Why Mike feels like Heroku is in a failed state, what drove us crazy about Google I/O this year, how Chris botched something super important, and some serious Python love sprinkled throughout.
Looking for a simple web-based file sharing software, with a strong encryption? Then Lufi may be your answer.
Lufi is a self-hosted drop file sharing solution that comes with E2E encryption. It also tested and proven great on Firefox, Google Chrome, Internet Explorer 11, Microsoft Edge, Safari and mobile browsers as iOS, and Android.
It is an open-source, free alternative to Sharedrop.io, and jetdrop.net, but it puts you in control of your data.
Lufi is an ideal solution for designers, creative teams, freelancers, and UI/ UX experts.
Google has a firm grip on the desktop. Their products and services are ubiquitous. Don’t get us wrong, we’re long-standing admirers of many of Google’s products and services. They are often high quality, easy to use, and ‘free’, but there can be downsides of over-reliance on a specific company. For example, there are concerns about their privacy policies, business practices, and an almost insatiable desire to control all of our data, all of the time.
What if you are looking to move away from Google and embark on a new world of online freedom, where you are not constantly tracked, monetised and attached to Google’s ecosystem.
In this series we explore how you can migrate from Google without missing out on anything. We recommend open source solutions.
In the world of ethical hacking, OS fingerprinting is a very popular method to get an idea about the potential victim’s operating system. The hacker sends some packets and commands over the network to the target system to get the exact guess about the target’s operating system, architecture, and security details. In this way, the hacker can make his plan more efficient and more powerful. There are two types of fingerprinting which are; passive and active. Most expert hackers and network admins use passive OS fingerprinting tools to provide real-time results with a higher accuracy value.
As I have already mentioned that OS fingerprinting is divided into two domains, which are passive and active. Most frequently, we talk so much about the passive method; in passive fingerprinting, the hacker or the attacker can hide his own identity from the victim.
This method is more perfect and appropriate for hacking. Though passive fingerprinting is more secure and convenient, it is a bit slower than the active method. The active fingerprinting works as a handshake.
Filestash is a self-hosted open-source Dropbox alternative that supports multiple user collaboration and a dozen of storage modules.
With Filestash, you can connect to Amazon S3, Dropbox, Google Drive, FTPS and add more storage modules.
Papermerge is an open source document management system (DMS) primarily designed for archiving and retrieving your digital documents. Instead of having piles of paper documents all over your desk, office or drawers - you can quickly scan them and configure your scanner to directly upload to Papermerge DMS.
Papermerge DMS on its turn will OCR the document and index it. You will be able to quickly find any (scanned!) document using full text search capabilities.
Looking for a peer to peer file transfer app that works outside the local network? Warp is the stupid simple application to do the trick for Linux.
There are a few applications for LAN file transferring, such as Warpinator and Dukto. For sending date all over the world, Warp is a new GTK4 app for transferring any arbitrary-sized files and directories without struggling with Linux command or using a cloud service.
The app provides a stupid simple interface with 2 tabs: Send and Receive. Simply click on the “send file” (or folder) button and select your data, it will generate a transmit code.
Linux is a multiuser operating system, so creating numerous user accounts is easy. Over time, it’s easy to lose track of which accounts are required. Listing user accounts helps you manage them.
Vim is definitely one of the most venerated text editors in the Unix world. Although its learning curve can be pretty steep when accustomed to more traditional text editors, its usage can dramatically improve productivity. A lot of plugins are available for the editor; almost always their source code is hosted on Github or similar platforms based on Git. To manage such plugins, several third-party plugin managers were developed in time, such as Pathogen or Vim-Plug, but since version 8 of the editor, a native way to manage plugins was introduced.
Jupyter Notebook is a Python package that lets you host an interactive computing platform.
You can access that platform via a web browser where you can edit notes, run code and it shows you the output of your code.
Jupyter is mainly developed to be used as a data science and scientific computing tool. Not only can you use Jupyter to write python programs, Jupyter actually supports many programming languages.
Also you can write blocks of text in your notebooks using markdown format, as well as writing mathematics. Lastly you can also add plots, photos and rich media.
