Bonum Certa Men Certa

Links 16/09/2022: Peropesis 1.7 and IPFire 2.27 - Core Update 170



  • GNU/Linux

    • Desktop/Laptop

      • Chrome UboxedCamera access for Linux on ChromeOS may be very close [Ed: Just delete ChromeOS, install a 'proper' GNU/Linux on that]

        Four long years. That’s how long I have been tracking this bug report. With every Canary update, the first thing I check is whether or not I can access a camera via the Linux container on my Chromebook. Sadly, I still can’t access a webcam via Crostini but I have every reason to believe that this could soon change. For starters, the original bug report/feature request is still open. If Google had no intention of bringing camera access to Linux, developers would have marked this “wontfix” and moved on. Four years later and this bug has been starred by 230 users. It seems clear to me that Google understands that this is a feature that is needed.

      • Its FOSSFOSS Weekly #22.34: Books to Master Linux, Dangerous Commands, Torvalds on Apple M2 and More

        By the way, would you like some crosswords and word puzzles about Linux?

        Just reply to this email and let me know. We can work on some if we get positive interest from enough people ;)

    • Server

      • Kubernetes BlogKubernetes 1.25: Two Features for Apps Rollouts Graduate to Stable

        This blog describes the two features namely minReadySeconds for StatefulSets and maxSurge for DaemonSets that SIG Apps is happy to graduate to stable in Kubernetes 1.25.

        Specifying minReadySeconds slows down a rollout of a StatefulSet, when using a RollingUpdate value in .spec.updateStrategy field, by waiting for each pod for a desired time. This time can be used for initializing the pod (e.g. warming up the cache) or as a delay before acknowledging the pod.

        maxSurge allows a DaemonSet workload to run multiple instances of the same pod on a node during a rollout when using a RollingUpdate value in .spec.updateStrategy field. This helps to minimize the downtime of the DaemonSet for consumers.

        These features were already available in a Deployment and other workloads. This graduation helps to align this functionality across the workloads.

    • Audiocasts/Shows

      • Tux DigitalUltra Lab Refresh - Sudo Show - TuxDigital

        The Sudo Show covers topics ranging from Enterprise Open Source to Cloud Management, but we don’t just talk about the technology. We discuss methodologies like DevOps and how to change your team and company cultures to build and grow your people! Need to get more done? Join us as we share our years of experience working from home including our tips and tricks for better productivity!

    • Applications

    • Instructionals/Technical

      • Linux HintInstall Get Started Nginx

        Nginx, read as “Engine-x”, is an open-source Linux software that serves as a web server for HTTP caching, reverses proxy, and balances the load. Nginx is designed mainly for maximum performance stability since it provides us with capabilities for the HTTP server. It also functions as a proxy server for email (IMAP, POP3, SMTP). In the most straightforward explanation, we can define Nginx as a web server that allows us to reduce the page load time to avoid long web page waits. The architecture of the Nginx is based on the master-slave approach for non-blocking, asynchronous and event-driven support.

      • FOSSLinuxHow to install Skype for Linux in elementary OS | FOSS Linux [Ed: It's Microsoft/NSA spyware; better avoided completely]

        Skype is a proprietary telecommunications app operated by Skype Technologies, a division of Microsoft, well-known for videoconferencing, videotelephony, and voice calls. The software supports file transfer, debt-based calls to landlines, instant messaging, and mobile telephones (traditional telephone networks). Skype is a cross-platform software available on various desktop video games console platforms, mobile, Linux, Windows, and macOS.

      • UNIX CopHow to Enable BBR on Debian 11 / Ubuntu 22.04

        In this post, you will learn how to enable BBR on Debian 11 / Ubuntu 22.04. The goal is to improve the web experience.

      • Make Use OfHow to Quickly Remove Metadata From Files on Linux

        All files contain some additional information about the data stored in them, also known as metadata. Here's how to remove file metadata on Linux.

        When you create a file, all kinds of supplementary metadata get added to it. Anyone with access to the file can read this information, which may include details you may not want anyone else to know.

        Here's how to clear metadata from files on Linux.

      • Setting up Uptime Kuma on the Raspberry Pi - Pi My Life Up

        Uptime Kuma is a free and open-source uptime monitor tool that you can easily install on a Raspberry Pi.

        Using this software, you can measure the uptime and response time of various services.

        Some of the services that Uptime Kuma can monitor are HTTP(s), TCP, PING, DNS Record, Steam Game Servers, docker containers, and more.

        If your Raspberry Pi detects an outage, Uptime Kuma can send a notification to various services. These services include Discord, Telegram, Slack, and Email.

      • Make Use OfHow to SSH Into a VirtualBox Ubuntu Server

        Setting up virtual machine servers is quick and easy. But is there a way to access your virtual machines remotely using SSH?

        Virtual machines provide engineers and admins with a good platform to test software, set up IT environments, and maximize the utilization of server hardware resources.

        VirtualBox is one of the most popular virtualization software on the market today. It's open source and is packed with lots of nice features. Let's take a look at how to SSH into an Ubuntu server or desktop running in VirtualBox.

      • Linux Made SimpleHow to install Dofus on a Chromebook in 2022

        Today we are looking at how to install Dofus on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • Linux Host SupportHow to Install and Configure CSF on AlmaLinux | LinuxHostSupport

        In this tutorial we are going to install and explain in step-by-step detail how to configure CSF on AlmaLinux OS.

        Config Server Firewall or CSF is a free and advanced firewall for most Linux distributions. CSF can be easily installed on a server with control panels such as DirectAdmin, WHM/cPanel and etc. It includes security features such as login, intrusion, flood detections, and many more. With CSF we can easily block IP addresses, whitelist IP addresses, open and close ports and etc.

