Bonum Certa Men Certa

Links 27/10/2022: Ubuntu 23.04 is Lucently Likeable, OpenSSL Patch Coming



  • GNU/Linux

    • TiVo Goes Back To The (Linux) Well

      The only item here that really piques my interest is the technological approach. While the current TiVo Stream 4K dongle runs Android TV, the new television platform is described as Linux-based… like their original line of DVRs.

    • Desktop/Laptop

      • Linux GizmosTUXEDO Computers releases InfinityBook Pro 16 Gen7 Laptop

        This week, TUXEDO launched two variations of their latest InfinityBook Pro 16 laptop built around the i7-12700H Intel core processor. TUXEDO’s high-end laptop supports up to 64GB RAM, 2x M.2 2280 slots, Wi-Fi 6, 80Wh battery and other optional features.

        The Max Performance and the Workstation edition feature the same 12th Gen processor from Intel...

    • Server

      • Why K8s deployments need `matchLabels` keyword

        To create a Kubernetes deployment, we must specify the matchLabels field, even though its value must match the one we specify in the template. But why? Cannot Kubernetes be smart enough to figure it out without us being explicit?

    • Audiocasts/Shows

      • VideoArch Linux Has A Problem And Git Is To Blame - Invidious

        Recently a new Git update was pushed and it suddenly broke a bunch of AUR packages but it broke them for good reason, they were unknowingly using a feature with a big exploit

      • Red Hat OfficialCode Comments - An original podcast from Red Hat

        There’s a lot involved in building technology. None of us can do it alone. Join Burr Sutter and seasoned technologists as they share their experiences.

      • JupiterMediaLinux Action News 264

        The focus of the new Ubuntu release, Gitea's surprising announcement, and Linux prepares to drop another architecture.

    • Kernel Space

    • Applications

      • Linux Links4 Best Free and Open Source GUI Spotify Clients - LinuxLinks

        First launched in 2008, Spotify is a digital music streaming service with a freemium business model. You can listen to a huge library of music and podcasts for no charge if you are prepared to have shuffle play (with limited skips), interrupted listening and lower audio bitrate. Alternatively, there’s the option of Spotify Premium. In the UK, a subscription costs €£9.99 per month for an individual account. This gives you streaming music at 320 kbps, the ability to download music, and full functionality.

        Spotify provide a semi-official app for the service which uses Chromium Embedded Framework (think bloated memory footprint). But third-party clients are available for Spotify Premium users. Spotify blocks API access to their audio for non-premium members.

        This article recommends our favourite GUI Spotify clients. Here’s our verdict summarized in a legendary Linuxlinks-style chart.

    • Instructionals/Technical

      • Make Use OfHow to Run ChromeOS Flex From a USB Drive

        Google launched ChromeOS along with Chromebooks in 2011. The idea was to deliver an economical laptop that could handle basic productivity tasks with ease. It was a fairly lightweight operating system that didn’t need many underlying hardware resources to work.

        After a few years, Google decided to not confine it to Chromebooks and released a lightweight OS that everyone could run on average systems.

      • ID RootHow To Install ModSecurity with Nginx on Ubuntu 22.04 LTS - idroot

        In this tutorial, we will show you how to install ModSecurity with Nginx on Ubuntu 22.04 LTS. For those of you who didn’t know, ModSecurity is a free and open-source Web Application Firewall (WAF) that protects your website from several types of attacks, including cross-site scripting (XSS), SQL injection, session hijacking, and many more. It also allows for HTTP traffic monitoring, logging, and real-time analysis. ModSecurity was created as a module for the Apache HTTP Server. However, since its early days, the WAF has grown and now covers an array of HyperText Transfer Protocol request and response filtering capabilities for various platforms such as Microsoft IIS, Nginx, and Apache.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of ModSecurity 3 with Nginx on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

      • KifarunixInstall TheHive on Ubuntu 22.04/Ubuntu 20.04 - kifarunix.com

        Follow through this tutorial to learn how to install TheHive on Ubuntu 22.04/Ubuntu 20.04 server.

