04.03.22

Gemini version available ♊︎

Links 03/04/2022: Cassidy James Leaves elementary OS, Ruby 3.2.0 Preview 1 Released, and Claws Mail 3.19.0/4.1.0 Now Out

Posted in News Roundup at 12:10 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Audiocasts/Shows

      • Tux Digital192: Fedora 36, Ubuntu 22.04, Deepin, Rolling Rhino Remix, Parrot OS and more Linux news!

        On this episode of This Week in Linux: Fedora Linux 36 Beta, Ubuntu 22.04 LTS Beta, Rolling Rhino Remix (Ubuntu Derivative), Google Chrome 100, Lutris 0.5.10, Parrot OS 5.0, openSUSE’s New D-Installer, GParted 1.4, Deepin 20.5, Linux Support for Wacom Pens & Tablets, Drawing 1.0 and KNotch of KDE Plasma. All that and much more on Your Weekly Source for Linux GNews!

    • Applications

      • 9to5LinuxClaws Mail 4.1 Adds Text Zooming in the Message View, Many Other New Features

        Coming almost ten months after the major Claws Mail 4.0 release, which added OAuth2 support for IMAP, POP, and SMTP accounts using custom, user-generated client IDs, the Claws Mail 4.1 release is here to add more improvements to the storage implementation of OAuth2 refresh tokens.

      • Claws Mail 3.19.0 and 4.1.0 unleashed
        Claws Mail is a GTK+ based, user-friendly, lightweight, and fast
        email client.
        
        New in this release:
        ~~~~~~~~~~~~~~~~~~~~
        
        * Text zooming in the Message View is now possible, using CTRL+mouse
          wheel up/down, CRTL+touchpad two-fingered vertical swiping, or
          the Message View's right-click menu.
        
        * GtkColorChooser is now used in the Spell Checking preferences,
          Colour Label preferences, and the folder Properties pages.
        
        * 'Default From:' has been added to the Compose page of the folder
          Properties. This allows setting an email address which will
          override the Account's email address.
        
        * An option has been added to the 'General' page of the folder
          Properties, 'Skip folder when searching for unread or new
          messages', so that the folder can be skipped when using Go To
          next/previous unread/new message.
        
        * 'By Sender' has been added to '/Tools/Create filtering rule/...'
          and '/Tools/Create processing rule/...'
        
        * The option 'Run processing rules before marking all messages in a
          folder as read or unread' has been added to
          '/Configuration/Preferences/Display/Summaries'.
        
        * It is now possible to add a toolbar button to 'Run folder
          processing rules'.
        
        * The Actions configuration list now has 'Top' and 'Bottom' buttons.
        
        * In '/Tools/List URLs' it is now possible to CTRL+c or right-click
          a list item and 'Copy URL'; copying multiple selections is also
          possible.
          Phishing URLs are now indicated in red by default. This uses the
          colour defined in the hidden preference, log_error_color.
        
        * The method of handling Tags has been improved.
        
        * When using the separate Message View the Enter key will open the
          currently selected message in the Message List. So, for example,
          if you delete the current message, pressing Enter will open the
          next message without having to leave the separate Message View.
        
        * The quicksearch type-ahead keypress delay is now customizable
          using a hidden preference ("qs_press_timeout").
        
        * Improvements to the storage of OAuth2 refresh tokens.
        
        * A "View all" button has been added to the Themes preferences page
          in order to preview all icons of a theme.
        
        * The term 'master passphrase' has been replaced in the UI with
          'primary passphrase'.
        
        * The label 'SSL/TLS' has been replaced with 'TLS' in the UI.
        
        * chmod 0600 is set on log files, history files, saved parts, etc.
        
        * "Keyword Warner" plugin has been added. This shows a warning when
          sending or queueing a message and a reference to one or more
          user-defined keywords are found in the message text.
        
        * Adding a new RSSyl feed or subscribing to a Webcal will
          automatically suggest using any suitable URI found on the
          clipboard.
        
        * The user manuals have been updated.
        
        * Updated translations: Brazilian Portuguese, British English,
          Catalan, Czech, French, Indonesian, Polish, Romanian, Russian,
          Slovak, Spanish, Turkish.
        