        Installing and configuring CSF on AlmaLinux is a straightforward process that may take up to 10 minutes. Let’s get started!

      • ID RootHow To Install HandBrake on Linux Mint 21 - idroot

        In this tutorial, we will show you how to install HandBrake on Linux Mint 21. For those of you who didn’t know, HandBrake is a tool for converting video from nearly any format to a selection of modern, widely supported codecs. Just select the preset that matches your device and start encoding videos. It encodes and reduces the size of your movies up to five times (maybe more) smaller than your original movies. HandBrake is available for macOS, Linux, and Windows.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of a HandBrake video transcoder on Linux Mint 21 (Vanessa).

      • Linux Cloud VPS10 Basic Find Commands in Linux With Examples | LinuxCloudVPS Blog

        In this tutorial, we are going to explain the most used 10 find Commands in Linux with real examples.

        Find command is one of the most used commands in Linux since with the find command we can easily locate files and folders on our server. The find command is executed with a couple of arguments and conditions that can easily locate files by users, groups, size, date and etc.

        In this tutorial, we are going to use the latest Ubuntu 22.04 as OS, but you can choose any Linux distro to practice these examples by the “find” command. Let’s get started!

      • Build and Install OpenLens on Linux

        We are migrating from Lens to OpenLens.

        OpenLens provides insight into everything that runs in Kubernetes. If you use Kubernetes on a day-to-day basis, OpenLens is for you.

    • Games

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • DebugPointKDE Announces "Plasma Bigscreen" for TV UI, Brings 5.26 Beta

          KDE Plasma 5.26 desktop BETA is now out for testing and the final release is due on Oct 6, 2022.

          Plasma 5.26 brings a huge set of new features across the Plasma shell, widgets, Kwin and other desktop components. In the announcement, the team also introduces a new Plasma user interface (UI) for large screen displays such as Smar TVs - called "Plasma Bigscreen".

      • GNOME Desktop/GTK

        • LinuxiacGNOME's Libadwaita 1.2 Released with Exciting Improvements

          Some of the new features of Libadwaita 1.2 include messages adaptive layout and a new type of boxed list rows containing an inline entry.

          Over the last year, Libadwaita has been exciting and contentious in the Linux community, particularly among GNOME Desktop devotees. And, of course, not without cause, as it is the new path that the GNOME Project has followed since its version 41.

          But first, for those not in the know, let me explain what exactly Libadwaita is. In short, Libadwaita is a GTK 4 library that complements GTK by implementing the GNOME Human Interface Guidelines (HIG). Or in other words, Libadwaita separates GNOME and GTK.

  • Distributions and Operating Systems

    • New Releases

      • Peropesis 1.7: odyssey continues

        The Peropesis Linux project is moving forward in small steps, new edition 1.7 released. In the new edition part of the existing software was updated and new software was added. Thanks to the newly added software, the Peropesis operating system now has the ability to download files from the Internet using the wget tool. It also became possible to store multiple files in archive, and extract archived and compressed files using tools such as tar, gzip, xz and bizp2.

      • IPFire Official BlogIPFire 2.27 - Core Update 170 released



        The next Core Update is released: IPFire 2.27 - Core Update 170. It features new IP blocklists for the firewall engine, significant improvements to Pakfire, modernizes the default cryptographic algorithm selection for IPsec connections, as well as a new kernel, and a plethora of bug fixes and security improvements under the hood.

        Based on prior development by Tim FitzGeorge, Stefan brought a new feature to the firewall engine, which allows the easy activation of various public IP-based blocklists, just by a single click.

    • BSD

      • Mailing list ARChivesOpenBGPD 7.6 released

        [...] * Speedup bgpctl show rib 10/8 or-longer and show rib 10/8 or-shorter [...]

    • Arch Family

      • TecMintGaruda Linux – A Rolling Release Distribution Based on Arch Linux

        Arch Linux has a reputation for being an intimidating operating system to use, especially for beginners. Unlike popular Linux distributions such as Ubuntu and Fedora which provide a graphical installer, installation of Arch Linux is a tedious and time-consuming process.

        You have to set up everything from the command line, which includes configuring the timezone and local settings, keyboard, and partitioning the disk partitions to mention a few. This can be daunting and time-consuming. Even after installation, you still have to go to great lengths to configure everything to your preference.

    • Red Hat / IBM

      • Red Hat OfficialStack/Unstuck: Frameworks And Fundamentals

        Frameworks exist to make building apps easier, and there are a lot to choose from. We hear from one long-time Java developer about his passion project, an app designed to remind users of important deadlines and appointments. We explore his app’s framework—How he chose it, and how things changed along the way.

        While they are there to help developers build applications very quickly, frameworks shouldn’t be seen as a salve or a substitute for basic knowledge. When things go awry, that’s where knowing the fundamentals can help, whether you are building applications on your own, or working on a larger team.

      • IT ProRed Hat adopts a remote-first policy, with offices turned into "neighbourhoods" | IT PRO

        If they choose to return to the office, however, employees will find a redesigned space and collaborative "neighbourhoods" awaiting them, according to chief people office Jennifer Dudeck.

        More than 30% of Red Hat staff worked remotely before the pandemic, Dudeck wrote in a blog post. However, the software provider is expanding that flexibility to offer its employees the freedom to be 'office-flex' and choose the amount of time they spend in the office. Senior leaders, though, are still encouraged to work from one of the company's offices to "interact and learn more", Dudeck said.

    • Canonical/Ubuntu Family

      • UbuntuWhy Enterprises Choose Canonical Ubuntu on AWS

        As the publisher of the Linux distribution Ubuntu, Canonical support, secure, and manage Ubuntu infrastructure and devices for thousands of businesses. Ubuntu runs from cloud to edge. It is the platform that everybody uses on the public cloud including AWS, and the preferred workstation experience for builders all over the world!

