I use the first for GNU/Linux, the second one for Windows, and a third one is still available for whatever use I might come up.
It comes with Debian running in a container, so when you use Linux on Chrome OS, that is what you are getting. That makes all the CLI stuff easy to do, so I already got Diohsc running on this and all the other utilities I need.
The removal of built-in support for the Docker Engine container runtime in the newest upcoming version of Kubernetes, the popular container-orchestration system, requires users to shift to an alternative runtime to stay up to date with future Kubernetes releases.
So this morning I'm looking into solutions for digital note-taking so that I can avoid running into issues like this again. So far I've decided I want to check out ObsidianMD and GitJournal. I'm leaning toward GitJournal for the sake of simplicity and self-hosting.
Installing Ubuntu is quite easy today using an USB stick. Here’s the step by step guide that shows the details about the installing process for those new to this operating system.
It is now widely known that Ubuntu 22.04 LTS (Jammy Jellyfish) ships Firefox as a snap, but some people (like me) may prefer installing it from .deb packages to retain control over upgrades or to keep extensions working.
Luckily there is still a PPA serving firefox (and thunderbird) debs at https://launchpad.net/~mozillateam/+archive/ubuntu/ppa maintained by the Mozilla Team. (Thank you!)
The long-awaited Ubuntu 22.04 LTS (Long Term Support) is finally out. We’ve been anticipating this one for a while, and it’s jam-packed with nifty new features. This Ubuntu version will be supported for five years until 2027. Ubuntu 22.04 has been dubbed the “Jammy Jellyfish.” “Jammy,” in this case, has been used as an adjective to describe something or someone fortunate.
In today’s post, we’ll go through all the new features of Ubuntu 22.04 LTS and show you how to upgrade your system with only a few commands.
The Docker Swarm container orchestration engine is a great way to take advantage of a cluster for your container deployments. Although it might not be nearly as popular as Kuberne
Unlike other screenshot tools, ksnip lets you annotate and edit your screenshots post-capture. Here's how to install and use it on Linux.
Recently, I have gotten a lot of comments from viewers that have tried various config files of mine, and my configs do not work on their computer. Why do my configs work for me but not for others?
In this tutorial, we will show you how to install Anaconda on Rocky Linux 8. For those of you who didn’t know, Anaconda is a free and open-source package manager for Python. It provides a large variety of packages and is designed for machine learning and data analysis/scientific projects. Anaconda is available in four editions namely individual (open source) edition, commercial edition, team edition, and enterprise edition. Anaconda individual edition is the world’s most popular Python distribution platform with over 20 million users worldwide.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of Anaconda on Rocky Linux. 8.
I have a special network need on Linux, I must have a single user going through specific VPN tunnel. This can't be done using a different metric for the VPN or by telling the program to bind on a specific interface.
I've been meaning to do something about this. When making a bookmark, it should definitely let you know if the URL has already been bookmarked... Maybe go straight to an Edit Bookmark dialog? Let's see.
 There are thousands of Linux commands so it’s impractical to provide a comprehensive list. Instead we focus on many of the commands you will need at some time or another.
Don’t be concerned by the sheer number of commands as you’ll probably only use a small number of commands on a regular basis.
To get help on a command type: man command_name which displays the documentation. We also recommend you use tldr, as it offers simplified documentation.
Given the number of commands we’ve split the commands into 6 pages.
Ubuntu 22.04 (Jammy Jellyfish) has officially been released. It’s the latest Ubuntu LTS release and it ships with numerous improvements and new applications such as PHP 8.1, Ruby 3.0, OpenSSL 3.0, Golang 1.18, GNOME 42, and improved support for Raspberry Pi to mention just a few. We already have a guide on how to install Ubuntu 22.04.
In case, you have Ubuntu 20.04 LTS and don’t feel like starting from scratch, you can easily upgrade to Ubuntu 22.04 using a few simple steps.
In this guide, we will demonstrate how you can upgrade Ubuntu 20.04 LTS (Focal Fossa) to Ubuntu 22.04 LTS (Jammy Jellyfish) step by step.
In this tutorial, we will show you how to install SSH Server on Ubuntu 22.04 LTS. For those of you who didn’t know, OpenSSH is the premier connectivity tool for remote login with the SSH protocol. It encrypts all traffic to eliminate eavesdropping, connection hijacking, and other attacks. SSH is not installed or enabled on your Ubuntu 22.04 LTS system by default.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the SSH Server on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 18.04, 16.04, and any other Debian-based distribution like Linux Mint.
Ansible is an open-source software provisioning, configuration management, and application-deployment tool enabling infrastructure as code.
MySQL is an open-source relational database management system. It’s one of the MariaDB is a community-developed, commercially supported fork of the MySQL relational database management system, intended to remain free and open-source software under the GNU General Public License.
Mariadb is commonly installed as part of the popular LAMP or LEMP (Linux, Apache/Nginx, MySQL/MariaDB, PHP/Python/Perl) stack.
SSH or known by its full name Secure Shell Protocol is a cryptographic network communication protocol that enables two computers to communicate securely over an unsecured network. SSH is highly used for remote login applications and command-line executables such as terminal applications.
