10.05.22

GNU/Linux

• Audiocasts/Shows

  • Video ☛ Manjaro Shipped Broken Kernel on Apple M1 Systems – Invidious

    I don’t know how Manjaro keeps doing it but it seems like everytime something happens Manjaro is here to break something, now they decided to ship a broken build of the Asahi Linux kernel to people running Apple M1/M2 hardware

  • mintCast Pocast ☛ 396 – Ransomware Goes Wild – mintCast

    First up in the news, Stallman goes manual on C, DNF5 arrives in Fedora, LibreOffice gets fumigated, GNOME comes into its Shell, they have put hair in the Blender, Avast buys your cookies, and Intel fogs the processor market;
    In security and privacy, we have multi-stage malware, website leaks, and shell attacks;
    Then in our Wanderings, Norbert is cutting corners, Moss tries a different mint, Joe keeps modding, and Bill fixes a broken Arch …again.

• Instructionals/Technical

  • Linux Hint ☛ How to List Installed Packages in Ubuntu 22.04

    A “package is referred to as a group of items such as scripts, text files, libraries, licenses, etc. These packages enable the installation of software in such a way that the package manager unpacks the software and includes it in your operating system. Linux-based systems such as Ubuntu 22.04 comprise some packages by default, and some are installed later on.

  • Containers Logging Guide | learn how to collect Containers logs | Medium

    From a DevOps standpoint, logging is one of the most important things to get right in applications.

  • Linux Made Simple ☛ How to install MetaTrader 4 with the OctaFX Broker on a Chromebook

    Today we are looking at how to install MetaTrader 4 with the OctaFX Broker on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

  • rewrite rule representation

    I’ve begun writing up my phd and, not for the first time, I’m pondering issues of how best to represent things. Specifically, rewrite rules.

  • Linux Capable ☛ How to Install WoeUSB on Linux Mint 21 LTS

    WoeUSB is a free, open-source simple tool that enables you to create your own USB stick windows installer from an iso image or an actual DVD. I have used it myself to create bootable USB sticks for installing Windows from ISO images, and it has worked flawlessly every time. The interface is straightforward to use. Select the ISO image or DVD you want to use, select your USB drive, and click “Create.” The process is quick and painless, and the results are always perfect. If you need to install Windows from a bootable USB stick, WoeUSB is the ideal tool for the job.

    The following tutorial will teach you how to install WoeUSB on Linux Mint 21 LTS release series using a LaunchPAD APT PPA with the command line terminal.

  • Linux Nightly ☛ How to Install Signal on Ubuntu 22.04

    Signal is a secure messaging and voice chat application. It’s primarily used on mobile phones, and will require a phone number to register, but it can also be installed on PC operating systems such as Ubuntu Linux. It works similarly to WhatsApp and Telegram but has a much bigger focus on user privacy and security.

    In this tutorial, you will learn how to install Signal on Ubuntu 22.04 using GUI, snap, or apt package.

  • Securely Erase a SATA Hard Drive for Disposal using hdparm in Linux – Putorius

    There have been many stories about people discarding old computers only to have someone pick them out of the trash. Most of the time this is for innocent enough reasons. However, there is a real threat to someone getting there hands on your old hard drive. Since most people do not encrypt their drives someone can very easily pull all the data off of these old discarded hard drives. In this article we will discuss how to securely erase a hard drive before disposal. This method is effective on any SATA / PATA hard drive, including destroying hard drives from a system running Windows or any other operating system.

• Desktop Environments/WMs

  • K Desktop Environment/KDE SC/Qt

    • Nate Graham ☛ Automate and systematize all the things! – Adventures in Linux and KDE

      As announced at Akademy a few days ago, I’m honored that my goal – Automate and Systematize Internal Processes – has been chosen by the KDE community! Those are a bunch of fancy words, but the idea is pretty simple: get our expertise (knowledge, skill, and wisdom) out of our heads, and onto KDE’s infrastructure.

      Why? to reduce the burden on us personally to provide so much of that expertise on demand as an ongoing service, and to reduce the impact of breaks, vacations, and departures. Ultimately this will preserve expertise publicly in KDE where it’s easier to learn from, and free us all up to do other things!

Distributions and Operating Systems

• Devices/Embedded

  • CNX Software ☛ Renesas RZ/V2MA microprocessor embeds AI & OpenCV accelerators for image processing

    Renesas has launched the RZ/V2MA dual-core Arm Cortex-A53 microprocessor with a low-power (1TOPS/W) DRP-AI accelerator and one OpenCV accelerator for rule-based image processing enabling vision AI applications.

    The MPU also supports H.265 and H.264 video decoding and encoding, offers LPDDR4 memory and eMMC flash interfaces, as well as Gigabit Ethernet, a USB 3.1 interface, PCIe Gen 2, and more. The RZ/V2MA microprocessor targets applications ranging from AI-equipped gateways to video servers, security gates, POS terminals, and robotic arms.