      • UbuntuASUS IoT and Canonical partner on Ubuntu Certification for IoT Applications

        TAIPEI, Taiwan, September 14, 2022 — ASUS IoT, a global AIoT solution provider, today announced a partnership agreement with Canonical to certify the device manufacturer’s boards and systems with Ubuntu 20.04 LTS. ASUS IoT devices are used in a wide range of edge computing applications. New devices like the PE100A will be certified for optimised performance with Ubuntu, ensuring faster development times and ease of configuration.€ 

        This collaboration between ASUS IoT and Canonical ensures that individual hardware I/O functions conform to industrial-grade standards and to the version of Ubuntu running on the device. Moreover, security updates for the Ubuntu base OS, critical software packages and infrastructure components are provided for up to 10 years with Canonical’s Extended Security Maintenance. The solution is ideal for companies in industrial manufacturing, smart retail, smart transportation and many other sectors.

      • Asus IoT, Canonical partner on Ubuntu Linux certification for IoT apps
    • Devices/Embedded

      • CNX SoftwareBeetle RP2040 is a tiny Raspberry Pi RP2040 board with easily solderable pads - CNX Software

        DFRobot Beetle RP2040 joins other miniature Raspberry Pi RP2040 developments boards such as Pimoroni Tiny 2040 & Adafruit QT Py RP2040, but with only eight GPIOs accessible through larger pads that are easier to solder.

        The tiny 27 x 20 mm board comes with a USB Type-C port, BOOT and reset buttons, and twelves pads with a through hole each comprised of eight GPIOs, plus VCC, 3.3V, and GNS pads. The Beetle RP2040 is designed to be embedded into small devices or projects, and the company selected I/Os that can be configured as I2C, UART, SPI, GPIOs, analog input, etc…

      • Raspberry PiThe Official Raspberry Pi Handbook 2023 – your definitive guide to everything Raspberry Pi

        What can you expect to find inside? Well, we’ve taken as many of the very best projects, guides, tutorials, and reviews as we could, and squeezed them into the book. We’ve included our definitive getting started guides and special features on Raspberry Pi Pico W, the wireless microcontroller built on Raspberry Pi silicon.

      • Using Vulkan SC for Safety-Critical Graphics and Real-time GPU Processing | NVIDIA Technical Blog

        NVIDIA helped lead the creation of the Vulkan SC 1.0 API and is now shipping production drivers on its NVIDIA DRIVE and NVIDIA Jetson platforms.

      • Linux GizmosRK3588 SoC based TV Box supports 8K@60fps resolution

        The H96 MAX V58 is a TV Box equipped with the octa-core Rockchip RK3588 System on Chip (SoC) which features up to 8GB of RAM and up to 64GB of eMMC storage. The device supports dual band Wi-Fi 6 and a single GbE LAN port for fast connectivity.

        The H96 MAX V58 base model comes with 4GB of RAM and 32GB of eMMC storage. The upgraded model ships with 8GB of RAM and 64GB of eMMC. The product page on AliExpress mentions an SD card slot, but the TV Box doesn’t seem to include one from the images featured.

    • Open Hardware/Modding

      • CNX SoftwareSiFive unveils Automotive E6-A, X280-A, and S7-A RISC-V processors - CNX Software

        RISC-V is coming to your car too, with the introduction of SiFive Automotive E6-A, X280-A, and S7-A RISC-V processors designed for automotive applications such as infotainment, cockpit, connectivity, ADAS, and electrification.

        Those are built on the existing SiFive Essential 6-series E6 32-bit real-time cores, SiFive Intelligence X280 64-bit RISC-V processor with AI extensions, and SiFive S7 64-bit real-time cores (equivalent to Cortex-R7/R8), but adds safety, security, and performance required by the automotive market such as ASIL compliance.

      • PurismAuto Contrast on Librem 5 smartphones - Purism

        Using Librem 5 outdoors is easier now! Because the Librem smart phones have more sensors than an ordinary computer, and we can use these extra sensors to improve ease of use and accessibility. The most recent release of Phosh (our user interface), has added a feature to automatically switch to a high contrast theme when in direct sunlight. It can really come in handy, especially on bright days.

      • HackadayThis Simple Light-Controlled Synth Has A Surprisingly Rich Sound

        Audio synthesizers can range from vast racks of equipment with modules stitched together by a web of patch cords to a couple of 555s wired together in an Atari punk arrangement. This light-controlled synth comes in closer to the lower extreme of that range, but packs a sonic punch that belies its simplicity.

    • Mobile Systems/Mobile Applications

  • Free, Libre, and Open Source Software

    • Web Browsers

      • Mozilla

        • MozillaMozilla Performance Blog: A different perspective [Ed: Mozilla is heavy and bloated already, as the Web itself has come to require very heavy and bloated browsers that act more like VMs, not rendering engines; there's no way to "fix" the Web; it needs to be abandoned and we need to start over]

          Usually, in our articles, we talk about performance from the performance engineer’s perspective, but in this one, I want to take a step back and look at it from another perspective. Earlier this year, I talked to an engineer about including more debugging information in the bugs we are filing for regressions. Trying to make a context out of the discussion, I realized the performance sheriffing process is complex and that many of our engineers have limited knowledge of how we detect regressions, how we identify the patch that introduced it, and how to respond to a notification of a regression.

        • MozillaMozilla Privacy Blog: Mozilla Responds to EU General Court’s Judgment on Google Android [Ed: Mozilla fails to note that it is taking a lot of money (surveillance money) from Google; Mozilla "valuing privacy" should actually be considered a joke]

          This week, the EU’s General Court largely upheld the decision sanctioning Google for restricting competition on the Android mobile operating system. But, on their own, the judgment and the record fine do not help to unlock competition and choice online, especially when it comes to browsers.

