Bonum Certa Men Certa

Links 25/03/2022: Parrot 5.0, New Wine, and EasyOS 3.4.4



  • GNU/Linux

    • The New Stack3 Immutable Operating Systems: Bottlerocket, Flatcar and Talos Linux

      For those that don’t know, immutable operating systems have been increasing in popularity recently. An immutable operating system is one in which some, or all, of the operating system file systems, are read-only, and cannot be changed.

      Immutable operating systems have a lot of advantages. They are inherently more secure, because many attacks and exploits depend on writing or changing files. Also, even if an exploit is found, bad actors cannot change the operating system on disk (which in itself will thwart attacks that depend on writing to the filesystem), so a reboot will clear any memory-resident malware and recover back to a non-exploited state.

      Immutable systems are also easier to manage and update: the operating system images are not patched or updated but replaced atomically (in one operation that is guaranteed to fully complete or fully fail — no partial upgrades!) Immutable systems also can claim to be more stable than traditional operating systems, simply by virtue of eliminating many of the vectors that introduce instability into a system — most of which are human. No sysadmins can “just change this one setting to fix things” — with unforeseen impacts that aren’t found until hours later. (I’ve been that sysadmin.) No partially complete terraform or puppet runs that leave systems in odd states…

      On the workstation side, there are approaches to immutable OSes such as rpm-ostree. This attempts to create immutability and image-based deployments in the operating system, but layers a flexible file system architecture on top, so that packages can still be managed and updated by RPM.

      On the server side, there is a spectrum of immutability amongst container-specific operating systems. All support image-based OS updates, and no package manager at all. Some operating systems such as Flatcar Linux make /usr read-only, but allow common runtime modifications such as dynamically loading kernel modules, and overriding systemd configurations.

    • Audiocasts/Shows

    • Kernel Space

      • Web Pro NewsAsahi Linux Shows the M1's Greatest Limitation May Be macOS

        An alpha of Asahi Linux has been released for Apple’s M1, and the reviews are showing the potential it has, and the problems Apple has with macOS.

        The Asahi Linux Project has been working to port Linux to the M1 chip. Asahi is based off of the Arm version of Arch Linux. The team has been working without any assistance from Apple, adding to both the challenge and reward of releasing a working Alpha.

        Most impressive of all, however, is that Asahi is already proving to be much faster than macOS on the same hardware, in some cases as much as twice as fast, according to Lifewire.

      • Asahi Linux is reverse-engineering support for Apple Silicon, including M1 Ultra | Ars Technica

        Apple Silicon Macs have gotten mostly glowing reviews on Ars and elsewhere for their speed, power efficiency, and the technical achievement they represent—the chips are scaled-up phone processors that can perform as well or better than comparable Intel chips while using less power.

        But the move away from x86 hardware has also made the Mac a bit less useful for those who want to run multiple operating systems on their Macs. While you can run ARM versions of Linux and (with caveats and without official support) Windows within virtual machines on Apple Silicon Macs, running alternate operating systems directly on top of the hardware isn't something Apple supports. Apple doesn't distribute drivers for other operating systems, and moving away from x86 CPUs and widely supported Intel and AMD GPUs makes it harder for other developers to step in and provide those drivers.

      • Tom's HardwareAsahi Linux Is The First Linux Distro To Support Apple Silicon | Tom's Hardware

        Asahi Linux for Apple Silicon has launched for the public. It is the first Linux distribution to offer native support for Apple M1 chips. As this is an alpha release, please be aware of the likelihood of easy to stumble upon bugs and some significant missing features. However, this critical milestone now made, “things will move even more quickly going forward,” promises the Asahi Linux development team.

        Asahi isn’t just a beer. It is the Japanese word for ‘morning sun,’ so it is quite an apt name for a pioneering Linux distribution for M1-powered Apple Macs. “We’re really excited to finally take this step and start bringing Linux on Apple Silicon to everyone,” wrote the development team in a blog post. Importantly, installing Asahi Linux on your Mac doesn’t require a jailbroken device. In addition, it won’t affect the security level of your macOS install, so Mac features like FileVault, running iOS apps, and watching Netflix in 4K can continue.

      • Asahi is the first Linux distro to support Apple M1 processors | KitGuru

        The Apple M1 series of processors are still relatively new, limiting new Macs to Apple’s own operating system. That is starting to change this year, with Asahi revealing itself as the first Linux distro to work on M1-powered devices.

        Currently, Asahi Linux for M1 Macs is still in alpha, so the current version is aimed at developers and power users. With that in mind, there will likely be bugs present. Fortunately, installing Asahi will not affect the macOS data, so you can revert if you need to and you don’t need to jailbreak the Mac beforehand either.

    • Applications

      • Make Use OfTaking Screenshots on Linux Compared: 7 Different Desktops

        Each Linux desktop environment comes with its own screenshot utility. Many have similar features, but that doesn't make them equally usable. Whose looks the best? Which is the most powerful?

        Since this is open-source software, some desktop environments reuse the same screenshot tool. Here is a look at what the screenshot experience is like across many of the most popular Linux desktops.