• Open Hardware/Modding

  • CNX Software ☛ AI Thinker Ai-WB2 modules feature BL602 RISC-V MCU with WiFi and BLE connectivity – CNX Software

    AI Thinker has just introduced a new family of wireless IoT modules with the Ai-WB2 equipped with Bouffalo Lab BL602 RISC-V microcontroller offering both 2.4 GHz WiFi 4 and Bluetooth 5.0 LE connectivity.

    There are ten different modules to choose from, probably to keep mechanical and electrical compatibility with ESP8266 and ESP32 modules, and the company expects customers to integrate those into Internet of Things (IoT) products, mobile devices, wearables, Smart Home appliances, and more.

  • Running Redis on the Raspberry Pi – Pi My Life Up

    Redis is a fast, powerful data store that stores all of its data within memory. Storing data in memory allows the server to fetch and store data incredibly fast.

    The Raspberry Pi is a fantastic device for Redis since it has low memory and CPU footprint. Basically, this means that Redis can make the most of the Pi’s hardware.

    You can even run this server software on a tiny device such as the Raspberry Pi Zero. However, if you plan on dealing with a ton of data, the more memory and CPU cores the better.

    The Redis team officially tests their software on the Pi, so you can be assured that the software will run well for its limited hardware.

    If you are using a Raspberry Pi that has more than 2GB of memory, we recommend you use a 64-bit OS for the best experience.

  • peppe8o ☛ IR Reflective Sensor and Raspberry PI Pico: RPR-220 with MicroPython

    Use your Raspberry PI Pico with IR reflective sensor to detect obstacle detection with MicroPython, with wiring diagram and code explained

• Mobile Systems/Mobile Applications

  • SlashGear ☛ The Easiest Way To Reset Your Android To Factory Settings

  • SlashGear ☛ Why Your Android Phone Is Dropping Calls And How To Fix It

  • 9to5Google ☛ Assistant Driving Mode drops Google Maps, no longer like Android Auto

  • Android Apps Collect Way More Data Than They Admit, Here’s How / Digital Information World

  • Barry Kauler ☛ Android Studio SFS created

    Download and install the usual way, by clicking on the “sfs” icon. Beware, the SFS file is 1GB, and after installation, at first run it will want to download more files — in my case, about 1.3GB.

    It can be launched from a terminal window, by running “astudio”.

Free, Libre, and Open Source Software

• My journey and a begginers guide to Open Source

  I then worked on a project, which didn’t solve any problem, but just strengthened my skills, it was my own Penguin-based OS, called Aryan Linux, made by using “Linux from Scratch”. On compiling it, I understood what open source really is, it made me so happy.

• Google ☛ Announcing the second group of Open Source Peer Bonus winners in 2022 | Google Open Source Blog

  We’re excited to announce our second group of Open Source Peer Bonus winners in 2022! The Google Open Source Peer Bonus program is designed to recognize external open source contributors nominated by Googlers for their open source contributions. This cycle, we are pleased to announce a total of 141 winners across 110+ projects, residing in 36 countries.

• SaaS/Back End/Databases

  • PostgreSQL ☛ PostgreSQL: PL/Haskell v1.0 Released

    I’d like to announce the release of version 1.0 of the PL/Haskell extension. This extension allows users to write PostgreSQL functions in the Haskell functional programming language.

  • PostgreSQL ☛ PostgreSQL: RapidRows 1.0 released

    We are happy to announce the general availability of RapidRows — an open-source, low-code API server designed for PostgreSQL that can be configured to run SQL queries, perform scheduled jobs and forward PostgreSQL notifications to websockets.

• Programming/Development

  • CNX Software ☛ The BBC has released a new web-based Python editor for the micro:bit board – CNX Software

    There are already Python editors such as Thonny, but the BBC thought those were not good enough and released a new web-based Python editor specifically designed for the micro:bit education board targeting 11 to 14 years old pupils.

    The micro:bit Python editor includes drag and drop code examples, code structure & error highlighting, auto-complete feature, a simulator to test the code before uploading it to the micro:bit board, and a Quick ideas section to help pupils get started with projects.

  • Are Code Freezes a Thing of the Past? – IT Jungle

    After months of work on your modernization project, the consultant helping you is almost done. That’s the good news. The bad news is that the consultant is now asking you to put a code freeze on changes to your old application. It’s not clear whether the code freeze will lasts two months or two years, but it’s absolutely necessary, you’re told.

  • openQA: emulated aarch64 worker – openQA bites

    Are you in dire need of an aarch64 worker on your own openQA instance, but no suitable hardware lying around? If speed is not your main concern, then don’t worry – you can just enable a qemu-emulated aarch64 worker on your openQA instance (probably x86_64). In this post we’re gonna explore how to setup an emulated aarch64 qemu worker on your own openQA instance in less than 10 minutes.

  • What Modern Cloud-Native Apps are Made Of

    Modern applications are continuously being improved. They are created using modern product management techniques that ceaselessly strive for a better and better user experience.

    Modern cloud-native applications are always available, anytime and anywhere a user wants to engage with them. They never go offline, they provide continuous availability and they automatically scale to meet the needs of all customers, all the time.