    • Programming/Development

      • Simon Ser: Status update, September 2022

        This month I’ve been working on stuff I’d usually not work on willingly. And by that I mean Rust and screen tearing of course.

        I’ve been randomly typing keys on my keyboard and before I knew it, a wlroots-rs repository was created. Everybody is saying how difficult (or even impossible) it is to write Rust bindings for wlroots so I wanted to see for myself and give it a try. One thing is clear: these people weren’t wrong. The first step was to wire up bindgen to automatically generate Rust declarations from the wlroots headers, and that was easy enough. Then I needed to figure out how to use libwayland’s intrusive linked lists (wl_list, wl_signal and wl_listener) from Rust. I took a while to build a basic example where a fixed wl_signal is listened to. Then it took more time to figure out a (hacky) way to abstract that into a re-usable helper. And now I’m stuck at trying to figure out a reasonable Rust API.

        The main issue is that Rust lifetime concepts don’t map well to wlroots/Wayland. I’ve taken some inspiration from Smithay and introduced a BackendHandler trait which can be implemented by a compositor, and which has its methods called when a wlroots signal is emitted. This works nicely for simple cases, but sometimes signals are used to introduce new objects to the compositor (e.g. wlr_backend.events.new_output). Sometimes signals reference an existing object. If the compositor owns all wlroots objects, then wlroots can’t fire a signal referencing these objects. Also, the compositor would like to listen to signals on objects created by wlroots, e.g. wlr_output.events.destroy. My next try will maybe introduce some kind of wlroots object handle (and there can be multiple handles referencing the same wlroots object), but not sure how it’ll turn out. If you have any good ideas, please share! My latest work is sitting in the handler-v2 branch.

      • Perl / Raku

        • PerlHacktoberfest 2022 is near! | itcharlie [blogs.perl.org]

          Every year in the month of October a company named DigitalOcean hosts an event named Hacktoberfest.

          If you ever wanted to contribute to a Perl project now is a good time to give it a go!. Here are a few beginner friendly projects that are up-for-grabs.

      • Python

        • [Old] nGauge: Integrated and extensible neuron morphology analysis in Python

          The study of neuron morphology requires robust and comprehensive methods to quantify the differences between neurons of different subtypes and animal species. Several software packages have been developed for the analysis of neuron tracing results stored in the standard SWC format. However, providing relatively simple quantifications and their non-extendable architecture prohibit their use for advanced data analysis and visualization. We developed nGauge, a Python toolkit to support the parsing and analysis of neuron morphology data. As an application programming interface (API), nGauge can be referenced by other popular open-source software to create custom informatics analysis pipelines and advanced visualizations. nGauge defines an extendable data structure that handles volumetric constructions (e.g. soma), in addition to the SWC linear reconstructions, while remaining light-weight. This greatly extends nGauge’s data compatibility.

        • Fedora MagazineUsing Python and NetworkManager to control the network

           There are other tools that offer similar functionality. However one of the advantages of NetworkManager is that it offers a powerful API. Using this API, other applications can inspect, monitor and change the networking state of the system.

          This article first introduces the API of NetworkManager and presents how to use it from a Python program. In the second part it shows some practical examples: how to connect to a wireless network or to add an IP address to an interface programmatically via NetworkManager.

        • Linux Shell TipsPython Package Manager PIP Cheat Sheet for Linux

          If you are new to the Python programming language or have some experience in navigating around popular programming languages, then you must have crossed paths with PIP.

          The Python module installed on your Linux operating system distribution is associated with numerous packages and libraries that help lessen common hurdles affecting your Python projects.

          To install such packages and libraries, we need the aid of Python PIP, which is a useful Python package manager that is effective in fetching, installing, and configuring needed Python packages and libraries.

          The usage of the PIP Python package manager is not always clear and might require continuous internet searches to find the appropriate command syntax associated with it.

        • Linux HintPython Command Line Parsing Tutorial

          The parsing for command line arguments was formerly included in the default Python library “argparse”. By enabling user input values to be somehow parsed and then used, “argparse”. It offers flexibility and reuses your code in place of manually setting variables as part of the code.

      • Shell/Bash/Zsh/Ksh

        • FOSSLinuxBASH while loop explained with examples | FOSS Linux

          Programming languages are built on a foundation of many core concepts, including loops. Loops come in handy when you need to execute a set of commands several times until a particular condition is met. Loops are a valuable tool for automating repetitive tasks and can be found in scripting languages such as Bash. The for loop, the while loop, and the until loop are the three fundamental iteration constructs in Bash scripting.

          This guide will walk you through the fundamentals of using while loops in Bash. In addition, we will demonstrate how to change the course of a loop by utilizing the break and continue statements in the appropriate places.

          In a Linux Bash script, the while loop ensures the script will continue to run so long as the condition that was programmed remains accurate. When you need to repetitively execute a set of commands a certain number of times, or when you desire to create an infinite loop, while loops are valuable tools to have at your disposal. To teach you how while loops in a Bash script are written and what kind of functions they perform, this tutorial will walk you through several example scripts that contain while loops.

  • Leftovers

    • Education

      • Times Higher EducationRise of Swedish right tipped to turn off international scholars

        Mats Benner, dean of Lund University’s School of Economics and Management, told Times Higher Education that immigration policy was “a nuisance for universities already as it is, and I would not expect it to become easier”.

      • Common DreamsOpinion | Teachers Should Carry Books, Not Guns—And Politicians Should Do Their Jobs

        I will never forget the afternoon before my very first day as a middle school teacher in central New Jersey. Textbooks and worksheets sat strewn across my bed in the house I shared with my father. I was 25 years old and had just received my teaching license. My nerves were frayed—as every novice teacher knows, there is absolutely nothing more terrifying than a new classroom full of young people.