For users wishing to connect to servers or other computers with SSH, the client and the remote connection need to both have SSH installed and enabled for this to be possible.
In the following tutorial, you will learn how to install and enable SSH on Ubuntu 22.04 LTS Jammy Jellyfish Desktop or Server and connect to a remote PC using the command line terminal.
ClamAV is an open-source and free antivirus software toolkit able to detect many types of malicious software, including viruses, trojans, malware, adware, rootkits, and other malicious threats. One of its primary uses of ClamAV is on mail servers as a server-side email virus scanner or used on file hosting servers to periodically scan to make sure files are clean, especially if the public can upload to the server.
ClamAV supports multiple file formats (documents, executables, or archives), utilizes multi-thread scanner features, and receives updates for its signature database daily to sometimes multiple times per day for the latest protection.
In the following tutorial, you will learn how to configure ClamAV on Ubuntu 22.04 LTS Jammy Jellyfish desktop or server and some basic scan commands using the command line terminal.
This guide will show you how to remove Firefox’s Snap and install Firefox as a regular application from a DEB file in Ubuntu 22.04 LTS.
As we informed you, long waited, Ubuntu 22.04 LTS ‘Jammy Jellyfish’ was released recently, packed with exciting new features to give a better user experience, performance, and speed. And as you know, Firefox is the default internet browser.
However, a decision by Canonical to provide Firefox preinstalled only as a Snap package has caused controversy among Linux users. So even if you want to uninstall it and use another browser like Google Chrome or Microsoft Edge, you’ll have to deal with it for a while.
 KDE Framework’s Prison library for displaying one-dimensional barcodes and two-dimensional matrix codes will also provide a component to scan those codes from a camera feed in its upcoming 5.94 release.
There are a few copies of code for scanning barcodes from a Qt Multimedia video feed using ZXing in apps like Kaidan or Qrca, as well in projects outside of KDE’s repositories. That’s usually a good indicator that this functionality belongs into a shared component or library.
A few days ago, I posted how you can change the containerized "www" desktop icon to run SeaMonkey instead of Firefox.
I had created a PET; however, ideally want to compile every package in OE. So, have done it for AWF.
Also, have created two menu entries, in the "Utility" menu, for 'awf-gtk2' and 'awf-gtk3'. Handy to have it in the menu I reckon, especially for users who might otherwise not know of its existence.
Roger looked at the PET and advised me of a problem with my fix, so I have fixed the fix, now bumped to 3.5.1.4.
The problem is that JWMDesk can change the default y-axis gap of the first row of icons at the top of the screen (32 pixels), and also change the default y-axis spacing between icons (96 pixels).
I fixed JWMDesk (I think), but this has lead to other issues in EasyOS, where those "32" and "96" pixels parameters are hard-coded.
A young, Raleigh-born emerging tech startup is hoping to lead the open-source revolution for what some technologists are calling the “next big thing”: Web3.
IBM has been accused of trying to avoid its legal discovery obligations in Kinney v. IBM, one of many age discrimination lawsuits that have been brought against the IT titan in the past few years.
In a motion [PDF] to compel discovery filed on February 28, 2022, attorneys for the current plaintiffs – who claim [PDF] IBM fired them as part of a company-wide effort to get rid of older workers – accuse Big Blue of trying to avoid providing relevant documents by insisting that layoffs were relevant to specific corporate groups and weren't part of a company-wide scheme.
IBM must pay five times more in compensation to a customer whose €£175 million ($230 million) Agile software platform contract was ripped up in 2017 following a series of failures on the project, the Court of Appeal in England has ruled.
The legal spat between Big Blue and the client, formerly known as CIS General Insurance Ltd (CISGIL), a subsidiary of Co-Op Group, pertained to a 2015 agreement to build software to manage the customer's insurance and underwriting operations.
The out-of-the-box platform provided was described by Co-Op CEO Mark Summerfield as "terrible." It was said to be unfit for purpose, and the project ultimately collapsed after payment to IBM was withheld. Co-Op was not blameless.
Canonical has finally pushed "go" on Ubuntu 22.04 LTS, making the Linux distribution generally available and a handy update for careful users still running 20.04 LTS.
Ubuntu's last Long Term Support (LTS) edition was 2020's Focal Fossa (20.04), which will stay on standard support until April 2025 and eventually shuffle past End of Life in April 2030. Two years on and Jammy Jellyfish has arrived, bringing with it plenty of visual improvements as well as tweaks under the hood.
Cosmetically, the default desktop wallpaper reflects the latest witty Ubuntu product name and the product's new logo is present and correct. However, those upgrading from 20.04 LTS will find a number of changes to the environment; as well as accent colors that are easier to set and inevitable dark mode enhancements, the arrival of GNOME 42 (and its screenshotting improvements) have made for a slicker, if not revolutionary, desktop appearance.
The head of Canonical, the company behind the Ubuntu Linux distribution, claims it recorded a profit of US$175 million (A$237.7 million) in 2021 and is likely to undertake an IPO in 2023.
Mark Shuttleworth was reported by the American website TechCrunch as saying, ahead of the release of the latest Ubuntu long-term support version, 22.04, codenamed Jammy Jellyfish, that the IPO plan was not being contemplated in order to raise money.