        * bug fixes:
        	o bug 4312, 'litehtml plugin loops (hangup)'
        	o bug 4346, 'Error: Certificate is for invalid2.invalid, but
        		     connection is to imap.gmail.com'
        	o bug 4442, 'vcalendar segfault if in invitation email and
        		     switch to another folder'
        	o bug 4495, 'Improve text strings for OAuth2'
        	o bug 4496, 'Fancy crashes when opening an email'
        	o bug 4511, 'Uses deprecated ghostscript operator'
        	o bug 4513, 'msg window too small in 3 column layout'
        	o bug 4517, 'Thread safety issues in signature checking code'
        	o bug 4524, 'Problems exiting/closing Claws Mail'
        	o bug 4534, 'Address book causing claws to terminate
        		     unexpectedly'
        	o bug 4535, 'Setting msgview_date_format=1 does not work'
        	o bug 4536, 'Tab for address selects second entry'
        	o bug 4556, 'Filesize in kilobytes versus kibibytes'
        	o bug 4577, 'Fancy plugin with GTK3 seems to ignore content
        		     encoding'
        	o when using 'hide_timezone' use UTC when generating
        	  MessageID
        	o non-translation of some button labels
        	o the initial position of the (X-)Face image
        	o return receipts from accounts without a name
        	o folderview pixmaps not being updated after icon theme
        	  change until restart
        	o spell checker underlining when black is chosen
        	o text on various buttons
        	o scrolling in a message's attachments bar (scrolling left or
        	  right were scrolling down).
        	o scrolling not working when GTK smooth scroll is set
        	o scroll to next/prev page in pdf_viewer
        	o build error with -Werror=format-security
        	o invalid crypto engine (gpgme_op_verify failed)
        	o vCalendar tooltip in Day View showed the wrong month.
        	o View Log button
        	o when closing Compose window dialogue requesting choice from
        	  user is not shown and some options are lost in drafted copy
        	o weird logic with the 'Edit filter action' dialog
        	o resource leaks; memory corruption
        
        For further details of the numbered bugs and RFEs listed above
        see https://www.claws-mail.org/bug/[BUG NUMBER]
        
        ---------------------------------------------------------------------
        See ChangeLog for full information regarding changes in this release.
        	
        
    • Instructionals/Technical

      • HowTo ForgeHow to Install BoxBilling on Debian 11
      • IT Pro PortalHow to remote desktop into Ubuntu

        Ubuntu is the world’s most popular Linux distribution thanks to its extensive app store and robust hardware support. Whether you use it as your main operating system or you primarily use Windows, being able to remote desktop into Ubuntu from time-to-time is super useful.

        Thankfully, Ubuntu has great built-in support for remote desktops, so you can easily use some of the best remote desktop software, specifically the best remote desktop for Linux, to remotely access your Linux computer.

      • CSOWhat is SSL? How SSL certificates enable encrypted communication

        SSL and its descendent, TLS, are protocols that encrypt internet traffic, making secure internet communication and ecommerce possible.

      • World Wide Web: Definition, history and facts | Live Science

        Before the invention of the World Wide Web (WWW), the earliest internet users were mainly researchers and military personnel. The network was complicated and, although it was possible to share files and messages, the interface was not user-friendly.

        In 1993, a researcher at CERN called Tim Berners-Lee started building a layer on top of the internet to make it easier to access, according to the World Wide Web Foundation.

        Berners-Lee’s idea was to make information available as pages, written in a shared language called Hypertext Markup Language (HTML). This eventually became the World Wide Web, which is the platform used by billions of internet users around the world.

      • CNX SoftwareAdd WiFi HaLow to Raspberry Pi with ALFA Network AHPI7292S HAT – CNX Software

        ALFA Network AHPI7292S is a Raspberry Pi HAT with WiFi HaLow (802.11ah) offering low power connectivity, up to one kilometer line-of-sight range, and that’s mostly useful for security cameras, but it can also be used to extend the range of the network for other purposes.

        The Newracom NRC7292 expansion board adds to be few WiFi HaLow hardware we’ve seen in the past year including an M.2 card, a WiFi HaLow development board, and a gateway kit to extend the range of IP cameras.

      • Linux CapableHow to Upgrade to Pop!_OS 22.04 LTS & GNOME 42

        Pop!_OS 22.04 LTS, the next in the line of Long Term Releases for Pop!_OS based on Ubuntu LTS releases, is finally here and available for Pop!_OS users to upgrade to. The release has seen the Pop team focus more on building their resources and moving away from Launchpad PPA’s to their repositories with better packaging systems, and hybrid graphics support, and much more. Currently, the Pop!_OS Roadmap lists quite a lot of information regarding the features and what is planned.

        In the following tutorial, you will learn how to upgrade to Pop!_22.04 LTS based on Ubuntu 22.04 LTS Jammy Jellyfish using the command line terminal. The tutorial can be used for all current Pop!_OS versions, which include 20.04 LTS and minor versions.

        Note, Pop!_OS 22.04 LTS is in beta mode at the time of the tutorial; following the developments and contributing if you find any bugs on the Github project page.

      • Linux CapableHow to Install OpenJDK 17 on Ubuntu 22.04 LTS

        Java is a general-purpose, class-based, object-oriented multipurpose programming language that is popular due to the design of having lesser implementation dependencies, meaning that the compiled Java code can be run on all platforms that support Java without the need for recompilation. Java is also fast, secure, and reliable, therefore. It is widely used for developing Java applications in laptops, data centers, game consoles, scientific supercomputers, cell phones, etc.

