The System76 Lemur Pro is a thin and light Linux laptop with a 14 inch full HD display a 73 Wh battery, and support for up to 40GB of RAM. It also now comes with a choice of 12th-gen Intel Core i5 or Core i7 processor options.
System76 is selling the new Lemur Pro for $1149 and up.
TUXEDO Computers has released a new 15" Ultrabook running Linux.
TUXEDO Computers has announced a new second-generation Pulse 15 Linux ultrabook with updated components. The new laptop sports an AMD Ryzen 7 5700U that uses only 15 watts TDP and adopts a single fan/heat pipe cooling system. This new configuration offers the same performance as the first-gen ultrabook but draws considerably less power.
According to TUXEDO Computers, “While AMD officially specifies the 8-core processor with only 10 to 25 watts, TUXEDO pushes the power up to a sustained 35 watts (PL1) to offer demanding users very strong CPU performance with relatively low energy consumption.”
Jitsi is an open-source, free conferencing server that can handle chat, video and VOIP conferencing. It’s a great alternative to the likes of Skype and Zoom. You can quickly deploy Jitsi and use it as an in-house solution or even open it up to the public.
I want to show you how easy it is to deploy Jitsi on Ubuntu 22.04. You can deploy this with either a fully qualified domain name or using a server with just an IP address. For simplicity’s sake, I’ll demonstrate using an IP address, which is a great option for an internal solution.
The LXQt environment is a lightweight desktop environment for the Qt application framework. This environment aims to provide a modern and easy-to-use desktop environment for Linux.
LXQt is emerging as one of the popular DEs in the Linux world, and it supports the most popular distributions like Arch, Ubuntu, Fedora, and others.
In this article, we will show you how to install LXQt Desktop Environment on Debian 11 operating system.
It started as a request from our tech lead: please help triage these patches. So I lookedat the set of patches and started with what looked like the simplest one:
I recently came across a cool terminal app that help you check your battery health from the command line.
It’s called Battop and it’s open source software written in Rust. I ran into it after I went looking for a GUI battery status tool for Linux similar to CoconutBattery for macOS (it’s a menu-bar app that shows battery health, condition, capacity, temperature, voltage and so on).
A lot of the guides and tutorials that walk through how to check battery info on Linux all agree on one thing: use upower. It is a solid recommendation. Not only is upower very detailed but it’s dead easy to use as it’s enabled out-of-the-box in virtually every major Linux distro out there, Ubuntu included.
One downside to using upower is that it’s a little utilitarian. It prints a list and that’s it.
You always need a handy and user-friendly tool to check the Linux system summary. Viewing the running task statistics often helps you to fix issues in the system.
We use many tools in our graphics journey. In GIMP, we use Bucket Fill, Eraser and Clone tools all the time, but they have some features you might not have seen yet. I look at tutorials a lot, and saw these tips on Davies Media Design's YouTube channel. His tutorial was titled "5 Things You Didn't Know GIMP could do". If you know all these already, that's awesome, but if not, I hope you learn something useful.
I have an older (as in, no longer manufactured) USB TV tuner that is capable of receiving ATSC broadcasts. In the U.S., ATSC is the format for the over-the-air (OTA) HD broadcasts. It's a KWorld KW-UB435-Q V3. Ironically, while this specific tuner is no longer made/available, it's a trivial task to find a picture of the item on various retailer websites. The broadcast format will be different for different areas around the world. If I'm not mistaken, most of Europe uses DVB as the broadcast format for their HD broadcasts.
WordPress is a very popular CMS and it remains the easiest and best open-source application to build websites. People mostly use WordPress for blogging, although actually it also supports other types of CMS like e-commerce, forums, etc.
It offers you the freedom to build anything you want, it has thousands of plugins and themes that you can use to customize your website. The installation is fairly easy, you can simply follow the steps in this tutorial and you will learn how to install WordPress on Ubuntu 22.04.
I can surely say you were still using the deprecated Linux commands, knowingly or unknowingly. It’s not your fault as you and I are glued to those commands due to strong habits.
However, new Linux users are also involved in using those commands due to reading outdated online articles or books.