      • SUSE's Corporate BlogThe success continues – 6th edition of ‘Getting started with Linux’ available

        In the editorial, Hans-Georg Eßer, Editor in Chief, highlights that “installing and using Linux has become so easy that there’s no good reason to stick with Windows”. We who live in a Linux world for many years know for quite a while that Linux is ‘the better Windows’. But still – there are people out there who somehow do not dare to touch Linux in their private environment, on their laptops and desktops. Fortunately, the Linux Magazine remains defiant in fighting ignorance with education. The 2022 edition of “Getting Started with Linux” features the latest version of openSUSE Leap, 15.4, and it comes with a DVD containing the software so you can simply check it out yourself.

      • SUSE's Corporate BlogGet fresh SLE Micro 5.3 docs – all you need to be productive | SUSE Communities

        SUSE Linux Enterprise Micro (SLE Micro) is a lightweight and secure OS platform purpose built for containerized and virtualized workloads. It leverages the enterprise-hardened technology components of SUSE Linux Enterprise and merges that with what developers want from a modern, immutable OS platform. As a result, you get an ultra-reliable infrastructure platform that is also simple to use and comes out-of-the-box with best-in-class compliance. SLE Micro is well suited for any decentralized computing environment such as edge, embedded or IoT deployment without vendor lock-in. Using SUSE Linux Enterprise Micro, you can build and scale differentiating edge systems across a wide range of industries including aerospace, telecom, automotive, defense, healthcare, hospitality, and manufacturing.

        With the recent release of SLE Micro 5.3, we have also published fresh and shiny new documentation – once again, my colleagues Jana Halackova (for the docs) and Lukáš Kucharczyk (for the release notes) did a fantastic job here!

      • Linux Made SimpleHow to install Wire Desktop on Linux Mint 21

        Today we are going to look at how to install Wire Desktop on Linux Mint 21.

        Firstly, we download the application, and then open and install it with the built-in installer.

      • Linux Made SimpleHow to install MultiMC on a Chromebook

        Today we are looking at how to install MultiMC on a Chromebook.

        If you have any questions, please contact us via a YouTube comment and we would be happy to assist you!

        This tutorial will only work on Chromebooks with an Intel or AMD CPU (with Linux Apps Support) and not those with an ARM64 architecture CPU.

      • Linux HandbookDir Command in Linux [Examples]

        How do you see the contents of a folder in the Linux terminal? You use the ls command.

        In fact, the ls command is so popular that many Linux users don't even know about dir.

        Yes, there exists a dir command with the sole purpose of showing you the directory contents. And in this tutorial, I'll show you how to use it.

      • TechRepublicHow to fix the VirtualBox USB enumeration error and extension pack installation | TechRepublic

        Jack Wallen experienced several errors upon installing VirtualBox 7.0 and he has the fixes for them.

        Recently, I upgraded to VirtualBox 7.0, and it’s been a stellar release for the virtual machine management tool. While some VirtualBox upgrade experiences were less than ideal, the march from 6.x to 7.x was, for the most part, pretty painless. However, there are two issues you will probably encounter, both of which require different fixes.

      • Build a Tailscale exit node with firewalld - Major Hayden

        Once upon a time, I spent hours and hours fumbling through openvpn configurations, certificates, and firewalls to get VPNs working between servers. One small configuration error led to lots of debugging. Adding new servers meant wallowing through this process all over again. A friend told me about Tailscale and it makes private networking incredibly simple. Tailscale makes it easy to add nodes to a private network called a tailnet where they can communicate. In short, it’s a dead simple mesh network (with advanced capabilities if you’re interested). This post covers how to create an exit node for your Tailscale network using firewalld Fedora, CentOS Stream, and Red Hat Enterprise Linux (RHEL).

      • Reload Prometheus ConfigMap without Restarting the Kubernetes Pod | Lisenet.com :: Linux | Security | Networking

        We run Prometheus on Kubernetes. Every time we make changes to Prometheus ConfigMap, we end up restarting the pod so that the new configuration would be picked up.

        While Prometheus configuration does not change very often, we would prefer to have a way to do this without downtime.

      • Convert a root filesystem to a bootable disk image - formicapunk



        The year is 2022, and it is still that complicated to install GRUB2 externally onto a disk image.

        But using the wonders of libguestfs, you can create a bootable diskimage using a qemu VM abstraction very easily. The steps here imply we want to create a disk with a single partition containing the root filesystem.

    • Games

      • fun with pygame – Michael Ablassmeier – ..