        The tutorial will look at installing the OpenJDK version instead of the default Oracle JDK. The difference between these two is licensing. OpenJDK is an entirely free, open-source Java with a GNU General Public License, and Oracle JDK requires a commercial license under the Oracle Binary Code License Agreement. Other differences are release schedules and other factors that come into play; however, performance is the same.

      • Linux CapableHow to Install Plex Media Server on Ubuntu 22.04 LTS

        Plex Media Server is software to store all your digital media content and access it via a client application such as your TV, NVIDIA Shield, Roku, Mobile App, and many more platforms. Plex Media Server organizes your files and content into categories. It’s extremely popular with people storing TV Shows and Movie Libraries, and if your connection is good enough, share it with your friends and family. Over time Plex Media Server has grown much and now supports many platforms.

        In the following tutorial, you will learn how to install Plex Media Server on Ubuntu 22.04 LTS Jammy Jellyfish by securely importing the GPG key and official Plex repository and some tips on basic sets and creating a reverse proxy with Nginx.

      • Using a dynamic libvirt inventory with Ansible – Just another Linux geek
      • Arco LinuxHow to install the Xanmod kernel | ArcoLinux
      • OMG UbuntuHow to Upgrade to Ubuntu 22.04 from an Earlier Version – OMG! Ubuntu!

        Do you want to upgrade to Ubuntu 22.04 from an earlier version? Well, in this post I show you how — and spoiler alert: it’s really not that difficult!

      • ID RootHow To Install Apache Subversion on Debian 11 – idroot

        In this tutorial, we will show you how to install Apache Subversion on Debian 11 (Bullseye), as well as some extra requirements by Apache

      • How to Embed a Video in WordPress Blog Posts? [The Ultimate Guide]

        Videos can hook the audience instantly, and featuring videos can be a great way for your website to reach more people. This is why we have come up with the ultimate guide to how to embed a video in WordPress blog posts.

      • Make Use OfHow to Write an ISO Image File to USB Flash With Etcher

        If you need to install an operating system from USB or flash storage, you first need to copy the ISO image file to the media.

        But simply copying the old-fashioned way isn’t enough. You need the ISO file to be bootable, and for that, you need dedicated ISO file writing software.

        While operating systems have the feature built in, it is difficult to use. That’s where Etcher from Balena comes in. This guide will show you how to write an ISO file to USB with Etcher, whatever operating system you use.

        [...]

        Developed by Balena, Etcher is available free for macOS, Windows (installed and portable), and Linux (32-bit and 64-bit AppImage).

      • How to Delete a File on Linux – Linux Stans

        Learn how to delete a file in Linux with examples. Beginner-friendly, step-by-step, easy instructions showing you how to delete files on Linux.

      • Linux CapableHow to Install MusicBrainz Picard on Ubuntu 22.04 LTS

        MusicBrainz Picard is an open-source software application for identifying, tagging, and organizing digital audio recordings. Developed by the Metabrainz Foundation with backing from record companies like Sony Music Entertainment Japan Inc., it was created as part of a project called “MusicKB,” which aimed to build tools that would help people discover new music more easily through data analysis.

        In the following tutorial, you will learn how to install the latest version of MusicBrainz on Ubuntu 22.04 LTS Jammy Jellyfish using a recommended Launchpad PPA repository with optional stable or daily builds choose from to provide the most up-to-date version using the command line terminal.

      • Linux CapableHow to Install Videomass on Ubuntu 22.04 LTS

        Videomass is a tool designed to make it easy and fast for you, the user. The program’s interface allows users of all skill levels (even those with no experience)to quickly navigate various features found in most modern-day video editing programs like Final Cut Pro or Adobe Premiere Elements without any hassle whatsoever!

        Users can easily modify conversion profiles with Videomass to automate processes like transcoding or subtitles editing. The interface is designed for those who use custom FFmpeg settings and offers output files in different formats, such as MP4/H264 video containers; MKV container that supports Blu-ray discs’ playback capabilities – all this without losing quality.

        In the following tutorial, you will learn how to install the latest version of Videomass on Ubuntu 22.04 LTS Jammy Jellyfish using a recommended Launchpad PPA repository to provide the most up-to-date version using the command line terminal.

      • Linux CapableHow to Install Tasksel on Ubuntu 22.04 LTS

        With Tasksel, you can use a simple interface to configure your system for any task. This program is used during installation, but users also have access at any time through the Ubuntu package managers like Sudo or APT-GET. You might think that there are few differences between tasks available in this menu versus meta-packages since they both provide similar capabilities. However, some tasks will only work if installed with specific desktop environments (such as GNOME), while others depend on software installations outside of Canonical’s control.

        In the following tutorial, you will learn how to install Tasksel on Ubuntu 22.04 LTS Jammy Jellyfish using the command line terminal and bring up the task manager.

    • Games

      • Release: SteamOS 3.0 for PS4 (unofficial) – Wololo.net

        SteamOS 3.0 is a Linux distribution based on Arch Linux, mostly designed to play your Steam games on non PC machines. It is mostly open source with some proprietary components, meaning a port for exploited devices such as a Jailbroken PS4 is a possibility.