RHEL 9.0, the latest major release of Red Hat Enterprise Linux, delivers tighter security, as well as improved installation, distribution, and management for enterprise server and cloud environments.
The operating system, code named Plow, is a significant upgrade over RHEL 8.0 and makes it easier for application developers to test and deploy containers.
Available in server and desktop versoins, RHEL remains one of the top Linux distributions for running enterprise workloads because of its stability, dependability, and robustness.
A really strange thing happened the other evening.
I recently learned of the death of one of our longtime PCLinuxOS forum users. Charles Henry Tankersley passed away on February 16, 2022, at age 88. Mr. Tankersley registered as a PCLinuxOS forum member on May 28, 2007, with the username chtank.
 Ubuntu MATE 22.04 LTS arrived on April 21st, 2022, as part of the Ubuntu 22.04 LTS (Jammy Jellyfish) release, but only for 64-bit PCs. As of today, Ubuntu MATE 22.04 LTS is also available for Raspberry Pi boards, such Raspberry Pi 2, Raspberry Pi 3, Raspberry Pi 3+, Raspberry Pi 4, and Raspberry Pi CM4 (Compute Module 4).
Ubuntu MATE 22.04 LTS for Raspberry Pi comes with all the features of Ubuntu MATE 22.04 LTS for PCs, such as the latest MATE 1.26 desktop environment, newer kernel and graphics stacks, and a recent toolchain, but also some improvements and new features targeted at Raspberry Pi devices.
Vehicles are becoming more connected, autonomous, shared and electric (the famous CASE acronym). While customers expect new features and upgradability, the software and hardware components enabling such innovations require a different system architecture to function. This is a major change for the automotive industry as it requires new software skills, methodologies and business models. At the same time, automotive manufacturers need to adhere to complex and strict industry standards, and uphold safety-critical functions. In this post, we will focus on the different challenges the industry is facing in terms of hardware and software complexity, cybersecurity and safety. We will also discuss how Original Equipment Manufacturers (OEMs) can learn from software companies to survive this transition towards software-defined vehicles and succeed.
[...]
On top of this, regulations are becoming very strict, forcing OEMs to provide patches and fixes to common vulnerabilities and exposures (CVE). Taking into account the previously detailed system complexity, it is becoming increasingly necessary to move towards a software-defined holistic context. Only a software-defined approach can provide the required flexibility and scalability that allows companies to comply with regulatory requirements while providing UX updates and handling hardware complexity.
Of course, cybersecurity never only relies on software. Hardware vulnerabilities can also occur and usually lead to even worse consequences. Some hardware issues can be patched via software, but usually these CVEs remain valid throughout the system’s lifetime. For example, Meltdown and Spectre, two of the most widespread hardware vulnerabilities in the world, are still present and affecting tons of devices. This means that during hardware conception, cybersecurity must be taken into account in the specifications and system architecture in order to limit these vulnerabilities.
Makers Kevin McAleer and Sam Machin show us how to control the new Raspberry Pi Pico W over Wi-Fi using MQTT and Node-RED.
They created a combination of hardware and software they dubbed the BlixTerm which took the form of a cartridge connected to one of the PET 600's expansion ports on the back. Inside the cartridge is a Raspberry Pi Zero 2 W which connects to YouTube over wifi, loads a requested video, and then converts the 640x200 grayscale stream to an 80x25 grid of ASCII characters from the PET’s internal ROM.
Anvil, a popular web applications development tool has today announced a new toolkit developed for the recently released Raspberry Pi Pico W. The toolkit provides a means of communicating between a web application and a Raspberry Pi Pico W using nothing but Python.
This new toolkit brings secure IoT applications for the Wi-Fi enabled $6 microcontroller. Applications normally reserved for the more powerful, and hard to come by Raspberry Pi.
In 1979, Sony launched the PS-X75 turntable. It quickly gained popularity thanks to its high-fidelity sound output and ease of use. It was easy to use because it was fully automated–a common feature today, but something that was quite exciting at the time. To perform that automation, the PS-X75 contained an integrated circuit that detected record size, dropped the needle, and so on. But that IC was prone to failure. To revive their Sony PS-X75 turntable, MKB-1 used an Arduino Mega to replace the original circuit.