    • Hardware

      • HackadayFork And Run: The Definitive Guide To Getting Started With Multiprocessing

        Since the early 2000s, the CPU industry has shifted from raw clock speed to core counts. Pat Gelsinger famously took the stage in 2002 and gave the talk the industry needed, stating processors needed specialty silicon or multiple cores to reduce power requirements and spread heat. A few years later, the Core series was introduced with two or four-core configurations to compete with the AMD Athlon 64 x2.

      • CNX SoftwareDeNova Detect natural gas alarm works with Amazon Sidewalk network - CNX Software

        New Cosmos’ DeNova Detect is a wireless natural gas alarm that works with the Amazon Sidewalk network designed for low-power, low-bandwidth IoT devices in and around the house, benefiting from free connectivity thanks to the installation base of Amazon devices such as the Echo Show acting as gateways.

        DeNova Detect does not require wiring to mains, and the device is expected to achieve an extended battery life of seven years, so customers can choose the optimal location for a gas alarm in their homes without needing to be close to an electrical outlet. There’s no need to have an additional gateway such as with LoRaWAN solutions as well as the customer owns one or more Sidewalk-compatible device.

    • Health/Nutrition/Agriculture

    • Proprietary

    • Security

      • USCERTCISA and NSA Publish Open Radio Access Network Security Considerations [Ed: But NSA is pursuing back doors in everything, which is the exact opposite of security]

        CISA and the National Security Agency (NSA) have published Open Radio Access Network Security Considerations. This product—generated by the Enduring Security Framework (ESF) Open Radio Access Network (RAN) Working Panel, a subgroup within the cross-sector working group— assessed the benefits and security considerations associated with implementing an Open RAN architecture. Focusing on current designs and specification standards, the ESF Open RAN Working Panel examined how security compares with, and is distinct from, traditional, proprietary RANs.

      • Rust BlogThe Rust Programming Language Blog: Const Eval (Un)Safety Rules [Ed: Rust is not about security; Rust itself is a security risk. More complexity, more bugs, more threats to security.]

        In a recent Rust issue (#99923), a developer noted that the upcoming 1.64-beta version of Rust had started signalling errors on their crate, icu4x. The icu4x crate uses unsafe code during const evaluation. Const evaluation, or just "const-eval", runs at compile-time but produces values that may end up embedded in the final object code that executes at runtime.

        Rust's const-eval system supports both safe and unsafe Rust, but the rules for what unsafe code is allowed to do during const-eval are even more strict than what is allowed for unsafe code at runtime. This post is going to go into detail about one of those rules.

      • Department of Commerce Gives Industry What it asked for Regarding the Entity List - ConsortiumInfo.orgConsortiumInfo.org

        The U.S. Department of Commerce Bureau of Industry and Security (BIS) added Chinese 5G technology giant Huawei to its Entity List more than three years ago. The immediate result was the spread of uncertainty and doubt among the hundreds of standards setting organizations (SSOs) in which Huawei participated as well as throughout the multitudes of U.S. companies who participated in those organizations. The reason was that the rules bar U.S. companies from disclosing a broad array of technology to Entity List companies, and that’s what can happen in standards working groups. Many SSOs either refused or failed to make adequate changes to their operations to fit within the vague exemptions available to avoid the concern. In consequence, many American companies believed they needed to drop out of SSOs creating the standards those companies most wanted to influence.

        On September 9, following several prior BIS releases of interim guidance and the submission of ongoing comments and requests for relief from industry (many of which we facilitated), the Department of Commerce and BIS have finally released a new Interim Final Rule that provides virtually everything commenters have asked for, and in language that in most cases is clear and actionable. While complexities and nuances remain (e.g., relating to the type of technical work being undertaken) that will still require legal analysis, the good news is that the way is clear for most SSOs to allow any Entity List company to fully participate in standards development, as well as in related activities such as conformance assessment.

      • USCERTCISA Adds Six Known Exploited Vulnerabilities to Catalog

        CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise. Note: to view the newly added vulnerabilities in the catalog, click on the arrow in the "Date Added to Catalog" column, which will sort by descending dates. 

      • It's Time to PuTTY! DPRK Job Opportunity Phishing via WhatsApp

        The techniques used by UNC4034 in this compromise, along with the techniques used in countless intrusions investigated by Mandiant, are used to continuously develop and refine threat hunting hypotheses within Managed Defense. These provide high fidelity and actionable leads that are informed by evolving threat actor tradecraft.

      • Bunnie HuangFully Oxidizing `ring`: Creating a Pure Rust TLS Stack Based on `rustls` + `ring`

        I really want to understand all the software that runs on my secure devices.

        It’s a bit of a quixotic quest, but so far we’ve made pretty good progress towards this goal: I’ve been helping to write the Xous OS from the ground up in pure Rust – from the bootloader to the apps. Xous now has facilities like secure storage, a GUI toolkit, basic networking, and a password vault application that can handle U2F/FIDO, TOTP, and plaintext passwords.

        One of the biggest challenges has been keeping our SBOM (software bill of materials) as small as possible. I consider components of the SBOM to be part of our threat model, so we very selectively re-write crates and libraries that are too bloated. This trades off the risk of introducing new bugs in our hand-rolled code versus the risk of latent, difficult-to-discover bugs buried in more popular but bloated libraries. A side benefit of this discipline is that to this day, Xous builds on multiple platforms with nothing more than a default Rust compiler – no other tooling necessary. It does mean we’re putting a lot of trust in the intractably complicated `rustc` codebase, but better than also including, for example, `gcc`, `nasm`, and `perl` codebases as security-critical SBOM components.