Ubuntu was started in 2004 and is based on Debian GNU/Linux, a community distribution.
Canonical has finally released the latest version of its popular Ubuntu Linux distribution, 22.04 LTS, dubbed "Jammy Jellyfish." The system includes some major changes, including a controversial one to how the Mozilla Firefox browser is packaged.
Ubuntu probably isn’t the most popular desktop Linux distribution at this point, but it’s still one of the top options for corporate use, and it serves as the technical foundation for projects like Linux Mint and Elementary OS. Ubuntu always has two major releases per year, and right on schedule, Ubuntu 22.04 LTS is now available.
Capable of running Android 12 or GNU/Linux distributions including Ubuntu, Debian, and Buildroot, Firefly positions the EC-I3588J as system that can be used as a general purpose ARM computer, an edge computing device, server, or video device, among other things.
Currently, Firefly sells the ROC-RK3588S-PC for US$219 with 4 GB of RAM and 32 GB of storage. Alternatively, the company is offering an 8 GB of RAM and 64 GB of storage configuration for US$299. However, the company has not confirmed how much 16 GB and 32 GB of RAM variants will cost, nor from when they will be available. All models should be compatible with plenty of operating systems, including Android 12.0, Debian 11 and Ubuntu Desktop, among others.
Elecrow recently approached me to test out their CrowPi2 educational laptop. I was really excited to check it out, as I am always interested in new and innovative educational technology products. In this article, I will give you my overall impressions of the CrowPi2 after using it for a while. I’ll also talk about some of the pros and cons of the product. So, without further ado, let’s get started.
You might remember Elecrow from our article about the Crowbits a little while ago, but this laptop is different. The CrowPi2 is a fully-functional Raspberry Pi laptop. It comes with its own built-in screen, keyboard, and trackpad. The CrowPi2 also has a number of ports that allow you to connect external devices, like a mouse or an HDMI cable. All of this makes the CrowPi2 a great option for use as a portable computer and not only as a toolkit for learning experiments.
Codasip, the leader in customizable RISC-V processor IP [sic], today announced it has appointed Jamie Broome as its new VP Automotive. Broome brings over 20 years of experience in semiconductors and complex IP, SoCs and the automotive supply chain, having recently led Imagination Technologies’ Automotive Business unit dealing with the entire industry, from manufacturers to tier 1 suppliers and ecosystem partners.
Samsung's IT services arm and other companies are said to be testing out a processor that sports more than 1,000 general-purpose RISC-V cores to deliver what the chip's designer claims is faster and more energy-efficient AI inference performance than power-hungry specialty silicon.
The chip designer, Esperanto Technologies, said Thursday Samsung SDS and other unnamed companies, which it only identified as "lead customers," are doing initial evaluations of the startup's ET-SoC-1 AI inference accelerator.
Tesla decided to create their ERP and ecommerce software from scratch internally. However, at that time open source solutions were much less mature than they are now that it wasn’t an existing option. Businesses now can instead utilize open source solutions to create the system they need.
After toiling hard for about four months, GNU Parted v3.5 is now available to the general public.
Brian C. Lane announced the latest stable release of the command line utility and backend for the GParted tool via an email.
GNU Parted v3.5 brings support for the Linux /home GUID with the linux-home flag. Furthermore, the release now supports empty strings for partition names whilst they are set in -script mode and adds the use of the swap partition flag to msdos disk labeled disks.
GNU Parallel 20220422 ('ÃâÃÆÃâ¡Ã°') has been released. It is available for download at: lbry://@GnuParallel:4 Quote of the month: Immensely useful which I am forever grateful that it exists. -- AlexDragusin@ycombinator New in this release: sash is no longer supported as shell. --retries 0 is an alias for --retries 2147483647. --shell-completion returns shell completion code. --ssh-login-file reloads every second. --parset is replaced with --_parset because it is only used internally. sem --pipe passes STDIN (standard input) to the command. Bug fixes and man page updates. Get the book: GNU Parallel 2018 http://www.lulu.com/shop/ole-tange/gnu-parallel-2018/paperback/product-23558902.html GNU Parallel - For people who live life in the parallel lane. If you like GNU Parallel record a video testimonial: Say who you are, what you use GNU Parallel for, how it helps you, and what you like most about it. Include a command that uses GNU Parallel if you feel like it.
The early licensing models for open source were authored from an ethical viewpoint focussed on creating and maintaining software freedoms. There are two not for profit organisations that are viewed as the reference point for the definition open source software, the Free Software Foundation and the Open Source Initiative .
Non-profit organizations often use third-party images, photos, videos, or software in their everyday operations. It is often beneficial to leverage such materials that are licensed under “open licenses” because they are free to use; however, it is important to understand the conditions and requirements of such open licenses prior to using the aforementioned materials in order to avoid potentially breaching the license. This article aims to shed some light on various open licenses and how to comply with their conditions.
Oracle's Java 18 development environment has hit the streets, with Big Red promising nine enhancements including the ability to add sample source code to API documentation.