        Next year my son will turn 4. I have quit playing computer games for a pretty long time now, but recently i questioned myself: what will be the first computer game hes going to play? Why not create a simple game by myself?

        Living on the landside, his attention has been drawn to farming machines for quite some time now and that topic never grows old for him, which makes for a perfect game setting.

        The game logic should be pretty simple: A tiling 2d jump game where you have to make an tractor jump over appearing objects. Different vehicles and backgrounds to choose and a set of “lives” with randomly generated “coins” which you have to catch to undo happened failures.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • The Register UKKDE 5.26 gets a second point release (yes, already) ● The Register

          KDE 5.26.2 is out with an emergency fix for a memory leak – so if you already have the new version, you should update. If you don't have 5.26, we're here to tell you how.

          The version first appeared on October 11 with a bunch of new features that we described when we looked at the beta in September. Version 5.26.1 followed a week later with some relatively minor bug fixes. Another week after that, version 5.26.2 is here, and sadly, the developers had to disable one of the fun new bits: animated wallpapers.

          If you use Wayland, it's fine, but on X11 this leaks memory, and 5.26.2 turns the feature off. We suspect it will reappear in version 5.26.3 if the team can trace the leak.

  • Distributions and Operating Systems

    • New Releases

      • Make Use OfZorin OS 16.2 Lands With Enhanced Windows App Support

        Zorin OS also comes with new fonts and a spruced-up LibreOffice, but will it make people want to switch from Windows?

        The Zorin Group has announced the availability of Zorin OS 16.2. The Ubuntu-based distribution offers a greater ability to run Windows applications on the system.

      • LinuxiacZorin OS 16.2 Is Here as the Best Linux Distro for Windows Users

        Zorin OS 16.2 includes an updated app base, an improved office experience, and enhanced support for Windows apps.

        Zorin OS is a Ubuntu-based Linux distribution that aims to make life easier for new users, especially those from Windows.

        The distribution has a beautiful user interface with which Windows 11 users will feel comfortable. Moreover, Zorin includes many well-known productivity tools.

        Today, seven months after the previous 16.1 release, Zorin OS 16.2 is available for download. So, without further ado, let’s see what’s new.

    • Fedora Family / IBM

      • SDx CentralRed Hat Shrinks OpenShift for Device Edge

        The Lockheed Martin use case was about providing direct control to drones that had already been deployed but might need to have their mission altered in flight.

      • Red Hat OfficialLockheed Martin, Red Hat Collaborate to Advance Artificial Intelligence for Military Missions

        Lockheed Martin and Red Hat today announced a collaboration to advance artificial intelligence (AI) innovation at the edge on Lockheed Martin military platforms. Adopting the newly announced Red Hat Device Edge will enable Lockheed Martin to support U.S. national security missions by applying and standardizing AI technologies in geographically constrained environments.

    • Canonical/Ubuntu Family

      • OMG UbuntuUbuntu 23.04 Codename Revealed – And It’s a Lucently Likeable Label - OMG! Ubuntu!

        The codename for next year’s Ubuntu 23.04 release has been revealed.

        According to Launchpad, home of Ubuntu development, and a cryptic tweet from the official Ubuntu Twitter account, it appears that Ubuntu 23.04 will be labelled “Lunar Lobster”.

        Rather a lively combination with which to liken the next interim release of the much-loved desktop Linux distribution, isn’t it — but what does it mean?

  • Free, Libre, and Open Source Software

    • Events

    • Productivity Software/LibreOffice/Calligra

    • Programming/Development

      • Alberto Mardegan: Performance reviews | Mardy

        It happened a few times during my career, that I found myself in a team with a colleague whose productivity was close to zero. In most of these cases it was simply a matter of people who hadn't the skills and happened to choose the wrong career path, and in one case it was actually an excellent developer, but just slacking off. Regardless of the case, in many of these occasions it looked like the team manager hadn't noticed the poor performance of the individual in question, whereas this was rather obvious to the rest of the team. I'm not sure why the managers didn't notice the black sheep, but the point is that none of the other developers did raise the issue either: why would I report a fellow colleague, who might risk losing his job because of my evil tongue?