  • Google ☛ Flutter SLSA Progress & Identity and Access Management through Infrastructure As Code | Google Open Source Blog

    We are excited to announce several new achievements in Dart and Flutter’s mission to harden security. We have achieved Supply Chain Levels for Software Artifacts (SLSA) Level 2 security on Flutter’s Cocoon application, reduced our Identity and Access Management permissions to the minimum required access, and implemented Infrastructure-as-Code to manage permissions for some of our applications. These achievements follow our recent success to enable Allstar and Security Scorecards.

  • Perl / Raku

    • Perl ☛ Look mom I invented colors | lichtkind [blogs.perl.org]

      Just released Graphics::Toolkit::Color for the purpose to create computationally harmonic color pallets (2 lines max for most needs). It is in fact a chunk out of Chart I needed to reuse in other projects as the Harmonograph. And as you can see in the SEE ALSO section of the POD – I’m aware that there are plenty other modules doing, parts, similar stuff or even more.

      The reason you should care nonetheless are (beside having good error messages, being well tested, documented and maintained and having almost no dependencies) II (in words two).

Leftovers

• Hardware

  • DaemonFC (Ryan Farmer) ☛ My 2020 Lenovo laptop is acting strangely again, and it’s not even two years old. | BaronHK’s Rants

    Today, my left Control key has been working intermittently, although it’s working now and has been for a while, knock on wood.

    [...]

    If the SHTF, then I suppose I could use my older laptop to wait out the 30 days and have a Lenovo tech come out to my house and repair it again.

    I tried calling down to ubrekifix in Gurnee and the guy basically said they wanted $100 just to look at it but they couldn’t do very much because all of their diagnostic tooling is for Windows (of course) and they don’t know much about “Linux” (of course) and then we could go from there, but I could subscribe to a protection plan for everything in the house for….and that’s when I hung up.

• Security

  • IT Wire ☛ iTWire – Microsoft changes mitigation guidance for zero-days, but tells no one: claim

    Microsoft has changed a portion of the advice it issued for mitigation of two bugs in its Exchange Server product, but made no mention of the change, well-known British security researcher Kevin Beaumont says, adding that it looked like the company needed to familiarise itself with the source code of this product.

    The bugs, both zero-day vulnerabilities reported to be affecting Microsoft Exchange Server 2013, 2016, and 2019, are similar to the ProxyShell vulnerability for which updates were issued by Microsoft in May and July last year.

    ProxyShell comprises three separate bugs used as an integrated attack chain and allowed attackers to bypass authentication and execute code as a privileged user.

  • Kubernetes Blog ☛ Current State: 2019 Third Party Security Audit of Kubernetes | Kubernetes

    We expect the brand new Third Party Security Audit of Kubernetes will be published later this month (Oct 2022).

    In preparation for that, let’s look at the state of findings that were made public as part of the last third party security audit of 2019 that was based on Kubernetes v1.13.4.

  • HelpSystems Goes on the Security Offensive Again – IT Jungle

    Penetration testing has become popular as security vulnerabilities in corporate systems have become more apparent. Adversary simulation, or “red teaming,” is a similar technique that involves an active defense against a live adversary. If penetration testing is a passive activity designed to identify static flaws in your defenses, then red teaming is the dynamic version of it that allows your internal cybersecurity team to test their abilities in real time against the bad guys (i.e. the red team).

• Civil Rights/Policing

  • DaemonFC (Ryan Farmer) ☛ Trevor Noah leaves The Daily Show and there’s nobody left watching it who cares. | BaronHK’s Rants

    The police drove Ian Murdock to suicide by hanging with about the same sort of things that they did to me.

    However, Justice was done in the case of Derek Chauvin, who is going to be in prison until at least 2038 already, and he’s about to go on trial yet again on 9 felony counts of tax evasion and failure to report income.

    I mean, you piss off the government, you piss off everyone in the country, bad things happen. They start digging up anything they can. I was pissed at what I saw. They had no right to do that, and I’m glad they were punished.

Gemini* and Gopher

• Personal

  • Books I Am Currently Reading

    a sci-fi story that is unique for focusing on the lives and realities of common place person instead of the elitist figureheads of power most sci-fi novels go for. I first got into the book through the S.T.A.L.K.E.R games (playing shadow of chernobyl now, best fps ive played in years and its from 2007 lol) So far its very well written, translated and entertaining. Im reading the rediscovered classics version released in 2012 btw, which is the latest version.

    [...]

    Take a look at this thing of beauty. Such a dope looking book, its friggin sweeet. More beautiful than any jewel. Soul Arts is an artbook that collects hundreds of artist finest submissions for contest based on the games, then binds them in the best looking cover+slipcase I have ever seen. I WANT THE PYSICAL EDITION SOOO SOOOO BAD MAN! Unfortunately I couldn’t justify the 80$ asking price for a book when it was first announced, and I still cant now.

    THANK GOODNESS that they offer a 15$ pdf version (DRM FREE!) which can be loaded onto the ereader. 15$ is a slightly easier pill to swallow and I held off on even that for months but this week finally bit the bullet and got the damn thing. If I REALLY REALLY REALLY REALLY REALLY like the book I might consider it as a christmaas present to myself. But for 80 dollaroonies the books contents gotta be so cool that looking at each page is near orgasmic.