    • Instructionals/Technical

      • HowTo ForgeHow to Install OpenLDAP on Debian 11
      • Linux Made SimpleHow to install Audacity 3.1.3 on a Chromebook

        Today we are looking at how to install Audacity 3.1.3 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

        This tutorial will only work on Chromebooks with an Intel or AMD CPU (with Linux Apps Support) and not those with an ARM64 architecture CPU.

      • ByteXDLinux Directory Structure and Filesystem Hierarchy - ByteXD

        If you are new to Linux, and just started using it, you might have heard some terms like var, root, bin, etc and many others. Today we will talk about these terms and try to clear your confusion.

        var, root, bin, etc are actually different directories on your Linux distribution. The directory structure in Linux is quite different from the directory structure in Windows. In Windows, we see that most of the programs are being installed in a directory named Program Files and system files are in system32.

        In Linux, the file hierarchy is totally different. There is a “Filesystem Hierarchy Standard (FHS)” maintained by Linux foundation that defines the structure and the content of directories in all UNIX based systems. Because of maintaining this standard, almost all the Linux distros have the same directory structure.

      • ByteXDHow to Install Docker Compose on RHEL 8 (AlmaLinux/Rocky Linux/CentOS) - ByteXD

        Docker Compose is a useful tool for running multi-containers Docker applications. Using Docker Compose, we can configure the application’s services in a YAML file that helps you to create and start all services from the defined configurations. It allows different users to launch, run, communicate and close containers using a just single coordinated command.

      • VituxHow to Install Snipe-IT Asset Management Tool on Ubuntu 22.04 – VITUX

        In order to track the ownership, deployment process, and details of all servers, a powerful IT asset manager is required. This can be achieved by installing and using Snipe-IT, an open-source IT asset management tool.

        In this article, we will discuss the installation of Snipe-IT on an Ubuntu 22.04 server.

      • Ubuntu HandbookHow to Install Kernel 5.13 in Ubuntu 18.04 from the 20.04 Repository | UbuntuHandbook

        For those sticking to the old Ubuntu 18.04, but need higher Linux kernel version for specific hardware support, here’s how to install the Linux Kernel 5.13 from Ubuntu 20.04 repository.

        NOTE: Ubuntu 20.04’s kernel package does install and seems running good in Ubuntu 18.04. But I’m not sure if it will cause compatibility issues. Install it ONLY that you do require it, and use it at your own risk!!

      • ID RootHow To Install Drupal on Fedora 35 - idroot

        In this tutorial, we will show you how to install Drupal on Fedora 35. For those of you who didn’t know, Drupal is an open-source, flexible, highly scalable, and secure Content Management System (CMS) that allows users to easily build and create websites. It is written in PHP programming language and uses MySQL/MariaDB as a backend database. Drupal is available with thousands of add-ons, which makes it highly customizable.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you through the step-by-step installation of the Drupal content management system (cms) on a Fedora 35.

      • Trend OceansEnable/Disable Auto Update & Upgrade in Unattended Upgrades on Ubuntu - TREND OCEANS

        Unattended Upgrades software helps us auto-update and upgrade system packages in the background without user interaction to keep up to date with the latest features and security patches.

        This feature can be a handful to secure your system with the latest security issues, even ubuntu providing it out of the box with its latest iso.

        Unexpected background updates can be irritating for regular Linux users. At the time of background update, if you try to install any package or attempt to execute the apt command, you will get a similar error as shown below.

      • Configure SSSD for LDAP Authentication on Ubuntu 22.04 - kifarunix.com

        This guide will take you through how to install and configure SSSD for LDAP authentication on Ubuntu 22.04. SSSD (System Security Services Daemon) is a system service to access remote directories and authentication mechanisms such as an LDAP directory, an Identity Management (IdM) or Active Directory (AD) domain, or a Kerberos realm.

    • Games

      • Boiling Steam1700 Games On The Steam Deck, with Valkyria Chronicles 4 as Verified - Boiling Steam

        There are now more than 1700 games working on the Steam Deck – (1703 at the time of writing) in two categories as usual:

        Steam Deck Verified: 912 titles Steam Deck Playable: 791 titles Total: 1703 titles

      • Boiling SteamThe Publisher with the Best Steam Deck Support - Boiling Steam

        So tracking the number of games over time making it on the Steam Deck is fun and all, but let’s check this time what’s the situation with publishers when it comes to Steam Deck Support: namely which publisher has the most games Steam Deck Verified at this stage?

        And the answer is…

      • GamingOnLinuxLooks like Valve are adding a feedback system for Steam Deck Verified (update: it's live) | GamingOnLinux

        UPDATE: shortly after, Valve officially announced this new system and it's live now. Valve confirmed they can already grab data on things like crashes but this new opt-in system is to gather more info on the "overall experience". They also said the "data collected by this system won't directly change the Deck compatibility category for a title". So they're not crowdsourcing the compatibility process but checking to see if their process is working well or not.

      • GamingOnLinuxWine 7.5 is out now with initial OCSP protocol support | GamingOnLinux

        Wine is the compatibility layer that allows you to run games and applications developed for Windows - on Linux (plus also macOS and BSD). A new development release is out with Wine 7.5. It's a major part of what makes up Steam Play Proton and enables a ton of games to work on the Steam Deck. Once a year or so, a new stable release is made.

      • PhoronixWine 7.5 Released With HLSL Compiler Support For Bundled VKD3D - Phoronix

        Wine 7.5 is out as the latest bi-weekly software update for enjoying Windows games and applications under Linux, macOS, and other platforms.

        Wine 7.5 continues the recent trend of converting more components to portable executable (PE) format, with this release bring Wine's ALSA driver now converted.

      • WineHQ - Wine Announcement - The Wine development release 7.5 is now available.

        The Wine development release 7.5 is now available.

        What's new in this release: - ALSA driver converted to PE. - Locale database generated from Unicode CLDR. - HLSL compiler support with the bundled vkd3d. - Initial support for the OCSP protocol. - More cleanups to support 'long' type. - Various bug fixes.

        The source is available from the following locations:

        https://dl.winehq.org/wine/source/7.x/wine-7.5.tar.xz http://mirrors.ibiblio.org/wine/source/7.x/wine-7.5.tar.xz

        Binary packages for various distributions will be available from:

        https://www.winehq.org/download

        You will find documentation on https://www.winehq.org/documentation

        You can also get the current source directly from the git repository. Check https://www.winehq.org/git for details.

        Wine is available thanks to the work of many people. See the file AUTHORS in the distribution for the complete list.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Kate & KWrite on Qt 6 - Kate

          Given the great work others did already on the Qt 6 porting of KDE Frameworks, let’s take a look at Kate & KWrite on Qt 6.

          With only minor patches, both applications now run on the current master state of KDE Frameworks and Qt 6.2.

          Close to all functionality is available, I think the only stripped out part is the hot new stuff upload for snippets and I didn’t test the Konsole part.

      • GNOME Desktop/GTK

    • Distributions

      • New Releases

        • CNX SoftwareLakka 4.0 game emulator released with LibreELEC 10.0.2 and RetroArch 1.10.1
          Lakka 4.0 is the latest release of the game emulator based on LibreELEC 10.0.2 and RetroArch 1.10.1 frontend GUI for LibRetro game emulators cores. While Lakka was initially designed for Raspberry Pi boards in a way similar to RetroPie, it also works just fine on many other Arm platforms and PCs.

          Main changes to Lakka 4.0 compared to version 3.7...

        • 9to5LinuxParrot 5.0 Security OS Released with Linux Kernel 5.16, New Hacking Tools, and LTS Support

          Based on the Debian GNU/Linux 11 “Bullseye” (Stable) operating system series and powered by Linux kernel 5.16, Parrot 5.0 is here almost a year after Parrot 4.11 with a new LTS (Long-Term Support) release model, a new architect edition, an experimental Raspberry Pi edition, as well as a plethora of new tools for ethical hackers and penetration testers.

          Meet Parrot Architect Edition, a minimalist ISO image of Parrot OS that only features an installer to let expert users fully customize their installations.

        • Parrot 5.0 Security OS Released
          The ParrotSec team (The company behind Parrot OS) made an announcement regarding the availability of Parrot 5.0 security OS. Parrot 5.0 is powered by Linux Kernel 5.16 and is based on the Debian GNU/Linux 11 “Bullseye”. Parrot 5.0 introduces a new Long Term Support release model.

        • EasyOS Dunfell-series 3.4.4

          EasyOS was created in 2017, derived from Quirky Linux, which in turn was derived from Puppy Linux in 2013. Easy is built in woofQ, which takes as input binary packages from any distribution, and uses them on top of the unique EasyOS infrastructure.

          Throughout 2020, the official release for x86_64 PCs was the Buster-series, built with Debian 10.x Buster DEBs.

          EasyOS has also been built with packages compiled from source, using a fork of OpenEmbedded (OE). Currently, the Dunfell release of OE has been used, to compile two sets of binary packages, for x86_64 and aarch64.

          The latter have been used to build EasyOS for the Raspberry Pi4, and first official release, 2.6.1, was in January 2021.

          The page that you are reading now has the release notes for EasyOS Dunfell-series on x86_64 PCs, also debuting in 2021.

          Ongoing development is now focused on the x86_64 Dunfell-series. The last version in the x86_64 Buster-series is 2.6.2, on June 29, 2021, and that is likely to be the end of that series. Releases for the Pi4 Dunfell-series are still planned but very intermittent. The version number is for EasyOS itself, independent of the target hardware; that is, the infrastructure, support-glue, system scripts and system management and configuration applications.

          The latest version is becoming mature, though Easy is an experimental distribution and some parts are under development and are still considered as beta-quality. However, you will find this distro to be a very pleasant surprise, or so we hope.

        • Barry KaulerEasyOS version 3.4.4 released
        • Barry KaulerOE and woofQ project tarballs used for Easy 3.4.4
      • SUSE/OpenSUSE

        • openSUSE Tumbleweed – Review of the week 2022/12

          Once again we were able to demonstrate the power of OBS and openQA by allowing the GNOME maintainers to bring the shiny new GNOME 42 into a snapshot ‘the day it is published upstream’. GNOME 42 was released on March 23, 2022, and snapshot 20220323 already contains it. But of course, this is not all that happened during the last week. After all, we had a total of 6 snapshots published (0318…0323).

      • Arch Family

      • IBM/Red Hat/Fedora

        • Red Hat OfficialIt’s Red Hat’s 29th birthday!

          Red Hat was founded on March 26, 1993—29 years ago this month, and just over a year after Linux was first unleashed upon the world.

          So much has changed since then. Open source grew from being a little known and largely misunderstood engineering model to being one of the driving forces in modern software development. Linux evolved from a niche passion project for a handful of developers to being one of the most important technologies enabling the internet, artificial intelligence, space exploration, and more.

          But today, we invite you to go back to the beginning and revisit some stories from Red Hat’s early days.

          In December 2021, Bob Young—founder and CEO of Lulu.com and co-founder of Red Hat—returned to chat with Chief Architect Adam Clater about the early history of open source software and building what would become the largest open source software company in the world.

        • Red Hat OfficialThe next release of Red Hat Satellite: Same great features, new version number

          Red Hat will release the next version of Red Hat Satellite as Satellite 6.11, rather than 7.0 as previously announced. Our next release is still full of enhancements, but as we got closer to completing the release we determined this release did not warrant a major version increment.

          Red Hat Satellite versions are used mainly to distinguish releases. Generally speaking, Satellite follows a scheme of Major.Minor.Patch version numbers.

        • IBM DeveloperIntroducing StockTrader [Ed: IBM has outsourced to Microsoft's proprietary software prison again]

          The IBM Stock Trader application is a simple stock trading sample, where you can create various stock portfolios and add shares of stock to each for a commission. It keeps track of each portfolio’s total value and its loyalty level, notifying you of changes in level, which affect the commission charged per transaction. It also lets you submit feedback on the application, which can result in earning free (zero commission) trades, based on the tone of the feedback. (Tone is determined by calling the Watson Tone Analyzer, which will be covered in a future article).

          The sample is intended to showcase what one might expect after performing a lift-and-shift of a traditional monolithic, on-premises application to one that has been refactored as Docker(container)-based microservices running within a modern Kubernetes-based environment. It deliberately shows off how to use the traditional Java EE programming models, such as JDBC and JMS, to access traditional system-of-record resources, such as a relational database or a message queueing infrastructure. Note that while the application usually uses IBM Db2 and MQ, it also works great with open source technologies, like Apache Derby as the relational database, and with the JMS server built into Open Liberty, an open-source cloud-native Java runtime.

        • FedoraFriday's Fedora Facts: 2022-12 – Fedora Community Blog

          Here’s your weekly Fedora report. Read what happened this week and what’s coming up. Your contributions are welcome (see the end of the post)!

        • IBM DeveloperLearn best practices for debugging and error handling in an enterprise-grade blockchain application [Ed: IBM still trying to ride this hype wave from 2-4 years ago]

          Blockchain is a shared, replicated immutable ledger for recording transactions, tracking assets, and building trust. An asset can be tangible (for example, a house or a car) or intangible (for example, intellectual property or patents). Blockchain is built on properties like consensus, provenance, immutability, finality.

          In a traditional business scenario, a transaction that involves multiple organizations is recorded differently by each business. If two organizations disagree on the state of a transaction, then a dispute occurs, which can often be costly and time consuming to resolve. Blockchain introduces the following concepts:

      • Devuan Family

        • MakeTech EasierWhat is Devuan Linux and How to Install It - Make Tech Easier

          Devuan is a Linux distribution that aims to provide a simpler alternative to Debian. Since 2014, the developers of Debian have started to move towards larger and larger frameworks to manage the operating system. Debian’s adoption of the SystemD initialization system (init system) created a ripple effect among its community which prompted the creation of Devuan.

          [...]

          The init system is an integral part of a Linux distribution. It is the first program that the kernel runs after starting up. Aside from that, the init system also manages all the other programs that will run after it.

      • Canonical/Ubuntu Family

        • OMG Ubuntu’Ubuntu Pro’ Settings Pulled from Ubuntu 22.04

          This is a minor change that won’t affect a great many people as, thus far, it was only something those testing the latest daily builds of the upcoming release will have had access to.

          But I felt I should mention it “publicly” since I did make a bit of a hoo-hah about the (overly persistent) Ubuntu Pro notification that appeared every time you logged in.

        • UbuntuUbuntu Blog: The Evolution of the Smart Home: Current Trends [Part 2]

          The smart home industry continues to grow year after year. Devices made available only recently, such as smart speakers, are now ubiquitous. New houses often come with smart features built-in such as smart locks and thermostats. Doorbell cameras have become de rigueur in many neighbourhoods. Despite the innovation, investment, and growth in the space, smart homes have never quite lived up to their promise.

          [...]

          An open question in the smart home space is what will become of the smart home hub. Some smart home systems today run entirely on WiFi, which has no need for a dedicated hub other than a home’s WiFi router. Using WiFi only typically precludes battery powered devices, however, because WiFi requires a lot of electrical power to operate. Bluetooth uses less energy, but typically has too short of a range to be used for most smart home devices.

          Existing wireless standards like Z-Wave or Thread are low-power protocols with longer range than WiFi, but they require a dedicated hub to function. That hub also needs an internet connection to connect to any backend services associated with the smart home. This adds cost and clutter to smart home solutions compared to systems that work with a pre-existing router.

          There are a few wireless protocols that have gained some adoption recently which try to solve the hub issue as well. LTE Cat-M and NB-IoT both aim to connect IoT devices to cellular networks, while keeping power consumption low enough to allow for long battery life. Additionally, LoRa radios can give many kilometres of range, and several companies have set out to create their own networks based on this new protocol.

        • UbuntuUbuntu Blog: Inclusive Language and its Future at Canonical

          If you follow Canonical’s code and documentation, you may have noticed that we’re slowly changing some common computing terms. You might wonder what has caused these changes. You might ask why Canonical is putting in the effort to make this more inclusive language stick.

        • Ubuntu-MM: Meet ya Linux Foolish Guys

          Internet access, Electronic power, Mental and Physical issues …. all about is because of Military Coup.

          Sometimes feeling guilty, we are selfish ?

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Content Management Systems (CMS)

        • Get Creative with the All-New Pattern Creator

          It’s been less than a year since the WordPress Pattern Directory was launched, and we already have more exciting news to share. The Pattern Creator is live! You can now build, edit, and submit your best block patterns to the Pattern Directory—submissions are open to all with a WordPress.org user account!

      • Programming/Development

        • Perl/Raku

          • PerlPerl Weekly Challenge 157: Pythagorean Means and Brazilian Number

            These are some answers to the Week 157 of the Perl Weekly Challenge organized by Mohammad S. Anwar.

            Spoiler Alert: This weekly challenge deadline is due in a couple of days from now (on March 27, 2022 at 24:00). This blog post offers some solutions to this challenge, please don’t read on if you intend to complete the challenge on your own.

  • Leftovers

    • Where to live?

      For me, this is really important as I hate being in car. It makes me sick, dizzy and angry to be in a car. Car trips ruins my day.

      [...]

      As we work remotely most of the time, we started to ask the question : should we move somewhere else? I’m a water-loving guy and I dream everyday of living near the ocean.

    • TediumQuantel Paintbox History: The Stylus That Revolutionized Television

      For a few years in the early 2000s, I worked for a public-access television station. Part of my job included adding graphics, text, station DOG/bug—the little station logo/ID that typically appears in the lower right corner of a program—to both live and recorded programs. While we used more modern (for the time) software, I’ve always been fascinated by on-screen graphics—especially from the 1970s and ’80s. But there’s one piece of graphics tech I’ve always been interested in exploring. In today’s Tedium, we’re getting a little bit graphic with a look at the Quantel Paintbox.

    • Hardware

    • Integrity/Availability

      • Proprietary

        • ProtocolMicrosoft whistleblower claims he was fired for exposing corruption

          In June 2019, former Microsoft Senior Director Yasser Elabd traveled to Washington, D.C., to meet with members of the Securities and Exchange Commission, the Federal Bureau of Investigation and the U.S. Attorney General’s office to discuss his allegations that Microsoft was ignoring bribery at subsidiaries in the Middle East and Africa.

          The meetings lasted nearly the entire day. Federal agents asked Elabd questions for hours. Elabd’s attorney told him that it was one of the first times they had witnessed the AG’s office send a representative to a whistleblower meeting like his.

          But more than a year later, the SEC still hadn’t made a decision about Elabd’s allegations. The agency kept promising him that the team in charge of his case would make a decision soon about whether they would bring charges against Microsoft. Finally, at the beginning of March 2022, the case agent in charge of Elabd’s whistleblowing report told his lawyer that the SEC was closing the case because it didn’t have the resources to conduct interviews and find documentation abroad during the coronavirus pandemic.

          So Elabd decided to try a different route to share what he knows. Today he published an essay on the whistleblowing website Lioness that accuses Microsoft of firing him after two decades with the company because he asked questions about what he saw as bribery within the contracting services Microsoft uses to sell software to government and public bodies in countries in the Middle East and Africa.

          “We are committed to doing business in a responsible way and always encourage anyone to report anything they see that may violate the law, our policies, or our ethical standards. We believe we’ve previously investigated these allegations, which are many years old, and addressed them. We cooperated with government agencies to resolve any concerns," Becky Lenaburg, Microsoft's vice president & deputy general counsel for compliance and ethics, wrote to Protocol.

        • Microsoft is using illegal bribes in the Middle East and Africa. Why is the SEC turning a blind eye?

          I was recruited by Microsoft in 1998, and I helped bring the company’s products throughout the Middle East and Africa for the next 20 years. I was successful and received many promotions. But eventually, I noticed something strange: many employees younger than me, in lower positions, were driving luxury cars and purchasing homes sometimes worth millions of dollars. For my part, I could not afford to buy a home, let alone anything else luxurious, despite my career success. I wondered, naively, whether these colleagues had families with money—but if so, why would they be working on a Microsoft sales team?

          I put the thought out of mind as Microsoft’s business in the Middle East and Africa boomed. I established contracts in the public sector in Ghana, Nigeria, Zimbabwe, Qatar, Egypt, Ethiopia, Kenya, and many other countries. I sold licensing and solutions to Saudi Arabia’s Ministry of Health, Ministry of the Interior, and National Guard. The Sub-Saharan Africa team I built generated $1 million in 2002; a year later, our revenue was over $15 million. This is, of course, a tiny amount compared to the $4 billion Microsoft now banks in the region, with its near monopoly.

          To accomplish this kind of growth in such a short time, Microsoft has long utilized a network of partners known as Licensing Solution Partners, who are authorized to engage with large public customers because they possess certain technical and business competencies. Together with these partners, Microsoft brings e-health solutions to hospitals and GPS and digitized services (such as online tax payments) to government agencies. The partner then takes a share of Microsoft’s licensing sales revenue, usually 10–15 percent.

          One way Microsoft closes deals using these partners is to create a business investment fund to pay for training or pilot projects that could cement longer-term deals. As the director of public sector and emerging markets for the Middle East and Africa, I had oversight of the requests for these funds.

          In 2016, a request came through in the amount of $40,000 to accelerate closing a deal in one African country. When I looked through the submission, I immediately knew something was wrong. The customer did not appear in Microsoft’s internal database of potential clients. On top of that, the partner in the deal was underqualified for the project’s outlined scope, and he wasn’t even supposed to be doing business with Microsoft: he had been terminated four months earlier for poor performance on the sales team, and corporate policy prohibits former employees from working as partners for six months from their departure without special approval.

          I brought these issues up with the Microsoft services architect who wrote the request, asking why she didn’t take the work in this case to our very capable in-house team, Microsoft Services. She said our in-house daily rate is very expensive, and she needed a less expensive team to handle the pilot.

          Still suspicious, I escalated the issue to my manager, and then to the human resources and legal departments. I took the business investment fund very seriously, and wondered why we would be giving money to a partner who could not achieve the desired results. The legal and HR teams put a stop to the $40,000 spend, but to my surprise, did not look deeper into the Microsoft employees who were orchestrating the fake deal.

        • Adjusting for Monterey: Fullscreen is a Bust

          Last week I posted that I was adjusting my workflow to use MacOS Native Fullscreen. Well, that was a bad idea. I ran into too many problems making it just not worthwhile.

        • Apple plans to offer the iPhone as as Disservice (iaaD), ensuring you never own even the hardware.

          Apple plans to offer the iPhone as as Disservice (iaaD), ensuring you never own even the hardware.

          Dave Ramsey offers simplistic financial advice to “consumers”, but his advice on “extended warranties” is dead on. People should refuse to buy “extended warranties”.

          They’re essentially a way to pay a “service company” that you may not actually get to honor any claims, or worse, the manufacturer itself, a portion of the device’s cost, in order to get a “service plan”.

          The reason I say paying the manufacturer is worse is because it essentially tells the manufacturer that it’s fine to produce junk that breaks a lot, and even if you are buying it through the store, it signals to the store that it’s fine to carry products that are unreliable because they’ll only make more money when customers bet against the reliability of the device they are there to purchase.

          Ramsey advises not to buy them because devices tend not to break down within the extended service period, and by the time one thing you buy has a problem, you’ll have paid for so many plans that you’ll be out more money than had you declined all of the plans, and have to fix one thing yourself out of the money that you saved by turning down the plans. And that’s _if_ you can get anyone to honor the plans. Half the time, they come up with some total bullshit reason why they don’t have to, or never even respond to your claim.

        • Windows CentralRecent Windows updates create thorny situation for Windows 7 recovery discs
        • Pseudo-Open Source

        • Security

          • The New StackNSA on How to Harden Kubernetes – The New Stack

            The National Security Agency (NSA) has issued guidelines on how to make Kubernetes environments more secure.

          • LWNSecurity updates for Friday [LWN.net]

            Security updates have been issued by Debian (tiff), Fedora (nicotine+ and openvpn), openSUSE (bind, libarchive, python3, and slirp4netns), Oracle (cyrus-sasl, httpd, httpd:2.4, and openssl), Red Hat (httpd and httpd:2.4), Scientific Linux (httpd), SUSE (bind, libarchive, python3, and slirp4netns), and Ubuntu (firefox).

          • Honda Civics vulnerable to remote unlock, start hack
          • CISACISA Adds 66 Known Exploited Vulnerabilities to Catalog | CISA

            CISA has added 66 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

          • Fileless Malware on Linux: Anatomy of an Attack [Ed: Peddling Microsoft talking point under the name "Linux security"]
          • Istio / Support for Istio 1.11 has ended

            As previously announced, support for Istio 1.11 has now officially ended.

            At this point we will no longer back-port fixes for security issues and critical bugs to 1.11, so we heartily encourage you to upgrade to the latest version of Istio (1.13.2) if you haven’t already.

          • Bleeping ComputerEmergency Google Chrome update fixes zero-day used in attacks

            Google has released Chrome 99.0.4844.84 for Windows, Mac, and Linux users to address a high-severity zero-day bug exploited in the wild.

            "Google is aware that an exploit for CVE-2022-1096 exists in the wild," the browser vendor said in a security advisory published on Friday.

          • Bleeping ComputerPublic Redis exploit used by malware gang to grow botnet

            The Muhstik malware gang is now actively targeting and exploiting a Lua sandbox escape vulnerability in Redis after a proof-of-concept exploit was publicly released.

            The vulnerability is tracked as CVE-2022-0543 and was discovered in February 2022, affecting both Debian and Ubuntu Linux distributions.



Recent Techrights' Posts

Who Asked Software in the Public Interest (SPI) for a Refund? ($100,000, Resulting in Losses of $267,201 in 12 Months, Highest-Ever Losses)
The IRS does not reveal who or what's tied to this refund (or the cause/reason)
"Cloud Computing" Was Always a Joke, But This Week Was the Punchline
Maybe stop following tech trends and fashions
 
Slopwatch: Google News is Promoting Fake 'Articles' About Fake Xubuntu, Fake Articles About Replacing Windows With GNU/Linux
The quality of the Web deteriorates and unless someone cleans up the mess, real sites will lose an incentive to produce anything
When "AI Layoffs" Mean Layoffs Due to the "AI" Bubble Popping
many people that are laid off by Microsoft claim to be specialists in "AI"
Mysterious grant forfeited, $100,000 from Software in the Public Interest accounts 2023
Reprinted with permission from Daniel Pocock
Evidence: bullying, student union behaviour: Armijn Hemel's FSFE resignation
Reprinted with permission from Daniel Pocock
Evidence: psychological abuse, stalking, Galia Mancheva, Susanne Eiswirt ignored by FSFE judgment for Matthias Kirschner
Reprinted with permission from Daniel Pocock
Helping FSFE scam victims and conference organisers
Reprinted with permission from Daniel Pocock
Nigerian fraud in FSFE constitution
Reprinted with permission from Daniel Pocock
Worrying and Amusing Stories of "Clown Computing" Gone Awry
Many of these disasters could be avoided
Some Large German Media Covers Richard Stallman's Talks in Germany Earlier This Week
LLM-based chatbots are just "bullshit generators" (as he has long called them)
Links 22/10/2025: Amazon Plans to Replace Workers With Robotics, AWS and Clown Computing in General Ridiculed
Links for the day
Gemini Links 22/10/2025: Niri Completely Changes Multitasking and Overview of Diff-ers
Links for the day
Links 22/10/2025: Study on Misinformation by Slop and Heavily Debt-Sabbled Microsoft OpenAI (ClosedSlop) Uses "Browser" as Gimmick/Distraction
Links for the day
They've Already Spent Close to a Million Dollars on Lawyers and Sent Us About 50 KG of Legal Papers (Sponsored by Mysterious Third Party) to Try to Censor Techrights, Without Success
They try to overcompensate with sheer volume for a lack of solid, clear arguments (we are the victims here)
Trouble in Red Hat/IBM and a Retreat to Ponzi Economics in Search of Wall Street Market Heist
Would you invest your life savings in this kind of crap?
12 Months Ago the 'Hulk Hogan of UEFI' Officially Went 'Tag-Team'
We're actually sort of flattered or proud that such despicable people are so desperate to censor us
"Cloud Computing" Does Not Mean Safety
Fault tolerance is related to the notion of software freedom
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, October 21, 2025
IRC logs for Tuesday, October 21, 2025
The Fall of Windows: From Something to Nothing
Of course Microsoft will pretend everything is fine and "just trust the hey hi" (AI)
Sounds Like Fedora is Ready to Become Less of a Slave of Microsoft (GitHub)
This seems like a belated move in a positive direction
XBox is a Dead Microsoft Product in a Dying Industry
It's probable that another wave of XBox layoffs is just over the horizon (maybe even before month's end)
Progress on Techrights Site Search
Fun times
IBM's Bluewashing of Red Hat Means the Layoffs Are Silent, Barely Reported
Don't wait to hear about "Red Hat layoffs"
Gemini Links 21/10/2025: Happy Disconnection, AWS Falling Apart, Closing of Gemlog Blue
Links for the day
Full Audio of Today's Richard Stallman Talk in the Technical University of Munich
Free/Libre software and freedom in the digital society
Microsoft XBox is Just Vapourware (Promises of Hardware That Doesn't Exist), Real Products Perish
just as developers lose interest in developing for XBox Microsoft is increasing the costs imposed upon them
Slopwatch: Fake Articles (Slop) in "Linux" Clothing in Google News (Noise)
all about what Google does
Links 21/10/2025: Even "Inventor of Vibe Coding" Rejects Vibe Coding, USPTO Experiments With Slop in Examination
Links for the day
Richard Stallman Talk Now Available for Viewing (Archived Copy, Not Live-streamed)
This recording is over 2 hours old
Links 21/10/2025: AWS-Induced Chaos and Social Control Media Curbs
Links for the day
Gemini Links 21/10/2025: Programming, StarGrid, Brand-New Palm OS Strategy Game in 2025, and Chatbot as Addiction Mechanisms
Links for the day
The African Lion and the American Cowards
Safaris exist for people to watch and enjoy animals
Amazon Web Shenanigans Perfectly Timed for Today's Talk by Richard Stallman
Maybe listen to him instead of looking for excuses to ridicule the messenger
Mission:Libre Has Taken Off (Project by Carmen Maris)
there will be a lot more to report on next month (after the event)
Techrights to Publish More EPO Leaks Next Week
We're meanwhile also doing lots of work on search, whose interface now looks better
Links 21/10/2025: 'The Lost Art' of Neon Signs and Twitter (X) to Enable Identity Theft (or Handle Theft) as a Service
Links for the day
Plagiarism With LLM Slop: Hindustan Times (HT Digital Streams Limited) Has Become a Slop Factory/Hub
What a disgrace
A radical proposal to keep your personal data safe, by Richard Stallman
"The surveillance imposed on us today is worse than in the Soviet Union. We need laws to stop this data being collected in the first place"
Next Week We Launch Search at Techrights
We're planning to launch it some time next week. Maybe Tuesday, maybe Thursday.
Talk by Richard Stallman Will be Live-streamed in Less Than 10 Hours
Happy hacking
"No Kings" in the Software World (GAFAM Should Not Exist, Either)
"No Kings" is a good slogan. Let's start by ridding ourselves of masters, not only those who reside in DC or visit DC
Every Morning
Bugs/edge cases combined with automation can spell disaster
Insane, Deliberately Dishonest, or Just Another Bigot?
very intellectually-dishonest human being
A Lot of Techrights is Built on Perl
Perl also runs the sister site
The Register MS Selling Slop for Microsoft (Vapourware, Ponzi Scheme, False Claims)
What will be left of The Register MS if it keeps repeating falsehoods and looking to profit from Ponzi schemes?
analytics.usa.gov Says Less Than 14% of Web Requests (to Government Sites) Come From Vista 11
Vista 11 was released more than 4 years ago!
People Who Attempt to Take Down Correct Information Need a Doctor a Day
“Journalism is printing something that someone does not want printed. Everything else is public relations.” ― George Orwell
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, October 20, 2025
IRC logs for Monday, October 20, 2025
Vista 11 is Sinking While Microsoft is PIPing (Mass Layoffs But Silent Layoffs)
We're witnessing a shift in platform dominance
Richard Stallman is Having a Good Week Already (Stallman Was Right About 'Clown Computing')
That alone is worth bringing up in his talk
An Update About Soylent News, With Jan Rinok "Back in the Saddle"
Burnout or "near burnout" a possibility when having to curate abuse
When Prominent GNU/Linux Distros Are Run by Spies
What has Microsoft Canonical become?
More Publishers and Companies Nowadays Say "GNU/Linux", Not "Linux"
It's not to see InstallAware saying GNU/Linux this week
Google News is Now Promoting a Parasitic Slopfarm Called "findarticles.com", Where Plagiarism of "Linux" Articles is Rampant
Does Google even care about the slop epidemic? Google itself is a vendor of slop now (and it calls it "Gemini")
Gemini Links 20/10/2025: Pumpkin Carving, "Hey Hi", and Other Buzzwords
Links for the day
Slopwatch: Google News Promoting Fear, Uncertainty, Doubt (FUD)
What is the value of Google News if so many results in it are fake 'articles?
Rejecting 'Snoop-Phones' and Turning "Old" Phones (or Tablets) Into Freedom-Respecting Appliances
Paul Fernhout (pdfernhout.net) wrote back to Akira Urushibatathis this past weekend
Our Uptime This Year Was Better Than AWS (Also a Lot Cheaper)
We never used "the cloud"
Amazon Web Shenanigans
An ongoing, experimental endeavour
Death of Elias Diem: FSFE mailing list archives hidden
Reprinted with permission from Daniel Pocock
Links 20/10/2025: Louvre Museum Reveals Weakness, About 7 Million Protest US Turning Into Oligarchy/Monarchy
Links for the day
They Should Have Listened to Techrights Over a Month Earlier (Xubuntu Site Compromised)
we reported this issue about 40 days earlier and nobody did anything about it
Richard Stallman to Give Another Talk Today in Bavaria (Bavarian Academy of Science)
Tomorrow at 6 PM he speaks in Munich
Apple is the Company of Dictators and Worse
Apple is just another greedy corporation in search of sweatshops and even pedophiles (especially the high-profile ones)
Counting Unhatched Eggs Is Not Counting Chickens
Everything here will persist as normal
Barry Kauler Explains That Puppy Linux and EasyOS Exclude Systemd to Keep Things Simple
Barry Kauler's Puppy Linux is in the community's hands. He now focuses on EasyOS and more.
The "Infinite Bread"
The biblical story of Jesus feeding the 5,000 has software parallels
Half a Year After Brian Fagioli Got Kicked Out of BetaNews for Slop He's Still Doing LLM Slop and Slop Images Targeting 'Linux' (Plagiarising Original Works)
If the Web gets polluted or flooded by slopfarms such as these, and Slashdot then sends traffic so these slopfarms (Slashdot probably doesn't do this intentionally), then real writers with real knowledge of GNU/Linux will lose the spark for publishing
In Many Cases and in Many Different Ways, Technology Became Less Durable and Less Reliable Over Time
The "modern" things are more complex. And complexity is a foe or reliability and repair-ability.
Microsoft's LinkedIn is Losing Money, Traffic, and Hope; Now It Wants to Sell Its Users' Lifeblood (and Data)
Let this be a reminder of what social control media really is about
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, October 19, 2025
IRC logs for Sunday, October 19, 2025
Campaign of FUD Against Framework Laptops and GNU/Linux (Using Microsoft's Attack on Linux, 'Secure Boot')
Ritual Defamation Cult has turned its attention over to Framework
Microsoft Lunduke: Freedom of Speech Means Spreading What I Have to Say and Banning People I Disagree With
4Chan is one he aims for and he is siccing 4Chan trolls at people he doesn't like
Liberation From 'The Feed'
They rank things based on the editor's choice/ideology (he or she knows the sponsors, hence the masters)
Microsoft's Killing of Vista 10 Seems to Have Resulted in More Articles About GNU/Linux (But Also FUD)
We not only saw a rise in traffic, we also saw a remarkable rise in the number of articles