        So, Scrum to the rescue? Not quite. As a matter of fact, while it is true that an underperformer could be easily spotted by seeing how often he fails to complete his stories in the timeframe suggested by the story points, this information is generally accessible to the product owner, whereas the line manager might not attend the Scrum meetings at all (as was the case in a previous project of mine, where the line manager was completely detached from the project); and even if the line manager had this information, it's not a given that he'd make use of it — as a matter of fact, I cannot say with certainty that the line managers did not notice those underperforming colleagues of mine; maybe they noticed, but failed to intervene for some reason?

  • Leftovers

    • IBM Old TimerIrving Wladawsky-Berger: The Latest Trends in Work from Home (WFH)

      For years, companies and governments found all kinds of reasons for not embracing work from home, virtual meetings, telemedicine, online learning, and other online applications. But, the pandemic forced us to accelerate the digital transformation of the economy and society to help us cope with the crisis. And, not only have these digital applications worked remarkably well, but they offer a number of important benefits, like not waiting for a straightforward doctor diagnosis in a room full of sick people, and not having to travel for hours to participate in a 60 minute meeting.

      For example, about a year ago I participated in an online panel. To start with, the moderator asked each panelist to introduce ourselves and to briefly say something positive about our lives over the past year despite the obvious challenges of coping with Covid. I truly struggled to find something positive to say about the highly frustrating pandemic-induced limitations of the previous year.

      But finally, I did find something positive to say. I’ve been able to attend a number of meetings, including weekly lunch seminars, that pre-pandemic required me to drive for a few hours or catch a plane. In response to the pandemic, these meeting first changed from physical to online, and more recently to hybrid. In other words, my ability to attend such meetings from home was my one pandemic-induced benefit, a major one the more I thought about it.

      Work from home (WFH) has been around for decades, modestly growing in the 1990s with the rise of the internet. The share of WFH three or more days per week was under 1% in 1980, 2.4% in 2010, and 4.0% in 2018. Then came Covid-19, forcing tens of millions around the world to work from home and triggering a mass workplace experiment that broke through the technological and cultural barriers that had prevented its adoption in the past.

    • Science

      • I CringelyPaul Graham’s Legacy | I, Cringely

        Last week there was a press release you might easily have missed. A Distributed Autonomous Organization (DAO) called OrangeDAO is cooperating with a small seed venture fund called Press Start Capital to establish the OrangeDAO X Press Start Cap Fellowship Program for new Web3 entrepreneurs. Successful applicants get $25,000 each plus 10 weeks of structured mentorship plus continued access to the more than 1200-member OrangeDAO network. In exchange, OrangeDAO and Press Start get to invest in the resulting companies, if any, produced by the class.

        Big deal, it’s Y Combinator Junior, right?

        Wrong. It’s Y Combinator on steroids.

        This second-generation YC has been released in the wild where it will replicate and grow unconstrained. Expect to see more deals like this one.

        A Distributed Autonomous Organization is a financial partnership that leverages blockchain technology to help multiple users make decisions as a single entity. There are many DAOs around and hardly anybody understands them or knows what they are good for. Mainly they have seemed to be involved in the NFT market. But OrangeDAO is different. It has 1200+ members and every one of those members is a graduate of the Y Combinator startup accelerator. They are verified Y Combinator company founders, so they’ve all had similar entrepreneurial experiences and see business much the same way as a result. OrangeDAO seems to have big plans and to make those plans happen in August the DAO, itself, raised $80 million in venture capital, with their first use of that capital being these Fellowships.

    • Hardware

      • IT WireChina 3Q smartphone shipments better than 2Q, but down on 2021

        Smartphone shipments in China during the third quarter of 2022 increased marginally over the previous three months but, at 70.0 million units, represented a 11% year-on-year fall.

        The technology analyst company Canalys said in a statement that local manufacturers vivo and Oppo - both part of B.B.K Electronics - took the first and second spots, shipping 14.1 million units and 12.1 million units respectively. OnePlus shipments are now reported as part of Oppo's figures.

        Honor, the low-budget seller formerly owned by Huawei, was third with 12.0 million units, while Apple (11.3 million units) and Xiaomi (9.0 million units) made up the top five.

    • Security

      • GoogleRC4 Is Still Considered Harmful

        I've been spending a lot of time researching Windows authentication implementations, specifically Kerberos. In June 2022 I found an interesting issue number 2310 with the handling of RC4 encryption that allowed you to authenticate as another user if you could either interpose on the Kerberos network traffic to and from the KDC or directly if the user was configured to disable typical pre-authentication requirements.