Other new features include Simple Web Server (JEP 408) for prototyping and testing, two incubating modules, as well as the preview of Pattern Matching for switch (JEP 420).
Java 18 JDK (Java Development Kit) is set to be a short-term release, supported for six months until the next one appears every March and September. The most recent long-term support release is JDK 17, which came out last September, the previous being JDK 11 from 2018.
Perforce, a Minnesota-based maker of DevOps software, on Monday announced the acquisition of Puppet, an Oregon-based maker of configuration management tools, for an undisclosed sum.
Puppet had been planning to go public in 2021 and announced management additions to help that happen in November, 2020. Ending up within the embrace of Perforce looks like Plan B, though CEO Yvonne Wassenaar in a rambling blog post makes the detour sound as if it had always been the destination.
When I started at Puppet three years ago, I saw a company with a tremendous customer base, an active open source community, an incredible reputation, products that solved some of the hardest problems in the operations space, and a passionate team that had deep values and was purpose-driven, both of which are at my core as a leader.
My attempt to travel to the UK by train last year didn’t go quite as well as I expected. As I mentioned in that blog post, the NightJet to Brussels was cancelled, forcing me to fly instead. This disappointed me so much that I actually unpublished the blog post minutes after it was originally put online. The timing was nearly perfect: I type make publish and I get an email from ÃâBB saying they don’t know if my train is going to run. Of course it didn’t, as Deutsche Bahn workers went ahead with their strike. The blog post sat in the drafts for more than half a year until yesterday, when I finally updated and published it.
The reason I have finally published it is that I’m going to the UK by train once again. Now, unless railways decide to hold a strike again, fully by train both ways. Very expensive, especially compared to the price of Ryanair flights to my destination. Unfortunately, even though Eurostar added more daily services, they’re still not cheap, especially on a shorter notice. This seems to apply to the ÃâBB’s NightJet even more: I tried many routes between Vienna and London, and the cheapest still seemed to be the connection through Brussels.
One year ago today (April 19), an aircraft flew on a world beyond Earth for the first time ever.
That history-making vehicle is NASA's Ingenuity Mars helicopter, which landed inside the Red Planet's Jezero Crater with the life-hunting, sample-caching Perseverance rover on Feb. 18, 2021. Just over two months later, the 4-pound (1.8 kilograms) Ingenuity made its first foray into the Martian skies, hovering about 10 feet (3 meters) above the red dirt of a site named, appropriately enough, Wright Brothers Field.
A DOOR HAD SLAMMED SHUT for Thompson and Ritchie in March of 1969, when their employer, the American Telephone & Telegraph Co., withdrew from a collaborative project with the Massachusetts Institute of Technology and General Electric to create an interactive time-sharing system called Multics, which stood for “Multiplexed Information and Computing Service." Time-sharing, a technique that lets multiple people use a single computer simultaneously, had been invented only a decade earlier. Multics was to combine time-sharing with other technological advances of the era, allowing users to phone a computer from remote terminals and then read e-mail, edit documents, run calculations, and so forth. It was to be a great leap forward from the way computers were mostly being used, with people tediously preparing and submitting batch jobs on punch cards to be run one by one.
Somehow I feel a little guilty. Everyone who usually have the same taste in books as I have said that it's so great. It feels like I owe it to them, and the book, to read and enjoy it. I keep wondering if maybe the next chapter is the one that will hook me. I just can't really muster the interest to find out any more.
Taiwanese foundry giant TSMC can't make enough chips for its customers, but that isn't stopping the company from making bank on the silicon it can churn out.
The contract chip manufacturer, which counts Apple, Nvidia and AMD as major customers, reported on Thursday that its revenue in the first quarter grew 36 percent year-over-year to $17.6 billion. The company estimated sales will continue growing at similar rate next quarter.
Despite (and perhaps because) of ongoing shortages, the semiconductor industry posted $595 billion in revenue in 2021, an increase of 26.3 percent over 2020.
Intel has acquired private 5G network provider Ananki, several months after the startup spun out of the non-profit Open Networking Foundation to commercialize open-source network technologies.
SoftBank is said to be planning to keep a controlling stake in Arm after its public offering, rather than divesting itself of the chip design firm as had been thought. The move may indicate that SoftBank does not believe it would get the valuation it has been seeking for a full sale of Arm.
The planned initial public offering (IPO) for Arm was set to value the chip designer at up to $60 billion, but according to Bloomberg, owner SoftBank is now considering selling off a smaller portion of the business than originally planned so that it can retain a controlling interest in the company.
[...]
However, Buss warned that it could be difficult for Arm to pursue a completely independent market strategy while it still has one single owner that has majority control.
Last month, Korean chipmaker SK Hynix was reported to be considering forming a consortium with other interested parties in order to acquire Arm.
The consortium could have included Intel as CEO Pat Gelsinger previously had intimated the firm would be interested in participating in any such arrangement that emerged to take ownership of Arm.
The ZX Spectrum has turned 40. If you owned one at the time, that’ll make you feel old. But rather than mull over the nature of your own mortality, let’s celebrate a true UK classic – the finest invention to emerge from Sir Clive Sinclair’s brain.