Unlike earlier turntable designs, which were often entirely electromechanical, the PS-X75’s IC controls almost all of the turntable’s functions digitally. That means that when the IC fails, the turntable becomes inoperable. Replacement ICs are almost impossible to find and haven’t been manufactured in many years. For most people, this means that the PS-X75 becomes e-waste when that IC bites the dust. But MKB-1 has some reverse-engineering skill and was able to save their PS-X75 by swapping out original IC for an Arduino Mega.
It is no secret that I have a few things permanently burned into my neurons: the 1802 instruction set, the commands for WordStar, and the commands for emacs. There was a time when emacs was almost my operating system. With no X11, emacs gave you a way to have a shell in one window, check your mail, and keep your work open.
I still use emacs a lot (although I’ve been getting more and more pleased with vscode with an emacs keybinding extension). But I also spend a lot of time — like right now — writing in a Web browser. Especially if I’m writing about code, it gets hard to remember which set of keys you have to use and I’ve wanted to do something about it for a long time. The answer is a very cool program called Autokey. (You can download my files for it, but you probably want to read more first.) It probably doesn’t work if you have switched to Wayland, but it can do a lot for you ranging from saving you some typing to reprogramming your favorite program to have different keystrokes. However, it isn’t without its problems, and I’ll tell you what I know about it.
For the past three months, an elusive bug in Google's open-source Chromium project has been causing a small percentage of Chrome extensions to silently fail.
The bug affects about three to five percent of users of several popular Chrome browser extensions, according to Jói Sigurdsson, founder and CEO of CrankWheel, maker of a screen-sharing extension for sales teams.
As described in the Chromium bug report, event handlers registered via chrome.browserAction.onClicked.addListener sometimes will fail to get dispatched when the associated button or icon is clicked by the user. For an individual using an affected extension, the result would be that the extension's button just stops responding to click events.
Anyone who follows web browser development even a little has heard of Google's push for the adoption of Manifest V3 and the havoc it is anticipated to bring to many web browser extensions. Most significantly, Manifest V3 eliminates Web Request API, and replaces it with Declarative Net Request API. This change will seriously cripple many ad blocker extensions, which rely on the Web Request API to effectively block unwanted ads on websites visited by the end user. Currently, no new Chrome extensions are being accepted that are based on Manifest V2, which features the Web Request API.
Starting in June 2023, Google will no longer allow extensions based on Manifest V2 to continue to run, replacing Manifest V2 with Manifest V3. Mozilla, on the other hand, plans to start implementing Manifest V3 in late 2022. But, Mozilla also plans to maintain support for the Web Request API from Manifest V2, allowing ad blocking browser extensions to continue to work.
If you are a Chromium user (or the user of any browser based on it, such as Google Chrome, Opera, Brave, etc.), the implementation of Manifest V3 has already begun. When fully implemented, expect your ad blockers to either cease functioning or to be severely crippled under Chromium-based browsers.
It makes sense that Google would want to cripple ad blockers. Consider that the vast majority of Google's fortunes are made from selling advertising, especially advertising that is targeted at individual users. If an ad is blocked, it's not viewed by the end user, and Google gets no money when you cannot view it. Also, when you can't view it, you can't click through the ad to visit the advertiser's website. Those "click counts" are important, especially if you own the website on the other end, or if you sell advertising based on click counts.
Developers of web browser extensions – especially ad blocker extensions – have been very vocal about the implementation of Manifest V3. None have been more vocal than Raymond Hill, the creator of the uBlock Origin ad and content blocker.
Hang on to your seats, gang. This is going to be one rocky, bumpy, crater-filled ride for the next year or so. If you abhor ads on your web pages (like most people do), prepare for the terrifying reality that you can no longer hide them or prevent them from appearing. But then again, there's always Firefox. It makes me glad to be a Firefox user.
Move on over, Google Translate. Step aside, DeepL. There's a new kid in the translation neighborhood.
