03.22.22

Gemini version available ♊︎

Links 22/3/2022: CrossOver 21.2 and NVIDIA Developer Kit

Posted in News Roundup at 1:33 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Audiocasts/Shows

    • Kernel Space

      • The Register UKNew Linux kernel has improved random-number generation • The Register

        A significant rewrite of the Linux kernel’s random-number generator is underway, ensuring Linux-based cryptography is a bit more secure, particularly in virtual machines, and some software a bit smoother to run.

        As outlined by the author of the changes, Jason A Donenfeld, the newly released kernel 5.17 contains the first stage of the big rewrite, but more will follow in 5.18. Among other changes, the /dev/random and /dev/urandom devices now do exactly the same. This brings the Linux kernel in line with FreeBSD and macOS.

        The code is contained in a module called random.c, originally written by Ted T’so for kernel 1.3 in 1994. It implements a Unix-style special character device called /dev/random which gives a stream of pseudorandom data. Building this into the kernel was a big deal, and the /dev/random device was adopted into DEC/Compaq Tru64, FreeBSD, HP-UX, IBM AIX, NetBSD, macOS, SGI IRIX, and Sun Solaris. This might make it one of the single most widely influential new features from Linux onto the broader Unix world.

        Generating truly random numbers in pure software is non-trivial. If you run the same code repeatedly with the same inputs, it should produce the same results. Thus if you write a program to output random numbers, it’ll produce a predictable, pseudorandom stream of values. If you can predict the output, you can figure out how software using it is going to work and, for instance, break encryption based on it. Researchers managed this for Windows 2000, for instance.

    • Applications

    • Instructionals/Technical

      • How To Install Proxmox VE On Debian 11 Bullseye In Intel NUC

        A few days ago, we discussed how to install Proxmox VE standalone edition. Today, we will see how to install Proxmox VE on Debian 11 bullseye in an Intel NUC mini PC and access Proxmox web dashboard. In addition, we will also discuss how to create a network bridge and how to setup Wireless network card as a bridge.

      • HowTo ForgeHow to Install Adminer MySQL Database Management Tool on Alma Linux 8 – LinuxBuz

        Adminer is a full-featured database management tool written in PHP used for managing several databases including, MySQL, MariaDB, PostgreSQL, SQLite, MS SQL, Oracle, Elasticsearch, MongoDB, and more.

      • How to set up a VPN on Linux – ThisHosting.Rocks

        In this tutorial, we’re going to show you how to set up a VPN on Linux and why you’d need one.

        From our previous articles, you already know what a VPN is, if it’s necessary on Linux, and even how to set up OpenVPN on Ubuntu. In this article, we’re going to show you how to set up a VPN on Ubuntu from a specific VPN provider with their own VPN client, not setting up OpenVPN yourself.

      • H2S MediaHow to install Backdrop CMS on Ubuntu 22.04 Jammy – Linux Shout

        Here we learn the commands to install Backdrop CMS on Ubuntu 22.04 LTS Jammy JellyFish using the terminal.

        Backdrop CMS is a lightweight, feature-rich, and very user-friendly content management system. Designed specifically for small businesses, organizations, and educational institutions, the Drupal fork positions itself as an alternative between WordPress and Drupal. It is a system that already has the most important functions and is extremely easy to use. At the same time, Backdrop CMS offers enough reserves for tailor-made requests and more ambitious development projects.

      • How to Restrict Internet Access to a Single Program on Arch Linux with Firejail – Fasterland

        Sometimes, we may need to restrict the internet access to a single application both for security reasons or testing purposes.

        On Linux, there are different ways to restrict the internet access to a single program. Unfortunately, most of them, are not straightforward at all.

      • How to Restore Corrupt SQL Server Database on Linux? – LinuxTechLab [Ed: Better yet, replace it with a good database which is actually Free software]

        Do you want to recover a damaged/corrupted SQL Server database on Linux? This article explains in detail how to restore a corrupt SQL database on Linux from the backup and by using a professional SQL recovery tool.

      • OSNoteHow to Install and Use Podman on Rocky Linux 8 – OSNote

        Podman is a free and open-source daemonless container engine that was developed by RedHat. It exists to help developers manage and deploy their applications in a Linux environment. Similar to the Kubernetes platform, Podman works with pods.
        Podman seeks to be the alternative to the Docker engine which is also a containerization platform. Podman improves on Docker by decentralizing the components needed for container management. Podman has a few distinguishing differences, the main one being its architecture. It runs on a daemonless architecture.