Jupyter isn’t supported under old versions of Python, it is supported under Python 3.3 (or greater), or Python2.7 (or greater). There are two methods to install Jupyter in Ubuntu or, for that matter, any other OS that runs Python, and this article will show you how to install it in Ubuntu.
I've never sys-admined or ran a public-facing server -- well, not in the last 30 years, anyway. So I have a healthy fear of forgetting to do something obvious and getting pawned immediately by some script-kiddie. Beyond my router, monsters roam, waiting for a crack in the fence.
Stacksmith recently wanted a simple Gemini self hosting tutorial, so here I go.
The guide contains everything from installing, to hardening with a Systemd service.
OpenSSL is a set of crypto and hash tools that can be used to encrypt data and verify signatures. It’s a command line tool that can be used to generate keys, encrypt and decrypt data, sign and verify signatures, and generate and verify CSRs.
In this tutorial we’ll cover some of the most common OpenSSL commands and how to use them. We’ll also discuss important terms and concepts related to encryption and digital signatures.
Pipy is an open source, cloud-native, network stream processor. It is modular by design and can create a high-performance network proxy. It's written in C++ and is built on top of the Asio asynchronous I/O library. Pipy is ideal for a variety of use cases ranging from edge routers, load balancers, proxy solutions, API gateways, static HTTP servers, service mesh sidecars, and more.
Pipy also comes with built-in JavaScript support through PipyJS. PipyJS is highly customizable and predictable in performance, with no garbage collection overhead. Currently, PipyJS is part of the Pipy code base, but it has no dependency on it and in the future it may be moved to a standalone package.
This tutorial explains in step by step how you can install Ubuntu 22.04 LTS "Jammy Jellyfish" into your computer or laptop. We will use a USB flash disk drive storage instead of hard disk. By practicing, you will be able to adapt this tutorial to install Ubuntu into hard disk, external HDD, and also SSD. Please note that this will help you making dualboot with Windows, no matter if your computer features BIOS Legacy or UEFI. Start everything with the preparations below and now let's go. Happy installing!
This brief guide explains how to reset sudo password in Ubuntu 22.04 and 20.04 LTS desktop and server editions from rescue mode.
ONLYOFFICE Docs is an open-source office suite distributed under GNU AGPL v3.0. It comprises web-based viewers and collaborative editors for text documents, spreadsheets, presentations, and forms compatible with OOXML formats.
Webfs is a nice small web server that helps users to host static content immediately. The web server when installed is capable of hosting static websites and media. It is a better alternative to heavy-duty web servers that are more CPU hungry. You will see how to install Webfs on an Ubuntu server in the next steps, this guide is compatible with Ubuntu 20.04 to Ubuntu 22.04.
Valve and their partners are progressing well, with a steady pace now when it comes to validating games for the Steam Deck, with more than 2900 games validated. There are now 2902 games at the time of writing working on the Steam Deck – in two categories as usual...
The upcoming Godot 3.5 is now considered feature complete, and has received a lot of bugfixes and improvements over the past weeks thanks to all the testers and developers who reported and fixed issues. It's now time to move to the Release Candidate stage so that we can release 3.5-stable for all users.
At this stage we need people to test this release (and potential follow-up RCs) on as many codebases as possible, to make sure that we catch non-obvious regressions that might have gone unnoticed until now. If you run into any issue, please make sure to report it on GitHub so that we can know about it and fix it!
We are excited to announce version 2.2 of our Proxmox Backup Server! It's based on Debian 11.3 (codename "Bullseye"), but using the newer Linux kernel 5.15, and including ZFS 2.1.4.
We have a new namespace feature which allows you to simplify backup management from multiple sources on-premises, remotely, and in the cloud, by organizing backups into "namespaces" within a single datastore.
The new “read-only” and “offline” maintenance modes allow for safer maintenance work on a datastore.
Countless bugfixes and smaller improvements are included as well, see the full release notes for details.
A big THANK YOU to our community! We are really grateful for all the support and feedback, testing, bug reporting and patch submitting.
Let me remind users that the main documentation source for Leap Micro is SLE Micro documentation referenced bellow. The same applies to Leap itself.
We recommend to try our self-install image for VM and host deployments (see demo on download page).
For security reasons images have no root password set so you'll have to use *ignition or combustion to set it up (unless you use the Offline installer).