Prepare yourself for a weekend of wobbly power connectors and Daley Thompson digit-mashing: tomorrow marks the 40th anniversary of the Sinclair ZX Spectrum.
The ZX Spectrum, released on April 23, 1982, was a follow-up to Sinclair's ZX81. Referred to as the ZX82 or ZX81 Colour during development, the final product arrived with either 16KB or 48KB of RAM (depending on pocket depth) and a case designed by Rick Dickinson, who had previously worked on the ZX81 wedge. Dickinson was also responsible for the ZX Spectrum's infamous rubber keyboard.
The US Department of Defense is to construct and try out the largest 3D-printed buildings in the Americas: three barracks in a Lone Star army base.
Scheduled to be built at Fort Bliss, El Paso, Texas, over the next 10 months, the three 3D-printed concrete barracks will each be more than 5,700 square feet (529.55 square meters) each, making them the largest 3D-printed structures yet built on the continent.
Synopsys is being investigated by the US government over concerns the biz may have flouted restrictions placed on the flow of American chip-making technologies to certain Chinese companies.
US outfits like Synopsys must obtain explicit permission from Uncle Sam before doing business with organizations placed on the Department of Commerce's Entity List.
Investigators are said to be probing Silicon Valley-based Synopsys, a top maker of chip design and simulation software, to see whether it has broken this rule.
As at least some parts of Shanghai enter their fourth week of lockdown, Chinese tech executives have highlighted how measures to prevent the spread of COVID-19 will affect supply chains and industry.
In a Weibo post late last week (which The Register has machine-translated), He Xiaopeng, CEO of electric car company Xpeng, wrote: "All OEMs in China may have to suspend production in May if Shanghai and surrounding supply chain companies cannot find a way to dynamically resume work and production."
I’ve currently got Covid, I believe I caught it on the 11th of April (my first flight since the pandemic started) with a runny nose on the 13th and a positive RAT on the evening of the 14th. I got an official PCR test on the 16th with a positive result returned on the 17th. I think I didn’t infect anyone else (yay)! Now I seem mostly OK but still have a lack of energy, sometimes I suddenly feel tired after 20 minutes of computer work.
The progression of the disease was very different to previous cold/flu diseases that I have had. What I expect is to start with a cough or runny nose, escalate with more of that, have a day or two of utter misery with congestion, joint pain, headache, etc, then have it suddenly decrease overnight. For Covid I had a runny nose for a couple of days which went away then I got congestion in my throat with serious coughing such that I became unable to speak. Then the coughing went away and I had a really bad headache for a day with almost no other symptoms. Then the headache went away and I was coughing a bit the next day. The symptoms seemed to be moving around my body.
An influential panel of experts says all kids ages eight to 18 should be screened regularly for anxiety. This draft recommendation by the United States Preventative Task Force comes at a time when mental health problems among kids have escalated and are overwhelming the health system.
The task force also recommends that kids 12 and older continue to be screened for depression, a recommendation that's been in place since 2016.
As your personal gateway to the internet, your web browser is the first line of defense against malicious websites. If your internet browser is not secure, viruses and spyware can infect your computer and damage your important data.
And while a good antivirus does help, it’s always better to prevent the entry of malware in the first place rather than try to fix the damage. But what exactly can you do about it? Is there any way to check your browser for any security vulnerabilities?
Checkmarx, a provider of a platform for testing application security, this week disclosed it has discovered a malicious instance of a PyPi repository for Python code that has been downloaded more than 70,000 times.
When employees began bringing shiny, new smartphones into the office in the late 2000s, many business and IT leaders spotted an opportunity. They recognized the productivity-boosting potential of mobile-connected workers, and – since almost everyone had their own smartphones – hoped this digital transformation would come at a big discount for the CFO.
A few days ago, PlayStation’s account on HackerOne displayed a new awarded bounty, once again to hacker extraordinaire TheFloW, and once again for one of the top amounts in that bounty program: $10’000. The news is doing the rounds on hacking scene websites.
It’s the second bounty awarded to TheFloW by PlayStation in less than 2 weeks, and for an amount that points to a critical security flow in either the PS4, the PS5, or both. Two weeks ago, the hacker had been awarded $20’000 for another vulnerability disclosure.
Hot patches made available by Amazon Web Services (AWS) in response to the recent Log4j vulnerabilities could be exploited for privilege escalation or to escape containers, according to Palo Alto Networks.
CVE-2022-1271 is a new vulnerability affecting gzip, a widely used open source component for archiving, compressing, and decompressing files.
If you have visited the Chrome Web Store recently, you may have noticed that many extensions show up with a featured and established publisher badge on the Store.
The ValueLicensing case against Microsoft is set to proceed in the UK after a judge dismissed the Windows vendor's jurisdictional challenge and strike-out application.
Microsoft had hoped to have its UK arm struck off from the claim and suggested that Ireland would be a better place for the claim to be heard, particularly if the company was successful in getting its UK offshoot removed.
Mr Justice Picken disagreed and dismissed Microsoft's challenges, meaning that the damages claim (and Microsoft's defense) will be heard in the High Court in England and Wales.