    • Wine or Emulation

      • Announcing CrossOver 21.2.0

        I’m thrilled to announce that we have released CrossOver 21.2 for macOS, Linux and Chrome OS!

        This new release offers both improvements from upstream Wine and important fixes for a variety of issues.

        CrossOver 21.2 includes over 300 updates to wined3d from upstream Wine. We also included dozens of changes from Wine 6.0.1 and 6.0.2 and updated to Wine Mono 7.0.

        Audio now works on both Mac and Linux for Halo: Master Chief Collection. We also fixed an issue with a recent Steam update that was causing some connections to take a very long time.

        On macOS, we fixed a long-standing issue with mouse control in Unity games. We also included fixes for the latest Rockstar Games Launcher and Quicken updates that caused those applications to stop working on M1 machines.

        For our Linux and Chrome OS users, we fixed rendering issues on Office 365. We also made changes so that CrossOver once again seamlessly installs on Chrome OS, and we added a fix for libldap dependency errors on certain Linux distros (including Ubuntu 21.10).

    • Games

    • Distributions

      • Barry KaulerEasyOS: Enchant spell checking fixed

        Forum member ‘proebler’ reported that when the geany text editor extra-plugins package is installed (via the package manager), the spell-checking plugin does not work.

      • IBM/Red Hat/Fedora

        • OpenSource.comGet started with reactive programming with Kotlin on Quarkus | Opensource.com

          Moving to the cloud with event-driven architecture raises big concerns for enterprises using multiple programming languages such as Java, C#, JavaScript, Scala, and Groovy to implement business requirements. Because enterprises need to redesign multiple architectures for container deployment separately and put more effort into optimizing production on the cloud, developers often must learn a new programming language in line with the production environment. For example, Java developers have to switch their skill sets to Node.Js to develop lightweight event-front applications.

          Kotlin addresses these issues and targets various developers who deploy business applications with multiple programming languages on top of Java Virtual Machine (JVM). Kotlin handles these issues with both imperative and reactive approaches. However, there’s still a hustle to catch up on Kotlin’s new syntax and APIs, especially for Java developers. Luckily, the Quarkus Kotlin extension makes it easier for developers to implement Kotlin applications.

        • Red Hat Official8 steps for estimating a cloud application’s resource requirements | Enable Sysadmin

          Learn how to calculate a cloud application’s resource needs correctly, in order to minimize common operational issues in production.

        • Enterprisers ProjectAutomation and digital transformation: 3 ways they go together

          Automation and digital transformation (DX) have become one of IT’s dynamic duos: Where you see or hear one, the other seems sure to follow.

          They’re certainly linked by their priority and popularity in IT and business circles. Automation and DX have been atop the strategic roadmaps of CIOs and other leaders for years now. Digital transformation has become an industry unto itself, and few CIOs have “automate less” highlighted on their strategic roadmap.

          But do they always go hand-in-hand? What’s the actual relationship between IT automation and DX? Answers to questions like this require more context and nuance.

        • FedoraCollecting ideas for “Feature Spotlight” articles – Fedora Community Blog

          How do we – as in, the developers and package maintainers who are working on Fedora Linux – make sure people actually know about all the cool stuff we’re doing? That’s the question at the heart of previous discussions on the “devel” mailing list (How do we announce new packages?) and on discourse (Idea for collecting “Cool New Features / Cool New Packages” article ideas).

          As it turns out, the answer to that question is: “If what you’ve worked on isn’t big or noteworthy enough, then there’s no place for you”. That’s not good, and it’s why I started working on “Feature Spotlight”.

        • Enterprisers ProjectDigital transformation: 5 layers to build on

          Digital transformation is defined as “the integration of digital technology into all areas of a business, fundamentally changing how you operate and deliver value to customers.” That’s why every company’s digital transformation journey looks different. Ultimately, it is a paradigm shift in how you do business.

        • Red HatWrite Kubernetes in Java with the Java Operator SDK, Part 2 | Red Hat Developer

          Java Operator SDK, or JOSDK, is an open source project that aims to simplify the task of creating Kubernetes Operators using Java. The project was started by Container Solutions, and Red Hat is now a major contributor.

          Part 1 in this series introduced JOSDK and explained why it could be interesting to create Operators in Java. In this article and its sequels, you will take a deeper look at JOSDK’s concepts and learn how it simplifies Operator development. Along the way, you’ll build a simple example using JOSDK and its quarkus-operator-sdk extension for Quarkus, a Kubernetes-native Java stack.