People who are interested in k3s use case should have a look at the recent *work of Atilla. the combustion should work on both SLE/Leap Micro and MicroOS. I would like to consider offering recommended combustion scripts as part of the image download/experience on get-o-o.
Big thanks to all that participated!
This major release also introduces the ability to build both Red Hat Enterprise Linux 9 and Red Hat Enterprise Linux 8 images via a single build node, better support for customized file systems, and bare-metal deployments, Smart Card Authentication support via Web Console, new security profiles, support for IMA (Integrity Measurement Architecture) digital hashes and signatures, detailed SSSD login, OpenSSL 3 integration, and disablement of SSH root password login by default for better security.
Each release of Red Hat Enterprise Linux (RHEL) is an exciting time and establishes a ten-plus year foundation for the industry to build upon. RHEL 9 marks the next milestone and offers improvements across the board in areas of stability, performance, upgrades and security capabilities. With edge computing being a strategic target for many of our customers, this post takes an in-depth look at the most significant features targeted to remote deployments.
We are excited to announce the availability of Red Hat Enterprise Linux 9 (RHEL 9), the latest release of the world’s leading enterprise Linux platform. RHEL 9 provides a more flexible and stable foundation to support hybrid cloud innovation and a faster, more consistent experience for deploying applications and critical workloads across physical, virtual, private and public cloud and edge deployments.
Red Hat Enterprise Linux (RHEL) 9 is now generally available (GA). This release is designed to meet the needs of the hybrid cloud environment, and is ready for you to develop and deploy from the edge to the cloud. It can run your code efficiently whether deployed on physical infrastructure, in a virtual machine, or in containers built from Red Hat Universal Base Images (UBIs).
Rocky Linux is a Linux distribution that is a 100% compatible rebuild of Red Hat Enterprise Linux (RHEL). Rocky Linux is maintained by the Rocky Linux Foundation.
The Foundation and distribution are led by Gregory M. Kurtzer, one of CentOS’s original founders. Rocky Linux is now very popular both with individuals and large organizations and considered an unofficial successor of CentOS Linux.
In this article, we’ll try to give you an overview of Rocky Linux and what you need to know about it.
The 6.0 release of Bodhi — Fedora’s update gating system — will be published in a few days. We will deploy it to production a couple weeks after the Fedora release. It includes backwards-incompatible changes. Here’s what you need to know.
[...]
We reorganized the Bodhi source code to drop the hacks used in setup.py to support sub-projects. Instead, bodhi-server, bodhi-client and bodhi-messages are now actual Python package directories in the repo. The import path has not changed.
Titan Linux is a new Debian-based Linux distribution that features the KDE Plasma desktop with a focus on usability and performance.
With a foundation built on the Debian Stable Branch, Titan Linux takes a functional, yet a minimal approach to KDE Plasma to create an operating system that is as functional as it is performant. Titan Linux features a minimal KDE Plasma desktop, the stable LTS kernel, a wide range of hardware support, a large independent community of supporters, and a brand new management system, called the Titan Toolbox that makes it possible to manage the operating system with a single click.
Google I/O 2022 took place last week and brought with it a host of exciting news from the world of Google, including the announcement of Flutter 3 with long-awaited Linux Desktop support!
Flutter 3 is the next big step in Flutter’s journey to enable multi-platform application development across what is now six platforms: iOS, Android, Web, Windows, macOS and Linux. It features improved performance and additional profiling in Flutter DevTools, support for Material 3, Apple silicon, accessibility services and web app life-cycles on top of the snazzy new Flutter Casual Games Toolkit and much more
Our collaboration wth AWS has started in 2012 making 2022 the 10th year of working together to deliver premium open source solutions in the cloud. With Public Sector designation, our goal is to continue supporting AWS providing security and compliance for Government agencies and contractors on AWS Govcloud as and all AWS regions.
AMD Xilinx Kria KR260 Robotics Starter Kit features the Kria K26 Zynq UltraScale+ XCK26 FPGA MPSoC system-on-module (SoM) introduced last year together with the Kria KV260 Vision AI Starter Kit.