      • Reviewedsteam deck cloud gaming – Reviewed

        Valve’s Steam Deck will soon not only be a portable PC and emulator, but also a powerful cloud gaming device, thanks to Google Chrome and Microsoft Edge developers working on getting the two internet browsers compatible with the Deck’s Linux operating system. Some bugs are still getting worked out, so we’ll be adding updates to this article as time goes on—but here’s how you can game in the cloud with the Steam Deck now.

      • Ubuntu Pit5 Best Puzzle Games for Linux To Sharpen Your Intelligence

        When you are not in a mood to work but still have to be in front of your PC, some stress-releasing games sound amazing. Some of the puzzles games come with soothing and exciting puzzles that you can enjoy in your busy schedule for having a break. Even kids can enjoy such puzzle games to increase their cognitive and thinking power. However, getting an addictive puzzle game for Linux is not particularly an easy task. But we manage to make a list of puzzle games you can flawlessly enjoy on your Linux system.

    • Desktop Environments/WMs

      • 9to5LinuxXfce’s Apps Update for March 2022: New Releases of Orange, Xfdashboard, Xfce Terminal

        Probably the biggest release in March 2022 for Xfce users was the Orange 4.16, a major release that finally ports the Xfce calendar to GTK3 and also adds a new application icon, as well as numerous bug fixes. With this major release, the GlobalTime and Orage panel plugins have been deprecated and will be removed in a future release as their features will be integrated in existing Xfce components.

    • Distributions

      • Is this the End of the road for elementary OS?

        Cassidy James, the founder of elementary OS, has resigned from his role as per his recent note. Here’s our take on this topic with possible future.

      • Slackware Family

        • Eric HameleersLibreoffice 7.3.2, Ungoogled-Chromium 100 | Alien Pastures

          The latest update for LibreOffice Community Edition, version 7.3.2 was released last week, fixing over 80 bugs (see changelogs for RC1 and RC2).

          My repository now contains a new set of libreoffice-7.3.2 packages for Slackware 15.0 and -current.

    • Devices/Embedded

      • EE TimesApex.AI Leverages ROS for Autonomous Driving

        Multiple segments of the automotive industry have embraced open-source software, especially Linux-based code, over the past decade. Here, we focus on an open framework called the robotic operating system (ROS). Apex.AI is leveraging ROS, adding new automotive capabilities.

        ROS has been around for more than a decade and is increasingly used by autonomous-vehicle (AV) developers. Apex.AI has greatly improved ROS for automotive applications. With its focus on the automotive industry and software-defined vehicles, the company is gaining support, making it a future player in AV development and a likely acquisition target.

      • Mobile Systems/Mobile Applications

        • ForbesWorried That Your Phone Is Spying On You? Try A Different OS

          If you search for Ubuntu Touch on Google, you still get a lot of results related to when the OS was developed by Canonical, the company that publishes and promotes Ubuntu. That was almost ten years ago. Since then, the job has been taken over by UBPorts, a non-profit foundation.

          The number of supported devices has grown: you can now run the OS on relatively recent devices such as the Google Pixel 3a, the Xiaomi Redmi Note 9 Pro, the One Plus 6T. Installation is quite fast: just enable USB debugging on your smartphone, unlock the bootloader, download the UBPorts installer from their website, plug your device in and follow instructions.

    • Free, Libre, and Open Source Software

      • OpenSource.comThe open source way with artist Jasmine Becket-Griffith of Strangeling.com

        Not to actually paint, but I rely a tremendous amount on open source content for research materials, museum databases for historic painting references, and other channels that have a similar concept driving them.

        In a way, I see the Strangeling Public Domain Project as an attempt at democratizing fine art and commercial image licensing as a sort of “Open Source Art Project.”

      • PostgreSQLPostgres London 2022

        The face-to-face event of the year, Postgres London 2022 gives community members the opportunity to get together in-person in Central London to share ideas and learn more about the world’s most advanced open-source database.

      • EIN PresswireZulip, Leading Open-Source Team Collaboration Tool Releases Server 5.0 – EIN Presswire

        Zulip today announced the release of Zulip Server 5.0, a major update that marks a release of the Zulip server and web applications.

      • Web Browsers

      • FSF

        • Lightning talk: Volunteering at the FSF

          A lightning talk is a five-minute presentation on any topic that you think would be interesting to a group of free software users, hackers, and activists. Anyone can give a lightning talk at LibrePlanet.

        • Lightning talk: Real world GNU/Linux story from Istanbul

          A lightning talk is a five-minute presentation on any topic that you think would be interesting to a group of free software users, hackers, and activists. Anyone can give a lightning talk at LibrePlanet.

      • Programming/Development

        • Qt 6.3 Promises Improved Wayland Support with Custom Shell Extensions [Dev update]

          In a recent blog post, the team highlighted some exciting technology upgrades coming up in the Qt 6.3 release.