        • Software Freedom Institute: Red Hat, Inc vs Software Freedom Institute SA: Fedora open source trademark precedent

          Red Hat, Inc, a subsidiary of IBM, attempted to sue the Institute for using the domain name WeMakeFedora.org

          The Institute argued that the doctrine of fair use applies when volunteers collaborate on an open source software product like Fedora.

      • Debian Family

        • Linux Mint Debian Edition 5 Available to Download: discover all its news – LinuxStoney

          Linux Mint Debian Edition 5 Available to Download: discover all its news, There are many Linux distributions that we can use right now to be part of our PC. Among the wide variety that we can download and install, one of the most popular is Linux Mint .

          Here we find a distro capable of meeting the needs of all types of users, both new and more advanced. We are telling you all this because the new version of the operating system has just been released, specifically we are referring to Linux Mint Debian Edition 5 , which is now available. It is worth mentioning that this is something that happens after several months of testing by its developers.

          For those of you who don’t know, we will tell you that this system is based on Ubuntu by default. Considering that the last update of this software dates back to January of this year, the team released Linux Mint 20.3 in the same month. This release was accompanied by the Cinnamon, MATE, and Xfce desktops , all based on the Linux 5.4 kernel. But as we have mentioned, in these lines we are going to focus on Linux Mint Debian Edition.

          One of the goals of this distro is to ensure that it remains available if something happens to Ubuntu. Sure, that seems unlikely, though the team behind this proposal wants to be prepared for all eventualities. At the same time Linux Mint Debian Edition becomes an interesting alternative.

        • In Linux, they are basic, but do you know what DEB files are? [Ed: This is nonsense and false

          The name “DEB” comes from shortening the name of the first distro that introduced and started using them: Debian. These packages are basically the .EXE of Debian-based Linux distributions , such as Debian itself, Ubuntu or Linux Mint, among others. Thus, these are storage files (or packages) that contain all the files to be able to install a program in the distro, in addition to the scripts necessary to carry out this installation and configuration of the program in question.

        • Norbert PreiningPackages for Debian: KDE/Plasma, RSSguard, et al | There and back again

          As mentioned in this post, most of my activity around Debian has come to a complete halt (Send your thanks to da-manager@debian.org!). Since I still have a few computers running Debian, I keep maintaining a few things which I heavily rely on, in particular KDE/Plasma and RSSguard.

          For KDE/Plasma, there are the well known OBS repos I maintain, please read the blog posts tagged KDE.

      • Canonical/Ubuntu Family

        • UbuntuDesign and Web team summary – 25 February 2022 | Ubuntu

          The Web and design team at Canonical run two-week iterations building and maintaining all of the Canonical websites and product web interfaces. Here are some of the highlights of our completed work from this iteration.

    • Devices/Embedded

      • Linux GizmosJetson edge AI box offers four PoE ports with a choice of Onvif or GigE camera support

        Adlink unveiled an “EOS-JNX Series” of Jetson Xavier NX based edge AI vision systems with 4x PoE ports. The EOS-JNX-I has 10/100Mbps PoE ports that support Onvif surveillance cams plus a 1Gb NVR uplink; the EOS-JNX-G has GbE PoE ports with GigE camera support.

        Last September when Adlink announced its Edge Vision Analytics (EVA) SDK for systems including its Nvidia Jetson Xavier NX powered NEON-2000-JNX embedded camera, the company mentioned that an upcoming EOS-JNX line of computers would support the AI stack. Adlink has now announced the Xavier NX based EOS-JNX Series of computers with EVA support. In somewhat related news, Adlink announced a partnership with ANSCENTER to integrate its ANSCENTER ANS Video Intelligence System (ANSVIS) software with Adlink’s NEON cameras.

      • CNX SoftwareNVIDIA launches Jetson AGX Orin Developer Kit, Orin NX modules, and Isaac Nova Orin AMR platform – CNX Software

        NVIDIA Jetson AGX Orin module was first introduced in November 2011, but the company has now officially launched the Jetson AGX Orin Developer Kit, andunveiled the lower cost Orin NX modules still with 70 TOPS or more, and the Isaac Nova Orin AMR (autonomous mobile robot) reference platform.