      • EFFEFF’s DEF CON 30 Puzzle—SOLVED

        For EFF’s lucky 13th member t-shirt at DEF CON 30, we had the opportunity to collaborate with iconic hacker artist Eddie the Y3t1 Mize and the esteemed multi-year winners of EFF’s t-shirt puzzle challenge: Elegin, CryptoK, Detective 6, and jabberw0nky of the Muppet Liberation Front.

      • Integrity/Availability/Authenticity

        • India TimesEU wants tough rules on 'internet of things' products

          "Computers, phones, household appliances, virtual assistance devices, cars, toys... each and every one of these hundreds of million connected products is a potential entry point for a cyberattack," said Internal Market Commissioner Thierry Breton.

      • Privacy/Surveillance

        • EFFMembers of Congress Urge FTC to Investigate Fog Data Science

          Eshoo also pointed out the new threat that Fog’s surveillance tool poses to people seeking reproductive healthcare. In a state where abortion has been criminalized, Fog’s Reveal tool could potentially allow police, without a warrant, to draw a geofence around a health clinic over state lines in a state where abortion is not criminalized, allowing€ them to see if any phones there return to their state. “In a post Roe v. Wade world., it’s more important than ever to be highly mindful of how tools like Fog Reveal may present new threats as states across the country pass increasingly draconian bills restricting people’s access to abortion services and targeting people seeking reproductive healthcare,” Eshoo wrote.

      • Confidentiality

        • Thomas KarpiniecA taxonomy of hosting options, for personal data security

          People often talk about “self-hosting” as a singular concept when in reality it’s a spectrum of options with very different trade-offs. In this post I propose to set out a more useful classification and describe some of the pros and cons of each. The scenario I have in mind is where you want to keep some data private to yourself, maybe across multiple devices, and perhaps share that data with specific people. Concretely: cloud file storage, email; that sort of thing.

          In my mind the spectrum looks like this: [...]

    • Defence/Aggression

      • NPRZaporizhzhia nuclear reactors won't restart until Russians leave, its operator says

        Ukrainian workers powered down the war-damaged plant last weekend for safety reasons amid continued shelling. On Tuesday, workers finished restoring all three backup power lines — a sliver of good news at the plant that officials and energy experts have warned could face a catastrophe as fighting continues around it.

      • ScheerpostSenate Panel Advances Bill That Would Radically Change US Taiwan Policy

        The legislation would give Taiwan $6.5 billion in military aid through 2027.

      • Democracy Now“In the Shadow of Invasion”: Artist Molly Crabapple & Ukrainian Journalist Anna Grechishkina Document Ukraine War

        Ukraine has accused Russia of bombing a dam in the southern city of Kryvyi Rih — where Ukrainian President Volodymyr Zelensky was born — forcing evacuation in parts of the city due to flooding. The bombing is the latest Russian attack on civilain infrastructure since Ukrainian forces recaptured over 3,000 square miles of territory from Russia during a counteroffensive this past week. For more, we speak with New York-based artist and author Molly Crabapple, who just published a series of sketches documenting her recent travels across Ukraine alongside Ukrainian journalist and motorcyclist Anna Grechishkina. “I wanted to see with my own eyes how Ukrainians were writing and defining their own future,” says Crabapple. Her new piece is titled “In the Shadow of Invasion.”

    • Environment

      • New York TimesBillionaire No More: Patagonia Founder Gives Away the Company

        Rather than selling the company or taking it public, Mr. Chouinard, his wife and two adult children have transferred their ownership of Patagonia, valued at about $3 billion, to a specially designed trust and a nonprofit organization. They were created to preserve the company’s independence and ensure that all of its profits — some $100 million a year — are used to combat climate change and protect undeveloped land around the globe.

        The unusual move comes at a moment of growing scrutiny for billionaires and corporations, whose rhetoric about making the world a better place is often overshadowed by their contributions to the very problems they claim to want to solve.

        At the same time, Mr. Chouinard’s relinquishment of the family fortune is in keeping with his longstanding disregard for business norms, and his lifelong love for the environment.

      • NPRThe founder of Patagonia is giving his company away to help fight climate change

        The Patagonia Purpose Trust will control all voting stock of the company (2%), while the Holdfast Collective, a climate change nonprofit, will own all nonvoting stock (98%).

      • Teen VoguePatagonia Founder Gives Away $3 Billion Company to Fight Climate Change

        “Instead of extracting value from nature and transforming it into wealth, we are using the wealth Patagonia creates to protect the source. We’re making Earth our only shareholder. I am dead serious about saving this planet,” Chouinard said in a statement.

      • ScheerpostPatagonia’s Founder Found the Only Way to Be a Good Billionaire

        Jessica Corbett reports on Patagonia founder Yvon Chouinard's radical decision.

      • Democracy Now“Infuriating”: A Third of Pakistan Is Underwater. Calls Grow for Climate Reparations and Debt Cancellation

        Nearly 1,500 people have died and tens of millions have been displaced in Pakistan, where catastrophic flooding has left a third of the country underwater, washing away homes, farmlands, bridges, hospitals and schools. “People have lost everything,” says Zulfikar Ali Bhutto, a Pakistani artist and the grandson of Pakistan’s former Prime Minister Zulfiqar Ali Bhutto. Bhutto says the flooding has caused an epidemic of malaria and dengue fever, and calls on the International Monetary Fund to cancel the country’s debts and commit to climate reparations.

    • Finance

    • AstroTurf/Lobbying/Politics

      • VOA NewsYouTube, Meta Will Expand Policies, Research to Fight Online Extremism

        A report by the Tech Transparency Project in May found 435 pro-militia videos on YouTube, including 85 posted since Jan. 6. Some of the videos gave training advice, like how to carry out guerilla-style ambushes.