Designed as a development platform for robotics and industrial applications, the KR260 is said to deliver nearly 5x productivity gain, up to 8x better performance per watt and 3.5x lower latency compared to Nvidia Jetson AGX Xavier or Jetson Nano kits. We’ll have a better look at the details below.
The reComputer Jetson-10 is a new product by Seeed Studios, that consists of a palm-sized aluminium case that houses a passively cooled NVIDIA Jetson module. The module runs on their custom carrier board that is designed for AI application development and deployment. They have sent me their H0 model which runs a Jetson Nano module with 128 NVIDA CUDA cores that can deliver up to 0.5 TFLOPS of computing performance. It’s also got a Quad-core ARM A57 CPU running at 1.43 GHz, 4GBs of LPDDR4 RAM and 16GB of EMMC storage.
Sfera Labs Exo Sense RP is a multi-sensor module with a Raspberry Pi RP2040 microcontroller and various sensors to report temperature, humidity, air quality (VOC), light intensity, audio, and motion.
The module can work as a standalone unit but can also communicate with a host through RS485 and USB interfaces, and supports expansion via surge-protected digital inputs and outputs. The Exo Sense RP is designed for indoor residential and commercial applications such as environmental monitoring and data logging, people and assets tracking, room management, access control, and more.
It brings great pleasure to announce the release of Sailfish OS 4.4.0 Vanha Rauma for the Sony Xperia 10 III. The combination of Sailfish OS optimised for the Xperia 10 III offers amazing performance at an impressive price, giving the best Sailfish OS best experience yet. Sailfish OS on the Xperia 10 III also includes beta VoLTE support, disabled by default, but available for brave community members to try out for the first time. Not only is this the best way to experience Sailfish OS, but we also believe it’s the best way to enjoy the Sony Xperia 10 III hardware.
We know that many of you have been eagerly awaiting the release since we previewed it at the Sailing for Ten Years party in Berlin. We’ve been working extremely hard to ensure it runs in the best possible way, and we’re very happy with the result. You can try and buy Sailfish OS to flash directly to the Xperia 10 III from the Jolla Shop for 49,90€, the same price as all the other Sony devices in the Sailfish X program. For this, you’ll get the Sailfish image to flash to your device of course. In addition, you get the paid extras of Android AppSupport for running Android apps directly within Sailfish OS, Exchange ActiveSync support for Office 365 syncing of emails, calendars and contacts, and predictive text support.
This is the 101st issue of syslog-ng Insider, a monthly newsletter that brings you syslog-ng-related news.
Open-source database services biz Percona has confirmed general availability of a database management platform initially targeted at PostgreSQL, MySQL, and MongoDB.
Dubbed Percona Platform, the company's first product will be available as a subscription service aiming to bring together the management of three open-source databases under a single system.
The Brave browser promises speed and privacy, but its quest for profit compromises security at every turn.
I had thought that for-profit web browsers had died with the 20th century. Long since, I imagined, the web browser had become such an essential part of modern computing that there was no profit left in it. Brave Software, however, disagrees. Since 2016, the company has been developing its open source browser (Figure 1), attempting to fund it with a restricted marketplace for ads -- an idea compelling enough to convince venture capitalists to invest over seven million dollars. However, those with minimal knowledge of privacy and security are likely to think to otherwise. Based on Chromium and compatible with Chrome extensions, the Brave browser itself is functional enough, with an array of tools designed to appeal to modern users, especially those who want to dabble in cryptocurrencies. Yet again and again, Brave reveals itself as a battleground where privacy and security are at odds with the quest for profit.
It’s been about a year since our last update regarding Manifest v3. A lot has changed since then, not least of which has been the formation of a community group under the W3C to advance cross-browser WebExtensions (WECG).
In our previous update, we announced that we would be supporting MV3 and mentioned Service Workers as a replacement for background pages. Since then, it became apparent that numerous use cases would be at risk if this were to proceed as is, so we went back to the drawing board. We proposed Event Pages in the WECG, which has been welcomed by the community and supported by Apple in Safari.
Today, we’re kicking off our Developer Preview program to gather feedback on our implementation of MV3. To set the stage, we want to outline the choices we’ve made in adopting MV3 in Firefox, some of the improvements we’re most excited about, and then talk about the ways we’ve chosen to diverge from the model Chrome originally proposed.