      • Open Hardware/Modding

        • CNX SoftwareQuadric devkit features q16 hybrid AI, DSP, computer vision accelerator – CNX Software

          The Quadric devkit is an M.2 Key M module equipped with the company’s q16 edge processor offering a hybrid data-flow + Von Neumann machine for not only neural networks, but also computer vision, digital signal processing, BLAS (Basic Linear Algebra Subprograms), and other workloads.

          This architecture allows the Quadric q16 to be more flexible than traditional AI accelerators and can deliver more effective solutions for heterogonous systems that may have multiple accelerators or require a powerful processor. The M.2 form factor enables easy integration into boards with an M.2 Key M socket such as the Gumstix Raspberry Pi 4 development board shown below with the Quadric devkit.

      • Mobile Systems/Mobile Applications

        • Murena & /e/OS — a product roadmap for 2022: towards our V1? – Gaël Duval (blog, mandrake, /e/ my data is my data…)

          It’s interesting to have a look back at our past year roadmap: most of the features we announced are either done or close to be completed, which is not too bad! The two things that shew very little progress are the Smart Assistant project, and the energy efficiency project.

          For others items, we have started to introduce better compatibility with Android applications (SafetyNet support), first for the stable devices, and later, progressively, for as many supported smartphones as possible…

          We will also soon be offering a much larger and transparent access to mobile applications, with our new application installer called “App Lounge”. On this aspect, even if we didn’t have a single case of tampered application during the past three years, we’re progressively abandoning our dependency to the “CleanAPK” service. CleanAPK is still going to be used momentarily for the catalog of apps coming from F-Droid and Progressive Web Apps, but will be totally abandonned this year.

    • Free, Libre, and Open Source Software

      • LWNThe Open Source Initiative elects a new board

        The Open Source Initiative has announced the results of its 2022 board election.

      • Daniel StenbergA headers API for libcurl | daniel.haxx.se

        For many years we’ve had this outstanding idea to add a new API to libcurl that would offer applications easy access to HTTP response headers.

        Applications could already retrieve the headers using existing methods but that requires them to write a callback and to a certain amount of parsing and “understanding” HTTP that we always felt was a little unfortunate, a bit error-prone on the behalf of the applications and perhaps also a thing that forced a lot of applications out there having to write the same kind of extra function logic.

        If libcurl provides this functionality, it would remove a lot of (duplicated) code from a lot of applications.

      • Peter Czanik: The system() source of syslog-ng now also works on MacOS
      • The syslog-ng insider 2022-03: syslog-ng 4; MQTT source; Zinc; Elastic Cloud; 3.36; – Blog – syslog-ng Community – syslog-ng Community

        This is the 99th issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.

      • Open Source InitiativeComcast: Why we support the OSI

        Comcast is a global media and technology company that operates as three primary businesses: Comcast Cable in the U.S., Sky in Europe, and NBCUniversal globally. In addition, Comcast also provides communications services, including residential high-speed internet, phone, and wireless services.

      • FSFE

        • FSFESFP#14: The world of mesh networking with Elektra Wagenrad

          With this episode the Software Freedom Podcast opens the door to the fascinating and sometimes complex world of mesh networking. And who better than Elektra Wagenrad can take us on this journey? Elektra is one of the original developers of the B.A.T.M.A.N. protocol and the person behind the Mesh Potato project.

      • FSF

        • GNU Projects

          • GNUGNU Linux-libre 5.17-gnu
            GNU Linux-libre 5.17-gnu cleaning-up scripts, cleaned-up sources, and
            cleaning-up logs (including tarball signatures) are now available from
            our git-based release archive git://linux-libre.fsfla.org/releases.git/
            tags {scripts,sources,logs}/v5.17-gnu.
            
            Compressed tarballs and incremental patches are also available at
            <https://www.fsfla.org/selibre/linux-libre/download/releases/5.17-gnu/>.
            
            Freesh and RPMFreedom, the .deb and .rpm distributions of GNU
            Linux-libre maintained by Jason Self, already have binaries of 5.17-gnu.
            Thanks, Jason!
            
            We had hoped for a release during FSF's amazing LibrePlanet conference,
            but alas, that was not meant to be.  Cleaning up scripts have required
            changes for the final release, compared with -rc8, and that delayed the
            release quite significantly.
            
            
            This release required updates to cleaning up logic for tegra, bnx2x,
            mt7915, btmtk, mscc, and new logic for dts files for various new aarch64
            SoCs, and for a new driver for x86 android tablets.
            