      • The HillSenate confirms first-ever cyber ambassador

        Fick will be the bureau’s first-ever ambassador-at-large following its launch in April. The bureau was established to deal with international issues related to cyber and emerging technologies.

        It has three policy units: international cyberspace security, digital freedom, and international information and communications policy.

      • The RecordSenate confirms Fick as first U.S. cyber ambassador

        Fick will head the State Department’s Bureau of Cyberspace and Digital Policy, an office that opened in April and is intended to address gaps in the government’s global cyber response.

      • [Old] Cyber security and the cyber domain

        The aim of Finland’s national cyber security strategy is to respond to cyber threats, strengthen the overall security of society and ensure the smooth functioning of the cyber domain in all circumstances.

        The Strategy presents ten objectives that, when implemented, provide Finland with the capability nationally to control the intentional and unintentional adverse effects of the cyber domain as well as to respond to and recover from them.

      • Misinformation/Disinformation

        • Teen VogueCrisis Pregnancy Centers Are Running Ads on TikTok, Snapchat, and Instagram

          Research shows that teenagers consume news [sic] differently. Social media and messaging apps are some of the first places they turn to and crisis pregnancy centers know it. The centers reportedly spend hundreds of thousands of dollars on advertising on social media platforms to reach teens in their most vulnerable moments.

          The ad tactics range from subtle to direct. Some crisis pregnancy centers use words like “choice” or “options” in their name to appear abortion-friendly, while other ads directly attack abortion providers by name.

        • Rolling StoneHe Killed a Stranger He Thought Was a Werewolf. A Judge Just Banned Him From Social Media

          One year later, a jury was unable to reach consensus on if Bhasin was mentally fit to stand trial. He was subsequently found not guilty by reason of insanity and served three years in a mental health facility before his release this past June. On Thursday, a judge banned Bhasin from nearly all social media apps after Bhasin’s online dating profile raised concerns among Jackson’s friends. (Bhasin is still allowed to have a LinkedIn account for his job search.)

        • Judge Orders Alexandria ‘Werewolf' Killer Off Social Media After Dating Profile Sparks Concern

          Bhasin appeared in court Thursday. A prosecutor called his Facebook dating profile intentionally misleading and asked the judge to either bar him from social media or set up software to monitor his activity.

    • Censorship/Free Speech

    • Freedom of Information / Freedom of the Press

      • VOA NewsMyanmar Sentences Journalist with BBC to Three Years Labor

        A court in the Bahan Township in Yangon convicted the journalist of incitement under Section 505(a) of the Myanmar penal code. Her sentence: three years in prison with labor.

        A lawyer who represents journalists and is familiar with the case told VOA Burmese that the prosecutor did not provide evidence.

      • IT WireiTWire - Mexico more concerned about Assange than Australia, says brother

        Mexico has awarded WikiLeaks founder and publisher Julian Assange the keys to its capital, Mexico City, in its latest move to celebrate the Australian's journalism and pressure the Biden administration to act on the pending extradition case.

        But while a country so far away, and on the US border too, is doing this, it is passing strange that Australia, the country of which Assange is a citizen, is doing little or nothing to push for his freedom, his brother, Gabriel Shipton told iTWire on Friday.

        Shipton, who is in Mexico at the moment, said there had been conflicting messages from the Albanese government which had, prior to being elected, hinted that quiet diplomacy would be undertaken to gain Assange's freedom.

        Prime Minister Anthony Albanese hinted before the election that Assange's protracted judicial proceedings should be ended. When he was asked about it after the election, he responded that diplomacy was not conducted over a megaphone.

        {loadposition sam08}Shipton said Albanese's words about his brother were more or less "an election promise". But at the beginning of August, when Labor Senator Don Farrell had been contacted to inquire if any moves had been made towards freeing Assange, he had said Australia could not interfere in court proceedings of other countries, a similar statement to that which was made by the previous Morrison government on more than one occasion.

    • Civil Rights/Policing

      • Hubbard BroadcastingNews10NBC Exclusive: Body-worn camera video shows moments after EMT was arrested in Strong Emergency Room

        Smith had opened the door of the ambulance into the door of the unmarked police car LoTiempo had parked in the emergency vehicle bay at Strong Memorial Hospital. LoTiempo asked for Smith’s name and identification, at first she didn’t think she hit the car and then told him she would handle it after she got her patient inside and unloaded.

        The body-worn camera video provided by a source to News10NBC Investigative Reporter Jennifer Lewke shows the moments following LoTiempo’s arrest of Smith inside the Emergency room.

      • The NationRail Workers, Nurses, Teachers Are Fighting From the Bottom Up

        It seems right now that the railway workers might be in a position similar to that of their sisters and brothers in IATSE. At the core of their fight has been a grueling just-in-time scheduling system used by the bosses of the biggest rail freight companies to keep costs down at the expense of workers’ lives. In this system, workers are essentially always on call except during short, pre-booked vacation times, and are punished if they aren’t immediately available when called into work because they, God forbid, have to do something like go to the doctor. The only thing that changed overnight (literally) in the proposed tentative agreement was that these workers would not be disciplined for getting sick on a Tuesday, Wednesday, or Thursday. They still have to be available at a moment’s notice for the majority of the week, with no excuses—so they’ll still have to plan their illnesses carefully.

      • Democracy Now“30 Years in the Making”: U.S. Rail Strike Averted by Tentative Deal as Workers Decry Grueling Conditions

        Railroad workers have reached a new tentative union contract with rail companies, averting a potential strike set to start on Friday that could have shut down rail service across the United States. The deal, which has yet to be released in writing and ratified by union members, is said to grant one paid sick day to workers, allow workers to attend medical appointments without being subject to attendance policies, and give a “semblance of a schedule” to rail workers, who are currently on call to work 24/7. Locomotive engineer Ron Kaminkow, the organizer for Railroad Workers United, says the railway crisis is “30 years in the making,” and describes how resentment has grown among workers as rail company executives slash resources for their employees while raking in record profits.