        • Ruby 3.2.0 Preview 1 Released

          We are pleased to announce the release of Ruby 3.2.0-preview1. Ruby 3.2 adds many features and performance improvements.

        • Jussi PakkanenNibble Stew: Looking at building some parts of the Unreal engine with Meson

          Previously we have lookedbuilding the O3DE and Godot game engines with Meson. To keep with the trend let’s now look at building the Unreal engine. Unfortunately, as Unreal is not open source, I can’t give out any actual code. The license permits sharing snippets, though, so we’re going to have to make do with those.

          This post is just a very shallow look in the engine. It does not even attempt to be comprehensive, it just has a bunch of things that I noted along the way. You should especially note that I don’t make any claims of fitness or quality of the implementation. Any such implications are the result of your own imagination. I used the release branch, which seems to contain UE4.

        • Hardware

          • Is There A Better Hard Drive Metaphor

            Something that has struck me when I’ve been working with the search engine is how unfinished the metaphor for accessing physical disks is in most programming languages. It feels like an after-thought, half left to the operating system to figure out, a byzantine relic of the days when computers had tape drives and not SSDs.

            Reading and writing files is clunky and awkward no matter how you do it. Objects and classes are representations of bytes in memory, effortlessly integrated in the language. Why can’t they be representations of bytes on a disk? Between mmap and custom allocators, this seems extremely doable.

            It’s a jarring contrast to the rest of almost any programming language other than perhaps C. In fact, what you’ve got is effectively C, with all of its problems and more.

            In the rest of the languages, there may be some token effort toward reading files structured as streams of objects, but in general, you are stuck filling buffers with bytes. There is a marked lack of expressiveness in this type of programming.

          • Evil USB

            Last year for computers has died on me. Or rather, the USB-C card has died, which for a computer that charges with usb-c is the same as being dead.

  • Leftovers

    • Uncontaminated by the current cynicism

      During that time of *integrity*, it was still the ones that came from families with money who were regarded as la creme de la creme. In concentric circles moving away from the tantalising centre, were the athletes, then the academically successful. The amount of social interaction, another indicator of success, waned with distance from the centre, or existed because of that distance. Or were in balance.

    • Science

      • Lehigh and the U.S. Army Research Lab Announce $25 Million Cooperative Agreement to Develop Next-Generation Metallic Alloys [Ed: US colleges controlled by the Pentagon by financial means]

        Researchers from Lehigh and Ohio State will leverage the existing Presidential Nano/Human Interfaces (NHI) Initiative for an innovative collaboration on the development of two novel metallic alloys.

        Lehigh University, in partnership with The Ohio State University (Ohio State), has entered into a Cooperative Agreement with the U.S. Army Research Lab (ARL) to develop novel structural materials for high-strength applications. The agreement, effective Feb. 10, 2022, provides up to $25 million over five years.

      • I Answer Questions, Part II

        Another thing about electrons is that they’re not exactly sticky. As in they don’t stay where they are much. Send an electric charge through a string of atoms and electrons will hop from one atom to another. The same in case of ions and a number of other atom-to-atom interactions. How would antiprotons mix with ordinary matter in that case? Maybe we would end up with mostly hybrid atoms which have both electrons and antiprotons.

        Now let’s play with the whole annihilation thing. Yes, matter and antimatter are mutually exclusive. However we’re not talking about anti-atoms colliding with ordinary atoms! In this scenario antiprotons and ordinary protons are enemies that should never meet. One is confined to the nucleus while the other orbits. Assuming that electrons never enter the nucleus the same should apply to antiprotons in orbit. Remember that a full anti-atom interacting with a full atom could result in nuclei attempting to merge, much like ordinary atoms do to form new materials. That’s where we get a collision.

    • Hardware

    • Health/Nutrition/Agriculture

      • Latinx & dementia: The challenge of behavioural symptoms

        Dr Lynn Woods, Professor in the Department of Doctoral Programs, School of Nursing, Azusa Pacific University, provides further analysis of Latinx & dementia, including systems of healing & the challenge of behavioural symptoms

    • Integrity/Availability

      • Proprietary

        • ProtocolThe FTC says Intuit’s TurboTax free tax filing claim is deceptive

          The Federal Trade Commission accused Intuit of deceiving customers with misleading claims about free tax preparation services through TurboTax.

          The agency asked the U.S. District Court for the Northern District of California to order Intuit to stop “disseminating the deceptive claim that consumers can file their taxes for free using TurboTax when in truth” many consumers end up being charged a fee for the service.

        • Security

          • The Register UKUbiquiti sues Krebs on Security for defamation

            Network equipment maker Ubiquiti on Tuesday filed a lawsuit against infosec journalist Brian Krebs, alleging he defamed the company by falsely accusing the firm of covering up a cyber-attack.

            On March 30, 2021, Krebs reported that Ubiquiti had disclosed a January breach involving a third-party cloud provider, later revealed to be AWS, and that an unnamed source within the firm had claimed the company was downplaying a catastrophic compromise.