Meet Firefox Translations. Unlike the other online translators out there (including the two already mentioned), Firefox Translations is a client-side translator. While the others are cloud-based, Firefox Translations translates the data in your browser on your local computer, so no information is ever transmitted to or from your computer during the translation.
[...]
Once a page is loaded in one of the supported languages (different from the language used on your computer), you should see the above toolbar in Firefox. Just click on the "Translate" button. If this is the first time you're using the tool for a particular language, it may take a few seconds to download the translation "dictionary" to your computer. It will then work to translate the page into your native language.
To provide high quality tools for our contributors, together working on office productivity for over 200 million users around the globe, we are searching for a Web Technology Engineer (m/f/d) to start work as soon as possible.
With WordPress 6.1 already in the works, a lot of updates happened during June. Here’s a summary to catch up on the ones you may have missed.
Linux Plumbers Conference 2022 is pleased to host the Power Management and Thermal Control Microconference
The Power Management and Thermal Control microconference focuses on frameworks related to power management and thermal control, CPU and device power-management mechanisms, and thermal-control methods. In particular, we are interested in extending the energy-efficient scheduling concept beyond the energy-aware scheduling (EAS), improving the thermal control framework in the kernel to cover more use cases and making system-wide suspend (and power management in general) more robust.
The goal is to facilitate cross-framework and cross-platform discussions that can help improve energy-awareness and thermal control in Linux.
Cloud-native is more than a trend—it’s estimated that by 2023, the majority of new applications will adopt cloud-native components. One aspect of cloud-native is connectivity—networking is essential to enabling containers to talk to one another, especially since multiple containers may comprise a single application. But, it’s not only single containers you have to worry about—architects may want to combine components from multiple clusters, which might be sitting in various clouds or on-premises locations.
Cloud-native networking can help ease this tricky process by creating virtual overlay networks on top of existing networks. And if you’re creating an overlay network for your cloud-native communication, many open source tools are at your disposal. Below, we’ll review some of the projects hosted by the Cloud Native Computing Foundation (CNCF) around cloud-native networking. These tools below use the Container Network Interface (CNI), a CNCF-hosted project that specifies standards for ââ¬â¹Ã¢â¬â¹configuring network interfaces to work with pods.
A seemingly major vulnerability has been discovered by security researcher and Northwestern PhD student Zhenpeng Lin, affecting the kernel on the Pixel 6 and 6 Pro and other Android devices running Linux kernel versions based on 5.10 like the Galaxy S22 series. Precise details for how the vulnerability works have not yet been published, but the researcher claims that it can enable arbitrary read and write, privilege escalation, and disable SELinux security protections — in short, this is a biggie. The researcher has verified to Android Police that Google was not informed of the vulnerability before its demonstration on Twitter.
Today, the Department of Defense (DoD) announced that the Chief Digital and Artificial Intelligence Office (CDAO), the Directorate for Digital Services and the Department of Defense Cyber Crime Center (DC3) are launching the “Hack U.S.” bug bounty program.
The program will offer financial rewards for ethical hackers and security researchers who can identify critical and high severity vulnerabilities in the scope of the DoD’s vulnerability disclosure program.
NIST has not chosen a public-key encryption standard. The remaining candidates are BIKE, Classic McEliece, HQC, and SIKE.
I have a lot to say on this process, and have written an essay for IEEE Security & Privacy about it. It will be published in a month or so.
Late last year, I started exploring the React-based documentation framework Docusaurus, and spent a good chunk of time going through the documentation. (Surprise! They use their own product!) I got pretty familiar with how it works under the hood, and the ways in which it can be expanded on. It's also got a bustling community, which is unsurprising since it’s entirely open source.
In September 2014, a group of forty-three students were forcibly disappeared in Iguala, Mexico. The devices of a group of experts subsequently investigating this mass disappearance, including for possible governmental involvement, were targeted for infection with NSO Group’s Pegasus spyware. Evidence suggests that these spyware attacks “were clearly intended to compromise the privacy and integrity of the […] investigative process.” The spyware attacks against the investigators of this mass disappearance is only one illustration of the intimate link between spyware and human rights abuses. These abuses have included enforced disappearances, as spyware has facilitated states’ ability to conduct unlawful surveillance, track dissidents and their associates, and interfere in investigations related to disappearances.