      • EFFSan Francisco Police Must End Irresponsible Relationship with the Northern California Fusion Center

        Fusion centers were started in the wake of 9/11 as part of a Department of Homeland Security program to improve data sharing between local, state, tribal, and federal law enforcement agencies. There are 79 fusion centers across the United States, each with slightly different missions and responsibilities, ranging from generating open-source intelligence reports to monitoring camera networks. NCRIC historically has served as the Bay Area hub for sharing data across agencies from automated license plate readers (ALPRs), face recognition, social media monitoring, drone operations, and "Suspicious Activity Reports" (SARS).

      • ScheerpostCNN’s New Police Expert—Formerly of the NYPD and FBI—Misleads Audience With Crime Claims
      • ScheerpostFreight Workers Explain Why National Railroad Strike is Looming

        Years of cost-cutting, profit-maximizing policies have pushed workers to a breaking point. Here’s what you need to know.

      • Common DreamsTentative Deal Between Unions, Rail Carriers Reportedly Includes Sick Time Win for Workers

        The Biden White House on Thursday announced a tentative agreement between unions and rail carriers that reportedly includes a win for workers on sick leave, an issue central to the dispute that nearly resulted in a nationwide strike.

    • Internet Policy/Net Neutrality

      • Broadband BreakfastWhite House Presses Outreach Initiatives for Affordable Connectivity Program

        The Affordable Connectivity Program subsidizes internet service bill for low-income households. Monthly discounts of up to $30 are available for non-tribal enrollees, $75 for applicants on qualifying tribal lands. In addition, the ACP offers enrollees a one-time discount $100 on qualifying device purchases.

        To boost ACP enrollment, speakers encouraged schools to reach out directly to families. Bharat Ramanurti, deputy director of the National Economic Council, said text-message campaigns drive up enrollment in government programs. A Massachusetts text-message campaign doubled ACP enrollment rates in subsequent days, said Ramanurti.

    • Digital Restrictions (DRM)

    • Monopolies

      • Copyrights

        • VarietyBanking on Entertainment: A Special Report

          For investors who look to yield predictable, long-term returns from these revenue streams, that means being able to parse highly granular data generated by digital streaming. It requires transparency into transactions and market performance, not to mention acceleration of the increasingly complex web of payments attached to any intellectual property.

          In the new special report “Banking on Entertainment,” Variety Intelligence Platform (VIP+) digs deep into a fascinating new world that has transformed backroom bean-counting into sophisticated operations that impose clarity and efficiency on what would otherwise be a very messy process.

          The immense volumes of calculations, reporting and payments has put a premium on automation at a scale far beyond the capabilities of most legacy systems.

        • Torrent FreakCloudflare Vows to Fight Global 1.1.1.1 DNS Blocking Orders

          Copyright holders are expanding their web-blocking horizons by going after DNS resolvers. Cloudflare is one of the key players that's being targeted. While the Internet infrastructure company complies with targeted blocking orders related to the websites of its CDN customers, it believes that blocking domains on its 1.1.1.1 DNS resolver goes a step too far.

  • Gemini* and Gopher

    • Personal

      • Gimme Knobs

        I started playing electric guitar again in earnest about a year ago. I've been practicing for 30 minutes to two hours every day since. It helped me stay sane during the pandemic and what with all the other catastrophies. It also made me listen to music differently, my left hand gained a lot of dexterity, and as a tech nerd, there was a lot of new terrain to explore. Signal chains, tubes, amplifiers, pedals. I soldered my own RAT clone distortion pedal, learned about clipping diodes, upgraded the pickups in my Squier Telecaster, and I watched a lot of Youtube videos about guitar theory and gear.

        One thing I'm not yet on board with is virtualizing the hardware. I get how a Kemper simplifies everything in a way. You simulate your amp and your pedals, it's less stuff to haul and buy, and you can do whatever. Certainly makes sense for a professional musician. My gear sits around my desk, though, where I spend most of the day working as a project manager for a software company. As much as I love computers and technology, she sheer haptic pleasure of switching on a pedal and turning its knobs instead up pulling up a dialog on a screen is one of the things that makes playing guitar an escape for me that works.

      • covid is over…?

        The government is shutting down the corona tracking app, I guess because it never really worked as intended and keeping the servers up must be very costly. I only got a notification once and it wasn’t even very accurate (it stated way too much exposure time during a week I spent mostly at home).

    • Technical


* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.



Recent Techrights' Posts

Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024
A Strong and Positive Closing for the Year's Last Week
In a lot of ways this year was a good one for Free software
Feels Too Warm for Christmas
Christmas is here, no snow in sight
Links 23/12/2024: 'Negative Time' and US Arms Taiwan Again
Links for the day
Links 23/12/2024: The Book of Uncommon Beings, Squirrels, and Slop Ruining Workplaces
Links for the day
Links 23/12/2024: North Korean Death Toll in Russia at ~1,100, Oligarch Who Illegally Migrated/Stayed (Musk) Shuts Down US Government
Links for the day
The World's 'Richest Country' Chooses GNU/Linux
This has gone on for quite some time
Richard Stallman on Love
Richard Stallman's personal website includes a section that lists three essays on the subject of love
Apple's LLM Slop Told Us Luigi Mangione Had Shot Himself, BetaNews Used LLMs to Talk About a Dead Linus Torvalds
They can blame it on some bot
Microsoft, Give Me LLM Slop About "Linux" and "Santa", I Need Some Fake Article...
BetaNews is basically an LLM slop site
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 22, 2024
IRC logs for Sunday, December 22, 2024