        This blog post goes into more detail on how this vulnerability works and how I was able to exploit it with only a bare minimum of brute forcing required. Note, I'm not going to spend time fully explaining how Kerberos authentication works, there's plenty of resources online. For example this blog post by Steve Syfuhs who works at Microsoft is a good first start.

      • Dark Reading4 Reasons Open Source Matters for Cloud Security

        When we depend on an open commons as our computing foundation, we need it to be secure, and the most effective way to do that is through open solutions.

      • ZDNetOpenSSL warns of critical security vulnerability with upcoming patch | ZDNET

        We don't have the details yet, but we can safely say that come Nov. 1, everyone -- and I mean everyone -- will need to patch OpenSSL 3.x.

    • Monopolies

      • Patents

        • The USPTO Must Restore America Invents Act Proceedings - Patent Progress

          Over the past decade, the Leahy-Smith America Invents Act of 2011 has been discussed and debated extensively in intellectual property circles. Given the potential for new USPTO rulemaking on the horizon, however, it is worth revisiting why it has become necessary for the Patent Office to restore key AIA proceedings to function as Congress originally intended.

          I worked hard for the reforms contained in the America Invents Act (AIA), and applauded its passage as “the kind of reform that is necessary to set America back on track toward a prosperous future” and as a key step to “promote progress and innovation.” The AIA was a critical update to a patent system that was stuck in the past, placing a renewed focus on patent quality and reining in litigation abuses.

          Our Founding Fathers considered intellectual property rights essential, going so far as to include them in Congress’s enumerated powers. By passing the AIA, Congress upheld our end of the bargain to promote progress. Analysis has shown that from 2014 to 2019, the AIA resulted in an increase of $2.95 billion in U.S. gross product and $1.41 billion in personal income. Among the largest beneficiaries was the manufacturing industry, which accounted for almost half of the gross product gains. These numbers do not lie. When we make improvements to our patent system, we are also supporting economic growth.

          [...]

          I will be watching closely in the coming months for formal rulemaking regarding the Fintiv factors and IPR more generally. Reforms that restore AIA proceedings to their original promise would encourage greater innovation and “promote the Progress of Science and useful Arts.”

  • Gemini* and Gopher

    • Personal

      • Extreme lizards, Brevard NC edition

        “Ah yeah. Ooh ahh. That’s how it always starts. Then later there’s the running and the screaming.”

      • Gotta find something to do next

        Now that I’ve been released from that garbagefire of an organization, I need to find something to do. It’s been about a week since I was let go, so I think I’d like to have some travel plans set by this time next week. I’d love to go by train somewhere, perhaps Canada. I’ve heard that VIA Rail is great.

      • Enoying the Big Blue Room

        The sun is out, there's not a cloud in the sky, and the temperature is cool but not unbearibly so (for a Floridian) and I'm sitting out in, I guess for lack of a better term, the garden of The Bromfield Inn [1].

        [...]

        A nearby church is giving an improptude concert with the church bells. I wasn't aware that American churches even had bells anymore. How neat!


* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.



Recent Techrights' Posts

Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024
A Strong and Positive Closing for the Year's Last Week
In a lot of ways this year was a good one for Free software
Feels Too Warm for Christmas
Christmas is here, no snow in sight
Links 23/12/2024: 'Negative Time' and US Arms Taiwan Again
Links for the day
Links 23/12/2024: The Book of Uncommon Beings, Squirrels, and Slop Ruining Workplaces
Links for the day
Links 23/12/2024: North Korean Death Toll in Russia at ~1,100, Oligarch Who Illegally Migrated/Stayed (Musk) Shuts Down US Government
Links for the day
The World's 'Richest Country' Chooses GNU/Linux
This has gone on for quite some time
Richard Stallman on Love
Richard Stallman's personal website includes a section that lists three essays on the subject of love
Apple's LLM Slop Told Us Luigi Mangione Had Shot Himself, BetaNews Used LLMs to Talk About a Dead Linus Torvalds
They can blame it on some bot
Microsoft, Give Me LLM Slop About "Linux" and "Santa", I Need Some Fake Article...
BetaNews is basically an LLM slop site
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 22, 2024
IRC logs for Sunday, December 22, 2024