Investigations by research groups such as the Citizen Lab and Amnesty International have uncovered that states around the world, ranging from Saudi Arabia to Rwanda, are using new surveillance technologies to monitor human rights defenders, journalists, and political opponents, among others. The global spyware industry which has contributed to the proliferation of these new surveillance technologies has been characterized as “out of control,” “assisting state suppression,” “undermining freedom,” and “a threat to democracy.” These new technologies have allowed states to expand their surveillance capabilities to an unprecedented degree, particularly through the ubiquity of cell phones and other devices that can relay information about a target’s location, private communications, and other activities. Technologies touted by activists, human rights defenders, and scholars as essential tools for democratization and the proliferation of human rights have thus been transformed into tools of oppression by this mercenary spyware. Without intervention, the use of spyware will only further proliferate and create an increasingly insecure world for human rights defenders, journalists, and government critics.
A British diplomat serving as Envoy Extraordinary to the Kingdom of the Two Sicilies, William Hamilton (1730–1803) spent a large part of his life in Naples — observing volcanic activity, collecting antiquities, and shepherding adventurous travelers, including kings and queens, to the summit of magma-rich mountains. Present for the eruptions of Mount Vesuvius during the mid-to-late eighteenth century, Hamilton wrote Campi Phlegraei in two parts, with a tertiary supplement, based on his Observations on Mount Vesuvius (1772) for the Royal Society. Composed as a bilingual French and English edition, the work is a notable watershed in volcanology, trading biblically-inflected narratives of catastrophe and creation for precise observational description. To illustrate these volumes in a manner true to his approach, Hamilton recruited the English-born Neapolitan artist Peter Fabris, otherwise known for his paintings of the city’s “pulsating street life — with sellers of melons, cooked apples, corn, truffles and fried pastries”, writes Robert Holland. Hamilton charged Fabris to paint with “the utmost fidelity”, making sure “each stratum is presented in its proper colours”, and fifty-nine of the resultant gouaches were engraved and hand-colored to accompany Campi Phlegraei (literally, the flaming or fiery fields, named after the area west of Naples). In curator and writer James Hamilton’s assessment, Fabris “revolutionized the art of the volcano, and changed our ways of seeing them”.
Visual depictions of wizardry have always been a bit lacking, in my opinion. It is a conundrum, for sure: high level magic does not translate well to mediums like film. Some series come close to satisfying me, but I think it was the first Doctor Strange movie that finally met my expectations. His newest venture continues the trend, and despite a fair few contrived and uninspired fights, still managed to impress me. Something I haven't said about a superhero movie in a long time.
My body ends up a good part of the day in a horizontal position. Most of this time it is asleep, not sure about quality of sleep sometimes though. Possibly to to the fact that parts of that time lying in bed are awake, spent with the mobile phone in hand, scrolling various €»social media€«, be it Gemini, less Gopher, more Mastodon and also Twitter, as well as a handful of RSS feeds.
I stumbled on a serious security vulnerability in a widely used gemini server. I am being deliberately vague because I don't want to enable malicious users to exploit the vulnerability until a fix is available.
I was able to contact the developer of the gemini server. They understand the seriousness of the issue and they are working on a fix which they plan to be available in the next week or so.
I did a scan of all known capsules and there are ~50 capsules with this security vulnerability. Once a fixed version has been released I will provide more information about the security issue.
I have this SVG/Javascript application (Gridmapper) and I'm sort of wanting to rewrite it into a program that runs without a browser. At least I want to see whether I could potentially do it. I'd like to be able to do it.
This is just something on my mind and I'm trying to figure out how to solve. Most web frameworks use a work-stealing thread pool to improve throughput. Maybe one of the threads is overburdened with 100 tasks in its queue. But all the other 15 threads are idle. Other threads should be able to take tasks away from the overburdened thread. Well, I can't do that (at least not easily) in Drogon and Trantor.
* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.