ONLYOFFICE, one of the best open-source Microsoft Office alternatives, has just released its new upgrade, i.e., version 7.1.
If you didn’t know, you can use ONLYOFFICE with online integration on your self-hosted server (like Nextcloud) or the desktop.
This release brings exciting new changes, notably initial support for ARM-based devices like the Raspberry Pi.
These new versions are compatible with Kiwi TCMS v11.x and include several improvements and bug fixes. Check-out the pages above for individual information and instructions on how to use them.
As I’ve said in my other email, I am resigning from my position at The Qt Company to join a small startup in Norway that is working with things unrelated to Qt.
Hi all, Let’s take the big news first. I’ve resigned from my position at The Qt Company. More on that and what it means for the Qt Project further below.
But as I’ve spent almost exactly 25 years in the Qt ecosystem, 22 of those working for the various companies owning Qt, I hope it’s ok if this gets a bit longer and I spend some paragraphs looking back into history. As said, it’s been almost exactly 25 years, since I first heard about Qt. At that time, I read an article in the German C’t computer magazine about a new Desktop project for Linux called KDE. The underlying technology being used was Qt. As a person that used Linux extensively during his studies, I immediately got interested and it didn’t take long until I started my first steps learning Qt. As some of you might know I got involved rather deeply about a year or two later, when I started the KHTML project to create a new HTML engine for KDE in 1998/1999. That project was later forked by Apple to form the basis for their WebKit project, the Safari browser and Google’s Chrome browser. It's cool to think that the browser engine(s) that most people use today started off as a Qt based project all those years ago. I remember getting to know some of the people working for Trolltech back then at KDE conferences. In the winter of 2000, they invited me over to Oslo to have a look at Qt. The company was at that time still tiny with 11 or 12 employees. I got a great tour of Oslo including the ski jumping tournament at Holmenkollen and signed up for the job. I was originally expecting to spend 2-3 years at Trolltech and then at some point move back to Germany. As you all can see, that’s not how it went though. I ended up staying in Norway and have been working with and for Qt ever since. Starting with Qt 1.0, Trolltech released the source code to Qt (at that time only for Linux/Unix), and the Open Source nature of Qt played a big part in its success. I’m very happy that we could continue on that path, by over time making all platforms Qt supports available as Open Source as well as moving over to more standard and freer licensing (first GPL, later LGPL). At the end of the Trolltech years, we started looking into how to make it easier for the community to contribute to Qt, and first had a model where our users could submit patches to us. That never really worked very well, and I’m really happy that we moved over to our current governance model in 2011. Since then Qt has truly been an Open Source project. When Qt got sold by Nokia in 2012, many people considered it a dead technology. But I and many of you believed in the technology, and together we’ve managed to turn this into a great success. As you all know, Qt is a dual licensed technology. That Qt has the backing of a commercial business behind it, is what made the required investments possible to keep the technology competitive. I’m extremely proud of what we achieved with Qt over the last 10 years. It happened because everybody on this list put in a lot of work into making Qt one of the best development frameworks on this planet. Qt is something that I care deeply about. I’ve been with it all the way and through all the ups and downs from when Trolltech got its first larger investment to now. But seeing what you all are doing, I know it’s in very good hands moving forward.
Leaving The Qt Company and in the future spending most of my time outside the Qt ecosystem has been a difficult decision. But in the end, after those 25 years, it does feel very much like the right decision for me. I want to try out something else. So I will be joining a small Norwegian startup with one of the founders of Trolltech. While still in Software, it’ll be something rather different, not related to C++ or developer tools.
If you read up on the history of major startup air-based services like Federal Express or Southwest Airlines, you generally are aware of the story arc—at some point early in the airline’s life, before regulators got out of the way and allowed these businesses to soar, executives had to get creative to ensure that they were able to continue service with limited budgets and equipment. In the case of Southwest, it involved utilizing a “10-minute turn” to allow three planes to be used instead of four; with FedEx, founder Fred Smith literally gambled the last $5,000 the company had in Las Vegas to keep the company afloat. In both these cases, I naturally wonder—well, was there anyone else who won the airline deregulation lottery? And that led me to the story of an online travel website you’ve probably used many times, but had no idea it had roots in the analog age. Today’s Tedium tells the story of Cheap Tickets, and the unusual state of affairs that led to its existence.