            On December 1, 2021, the US Department of Justice charged former Ubiquiti software engineer Nickolas Sharp, accusing him of attempting to steal data from the company and to extort $2 million from the firm in Bitcoin ransom as part of an effort to reduce the price of Ubiquiti shares. The DoJ said that after Ubiquiti refused Sharp’s payment demand, he tried to sink the company’s shares by publishing stolen files and engaging in a media campaign to plant damaging stories about the firm.

          • The Register UKZlib crash-an-app bug finally squashed, 17 years later

            The widely used Zlib data-compression library finally has a patch to close a vulnerability that could be exploited to crash applications and services — four years after the vulnerability was first discovered but effectively left unfixed.

            Google Project Zero bug hunter Tavis Ormandy alerted the Open-Source-Software-Security mailing list about the programming blunder, CVE-2018-25032, which he found while trying to pinpoint the cause of a compressor crash.

            “I reported it upstream, but it turns out the issue has been public since 2018, but the patch never made it into a release,” Ormandy wrote. “As far as I know, nobody ever assigned it a CVE.”

            Plus, when the issue was reported in April 2018 by Eideticom’s Danilo Ramos, it was already 13 years old — meaning this bug has been around, and awaiting potential exploit, for 17 years.

          • PR WebVault Vision announces expanded security capabilities with OpenID Foundation and FIDO Alliance partnerships

            Vault Vision, a leading technology provider of identity and authentication management solutions announced a partnership with OpenID Foundation and the FIDO alliance. Vault Vision’s new partnerships come at a time where 40 percent of American users have had their online data compromised, according to Google. The shift away from password-based authentication is accelerating with the total market for expected to reach $53.6 billion by 2030, a staggering increase from $15.6 billion in 2022, according to Statista.

          • Privacy/Surveillance

            • ProtocolRussian search engine Yandex reportedly routing iOS and Android user data to Russia

              User data collected by Russian search engine Yandex may be visible to the Russian government, according to a Financial Times report. Yandex’s software development kit, used by makers of iOS and Android apps, was found to harvest metadata that is sometimes routed through servers in Russia. Privacy watchdogs are concerned this metadata could be accessed by the Kremlin and used to track users.

              Games, location-sharing tools and messaging apps use Yandex’s SDK, as do many VPNs, seven of which the Financial Times reported are created specifically for Ukrainians. Hundreds of millions of users’ IP addresses, device and network data could be vulnerable, as the data is stored in centers both in Finland and Russia.

            • ProtocolMessaging apps may soon be forced to work together. It won’t be easy. [Ed: This would only increase the level of surveillance]

              Imagine needing to use a different email account for Gmail, Microsoft and Yahoo just to be able to send messages to the people who use Gmail, Microsoft or Yahoo. That would be annoying; email thankfully lets us use one service to get in touch with people on different services. But that’s an issue for messaging, and one the Digital Markets Act is trying to solve, specifically with “gatekeeper” companies like iMessage and WhatsApp. But making those apps play nicely isn’t simple.

            • Malay MailWith MySejahtera in the spotlight, experts say scrutiny definitely needed to ensure data properly utilised

              Following the Malaysian government’s plan for the continued usage of MySejahtera, personal data protection advocates and lawyers say there is nothing wrong with data collection.

            • Will Facial Recognition Technologies hasten our descent to a mass surveillance State? – TheLeaflet

              ON May 19, 2021, riding through the lanes of Shahran, Hyderabad, S.Q. Masood was heading home with his father-in-law when police officials stopped him. The pair was asked to step aside and remove their masks, despite being amidst the brutal second wave of the COVID-19 pandemic, so that the police officials could take their pictures. Masood refused to remove his mask but his picture was taken regardless. Many riders were pulled over for the same purpose of clicking their pictures. When asked why they were doing this, the police murmured amongst themselves and took a picture of his vehicle’s licence plate number, without answering him.

  • Finance

    • ProtocolSEC Charges Twilio Employees in $1 Million Insider Trading case – Protocol

      Three Twilio software engineers were charged with insider trading by the SEC on Monday. The employees, along with family and friends, allegedly made more than $1 million in profits by trading Twilio stock prior to the company’s earnings announcement in May 2020.

      According to the SEC, Hari Sure, Lokesh Lagudu and Chotu Pulagam wrote in a chat that Twilio’s stock price would “rise for sure,” after accessing company databases in the early days of the pandemic that showed increased use of Twilio’s products and services by customers.

      The SEC’s complaint alleges that based off this confidential knowledge Sure, Lagudu and Pulagam either tipped off or used the brokerage accounts of family and friends to trade Twilio stock and options ahead of the earnings announcement. Twilio reported a 57% jump in first-quarter revenue in May 2020, which far surpassed Wall Street estimates and caused the company’s stock to jump 25%.

    • Green Party Renews Calls for Green New Deal in State Budget

      Opposes Halt to Gas Tax or Criminal Justice Reform, Opposes Public Funds for Buffalo Sports Stadium

      The Green Party today said that the accelerating climate crisis calls for the state to enact the Green New Deal as part of this year’s state budget, with at least $30 billion devoted to the state building out renewables and enactment of an economic bill of rights including universal single payer health care, a guaranteed living wage job and income, universal child care, affordable housing and tuition-free public education from pre-K through college.

      Rather than halting the state’s taxes on gas, the Greens would provide a large rebate to low-and-middle income New Yorkers funded through a carbon tax (polluter penalty), and tax on the profits of gas and other fossil fuel companies.

      Transportation is one of the two largest sources of greenhouse gas emissions and emissions have continued to rise in New York from cars and vehicles over the decades. “What we are seeing at the gas pumps is price gouging and we need to halt it. We need to accelerate the move away from fossil fuel vehicles while also dramatically improving and expanding mass transit and safety for bicyclists and pedestrians,” added Mark Dunlea, co-chair of the EcoAction Committee of the Green Party of the United States.

  • AstroTurf/Lobbying/Politics

    • ProtocolMeta paid a GOP consulting firm to drag TikTok through the mud

      Meta is losing younger audiences to TikTok. In an effort to slow its rival in the social media war for young eyeballs and creators, the company paid a major Republican consulting firm to paint TikTok in a bad light, according to a report by The Washington Post.

      The social media behemoth enlisted Targeted Victory, a firm founded by the digital director of Mitt Romney’s 2012 presidential campaign, to create and run a nationwide campaign of op-eds and letters to the editor targeting TikTok as a threat to young people. Emails obtained by the Post show how the campaign has unfurled. Targeted Victory staffers worked to promote stories to regional news outlets about harmful trends that allegedly started on TikTok, when in fact they actually began on Facebook in some cases.

      The consulting outfit created a Google document called “Bad TikTok Clips,” which included links to local news stories citing TikTok as the center of several harmful trends. In one example, the firm pushed stories about a “devious licks” challenge that involved students vandalizing school property. Clips of that trend spread across several states, leading Sen. Richard Blumenthal to call for TikTok executives to testify. In reality, that trend originated on Facebook.

  • Internet Policy/Net Neutrality

    • Where does wiki spam come from?

      For a while now I’ve been handling wiki spam by reverting changes and banning the entire IP range where the spammer comes from, based on the assumption that almost all of these are commercial ISPs. That is, chances of blocking people are small (those would be residential blocks). Also, I’m lucky and all the spammers seem to be using IPv4 which makes it easy for me to reverse lookup their IP range. Now I want to confirm or deny my prejudice that Russia and Ukraine are the lead spammers (and no longer China).

  • Monopolies

    • AppleInsiderApple facing new $5.5 billion App Store antitrust lawsuit in the Netherlands

      The Dutch complaint claims that Apple’s 30% cut of app and in-app purchases on the App Store amounts to monopolistic behavior and forces developers to increase their prices.

      According to the Consumer Competition Claims Foundation, the potential harm could add up to nearly 5 billion euro, or about $5.5 billion.

    • Copyrights

      • BloombergWarhol-Prince Photo Case Brings Fair Use Fight to High Court

        The U.S. Supreme Court will review a ruling that an Andy Warhol print infringed a photo of Prince as it weighs non-software fair use for the first time in decades.

        The Andy Warhol Foundation told the high court that a U.S. Court of Appeals for the Second Circuit decision threatened “draconian consequences” for creations deriving inspiration from other works. The court held that use of Warhol’s stylized color print on the cover of Vanity Fair in 2016 infringed photographer Lynn Goldsmith’s 1981 photo of Prince.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. After Freenode's Demise It's OFTC That's Gaining in IRC, Not Libera.Chat

    IRC 12 months after the dust 'settled'



  2. Finland Turns 18

    This summer in Finland there seem to be changes



  3. Copyleft is Still Better and More Suitable for Business

    Copyleft does not mean one cannot make money; it just means proprietary software companies such as Microsoft stand to lose their dying empires, only to be replaced by new businesses that market and support GPL-licensed systems



  4. With New Data Just in (a Couple of Hours Ago), It Seems Clear Microsoft Windows Continues to Lose Market Share in July

    As shown above, Windows continues its demise; there’s also rapid erosion of Windows "market share" in Russia this year (“Russians [are] switching to Linux”) and sooner or later Windows will be just a quarter of the market (maybe by year’s end). Windows is at 10% in Turkey (down by a huge amount this year) and in Russia it’s down by about 5% since the war. In India GNU/Linux (“proper”, not ChromeOS) is up to nearly 5% of desktops/laptops.