Google is issuing fixes for two vulnerabilities in its Chrome web browser, including one flaw that is already being exploited in the wild.
The emergency updates the company issued this week impact the almost three billion users of its Chrome browser as well as those using other Chromium-based browsers, such as Microsoft Edge, Brave and Vivaldi.
It is the third such emergency update Google has had to issue for Chrome this year.
"The cyber-criminal marketplace operated by Dekhtyarchuk promoted and facilitated the sale of compromised credentials, personally identifiable information (PII), and other sensitive financial information," FBI Houston Special Agent in Charge Jim Smith said in a statement. "Cyber-criminal actors behind these marketplaces go to great length to obfuscate their true identities and often utilize other sophisticated methods to further anonymize their activities."
Atlassian has published an account of what went wrong at the company to make the data of 400 customers vanish in a puff of cloudy vapor. And goodness, it makes for knuckle-chewing reading.
The restoration of customer data is still ongoing.
Atlassian CTO Sri Viswanath wrote that approximately 45 percent of those afflicted had had service restored but repeated the fortnight estimate it gave earlier this week for undoing the damage to the rest of the affected customers. As of the time of writing, the figure of customers with restored data had risen to 49 per cent.
Got a Lenovo laptop? You might need to do a swift bit of patching judging by the latest set of vulnerabilities uncovered by security researchers at ESET.
Three vulnerabilities were reported today: CVE-2021-3970, CVE-2021-3971, and CVE-2021-3972. The latter two are particularly embarrassing since they are related to UEFI firmware drivers used in the manufacturing process and can be used to disable SPI flash protections or the UEFI Secure Boot feature.
The four observed variants of the custom Pterodo malware – which also is known as Pteranodon – all use Visual Basic Script (VBS) droppers with similar functions. They drop a VBScripts file, use Scheduled Tasks (shtasks.exe) to ensure persistence, and download code from a C2 server.
Boffins from UC Berkeley, MIT, and the Institute for Advanced Study in the United States have devised techniques to implant undetectable backdoors in machine learning (ML) models.
Their work suggests ML models developed by third parties fundamentally cannot be trusted.
In a paper that's currently being reviewed – "Planting Undetectable Backdoors in Machine Learning Models" – Shafi Goldwasser, Michael Kim, Vinod Vaikuntanathan, and Or Zamir explain how a malicious individual creating a machine learning classifier – an algorithm that classifies data into categories (eg "spam" or "not spam") – can subvert the classifier in a way that's not evident.
Brave, the browser maker, and DuckDuckGo, the web search service, have both taken aim at AMP, Google's controversial web publishing framework.
Brave on Tuesday introduced a feature called De-AMP that lets those using the Brave browser avoid Google-hosted AMP pages and go straight to publisher content on standard web pages.
WH Smith told us: "We have also informed the relevant regulators and law enforcement authorities, and we will continue to review and update our protocols based on what we learn from this incident.
More entities are reporting in-the-wild zero-day exploitation, she wrote, adding that this is a "very rough measure." Along these same lines, more vendors are noticing exploited-in-the-wild zero-day flaws in their own products. Google, as an example, discovered seven of these in its own products last year and Microsoft discovered 10, Stone wrote.
The advisory refers to the vulnerability as CVE-2022-20695 and notes that if the flaw is successfully exploited, the attacker can gain administrator privileges. Cisco has bestowed the vulnerability with a severity rating of 10.0 out of 10.0. That's as bad as it gets for those whose rating scale does not go to 11.0, otherwise known as "the call is coming from inside the house!"
"The term TraderTraitor describes a series of malicious applications written using cross-platform JavaScript code with the Node.js runtime environment using the Electron framework," the agencies warn.
Current events – such as the COVID-19 pandemic and the rising popularity of cryptocurrency – continue to work as lures to convince victims to click on a malicious links. The shift to more remote work has also added to the threat level of phishing. Employees no longer have the same security at home that they may have had in the office. VPNs and collaboration applications were used as themes in phishing campaigns, Desai said.
REvil, aka Sodinokibi, has been one of the most active — and lucrative — ransomware gangs in history. Its victims range from US nuclear weapons contractors to MSPs such as Kaseya to British VOIP providers.
Apple is finally killing off the venerable macOS Server, directing users still clinging to Profile Manager toward Mobile Device Management solutions.
The move is arguably long overdue. Much of what made macOS Server a server was deprecated in 2018 as the company announced plans to stop the likes of DHCP and DNS in its product and directed users to handy open-source alternatives.
Apple Open Directory and Profile Manager lingered on, with the latter being used for configuration management for Apple devices in an organization. Now, however, that last stub of functionality is deemed obsolete and Apple has warned that while many bits of macOS Server will live on macOS, Profile Manager will not. So the time for dodging Mobile Device Management (MDM) is up.
GitHub says it has identified and alerted developers who have had their private repositories accessed and downloaded via stolen authentication tokens.
In this multifaceted fiasco, Microsoft-owned GitHub insisted its security was not breached. Instead, we're told, "compromised OAuth user tokens from Heroku and Travis-CI-maintained OAuth applications were stolen and abused to download private repositories belonging to dozens of victim organizations that were using these apps."
Google has made changes to its Play Store policies, effectively banning third-party call-recording apps beginning May 11, claiming it seeks to close alternative use accessibility APIs for things other than accessibility.
Google has for a while blocked real call recording on Android 6 and over the microphone on Android 10. Developers have been using accessibility APIs as a workaround to enable the recording of calls on Android.
A Hive ransomware affiliate has been targeting Microsoft Exchange servers vulnerable to ProxyShell security issues to deploy various backdoors, including Cobalt Strike beacon.
Federal authorities are warning the healthcare and public health sectors of aggressive, financially motivated attacks by the Hive ransomware group, which has been
An affiliate of the aggressive Hive ransomware group is exploiting known vulnerabilities in Microsoft Exchange servers to encrypt and exfiltrate data and threaten to publicly disclose the information if the ransom isn't paid.
In a recent attack on an unnamed organization, the Hive affiliate rapidly compromised multiple devices and file servers by exploiting the ProxyShell vulnerabilities in Exchange servers, encrypting the data within 72 hours of the start of the attack, threat hunters with data security vendor Varonis Systems said in a report this week.
The attack included all the hallmarks of one associated with Hive, a ransomware-as-a-service (RaaS) group that emerged in June 2021 and has targeted a range of sectors, including healthcare, retail, nonprofits, and energy providers.
Sinar Mas has installed the smart digital billboard at The Breeze and Pasar Modern in BSD City as the project's pilot areas. The real estate developer will later implement the advertising solution to all of its projects.
[...]
Brands or companies often find it challenging to identify the effectiveness of advertisements. This is mainly due to problems in calculating the number of target consumers who get to see the ad. As a result, brands are unable to tailor their ads to target consumers of different demographics.
US surveillance-tech supplier Palantir has hired a one-time director of AI for NHSX – the former UK health service digital agency.
Indra Joshi quit her role at the end of March as NHSX and NHS Digital were merged into NHS England, a non-departmental government body.
Her arrival at Palantir will raise concerns among NHS watchers and privacy campaigners.
Alphabet's Google on Thursday said it has rolled out a new cookie consent banner for YouTube visitors in France and will soon deploy the popup for its online properties throughout Europe.
The reformulated cookie consent banner – more of screen-seizing overlay page than a slender banner – follows from discussions between the US goliath and European data protection authorities, particularly France's Commission Nationale de l’Informatique et des Libertés (CNIL), which has been grumbling about cookie compliance for at least the past seven years.
India’s Comptroller and Auditor General has published a performance audit of the nation’s Unique Identification Authority and found big IT problems – some attributable to Indian services giant HCL and to HP, but others due to poor decisions by the Authority.
The Authority (UADAI) oversees “Aadhaar” – a twelve-digit ID issued as a national identity token. Aadhaar is essential to access government services but can also be used by third parties – banks and mobile carriers employ it to verify the identity of applicants for new accounts. UADAI arranges for collection of the biometrics needed to create an Aadhaar - ten fingerprints, two iris scans, and a facial photograph – through enrollment agencies and registrars, then provides authentication-as-a-service using Aadhaar numbers.
Citizen Lab has reported finding suspected surveillance software on devices associated with both the UK Prime Minister's Office and what was formerly called the British Foreign and Commonwealth Office.
The Canadian research outfit also said it had identified at least 65 individuals linked with Catalan civil society groups in Spain who were targeted by, or infected with, surveillance software. Catalonia is an autonomous region within Spain where there's an ongoing politically divisive fight for national independence.
As dovish as I am, like how I condemn sending weapons to warzones, I still agree with sanctions, divestments, pulling products from markets etc. No-one is mandated to trade with an organization or nation who is killing them.
Like, Mon Cala stopped selling ships to the Empire after Alderaan and I don’t blame them. There are many innocent farmers on empire-controlled planets who could’ve used those ships—even for life-saving purposes, but, it’s reasonable of Mon Cala to halt their sales. I’ll defend that decision.
Patrick Welch stepped on a land mine in 1965 during a firefight in Vietnam and spent his late teens in two military hospitals recovering from his injuries.
He since has also faced the slow, steady ravages of Agent Orange.
Fiekowsky is the founder of the Foundation for Climate Restoration, an organization of which I am a member. He is physicist, engineer, and entrepreneur. His book with Douglis lays out the enormous challenge the world faces, if we are to avoid an existential climate threat. This book is important because it tells us what we can do to restore the Earth’s climate, or at least restore the concentration of greenhouse gases in the atmosphere to a level that prevailed at the dawn of the industrial age.
Intel has committed to being net zero for greenhouse gas emissions across its global operations by 2040, and has set itself interim milestones for 2030 including 100 percent renewable electricity use and to identify greener chemicals with lower global warming potential.
The chip giant announced the move as part of plans to increase the energy efficiency, and lower the carbon footprint, of Intel products and platforms, and said it will work with customers and industry partners to create systems that lower the greenhouse gas footprint of the entire technology ecosystem.
When their personally owned vehicles are not in use, Saudi 'hosts' can now earn money by renting them out on the ekar platform.
Meta CEO Mark Zuckerberg and LinkedIn CEO Ryan Roslansky are among the latest US citizens to be added to the increasingly bizarre Russian sanctions list.
The Russian Foreign Ministry on Thursday added the two CEOs, along with United States VP Kamala Harris and her husband Doug Emhoff, several Department of Defense officials, ABC personality and former advisor to president Bill Clinton George Stephanopoulos, and more than 20 others, to the Kremlin's "stop list," which bans them from entering Russia indefinitely.
Moscow has pledged to add more names to the list, which means it's time to start playing tech exec bingo — or maybe down a shot of whiskey when your CEO makes the cut.
The Swiss software Kiwix enables the user to copy entire websites so they can be accessible offline. Now that Wikipedia risks sanction in Russia because of its content on the Ukraine war, downloads of the free online encyclopaedia using Kiwix are off the charts.
Wikipedia is one of the few sources of information on the Ukraine war not yet censored in Russia, but it is on the Kremlin's radar. Since the beginning of March, Wikimedia, the American foundation that runs Wikipedia, "has received several warnings from the Russian government… calling upon it to suppress verified, factual information in the articles", a spokesperson told SWI swissinfo.ch via email.
A labor rights non-profit has filed a complaint with India's Ministry of Labor alleging IT services giant Infosys has subjected its employees to an illegal noncompete clause.
Within the contracts for onboarding employees is a stipulation, according to Nascent Information Technology Employees Senate (NITES), that staff may not accept employment from any Infosys customer they worked with while at Infosys for six months after terminating employment.
Employees are also barred from working for an Infosys competitor if it means they would work with a customer they worked with at Infosys during the 12 months prior to leaving Infosys.
She hadn’t even reached the border when she felt her teeth crack. Diana Kyrychyk had just finished getting a root canal in Ukraine the previous day, but she still had four temporary fillings that needed to be replaced and now they were disintegrating. She pulled two bits of broken teeth from her mouth, carefully tucked them into her front jeans pocket, and kept moving. On a crowded road in northwest Ukraine, she was fleeing Russian missiles by foot with two suitcases, her husband, her sister, her three young children, and her 6-month-old niece.
“If I didn’t have this internet, this CyberMill, I wouldn’t have been able to do this job,” said the 31-year-old “I’d have to move.”
[...]
Ryne Smith sits in front of a computer at Grant County’s first so-called CyberMill, which opened this winter in Seneca. He’s working on a contract to check new Intel products for glitches — work that requires faster and more reliable internet than he has at home.
Smartlabs, Inc, parent of vanished internet of things vendor Insteon, is unable to meet its financial obligations and has assigned its assets to a financial services firm to be sold.
After recently shutting down the servers supporting its smart home hub app and saying nothing to its customers or partners, the California-based firm on Wednesday evening finally got around to publishing an update to its website.
[...]
The legal paperwork for this process noted, in March, that Smartlabs "is indebted to various creditors and is unable to pay its debts in full, and has decided to discontinue its business," and thus transferred its assets so that those owed money can be paid back.
The former CEO of Smartlabs and Insteon, Rob Lilleness, appears to be concerned that the failure of his company might haunt him: he initially changed his LinkedIn profile to omit any mention of Smartlabs or Insteon and reduced his display name to initials. Then after the unannounced shutdown of Insteon's servers was reported, his LinkedIn profile disappeared completely.
Foose goes on to explain that they had tested Chrono Trigger earlier that day (April 8) on their PS3, and it had run fine and had no expiration date. Talking with the official PlayStation support system did not help with the issue either. And later on, other users showed games like Final Fantasy IX and Final Fantasy VI facing the same issue of having an expiry date in the past.
Unplayable PS classic games from the original PlayStation have emerged in recent days, according to several users who tried them on the PS3 and PS Vita. When gamers sought to start Chrono Cross to commemorate new remastering, for example, a message indicating the expiry date (December 31, 1969) prevented them from doing so, and the story began to spread. Rather than affecting only one game, the issue affects a number of PS classic games.
The outgoing first chief architect officer of the US Air and Space Force urged the Pentagon to lay off wasting time building everything itself, and use commercial kit if available and appropriate to upgrade its technological capabilities quickly.
"If the Department of Defense is going to compete on today's global stage and maintain its technological edge, it has to ride the wave of commercial innovation," Preston Dunlap told The Register on Monday. "If it doesn't, it risks drowning under its own weight."
After signing up for a two-year stint leading R&D and tech acquisition programs for the US Air and Space Force, Dunlap stepped down as CAO this week, three years and four months into the role. In an open letter shared on LinkedIn, he ran through his achievements and offered advice to his colleagues.
Scraping data from a public website doesn't violate America's Computer Fraud and Abuse Act (CFAA), the US Ninth Circuit Court of Appeals ruled on Monday.
The decision [PDF] echoes the appeal's court 2019 decision, which upheld a lower court's 2017 determination in HiQ v. LinkedIn that web scraping doesn't qualify as accessing a protected computer without authorization.
The case began in California in 2017 when HiQ, an employment analytics firm, filed a lawsuit challenging LinkedIn's legal and technical efforts to block HiQ from copying public profile data from LinkedIn users.