Open source is a global phenomenon impacting all industries in all parts of the world. To better understand the regional dynamics of open source, Linux Foundation Research is conducting a series of new research projects under the World of Open Source umbrella to explore the state of open source, beginning with a European perspective, focusing on government, enterprise, and non-profit initiatives.
Security updates have been issued by Debian (elog, needrestart, openssl, and waitress), Fedora (curl, libxml2, slurm, and vim), Scientific Linux (zlib), SUSE (e2fsprogs, nodejs10, php72, and thunderbird), and Ubuntu (apport, clamav, needrestart, and pcre3).
The research is fascinating, but the attack isn’t really feasible. It requires a jailbroken phone, which is hard to pull off in an adversarial setting.
CISA and the Multi-State Information Sharing and Analysis Center (MS-ISAC) have released the joint Cybersecurity Advisory Threat Actors Exploiting F5 BIG-IP CVE-2022-1388 in response to active exploitation of CVE-2022-1388, which affects F5 Networks BIG-IP devices. The vulnerability allows an unauthenticated actor to gain control of affected systems via the management port or self-IP addresses.
And it isn’t all bad news: there are lots of other features including access to Surfshark’s list of MultiHop routes, WireGuard, DNS leak protection and CleanWeb (an ad-blocker).
There’s also a tray menu with a quick-connect option and a list of three servers.
The 2022 edition of the famous (or infamous, depending on your viewpoint) Pwn2Own competition kicks off later today in Vancouver, British Columbia.
Learning the early signs of ransomware infection can help you detect an attack in the early stages. Here’s what to look out for on your IT systems.
Surveillance technology is being weaponized to commit gross human rights violations across the globe. Scaling up their operations in the dark, developers like NSO Group (the company behind Pegasus) make their fortunes supplying this dangerous tech to governments seeking to intimidate and silence dissenting voices, undermine trust in digital systems, and expand their arsenal for digital authoritarianism.
Access Now congratulates Fanny Hidvégi, Europe Policy and Advocacy Director, who was today included in POLITICO Europe’s annual ranking of the 28 power players behind Europe’s tech revolution. The long-term advocate for human rights in the digital age was named a Visionary — a title hard fought for, and very much deserved.
“Access Now is delighted to see Fanny Hidvégi being recognised by POLITICO Europe and others as the tech changemaker — Visionary — she is,” said Brett Solomon, Executive Director at Access Now. “Fanny and the whole team have spearheaded the fight for digital rights across Europe, laying the foundations for a safer, more open, and fairer future.”
[...]
Fanny has previously taken part in the Obama Foundation’s Europe Leaders program, was a member of the European Commission’s High Level Expert Group on Artificial Intelligence, and is a board member of the Hungarian Civil Liberties Union.
Since taking charge of Access Now in 2016, Fanny Hidvegi has honed the NGO into one of the most effective digital rights outfits in town. Despite being a relative newcomer — Access Now was founded in 2009 — the advocacy group enjoys the same kind of access as its more storied civil society brethren. Indeed, its relative youth has perhaps been to its advantage: As tech behemoths have come to dominate the digital policymaking narrative in Brussels, the startup NGO with roots on the U.S. West Coast has perhaps been well-placed to do battle with companies that promise to “move fast and break things.”
Egypt’s human rights body calls for the activist’s transfer to a better facility, as Abdel Fattah’s family calls for his release.
Y'know, Geminispace probably won't be free of ads forever. Assuming we don't abolish capitalism within the next few years, eventually someone is gonna pay someone else to shill their stuff on their gemlog. It's just gonna happen.
Gemini does, however, seem like it'll be uniquely resistant to capitalist invasion. Off the top of my head, here are a few possible ways it might go.
Is having deeper and meaningful internet friendships the best use of your time, compared to deepening other relationships that might be available to you?
is it? there isn't really a built-in mechanism through which you would be made aware whether your work is being noticed or not, and that's by design. I don't know how common this is, but I don't find it to require much effort to keep up with everything that shows up on the main CAPCOM/spacewalk instances so I keep up with it regularly.