            
            In other news, Jason Self has started sharing the work of preparing and
            verifying the multiple upstream stable releases we clean up and put out
            every week.  Please join me in thanking him for adjusting our bus factor
            in a desirable way!  There are likely to be upcoming changes in details
            about signatures as we streamline this new mode of cooperation.
            
            You may also enjoy the beautiful artwork with our mascot, Freedo, that
            he's made and published at https://jxself.org/git/?p=freedo.git;a=tree
            
            
            For up-to-the-minute news, join us on IRC (#gnu-linux-libre on
            libera.chat), or follow me on P2P or federated social media (the link in
            my signature has directions).
            
            
            Be Free! with GNU Linux-libre.
            
            
            What is GNU Linux-libre?
            ------------------------
            
              GNU Linux-libre is a Free version of the kernel Linux (see below),
              suitable for use with the GNU Operating System in 100% Free
              GNU/Linux-libre System Distributions.
            
            http://www.gnu.org/distros/
            
              It removes non-Free components from Linux, that are disguised as
              source code or distributed in separate files.  It also disables
              run-time requests for non-Free components, shipped separately or as
              part of Linux, and documentation pointing to them, so as to avoid
              (Free-)baiting users into the trap of non-Free Software.
            
            http://www.fsfla.org/anuncio/2010-11-Linux-2.6.36-libre-debait
            
              Linux-libre started within the gNewSense GNU/Linux distribution.
              It was later adopted by Jeff Moe, who coined its name, and in 2008
              it became a project maintained by FSF Latin America.  In 2012, it
              became part of the GNU Project.
            
              The GNU Linux-libre project takes a minimal-changes approach to
              cleaning up Linux, making no effort to substitute components that
              need to be removed with functionally equivalent Free ones.
              Nevertheless, we encourage and support efforts towards doing so.
            
            http://libreplanet.org/wiki/LinuxLibre:Devices_that_require_non-free_firmware
            
              Our mascot is Freedo, a light-blue penguin that has just come out
              of the shower.  Although we like penguins, GNU is a much greater
              contribution to the entire system, so its mascot deserves more
              promotion.  See our web page for their images.
            
            http://linux-libre.fsfla.org/
            
              If you are the author of an awesome program and want to join us in
              writing Free (libre) Software, please consider making it an official
              GNU program and become a GNU Maintainer.  You can find instructions
              on how to do so at https://www.gnu.org/help/evaluation.  We look
              forward to hacking with you! :)
            
            
            What is Linux?
            --------------
            
              Linux is a clone of the Unix kernel [...]
            
            (snipped from Documentation/admin-guide/README.rst)
            
          • GNU Linux-Libre 5.17 Kernel Released
      • Programming/Development

        • Linux HintScala Abstract Class

          We have to create classes in programming in any language. Classes have methods and have values defined in them. In real life, we want to hide some information in a class or don’t want to show unnecessary details of the class. Just putting forward the subject that we have created for users. In Scala, there is a way out of hiding details of implementation through creating an Abstract class and showing only the functionality we want to display. We will learn the concept of creating an Abstract class in Scala in this article. Scala’s Abstract class and Java’s Abstract class are quite similar. Let’s have some more information about the Scala Abstract class.

        • Linux HintScala Collections

          A collection in Scala in particular or in any other programming language, in general, is simply a container that can hold the data. However, as far as the Scala programming language is concerned, then it supports multiple different collections. Therefore, today’s article will be dedicated to the collections in the Scala programming language in Ubuntu 20.04.

        • Linux HintScala Hello World

          Whichever programming language you are comfortable with, you must be familiar with a Hello World program in it. This program is generally the first program that you will ever create in any programming language. With this basic program, you try to understand the syntax of the programming language that you wish to learn. In this guide, we will learn to write a Hello World program in the Scala programming language in Ubuntu 20.04.

        • Linux HintHow to Use Strings in Rust

          A string is defined as a sequence of Unicode characters that are encoded into the UTF-8-byte stream. Strings are a fundamental concept in any programming knowledge as they are a source of great trouble or great productivity.

          This article will explore how to work with strings in the Rust programming language and determine what makes strings in Rust different.

  • Leftovers

    • Hardware

      • CubicleNateWireless Network Bridge Solution

        Wireless bridging is not a real common residential application, at least, not that one that I would think to be common. When you are in a situation where a wireless bridge is necessary, this is a solution I can highly recommend. I am glad I went with the long distance model as it seems to do well even when obstacles re put its way. I think the money spent on the wireless bridge was the better solution to burred wire.

    • Integrity/Availability

      • Proprietary

        • Help Net SecurityLapsus$ Gang Says it Has Breached Okta and Microsoft

          After breaching NVIDIA and Samsung and stealing and leaking those companies’ propertary data, the Lapsus$ cyber extortion gang has announced that they have popped Microsoft and Okta.

          [...]

          If Lapsus$’s assertions prove to be true, this (previously) relatively unknown hacking group has quickly become another threat actor that big corporations have to worry about.

        • MIT Technology ReviewActivists are targeting Russians with open-source “protestware” | MIT Technology Review [Ed: MIT Technology Review is blaming "open source" for Microsoft shipping malware]
        • LWNActivists are targeting Russians with open-source “protestware” (Technology Review) [Ed: MIT Technology Review basically blames the victims of Microsoft for what Microsoft is doing; see comments]

          MIT Technology Review has taken a brief look at open-source projects that have added changes protesting the war in Ukraine and drawn some questionable conclusions…

        • ZDNetCorrupted open-source software enters the Russian battlefield [Ed: Steven Vaughan-Nichols now helps Microsoft by spinning Microsoft shipping malware as an "open source" issue]

          It started as an innocent protest. Npm, JavaScript’s package manager maintainer RIAEvangelist, Brandon Nozaki Miller, wrote and published an open-code npm source-code package called peacenotwar. It did little except add a protest message against Russia’s invasion of Ukraine. But then, it took a darker turn: It began destroying computers’ file systems.

        • USCERTDelta Electronics DIAEnergie [Ed: Microsoft SQL 'Server']
        • CISADelta Electronics DIAEnergie (Update B) [Ed: Microsoft SQL 'Server']
        • Security

          • USCERTFBI and FinCEN Release Advisory on AvosLocker Ransomware [Ed: AvosLocker is a ransomware group that was identified in 2021, specifically targeting Windows machines; FBI and CISA do not even name Microsoft or Windows, as usual. Microsoft cannot defend Windows (too many back doors and defects), so the best it can do it pay the media to stay quiet, change the topic, or blame the wrong parties.]

            The Federal Bureau of Investigation (FBI) and the Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) have released a joint Cybersecurity Advisory identifying indicators of compromise associated with AvosLocker ransomware. AvosLocker is a ransomware-as-a-service affiliate-based group that has targeted victims across multiple critical infrastructure sectors in the United States including, but not limited to, the Financial Services, Critical Manufacturing, and Government Facilities sectors.

          • LWNSecurity updates for Tuesday [LWN.net]

            Security updates have been issued by Debian (apache2 and thunderbird), Fedora (abcm2ps, containerd, dotnet6.0, expat, ghc-cmark-gfm, moodle, openssl, and zabbix), Mageia (389-ds-base, apache, bind, chromium-browser-stable, nodejs-tar, python-django/python-asgiref, and stunnel), openSUSE (icingaweb2, lapack, SUSE:SLE-15-SP4:Update (security), and thunderbird), Oracle (openssl), Slackware (bind), SUSE (apache2, bind, glibc, kernel-firmware, lapack, net-snmp, and thunderbird), and Ubuntu (binutils, linux, linux-aws, linux-aws-5.13, linux-gcp, linux-hwe-5.13, linux-kvm, linux-raspi, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gke, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, and linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-dell300x, linux-hwe, linux-gcp-4.15, linux-kvm, linux-oracle, linux-snapdragon).

          • CISADrupal Releases Security Updates | CISA

            Drupal has released security updates to address a vulnerability affecting Drupal 9.2 and 9.3. An attacker could exploit this vulnerability to take control of an affected system.

          • Market ScreenerQualys : Implications of Windows Subsystem for Linux for Adversaries & Defenders (Part 1) [Ed: WSL is an attack on Linux, it's Windows in disguise, and firms should quit using Microsoft's attack on Linux as a pretext for bashing the security of GNU/Linux]
          • SBOMs Supporting Safety Critical Software [Ed: This isn't the solution, this is the LF acting as a marketing proxy for sponsors]
    • Defence/Aggression

      • Here’s why Putin won’t use nukes in Ukraine — Pass it on. | I, Cringely

        President Putin of Russia has been talking a lot lately about his forces using nuclear weapons — presumably tactical nuclear weapons — in the war with Ukraine. It’s an easy threat to make but a difficult one to follow-through for reasons I’ll explain here in some detail. I’m not saying Mr Putin won’t order nuclear strikes. He might. Dictators do such things from time to time. But if Mr Putin does push that button, I’d estimate there is perhaps a 20- percent chance that nukes will be actually launched and a 100 percent chance that Mr. Putin will end that day with a bullet in his brain.

        Given that I don’t think Mr. Putin really wants a bullet in his brain, my goal here is to lay out facts and probabilities to show how nuking Ukraine would be a huge mistake for Putin and Russia. With the facts thus presented and presumably repeated by many people in many venues, that information will quickly reach everyone in positions to make such a nuclear war NOT happen. But without essays like this one, that education and intervention is much less likely. So I am writing this as a public service. Pass it on.

        What do I know? I worked as an investigator for the Presidential Commission on the Accident at Three Mile Island in 1979. Part of my portfolio then was to study the Federal Emergency Management Agency’s response to that nuclear accident, which was pathetic.

        TMI was FEMA’s first big crisis as FEMA. Most of the agency had been called Civil Defense until a short time before TMI. Their idea of nuclear safety (remember the Nuclear Regulatory Commission, not FEMA, actually regulates the reactors) had been tracking clouds of predicted fallout from Russian nuclear attacks driven by prevailing winds and coming up with plans to move civilians out of the way of those clouds. In the northeast USA around Three Mile Island, the old Civil Defense plans called for moving 75 million people in 72 hours — an impossible task, then or now.

    • Censorship/Free Speech

      • WiredWhy WhatsApp Survived Russia’s Social Media Purge

        It has become easier to be labeled an extremist in Russia. On Monday the label—once reserved for the likes of the Taliban and the Islamic State—was given to Facebook’s parent company, Meta.

        A Moscow court ruled that Meta was an extremist organization in a decision that effectively banned social media platforms Facebook and Instagram from operating in Russia. But the court ruling included an interesting carve-out: WhatsApp. Both of the other platforms had been blocked earlier in March after clashing with the Kremlin over content referencing the war in Ukraine. But the ruling purposefully allowed the company’s messenger platform WhatsApp to continue operating in the country. “The decision does not apply to the activities of Meta’s messenger WhatsApp, due to its lack of functionality for the public dissemination of information,” the court said, according to Reuters.

      • AccessNowUpdate: internet access, censorship, and the Myanmar coup

        Access Now, outraged by today’s announcement that the Myanmar Investment Commission has approved the sale of Telenor Myanmar, is calling for international actors to implement sanctions and stop the company’s irresponsible disposal of its Myanmar operations to a company whose 80% majority shareholder is military-linked Shwe Byain Phyu Group.

        Telenor stated that its sanctions screening “assured” them that Shwe Byain Phyu and its owners were not subject to any current international sanctions. However, they are linked to multiple individuals and companies currently subject to U.S., European Union, and UK sanctions.

        “The purchaser, Shwe Byain Phyu, may not be sanctioned now — but it needs to be. International actors must recognize and take action against the company’s multiple and flagrant links to the military,” said Wai Phyo Myint, Asia Pacific Policy Analyst at Access Now.

    • Internet Policy/Net Neutrality

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. Visual Proof That Twitter Very Likely Faked Its Magnitude the Moment Musk et al (KSA, Ellison and so on) Wanted to Buy

    There's a very compelling case for the allegation that Twitter is defrauding shareholders and participants in the platform; Twitter is a lot smaller than it used to be (fewer people are actively involved), it is losing money, and it is so desperate to be acquired that it's shamelessly faking traffic



  2. Links 27/05/2022: Wayland 1.21 Alpha, KDE Adds Flatpak and Snap Permissions to Discover

    Links for the day



  3. IRC Proceedings: Thursday, May 26, 2022

    IRC logs for Thursday, May 26, 2022



  4. Links 27/05/2022: Many More Microsoft Security Failures (and Spin/Lies)

    Links for the day



  5. Links 26/05/2022: KStars 3.5.9 and Chrome 103 Beta

    Links for the day



  6. Links 26/05/2022: AlmaLinux OS 9.0, MooseX::Extended for Perl Introduced

    Links for the day



  7. Links 26/05/2022: Kernel Events and Systemd-Free GNU/Linux Distributions

    Links for the day



  8. Links 26/05/2022: DuckDuckGo Increasingly Exposed as Microsoft Proxy

    Links for the day



  9. EPO Celebrates Software Patents Again, Dubbing Them 'Hey Hi' (AI) and '4IR'

    The ludicrous state of the EPO is demonstrated by yesterday’s puff piece about “four million” (merely requests for monopoly in Europe; most come from outside Europe) and L’Oréal, which claims to have “invented” something that was already done in the 1990s if not the 1980s



  10. [Meme] EPO's Monkey Business: Lowering the Patent Examination Bar

    As we shall show in a moment, EPO President António Campinos has lowered the quality of patents and applications; sooner or later he might outsource the job to ‘livestock’



  11. IRC Proceedings: Wednesday, May 25, 2022

    IRC logs for Wednesday, May 25, 2022



  12. Heads of Patent Offices Are Immune to Coronavirus

    The overconfident chiefs of the U.S. Patent and Trademark Office (USPTO) and EPO might love speaking about COVID-19 (in relation to patents), but they do not take it seriously themselves



  13. Links 26/05/2022: Plex Finally on GNU/Linux

    Links for the day



  14. The General Consultative Committee of the EPO Exposes a Disaster and a Lack of Genuine Dialogue

    The General Consultative Committee (GCC) at the EPO deals with unlawful proposals from António Campinos (he’s happy to violate laws, constitutions, protocols, conventions, just like Benoît Battistelli did) and once again the abuses by managers is covered up; it’s as if the Office is run by unaccountable gangsters who arrogantly curse at everyone whilst insisting they’re the nicest people ever



  15. The Latest Letter to Josef Kratochvìl and the Heads of Delegation of the Administrative Council of the European Patent Organisation

    A week-old letter from the Central Staff Committee (CSC) to the Administrative Council of the European Patent Organisation highlights the nature of a crisis; there's no genuine dialogue and staff of the EPO (i.e. the scientists who do all the actual work) is constantly under attack



  16. [Meme] The Recordings Must Have Accidentally Been Lost While Breaking the Rules

    The EPO‘s “nicest” chief, Monopoly Tony, won’t even mention the recordings…



  17. Links 25/05/2022: ‘V Rising’ on GNU/Linux and Pearl Linux OS 11

    Links for the day



  18. Links 25/05/2022: Librem Tries Another Approach

    Links for the day



  19. IRC Proceedings: Tuesday, May 24, 2022

    IRC logs for Tuesday, May 24, 2022



  20. Links 24/05/2022: nginx-1.22.0 and WordPress 6.0

    Links for the day



  21. [Meme] Divine Protection

    You won’t find Monopoly Tony (António Campinos) wearing a mask at the EPO because the rules of the Office do not apply to him



  22. António Campinos and the Alicante Clique (EPO Management, Appointed Based on Nepotism Despite Lack of Qualifications) Nowadays Exploiting Kids for PR Charades

    The sick old habit of exploiting kids for Public Relations (PR) and marketing purposes is all too common at the EPO (they’re constantly exploiting “the children” to associate criticism of the EPO with demeaning the young and innocent), but the management — which enjoys nepotism and immunity rather than relevant skills — carries on today and it’s being called “inaugural”



  23. [Meme] Snake on a Plane

    The EPO‘s President ‘Monopoly Tony’ (António Campinos), whom you never see wearing a mask (none of the photo ops; he does not even socially distance himself from peers, he wears sneakers instead of masks) during the height of a pandemic, is the "f***ing president"; don’t tell him to wear one…



  24. Microsoft GitHub Exposé — Part XX — Entering Phase II

    We're about to resume the long-running series about the sick clique which ran GitHub until the assault on women became too much of a liability (among other wrongdoings and PR blunders)



  25. Links 24/05/2022: Fedora 37 Test Days and Tor Browser 11.0.13

    Links for the day



  26. Microsoft Vidal, as USPTO Director, Already Plays 'Political Cards' to Disguise and Deflect Away From the Corporate Agenda

    Microsoft Vidal, another corporate pawn in charge of the world’s most dangerous patent system, is using soft-spoken defle



  27. Links 24/05/2022: WAL-G 2.0

    Links for the day



  28. IRC Proceedings: Monday, May 23, 2022

    IRC logs for Monday, May 23, 2022



  29. Unethical Advertising, Published as So-called 'Articles', in CNX Software

    As we noted earlier this year, the CNX team is looking for money in the wrong places



  30. Links 23/05/2022: Broadcom to Buy VMware?

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts