛ An OpenStreetMap viewer for Emacs [LWN.net]

      For those who do everything in the Emacs editor: the MELPA repository has just gained an OpenStreetMap viewer. A quick test (example shown on the right) suggests that it works reasonably well; click below for the details.

• Public Services/Government

  • NSF Announces Pathways to Enable Open Source Ecosystems

    The National Science Foundation (NSF) has launched a new initiative called “Pathways to Enable Open-Source Ecosystems” (POSE), which will “harness the power of open source development for the creation of new technology solutions to problems of national and societal importance.”

• Programming/Development

  • LWN ☛ Announcement: gcobol

    Greetings, gcc!  We come bearing gifts! 
    
    When you set your clock ahead an hour yesterday, you might not have
    realized you set your calendar back to 1985.  There's a new gcc COBOL
    compiler. We call it: gcobol.
    
    On the books, we have 1 man-year invested: two full-time
    programmers since October 2021.
    
    We have so far compiled just over 100 programs from the examples in
    "Beginning COBOL for Programmers", by Michael Coughlin. We are near the
    end of that phase of the project, and expect to have ISAM and
    Object-Oriented Cobol features implemented in the next few weeks.  We
    are working on compiling the NIST COBOL test suite, which we expect
    will take a few months to complete.  We have begun work on  gdb, too,
    and hope to have it working by year end. 
    
    Our project should not be confused with GnuCOBOL
    (https://savannah.gnu.org/projects/gnucobol).  That project is a Cobol
    translator: it compiles Cobol to C, and invokes gcc to produce
    executable code.  Our gcobol compiler is (currently) a fork of gcc.  It
    implements a gcc frontend for Cobol and (obviously) invokes the gcc
    backend to produce executables.  (We have a friendly relationship with
    GnuCOBOL, and its maintainer supports our undertaking.)
    
    Ours should also not be confused with prior efforts to create a gcc
    Cobol compiler.  Others have tried and failed.  Failure wasn't an
    option for us.  I won't say it was easy, but here we are. 
    
    Eventually, if the gcc maintainers are interested, we would like to
    pursue full integration with gcc.  For the moment, we have questions
    we're hoping can be answered here by those who ran the gauntlet
    before us.  Given the state of the internals documentation, that seems
    like our best option. We've been rummaging around in the odd sock
    drawer for too long.  
    
    If you're like me (like I was), your visceral response to this
    announcement can be summed up in one word: Why?
    
    The answer is as easy as it is trite: the right tool for the job.
    
    I wouldn't write an operating system in Cobol.  But I wouldn't write
    one in Python or Java, either.  Cobol has a niche no other language
    occupies: a compiled language for record-oriented I/O.  
    
    That might sound strangely specialized, but it's not.  Record-oriented
    I/O describes, I would argue, nearly *all* applications.  Yet, since the
    advent of C, nearly all applications have relegated I/O to an external
    library, and adopted the Unix byte-stream definition of a "file".
    
    If you've written a CGI web application, you know what I'm talking
    about.  Cobol eliminates a lot of gobbledygook by reducing free-form
    run-time variables to compile-time constants.
    
    That's the rationale, and it's not just a theory.  Cobol is alive and
    kicking.  Estimates vary, but they all say north of 100 billion lines
    of Cobol are still in use, with millions more written every year, even
    now, in the 21st century.  Odds are your last ATM transaction or credit
    card purchase went through a Cobol application.
    
    There's another answer to Why: because a free Cobol compiler is an
    essential component to any effort to migrate mainframe applications to
    what mainframe folks still call "distributed systems".  Our goal is a
    Cobol compiler that will compile mainframe applications on Linux.  Not
    a toy: a full-blooded replacement that solves problems.  One that runs
    fast and whose output runs fast, and has native gdb support.
    
    I am happy to debate the lunacy of this project and the viability of
    Cobol, either here or off-list.  Today, we want to make the project
    known to those in the technical community who might most want to know
    what we're up to, and explain why we'll be asking the questions we're
    asking.  
    
    Also, if you want to give it a whirl, please don't hesitate.  We're
    happy to help, and expect to learn something in the process. 
    
    Thank you for you kind attention.
    
    --jkl
    
    

  • LWN ☛ gcobol: a native COBOL compiler [LWN.net]

    The gcobol project has announced its existence; it is a compiler for the COBOL language currently implemented as a fork of GCC.

  • Port Swigger ☛ Node.js security: Parse Server remote code execution vulnerability resolved

    Users of Parse Server, a popular API server module for Node/Express, are being urged to immediately apply a fix for a remote code execution (RCE) vulnerability.

    Discovered by security researchers Mikhail Shcherbakov, Cristian-Alexandru Staicu, and Musard Balliu, the vulnerability impacts the parse-server NPM package, versions below 4.10.7.

  • Qt ☛ Qt for WebAssembly on mobile devices

    Qt for WebAssembly on mobile devices, specifically phones, has lacked an essential feature – support for the native keyboard. It may or may not have worked. If it worked, it did not work very well. The tricky issue is opening the keyboard when needed and closing when it wasn’t. There is no simple API for doing that on any platform we target – iOS, Android and Windows.

  • Drew DeVault ☛ Drew DeVault’s blog: Status update, March 2022

    Greetings! The weather is starting to warm up again, eh? I’m a bit disappointed that we didn’t get any snow this winter. Yadda yadda insert intro text here. Let’s get down to brass tacks. What’s new this month?

    I mainly focused on the programming language this month. I started writing a kernel, which you can see a screenshot of below. This screenshot shows a simulated page fault, demonstrating that we have a working interrupt handler, and also shows something mildly interesting: backtraces. I need to incorporate this approach into the standard library as well, so that we can dump useful stack traces on assertion failures and such. I understand that someone is working on DWARF support as well, so perhaps we’ll soon be able to translate function name + offset into a file name and line number.

Hardware

• MakeTech Easier ☛ COVID Closes Foxconn, Possibly Delaying Next iPhones

  At a time when the U.S. and U.K. are loosening COVID restrictions greatly, China seems to be going in reverse. While the threat to human lives is tragic, it’s also having an impact on the tech world, just as it did in 2021. Troubling COVID numbers have caused Chinese authorities to shutter the Foxconn factory and the rest of Shenzhen, possibly delaying the next iPhones.

Integrity/Availability

• Proprietary

  • Pseudo-Open Source

    • Privatisation/Privateering

      • Linux Foundation

        • The Linux Foundation Welcomes New Board Members from Ericsson, Fujitsu, Meta, Panasonic, Sony, and VMWare [Ed: Jim Zemlin is selling seats again. This is how it works; they’re up for sale.]

          The Linux Foundation’s Board of Directors represents a cross-section of our membership–from different industries with different backgrounds and expertises. This broad, diverse group works hard to ensure the Linux Foundation is achieving its mission to unlock the power of open technology to drive shared innovation for the collective benefit. Their expertise, passion, and work is essential to our joint successes.

        • PR Newswire ☛ New Cloud Native Developer Bootcamp Provides a Clear Path to Cloud Native Careers [Ed: Linux Foundation is trying to reinvent itself as a diploma mill]

        • Academy Software Foundation: Digital Transformation of the Entertainment Industry is Driven by Open Technology and a Visionary, Inclusive Community [Ed: Made on an Apple Mac using proprietary software]

          In a new case study released by Linux Foundation Research, in collaboration with the Academy Software Foundation, entitled Open Source in Entertainment: How the Academy Software Foundation Creates Shared Value, we learn a compelling story of how open technology and the people who create visual effects (VFX) for motion pictures transformed a highly competitive industry.

  • Security

    • Multi-Factor Authentication involving TOTP

      Yes I have used SMS-based one time passwords historically on some sites but such setups are problematic and not much of a security improvement. Some argue they make things worse because the false sense of security stops people using higher quality passwords. Here are just a couple of articles that scratch the surface of this topic.

    • LWN ☛ Security updates for Tuesday [LWN.net]

      Security updates have been issued by Debian (spip), Fedora (chromium), Mageia (chromium-browser-stable, kernel, kernel-linus, and ruby), openSUSE (firefox, flac, java-11-openjdk, protobuf, tomcat, and xstream), Oracle (thunderbird), Red Hat (kpatch-patch and thunderbird), Scientific Linux (thunderbird), Slackware (httpd), SUSE (firefox, flac, glib2, glibc, java-11-openjdk, libcaca, SDL2, squid, sssd, tomcat, xstream, and zsh), and Ubuntu (zsh).

    • Associated Press ☛ [Cr]acked US companies to face new reporting requirements [Ed: Microsoft Windows TCO]

      Companies critical to U.S. national interests will now have to report when they’re hacked or they pay ransomware, according to new rules approved by Congress.

      The rules are part of a broader effort by the Biden administration and Congress to shore up the nation’s cyberdefenses after a series of high-profile digital espionage campaigns and disruptive ransomware attacks. The reporting will give the federal government much greater visibility into hacking efforts that target private companies, which often have skipped going to the FBI or other agencies for help.

    • Bruce Schneier ☛ US Critical Infrastructure Companies Will Have to Report When They Are Hacked [Ed: Would be better if the "news" reported that this is a Microsoft Windows issue]

      Even better would be if they had to report it to the public.

    • CISA ☛ PTC Axeda agent and Axeda Desktop Server (Update B) [Ed: Microsoft Windows TCO]

      ATTENTION: Exploitable remotely/low attack complexity

      [...]

      Axeda Desktop Server for Windows: All versions

    • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

      • QNAP warns severe Linux bug affects most of its NAS devices [Ed: Microsofters have found a new angle for attacking Linux (recycle); Maybe the Microsofters want to start naming EVERY SINGLE PRODUCT THAT USES LINUX… and then name-drop “dirty pipe” for FUD’s sake.]

        Taiwanese hardware vendor QNAP warns most of its Network Attached Storage (NAS) devices are impacted by a high severity Linux vulnerability dubbed ‘Dirty Pipe’ that allows attackers with local access to gain root privileges.

        The ‘Dirty Pipe’ security bug affects Linux Kernel 5.8 and later versions, even on Android devices. If successfully exploited, it allows non-privileged users to inject and overwrite data in read-only files, including SUID processes that run as root.

      • Hacker News ☛ ‘Dirty Pipe’ Linux Flaw Affects a Wide Range of QNAP NAS Devices

        Network-attached storage (NAS) appliance maker QNAP on Monday warned of a recently disclosed Linux vulnerability affecting its devices that could be abused to elevate privileges and gain control of affected systems.

      • ‘Dirty Pipe’ security patched kernels available

        All users that use any 5.10 kernel are strongly advised to upgrade to the latest version – 5.10.104 – in the antiX repos. This applies to 64 bit and 32 bit pae and non-pae kernels for antiX-17, antiX-19, antiX-21 and testing/sid users.

Internet Policy/Net Neutrality

• News publishers furnish their details voluntarily, MIB claims in RTI Appeal

  We had filed an RTI Application with the the Ministry of Information & Broadcasting (‘MIB’) seeking information about certain notices issued by MIB to publishers of news media asking them to furnish information under Rule 18 of the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 (‘IT Rules’). While the MIB revealed that 2100 publishers have furnished information already, it refused to provide information on how many notices were sent to publishers and why they were sent despite the stay on operation of Rules 9(1) and 9(3) of the IT Rules. Accordingly, we filed a first appeal on 25.01.2022. Now, in appeal proceedings, MIB has claimed that all 2100 publishers voluntarily offered information about themselves in a fiduciary capacity and has refused to provide further information citing exemptions under the Right to Information Act, 2005 (‘RTI Act’) and made some interesting observations.

• NBC ☛ Russia is nearly isolated online. What does that mean for the internet’s future?

Digital Restrictions (DRM)

• [Old] miscellaneous mini post

  Apparently there’s some sort of anti-copy mechanism for discs recorded via optical (but not analog), but I’m the only person I’ve ever known with minidisc anything so I think I’m okay on that front, *and* I still have all the original sources anyways.

Monopolies

• Copyrights

  • Public Domain Review ☛ A Hall of Mirrors: *Cabala, Spiegel Der Kunst Und Natur, In Alchymia* (1615) – The Public Domain Review

    A cryptic, Rosicrucian-inspired text of disputed authorship, featuring engravings rich in alchemical symbolism.