  5. Links 02/07/2022: PSPP 1.6.2 Released, Linux Mint Rejects Parts of Systemd, Lots of Politics

    Links for the day



  6. Walking Like the Talking, Acting Like One's Preaching

    It has now been about 2 years since lock-downs in the world's Western nations were first loosened or lifted; we've thankfully taken advantage of all that commotion (persistent flux; we've not solved the underlying issues) to expand beyond and Web and become self-hosted wherever possible



  7. IRC Proceedings: Friday, July 01, 2022

    IRC logs for Friday, July 01, 2022



  8. EPO Steering Off the Road, Just Like the Drunken Son of António Campinos, Who Crashed the Car and Begged for Impunity

    With the EPO rapidly turning into a corrupt dynasty of rogue politicians, lawyers and bankers (not scientists) we must turn to constitutions and treaties that they knowingly violate with impunity



  9. Koch Operatives Working to Shape Patent Law in Favour of Monopolies and Oligarchs

    Patent systems are being hijacked by monopolists and plutocrats for their financial gain and protectionism; it's a longstanding issue because it begets constitutional violations (glossed over by bought or installed "Justices", which is another creeping threat, especially in light of recent developments in the US Supreme Court and patently, manifestly illegal actions by Team UPC)



  10. At the EPO, “Online” Means Microsoft Windows Only (“Unitary Patent” Also Limited to Microsoft Customers!)

    The EPO's "special" (corrupt) relationship with Microsoft is a major liability for Europe; does one need to adopt back doors and US surveillance to interact with the EPO?



  11. Microsoft GitHub Exposé — Part XXII — 'Mr. GitHub Copilot' Balabhadra (Alex) Graveley Pleads Guilty After Assaulting Women

    Balabhadra (Alex) Graveley from Microsoft GitHub (the man behind the GPL violation machine called “Copilot”) has “pled guilty to get deferred sentence”



  12. Links 01/07/2022: Russians Switching to GNU/Linux, New WINE Release

    Links for the day



  13. Links 01/07/2022: More Widespread Calls to Delete GitHub

    Links for the day



  14. [Meme] President Crybaby

    EPO President António Campinos, who constantly assaults the EPO’s staff, has portrayed himself as a poor victim of “hostile” staff (reversal of narratives)



  15. People Are Very Angry That Campinos Was Left in Positions of Power Without Any Competition and in Spite of Failing to Fulfill Essential Goals

    As predicted, people are infuriated by the decision of the Administrative Council to give Campinos several more years to destroy the EPO and its reputation (while moreover pushing a totally illegal and unconstitutional patent court system, which severely harms the image of the European Union)



  16. Microsoft Windows is a 'Burning Platform' (Both on the Server Side and the Client Side)

    'Burning platform' is a derogatory term from Microsoft's Elop; ironically, today's 'burning platform' is actually Windows, even if the corporate media isn't talking about that



  17. Links 01/07/2022: Nitrux 2.2.1 and Raspberry Pi Pico W Chatter

    Links for the day



  18. Links 01/07/2022: Wayland 1.21.0 and SteamOS 3.3 Beta

    Links for the day



  19. IRC Proceedings: Thursday, June 30, 2022

    IRC logs for Thursday, June 30, 2022



  20. [Meme] EPO Election (Auction)

    The corruption at the EPO did not end with Benoît Battistelli‘s departure; it’s still deepening



  21. Links 01/07/2022: Condres OS 1.0 and Microsoft Losing More Share in Web Servers

    Links for the day



  22. Published 10 Minutes Ago: IRCNow by Aaron Lin

    This talk was uploaded moments ago. “Of the users, by the users, for the users…”



  23. Links 30/06/2022: PostgreSQL 15 Beta 2

    Links for the day



  24. Links 30/06/2022: Pine64 Has RISC-V-Based Raspberry Pi Rival, Pico W Introduced

    Links for the day



  25. IRC Proceedings: Wednesday, June 29, 2022

    IRC logs for Wednesday, June 29, 2022



  26. It's 2022 and Installing Software in GNU/Linux Has Never Been Easier

    GNU/Linux is easy to use and extend; the above demonstrates how new software gets installed, removed, and updated in KDE Neon



  27. Sitting Down Less

    Avoiding long periods of sitting down is important for one's health, especially in sedentary lifestyles or jobs



  28. Microsoft Windows Market Share in Russia in 2022: Down From 55% to 50% in 5 Months

    As June ends (last day today) let’s examine the rapid demise of Windows in Russia, even before the exodus media speaks of this week (an ongoing story)



  29. European Patent Office is a Kakistocracy Illustrated

    Benoît Battistelli and António Campinos aren’t just a “dark era” for the EPO; they might in fact be the end of the EPO, having made corruption the “new normal” or “new ways of working”



  30. [Meme] EPO Rewarding Corruption Instead of Upholding the Law and Protecting the European Patent Convention (EPC)

    Wednesday proved that the EPO actively guards corruption and protects Team Battistelli from scrutiny; instead of standing for patent law the EPO under António Campinos stands for overt violations of the law; national delegates are fine with it as long as they’re personally rewarded for complicity


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts