The moment we talk about open-source, the first thing that comes to mind is Linux and Linus Torvalds. Though Linus Torvalds created Linux and engineered the kernel on which most of the servers work today, Richard Stallman promoted the concept of free software and started the moment in 1985. Back then, Richard Stallman created the legal, technological and philosophical foundation for the free software movement through the GNU Operating System. Without these contributions, it's unlikely that Linux and Open-Source would have evolved into the current forms that we see today.
Expenditure on cloud infrastructure services increased by 28% year-on-year globally during the third quarter to reach US$63.1 billion, the first time the rate has fallen below 30%, the technology analyst firm Canalys reports.
The low rate of growth was attributed to high inflation, rising energy prices and the strong US dollar, with Canalys saying companies had responded to the uncertainty by cutting down on spending.
This, it added, could have an effect on demand for cloud services in the near term.
I'm announcing the release of the 5.4.222 kernel.
This release is only needed if you use clang to build your kernel. If not, no need to upgrade.
The updated 5.4.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.4.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-s...
thanks,
greg k-h
Working on the Linux terminal doesn't have to be stressful. Take some time out and enjoy the moment with these fun Linux command-line tools.
The Linux terminal is a powerful utility. You can use it to control the whole system, crafting and typing commands as you go about doing your everyday tasks. But it can quickly become overwhelming to keep staring at a command line and carry on with your work.
Lucky for you, the terminal is also a source of fun. You can play around with commands, listen to music, and even play games. Although expecting a great deal of entertainment from a window full of commands would be carrying it too far, you can find utilities to bind some time when bored.
Here are some fun and entertaining commands every Linux user should try at least once.
You can have a number of reactions to this. One of them is to be grumpy that Google is rejecting email that's otherwise (probably) perfectly valid and perhaps not even spam. Well, let's be honest here; all competent modern mail system operators reject email at SMTP time for all sorts of peculiar reasons, so I can hardly pick on GMail for not liking messages without message IDs when we will reject your messages if they an attachment type we don't like or ClamAV matches a signature.
We already know that we can encapsulate styles within a web component and we know that web components inherit styles. Another interesting feature of web components in terms of CSS is that custom properties used in a web component can be modified from the outside.
Let's take this basic alert component.
Adjustable features of a variable font are called axes. You can use the font-variations-settings property to change these features by specifying the four letter axis name along with a value.
For example, the Saira variable font has two axes, weight ('wght') and width ('wdth'). This is how the font looks like by default: [...]
So, about those rating values. I'll take the ratings for the Winter Warmer category as an example to work on, and I can get a list of those by extending the current filter like this: [...]
The most common case that comes up is that we have a bunch of people in a single filesystem, some of whom may fill up the filesystem by accident in the course of their work and others (such as professors) who we always want to be able to use some additional space so they can keep working. This is the ideal situation for a positive reservation instead of a negative quota, since what we want to put a limit on is the pool of space used by a group of people.
In this article, we’ll guide you on how to generate and install an SSL/TLS certificate obtained for free from Let’s Encrypt Certificate Authority that we’ll be using to secure Nginx webserver HTTP transactions on RHEL and RHEL-based distributions such as Fedora, Rocky Linux and AlmaLinux.
If you’re looking to install Let’s Encrypt for Apache on RHEL and RHEL-based distributions, follow this guide below...
In this post, you will learn how to install Kotlin on Ubuntu 22.04. This modern language is intended to replace Java in key processes of Android and other components where it reigned supreme.
If you are using a desktop version of Ubuntu finding files is straightforward as opening up the Files application and using the search bar.
However, the process is slightly more complicated if you want to find a file using the terminal. You will have to utilize either the “find” or “locate” apps to find files within the terminal on Ubuntu.
The find command is an integral part of Ubuntu and is one of the best ways to find files on your system. The locate package allows you to perform the same searches quickly but requires a database to be refreshed regularly.
There are a few different methods that you can use to change a filename on a Linux system. However, we will be focusing on using the mv and rename commands. Both of these commands are easy to use.
For this tutorial, we will be focusing purely on the terminal. However, for some Linux-based operating systems, you will have the option to use a GUI (Graphical User Interface) to alter file and folder names.
When you are new to using the terminal on Ubuntu, you may be unaware of how to copy and paste from the terminal.
Knowing how to copy and paste from the terminal will help you utilize it more efficiently.
As long as you have a keyboard or mouse, copying and pasting into the terminal on Ubuntu is a straightforward process.
Each terminal can work differently, so the keyboard shortcuts shown within this guide might only work with Ubuntu’s terminal.
The Pop Shell is an advanced tiling window management tool that offers flexibility in controlling the layouts and positions of windows.
Pop Shell is a gnome shell extension that runs on top of the GNOME Shell. It offers two window management modes; auto-tile and stacking.
The stacking mode allows windows to overlap, as in the case of the traditional GNOME desktop. However, in the auto-tile mode, all the windows get tiled automatically. Besides, you can switch between the two modes from the Pop shell extension menu.
Docker has been one of the best containerization tools and many industries are using docker in their application. The developers find it to be a very effective tool and they can deploy their application in production or any other environment without any dependencies on the target system.
It is always a best practice to not run any command as a sudo user since you have elevated permissions. Generally, when you install docker it needs root permission because the daemon runs as a root user. Due to this, you will have to run the docker command with sudo. While you run with sudo, you might see the below error -
docker: Got permission denied while trying to connect to the Docker daemon socket at unix:///var/run/docker.sock: Post http://%2Fvar%2Frun%2Fdocker.sock/v1.24/containers/create: dial unix /var/run/docker.sock: connect: permission denied. See 'docker run --help'.
How can you fix the above error? In case you don't want to run the docker as the root user, you can read this page to solve this issue. In this guide, we learn how to run docker as a non-root user.
WordPress formats are premade templates used for blog posts to present them in a different layout and style. The formats allow theme builders to define the visual manifestation of blog posts.
In this tutorial, we will show you how to install Julia Programming Language on Ubuntu 22.04 LTS. For those of you who didn’t know, Julia is a programming language designed to be high-performance in computation and analysis. Julia is widely used in data sciences and application-building processes as a programming language. Not only that, but Julia can work with other programming languages as well, such as Python, C, C++, Rust, R, and SQL.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the JuliaLang on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.
Today we are looking at how to install Marvel VS DC Mugen on a Chromebook.
If you have any questions, please contact us via a YouTube comment and we would be happy to assist you!
In this tutorial, we will show you how to install PostgreSQL on Manjaro 21. For those of you who didn’t know, PostgreSQL (often called Postgres) is a free, open-source, and advanced relational database management system and is developed by The PostgreSQL Global Development Group. Users may rely on the PostgreSQL database system for its dependability, data integrity, extensive feature set, and flexibility.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the PostgreSQL open-source relational database management system on a Manjaro 21 (Ornara).
The Wine hackers have put out a new development build of the Windows compatibility layer in Wine 7.20. This is part of Steam Play Proton, which allows you to play tons of Windows games on Steam Deck and Linux desktops. Once a year they make a big new stable release, and eventually Proton updates to it too.
A fresh month, which means a new Steam Hardware & Software Survey is out. Looking over the October 2022 data, it appears we've hit a fresh high point.
Dwarf Fortress is finally getting the big Early Access release on Steam and itch.io on December 6, although the Native Linux support is to come along later. Many years in the making, with actual proper graphics and more, it's nearly here!
There's an old video game the memory of which recently escalated itself to my attention: Chris Crawford's Balance of Power, a geopolitics simulator first released for the Macintosh in 1985. According to Wikipedia it sold about a quarter million units, which was a lot at the time, and I must've been somewhere in the impressionable age range of 10 to 12 years old when my father bought Incredible Technologies' port for the Commodore Amiga.
[..].
Since Halloween seems like a good occasion to indulge in a little psychological horror (no other reason), I decided to do a rematch of sorts — this time with the help of fs-uae.
This post tries to summarize everything we know about Breath of the Wild’s sequel. It’s arranged by time. It may contain spoilers.
You can swap between the Vulkan and OpenGL renderer with a "--render-driver=vulkan" or "--render-driver=opengl" launch argument, and it seems to stick to the last one you picked. Currently, Vulkan doesn't seem to have a lot of the graphical effects present in OpenGL so it's very much a work in progress.
Atari and Adamvision Studios have taken down the original Missile Command: Recharged, and replaced it with another Missile Command: Recharged of the same name but it has been upgraded. It's seen a bump in the price too.
Valve has today released a new Steam Client Beta, which amongst other things tweaks the new Big Picture Mode that is also in a special Beta that was taken from the Steam Deck.
Love competitive games? How about when they're free to play? Dream Sloth Games are reviving Duelyst as Duelyst II, with approval from Counterplay Games. A game that originally reviewed quite well, but it was shut down and delisted on Steam back in February of 2020. Duelyst II was originally started as a fan-game but it's now turning into a full complete sequel.
Valve has revealed two fresh lists of popular games for the Steam Deck through October, sorted by both daily average player count and time played overall.
OBS Studio has a new release out now, and it comes with some changes for NVIDIA GPU owners who use NVENC. Some of the changes (as usual) only affect Windows, but there's still some goodies in there for Linux too.
Have had a rethink about what EasyOS is all about. Easy is a unique and very quirky OS, and and does just about everything differently from other Linux distributions.
I recently posted that have abandoned sync'ing the PKGget package manager (PPM, see "pkg" icon on the desktop) with Debian apt and synaptic. Decided to stay with PKGget only.
For the last few days have been working on login as user "zeus". Yes, it works, but I found myself having to apply so many workarounds. The simplicity and elegance of login as root, with apps able to run non-root, and "crippled root" or user "spot" in containers, was becoming compromised and complicated.
Building on the Enterprise quality of prior versions, the third update of TrueNAS 13 was released today. In addition to greater maturity and test coverage, Globally Distributed Storage provided by iX-Storj is also now included in this release.
Compared to TrueNAS 12, TrueNAS 13 includes significant new components and has improved performance, scalability, and reliability in subsequent releases. In the two months since TrueNAS 13.0-U2 was released, it has already become the 2nd most deployed version of TrueNAS. TrueNAS 13.0-U3 builds on the maturity of the prior version with 30 bug fixes and security updates. It also includes enclosure management updates for the TrueNAS R50 Gen3, which was announced two weeks ago.
To date, more than 25% of TrueNAS users have updated to TrueNAS 13, including many of our largest enterprise customers. Today TrueNAS 13.0-U2 is the default software used for all TrueNAS appliances, and it is recommended for all TrueNAS CORE and Enterprise users by virtue of its improved security and reliability characteristics compared to TrueNAS 12.0-U8 and previous versions.
Like PHP. PHP is very much the real world. My site has been running PHP 7.4 for a while, which goes end of life on 28 November. I put this off as long as possible, but it’s time to update.
I run my e-bookstore on Woocommerce, which is built on WordPress, which is built on PHP. What started as a silly experiment has become the center of my business. I need to minimize downtime, which means I must check everything before upgrading. It’s PHP, which means it’s a maze of twisty little modules that all look alike. PHP has this annoying habit of adding, removing, splitting, and changing modules. Running PHP applications on FreeBSD is all about finding the module your application needs, so I want to identify all possible problems before changing.
Dave Temkin, Netflix’s former Vice President of Network Systems Infrastructure told Motherboard there’s nothing too mysterious about what the servers can do, though they significantly help improve video streaming by shortening overall content transit time.
“They’re just an Intel FreeBSD box,” he said. “We got Linux running on some of the generations of that box as well.”
Netflix’s Open Connect Content Delivery Network hardware caches popular Netflix content to reduce overall strain across broadband networks. Netflix lets major broadband ISPs embed a CDN server on the ISP network for free; the shorter transit time then helps improve video delivery, of benefit to broadband providers and Netflix alike.
The 10th monthly Sparky project and donate report of 2022: – Linux kernel updated up to 6.0.6 & 5.15.76-LTS & 4.9.331-LTS49 – Common Desktop Environment (CDE) updated up to version 2.5.1 for Sparky 6+7 amd64+i386 – Sparky 2022.10, 2022.10 Special Editions and 2022.10-1 and 2022.10-2 LXQt released – Cartillo started translating Sparky Wiki pages to Spanish; thanks a lot!
The LXQt 2022.10 and 2022.10-1 iso images of the rolling line features LXQt 1.1.0 from the Sparky ‘extra’ repos, but it is not compatible with present Qt libs in Debian testing repos. You can remove the ‘extra’ repos and downgrade all LXQt related packages (see Sparky forums for details https://forum.sparkylinux.org/index.php/topic,6177.msg16986.html) or make fresh installation using Sparky 2022.10-2 LXQt iso. And, the Sparky ‘extra’ repos have been deleted now.
SiFive announced a pair (opens in new tab) of new high-performance RISC-V (opens in new tab) processors aimed at what it calls "next-generation wearables and smart consumer devices." Known as the P670 and P470, the processors offer new features and improved performance compared to previous CPUs based on the popular open-source architecture.
The SiFive Performance P670 and P470 #RISCV processors bring unparalleled compute performance and efficiency to wearables, smart home applications, AR/VR devices, and more. Read about how we’re raising the bar and giving designers true flexibility: https://t.co/11wb02d8YZ pic.twitter.com/eVvum8Y3jXNovember 1, 2022
Gourdan is powered by Raspberry Pi, and his Adafruit LCD eyes have been trained to follow you around the room. Creepy. I like it.
While Raspberry Pi has its own RP2040-powered board in the Raspberry Pi Pico, there are now more than sixty, third-party solutions that offer improvements which range from smaller sizes to built-in Wi-Fi, more storage or a lot of additional outputs. There are even RP2040-powered keypads and RP2040 breakouts designed to be embedded into your next project. All of these boards share the same $1 RP2040 chip, but offer much more than the stock model.
With Raspberry Pi still being hard to come by we've compiled the best RP2040 boards to get your projects up and running. These boards can be used for everything from general learning to building Wi-Fi connected robots to implementing basic A.I.
To help you choose, we’ve listed the best Raspberry Pi HATs that we have personally tested, grouped by their use case. These expansion boards can be used for everything from general learning to implementing A.I. via Machine Learning. Or you could just build your own Raspberry Pi powered robot to explore the world around us.
Long before Nicolas Cage ever portrayed the character on the silver screen, Ghost Rider appealed to an edgier subsect of Marvel’s audience. We won’t do a deep dive into the character(s) and their Faustian deals, but suffice it to say that Ghost Rider is a human man who turns into a flaming skeleton that rides a motorcycle. Where that lands on the cool to cringe scale depends on the particular appearance, but Andy’s Halloween costume recreation of Ghost Rider is definitely cool.
Andy’s costume includes a skeleton mask and the appropriate biker-style leather jacket, but really comes to life thanks to the added effects. Those include LED lighting and billowing flames. Andy can activate those using a small handheld remote control. When he does, the LEDs illuminate pieces of red cloth that flap in a wind created by big blower fans. Those mimic the look of flames shooting out from the jacket.
However, one platform in particular has been getting a lot of attention as Twitter users consider flocking elsewhere.
Decentralised microblogging platform Mastodon has seen a big surge in users since last week. The free and open-source platform tweeted on 30 October that it got more than 70,000 sign-ups on the day after the deal closed.
Here are the latest updates to our compilation of recommended software. For October, we have focused almost entirely on expanding our recommendations for coding and web apps. A huge pat on the back to Eilidih Parris for her sterling work and dedication.
The fifth HTTP Workshop is a three day event that takes place in Oxford, UK. I’m happy to say that I am attending this one as well, as I have all the previous occasions. This is now more than seven years since the first one.
[...]
All the people gather in the same room. A person talks briefly on a specific topic and then we have a free-form discussion about it. When I write this, the slides from today’s presentations have not yet been made available so I cannot link them here. I will add those later.
Say hello to WordPress 6.1, “Misha,” inspired by the life and work of Soviet-Norwegian jazz pianist Mikhail “Misha” Alperin. Misha introduced the work of jazz ensembles in the USSR and globally. He is also celebrated as a founding member of the Moscow Art Trio.
“Misha” further refines the site-building experience. Inside WordPress 6.1 you’ll interact with enhancements that continue to make site creation more intuitive while pushing your creative boundaries further than ever. Don’t forget to enjoy some of Misha’s jazz piano as you take in all WordPress 6.1 has to offer.
The third major release of 2022 is here. Download it now! As of the time of this release, WordPress powers 43% of websites worldwide.
Site owners and administrators should upgrade today to take full advantage of the many stability, performance, and usability enhancements. Furthermore, WordPress content creators will enjoy a suite of new features geared toward improving the writing and designing experiences.
This turned out to be somewhat controversial until we discussed what I specifically meant by deploy and release.
As with all things, agreeing on definitions or understanding what someone means when they use a specific term is essential, so I thought I would write down a short blog post on it.
A new version 0.1.4 of the tint package arrived at CRAN today. tint provides a style ‘not unlike Tufte’ for use in html and pdf documents created from markdown. The github repo shows several examples in its README, more as usual in the package documentation.
This is the first release in over two years and it brings a few incremental changes which are described in detail below. The trigger was an email from CRAN desiring compacted pdf files inside the package sources. Which, coincidentally, was made a default about a year ago in the build.r script from littler I use to make packages. But as we had not updated tint this has not reached CRAN. So there.
A new maintenance release 0.0.6 of RcppXts is now on CRAN. The RcppXts package demonstrates how to access the export C API of xts which we contributed a looong time ago.
I've been working on the next generation of the "PACKRAT" series called "RATPACK". I'm hoping to start writing new posts soon, and hopefully this is an interesting note of what's to come! In the meantime, you can check out the PACKRAT posts until then. My initial efforts to build a PHY and Data Link layer – from scratch using my own code – have been progressing nicely since the initial BPSK based protocol I’ve documented under the PACKRAT series. As part of that, I’ve been diving deep into FEC, and in particular, LDPC.
I won’t be able to do an overview of LDPC justice in this post – with any luck that’ll come in a later post to come as part of the RATPACK series, so some knowledge is assumed. As such this post is less useful for those looking to learn about LDPC, and a bit more targeted to those who enjoy talking and thinking about FEC.
I’ll share a lot of examples from my personal participation in the the Python and Django community.
Ofcom has proposed rule changes that mean BT and Hull telecoms operator KCOM will no longer be required to provide dedicated landlines for fax services at affordable prices.
This whole analysis serves the objective of learning from incidents. But learning isn't something you control or dictate. People will draw the lessons they'll draw, regardless of what you had planned for. All you can hope for is to provide the best environment possible for it to take place. In environments like tech, a lot hinges on people's mental models. We can't implant nor extract mental models, so challenging them through experience or discussion is the next best thing, and exposing how people were making decisions, the various factors and priorities they were juggling, or the challenges they were encountering are all key parts of their experience you wish to unveil.
ways I have betrayed you.
Some people really like puzzles. [Simone Giertz] is one of these serious puzzle lovers and built a transforming table (YouTube) to let her easily switch between puzzles and more mundane tasks, like eating.
A slide deck is not the talk content. A slide deck is there to aid the talk, to enhance it, to provide a bit of context (or light relief) for those attending. They're there to support what's being said, to underpin the message.
That's why, sometimes, I don't use slides at all. I just show stuff on my computer, fumble around and wave my arms about wildly. Anything to get the point across, to help explain what I'm trying to say, to be more effective in landing the concepts that I'm attempting to convey.
I'm now at the point where I face several challenges to moving up to the next grade.
Tablet shipments fell by 8.8% year-on-year in the third quarter, coming in at 38.6 million units, making this the fifth successive drop, the technology analyst company IDC says.
Chromebooks followed a similar trajectory, shipping 4.3 million units, a decline of 34.4% year-on-year, and making this the fifth straight quarter of decreasing shipments.
IDC said Chinese vendors were able to perform well in emerging markets where there was demand for low-end devices. Additionally, sanctions on many vendors enabled Huawei to sell well in the Russian market.
In an unassuming, off-white, two-story house in San Francisco’s Mission District, built in the Italianate style that predominates in the neighborhood, you’ll find the Institute of Illegal Images, aka the Blotter Barn. It houses an extensive personal collection of LSD art, called “blotter paper,” lovingly curated by Mark McCloud, a wizened, affable remnant of the city’s counterculture. McCloud came to California from Argentina as an adolescent, attended one of Ken Kesey’s early Acid Test “happenings” in the 1960s, puttered around the globe, and eventually put down stakes in the Mission in the mid-’70s, opening a home gallery that serves as an unbound history of the War on Drugs.
Cyber-crimes are expected to cost the world $10.5tn (€£9.3tn) by 2025, according to cyber-security research firm Cyber Ventures.
On the current trajectory, small businesses will absorb most of the hit.
They are three times more likely to be attacked by cyber-criminals compared to large businesses, cloud security firm Barracuda Networks has found.
Thales said the extortion and ransomware group had announced plans on the dark web to release the data on Nov. 7. It added that so far it had not received any direct ransom notification.
Medibank Private, one of five companies authorised to provide overseas student health cover (OSHC), revealed on 13 October that it had been the subject of a “cyber incident”. At the time it said there was no evidence that sensitive data had been accessed, and that customers could expect little inconvenience other than temporary disruptions as the international student policy management systems were taken offline.
That assessment changed a week later, with Medibank revealing that it had been contacted by a “criminal” claiming to have stolen 200 gigabytes of data. The extortionist had sent sample records from 100 policyholders, including international students, detailing their names, addresses, dates of birth, phone numbers, insurance details and medical histories.
Since the Covid-19 pandemic, ransomware attacks have increased dramatically worldwide. The latest annual report on the state of ransomware, by cybersecurity firm Sophos, indicated a 78% rise in attacks globally between 2020 and 2021. Nearly two-thirds of the organisations surveyed reported having been affected.
The tech company in a blog post revealed that upgrading one’s account to 1TB safe cloud storage is an entirely automatic process. When Google rolls out the new upgrade, every Google user will automatically get the standard 15GB storage updated to 1TB. Users will be able to add up to 100 different formats including CAD files, PDFs, and various image formats on Google Drive.
At the beginning of last week Apple released macOS Ventura, the next major version of their desktop operating system for Mac computers. We’d been monitoring a problem with Ventura since the early betas back in August with the hope that, on release, things would be working normally.
Unfortunately, this wasn’t the case. Right now, if you’re using a Pico with your Mac, we don’t recommend upgrading to Ventura (at least not yet).
A problem has arisen in the way the latest version of MacOS mounts Raspberry Pi Pico (opens in new tab) virtual volumes, meaning Macs updated to 13.0 Ventura, released October 24, cannot copy across the UF2 files used for flashing instructions onto the microcontroller. The Raspberry Pi blog has a post about the error (opens in new tab), and the company has reported it to Apple as a bug.
BUT: only 1.5% of all OpenSSL instances were found to be impacted by this security flaw
Cloud security firm Wiz.io also said that only 1.5% of all OpenSSL instances were found to be impacted by this security flaw after analyzing deployments across major cloud environments (i.e., AWS, GCP, Azure, OCI, and Alibaba Cloud).
So, the OpenSSL security issue embargo ended today and the patches dropped [sic]. Based on the contents of the security issue, the difficulty of exploiting it in practice, and the fact that most Linux distributions take basic precautions to prevent it from being a viable attack vector: this issue doesn't affect nearly any users of OpenSSL in the real world.
However, after initially rating the vulnerabilities as “critical” in a heads-up advisory last week, the new vulnerabilities have been downgraded to a severity rating of “high,” though administrators are still being urged to patch systems quickly.
Today we published an advisory about CVE-2022-3786 (“X.509 Email Address Variable Length Buffer Overflow”) and CVE-2022-3602 (“X.509 Email Address 4-byte Buffer Overflow”).
Please read the advisory for specific details about these CVEs and how they might impact you. This blog post will address some common questions that we expect to be asked about these CVEs.Q: The 3.0.7 release was announced as fixing a CRITICAL vulnerability, but CVE-2022-3786 and CVE-2022-3602 are both HIGH. What happened to the CRITICAL vulnerability?
Pre-announcements of CVE-2022-3602 described this issue as CRITICAL. Further analysis based on some of the mitigating factors described above have led this to be downgraded to HIGH. Users are still encouraged to upgrade to a new version as soon as possible.
In a TLS client, this can be triggered by connecting to a malicious server. In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects.
Microsoft Sysinternals recently released Sysmon for Linux. Beyond installing and configuring the software, there are several next steps you can take to use Sysmon for Linux to monitor against MITRE ATT&CK Techniques.
One of the five commissioners of the Federal Communications Commission (FCC) is calling on Congress to ban TikTok over concerns that user data could end up in the hands of China’s government.
“I don’t believe there is a path forward for anything other than a ban,” FCC Commissioner Brendan Carr said in an interview with Axios published Tuesday.
Surveillance proponents will claim this act of violence had nothing to do with Ring and other networked doorbell cameras. They’ll blame the neighbors, the neighborhood, the guns. But we have to face reality: Blanketing our neighborhoods in surveillance devices that promote a culture of suspicion makes all of us less safe.
After the start of Russia’s mobilization campaign in September, TikTok’s management in Russia offered to let employees move to Kazakhstan, Armenia, or Kyrgyzstan, the news outlet RBC reported, citing two sources from TikTok and one former employee of the company.
In the summer of 2022, it emerged that Russian contract soldiers refusing to fight in Ukraine and trying to get discharged from the military were being imprisoned in specialized detention camps. Hundreds of soldiers may have passed through these camps by now. The army command speak of these facilities euphemistically, calling them “centers for the recovery of combat readiness.” Since the start of mobilization, these “centers” have become places of detention for new conscripts, many of whom also refuse to fight in the Ukrainian war. This article is a nutshell version of an investigation published by Mediazona and talking about one such facility, discovered near the Ukrainian city of Perevalsk.
Vladimir Saldo, Russian-appointed head of the annexed part of the Kherson region, announced the evacuation of residents of areas within a 15-kilometer [about nine-mile] radius of the Dnipro.
Since September 21, when Russia announced its “partial mobilization,” at least 101 people who were called up as part of the campaign have been killed. The figure comes from Novaya Gazeta Europe, which cites Russian authorities as well as news reports and social media.
Russian Defense Minister Sergey Shoigu said on a conference call Tuesday that 87,000 mobilized Russians have now been sent into combat, Interfax reported.
As Israel holds national elections amid increasing crackdowns on Palestinians in the occupied West Bank, we speak with Jan Egeland, secretary general of the Norwegian Refugee Council, who is in Jerusalem and has been speaking with Palestinian families in the Occupied Territories. He is calling on Israel to end its decades-long occupation. He describes the ongoing Israeli demolition of Palestinian homes and the growth of illegal settlements, and says the situation is likely to get worse after elections as the political parties expected to make major gains are “in favor of illegal settlements, colonization of occupied land and the displacement of Palestinian families.”
The city and state of New York have agreed to pay $36 million to settle lawsuits on behalf of two men wrongly convicted and imprisoned for decades for the 1965 assassination of Malcolm X. Muhammad Aziz and Khalil Islam were exonerated last year for the murder after investigators found “serious miscarriages of justice” in the case. They each spent more than 20 years in prison for a crime they did not commit, and Islam died in 2009 before his record was cleared. We speak to civil rights lawyer David Shanies, who represented the men in their lawsuit, and scholar Abdur-Rahman Muhammad, who helped spark the reopening of the case, and was featured in the 2020 Netflix documentary series “Who Killed Malcolm X?”
Yet, citing the First Amendment, a federal judge in Arizona last week refused to grant a preliminary injunction that would have stopped the groups of people carrying out these menacing activities in Maricopa and Yavapai counties as voters participate in the midterm election. The Ninth Circuit court of appeals is currently considering an emergency request for an order to overturn that decision and put the injunction in place. The court should grant it and protect the right to vote, recognizing that First Amendment rights do not extend to threats of violence and voter intimidation.
North and South Korea have both fired missiles across their maritime border for the first time.
The South retaliated on Wednesday three hours after Pyongyang fired a missile which landed less than 60km (37mi) from its eastern city of Sokcho.
Republican candidates, often armed with guns, have "hunted" Pelosi in campaign ads and "humorous" videos, and have made other none-too subtle threats against her.
The right-wing media echo chamber has made Pelosi into a larger-than-life villain and evildoer who must be removed from power, by any means necessary, in order to "save America." The antisemitic QAnon conspiracy cult, with its deranged fantasies about Democrats and liberal celebrities who murder children and drink their blood, has also stoked hatred toward Pelosi.
“Fox News, some of this is on your hands. Some of this is on your hands. You like to call people out, I’m calling you all out,” Goldberg said. “Stop with the ‘That side is not good,’ because this is what it puts out there. It tells people that you think it’s OK to do this. Stop doing it.”
DePape faces state charges of attempted murder, burglary and elder abuse. He also faces federal charges including attempted kidnapping of a U.S. official. Those charges are outlined in an affidavit detailing the assault, which was largely captured on police body camera imagery after authorities responded to a 911 call from the Pelosis' Pacific Heights home.
There is the growing possibility of mergers or alliances of convenience involving the three prominent violent extremist groups in Nigeria and the Lake Chad Basin, namely ISWAP, Ansaru and Jama’atu Ahlis Sunna Lidda’awati wal-Jihad (JAS). The move to expand and consolidate operations is forging unlikely ties not only between terrorist groups but between them and organised criminals.
Samidoun is alleged by the Israeli government to be a front for the the Popular Front for the Liberation of Palestine (PFLP), recognized as a terrorist organization.
In videos of the event, some participants shouted slogans calling on people to throw rocks or shouting for the use of "bullets and rockets." One prominently displayed banner depicted the launch of rockets. Such projectiles are often fired by Gazan terrorist organizations into Israel.
On Thursday, in response to AFP’s question about a possible radicalisation of the accused, she had explained that he was “not known to the police and judicial authorities so far” but had “converted to Islam for several years”. BFMTV
A highly educated female suicide bomber killed three Chinese teachers in Karachi in April along with their local driver, targeting nationals from Pakistan's most important partner and seeking to undermine a relationship on which Islamabad's financial survival largely depends.
On October 28, the Russian Defense Minister Sergey Shoigu reported that Russia’s conscription goals had been met. On October 31, President Vladimir Putin said that mobilization was completed — and that he’d “talk to the lawyers” to find out whether a “demobilization” decree was needed to make this official. Now, the Kremlin cites legal opinions that no such decree is necessary. But human-rights advocates are concerned: they think that Putin’s earlier mobilization decree, signed on September 21, is still in effect.
From his unique viewpoint hundreds of kilometres above Earth, French astronaut Thomas Pesquet told AFP he felt helpless watching fires rage across the planet below, calling for more to be done to protect this fragile "island of life".
The U.S. Fish and Wildlife Service said emperor penguins should be protected under the law since the birds build colonies and raise their young on the Antarctic ice threatened by climate change.
The wildlife agency said a thorough review of evidence, including satellite data from 40 years showed the penguins aren’t currently in danger of extinction, but rising temperatures signal that is likely. The agency’s review followed a 2011 petition by the environmental group Center for Biological Diversity to list the bird under the Endangered Species Act.
Below the fold I look into this persistent failure to proceed moon-wards
Tim Wagner confirms that this is indeed the case. One sign that is quite recent and that drivers will see more and more on the road is: Rue Cyclable. With this sign, several rules must be followed: [...]
The controversial Tesla CEO was named the sole director of Twitter on Monday after completing his $44 billion acquisition of the company last week. Musk has suggested he plans to lift lifelong bans and transform Twitter’s content moderation policies, leading critics to express concerns about the spread of misinformation.
Amazon, Apple, Meta Platforms, Google and Disney were among the 20 advertisers to receive the open letter, signed by groups including the NAACP, the Center for American Progress, GLAAD, the Global Project Against Hate and Extremism, and #Voteprochoice. The effort was organized by Free Press, Media Matters and Accountable Tech.
Musk called Twitter’s “current lords & Peasants system” governing who has a blue checkmark or not “bullshit” in his post about the new system he’s planning to launch.
The big picture: Murphy is aware of the history. In a tweet, he argued: "The Saudis could have cashed out, like most everyone else. That would have been the financially sound thing to do. Instead, they allied with Musk ... There's a clear political motivation to their decision, and CFIUS should get to the bottom of it."
Reports suggest those executives were fired "for cause," which could allow Musk to avoid large payouts in cash and stock.
Elon Musk, less than a week into his ownership of Twitter, announced that the price of Twitter Blue will increase to $8 per month — and will be the only way to achieve verification on the platform.
Following on Mr Musk’s acquisition of Twitter a discussion has broken out about what to charge for. Which makes sense, because Twitter revenue is kind of lousy, notably out of sync with its societal importance, and now they’ve got a great big honking debt to service.
Whatever I may think about Twitter’s leadership, previous or current, I like the service and would prefer that it continue functioning. In fact, I like it enough to pay for it! But how much and what for?
But behind every bad question is a shred of truth. For later-stage startups (let’s say $1B+), incumbents will enter the market. At that point, the question is probably more nuanced — how much better is the distribution, production, or other advantages?
Why it matters: Musk linked to an article from the Santa Monica Observer, a website known for years for publishing false stories.
Pennsylvania, with about 13 million people, is by no means unique when it comes to the problem, but as a swing state narrowly won by President Biden in 2020, it has become a disinformation battleground ahead of the midterms on Nov. 8. The result has hardened the state’s partisan divide and deepened distrust not only of politicians but of the political process itself since the way ballots are cast and counted has been at the heart of much of the disinformation swirling around.
Unable to post Halloween photos on the app, users sought answers on Twitter and other platforms, with many of them saying they had no idea what the violations cited by Instagram could have been.
Meta, the app’s parent company, confirmed that users in different parts of the world had issues accessing their accounts, but a spokesperson said in a statement that those problems had been resolved.
An Iranian girl in middle school was beaten to death after police officers found a torn-up photo of former Iranian Supreme Leader Ruhollah Khomeini in one of her schoolbooks, local news outlet in the Sistan and Baluchestan Province Haalvsh reported on Sunday night.
On October 23rd I got shadowbanned on Twitter, followed by a permanent suspension on October 25th. As someone who was very active on Twitter, I was surprised, shocked, and sad that this happened. Especially because I didn’t know why it happened.
In the last 24 hours, two different supporters of the committee have reported that attempts to post a recently published letter written by a Chicago-area railroader were removed on the popular social news aggregation website Reddit.
Reddit is one of the largest social media websites on the planet, with over 1.7 billion visitors in May 2022. The advertising-based, for-profit website was valued at over $10 billion in August 2021 following an additional $700 million in funding led by Fidelity Investments.
Another now-defunct pro-democracy activist group, Student Politicism, also saw four of their members sentenced to up to three years in prison or a training centre after they pleaded guilty in July to conspiracy to incite subversion under the national security law. They included ex-convenor Wong Yat-chin, ex-secretary general Chan Chi-sum and ex-spokespersons Jessica Chu and Alice Wong.
A court in Moscow has stripped an activist of his Russian citizenship after he protested against the war in Ukraine. Arshak Makichyan, who is currently in an EU country but officially stateless, wrote on Facebook on October 31 that his father and two brothers were also deprived of their Russian citizenship. The activist, who is originally from Armenia but has lived almost all his life in Russia, said the court's decision was politically motivated and linked to his position against the war. To read the original story from RFE/RL's Echo of the Caucasus, click here.
A Moscow court has fined the Wikimedia Foundation, which manages Wikipedia, two million rubles ($32.6k).
The press freedom group the Committee to Protect Journalists (CPJ) included Myanmar in its annual Global Impunity Index for the first time in 2022. Of the five journalists killed there in the past 10 years, three died while detained by the junta, according to CPJ research.
Somalia, for the eighth year, tops the list published Tuesday. Mexico, which is on track to record its deadliest year with more than a dozen journalists slain, comes in at sixth on the index, which tracks unsolved journalist killings.
Myanmar’s junta has officially banned online news outlet The Irrawaddy and charged the outlet’s registered publisher for violating national security laws, state media reported over the weekend, following months of legal harassment.
The ban is the latest on at least 20 media groups – news agencies, publishing houses and printing presses – since the military seized power in a Feb. 1, 2021, coup and began a crackdown on press freedom in Myanmar.
The statement sent to RFE/RL's Radio Farda said authorities have failed to inform the family which state organ has seized Haghighatnejad's body following his October 25 repatriation to Iran for burial in his home province of Fars.
More than 300 Iranian journalists on Sunday called for the release of colleagues who were detained amid nationwide demonstrations.
They signed a statement published in the Iranian Etemad and other newspapers in which they accused authorities of arresting members of the press and "stripping them of their civil rights."
"They did not have access to their lawyers, they were interrogated and charged before holding a public hearing," the statement said.
The arrest of the journalist and à žebnem Korur-Fincancñ, head of the Turkish Medical Association (TTB), sparked protests in the country the next day. The International Press Institute (IPI) condemned the action, stating that Türkiye regularly abuses anti-terror law to target journalists, The institute called on Türkiye to release all journalists immediately.
Nine of the 11 journalists are still remanded in custody.
Police have detained 11 journalists working for two pro-Kurdish news outlets in raids across five cities in "terrorism-related" investigations.
Why accessibility is so important? It is said that 1 in 4 people (and recent stats say it’s about 15% of the world) identify as having a disability. That disability could be something you see, or invisible. You may not even know that someone has a disability unless they tell you. Accessibility is so important because it shows that you care and you want everyone to be able to access what you offer. If you don’t include accessibility you could not include 25% (or more) of your potential audience.
Rights groups say more than 200 people have died during the protests, and hundreds, if not thousands, have been arrested.
In recent days, students at several universities – including Tehran’s prestigious Sharif University of Technology and the Hormozgan University, located in a more socially conservative part of Iran – took the battle inside campuses as they tore down the barriers that segregate cafeterias, dividing men and women.
The students’ actions show that they are “prepared to engage in civil disobedience because they completely reject the Islamic Republic’s gender apartheid strictures”, said Mr Brodsky.
Now authorities are allowing Tibetans living in Lhasa who are natives of the cities and towns of Shigatse, Kongpo, Lhoka, Nagchu, Chamdo and Ngari to return to their homes. But they can do so only after first getting in touch with their respective points of contact as set by regional authorities for “swift processing,” according to an official notice dated Oct. 31. They are prohibited from returning on their own.
DW: There are over 200 dead and the regime is striking back brutally. Is this extreme reaction a sign of fear?
SN: This movement, which we Iranians now call a revolution, is the biggest uprising since the 1979 Islamic Revolution. We've had a number of different short lived uprisings in the last few years. There was the Green Movement in 2009, which lasted no more than ten days or so. And so many expected this to be another upheaval, kind of a hiccup. But we are now in the second month and it is not as trivial as they thought. This time it is not about the economy, unemployment or water — it is about women. And women are a very sacred part of society. For the men, these are their sisters, wives, mothers. So, the murder of a young woman is sacrilegious to the Iranian people. That's why I don't see the women or the people in Iran going back to the way they were six weeks ago.
Armita, an Iranian girl, participated in recent demonstrations for freedom. She was taken to Imam Ali Karaj Hospital by the IRGC security agents on October 18. Hospital authorities said that their daughter had been arrested eight days earlier by Islamic Police.
Both murals were almost identical, albeit with slight differences. The first mural depicted the famous cartoon character holding a pair of scissors in one hand and most of her iconic blue hair in the other as a reference to the Iranian women who cut their hair in protest of Mahsa Amini's death at the hands of the morality police.
The mural was immediately painted over by the consulate, but despite that, it reappeared shortly after, this time with Simpson giving the middle finger and with a more angry expression than before.
The Open Letter was published in Sunday's New York Times and expresses solidarity with Iranian women and girls, as well as men, who are continuing their daily protests for more than 40 days now across the Islamic Republic and abroad following the death of 22-year-old Mahsa Jina Amini.
Reports of extreme punishments and harsh crackdowns against protestors by Iranian authorities have flooded international headlines and social media feeds in the weeks since Amini's death, gaining worldwide attention and scrutiny.
The accused in the case was booked under sections of the POCSO Act and the Prohibition of child marriage Act for marrying and impregnating a minor Muslim girl. The incident came to light when the victim visited a Primary Health Care Centre for a check-up. Upon examination, it was discovered that she was pregnant and was around 17 years old.
When it came to court, the accused’s counsel argued that attaining puberty was the consideration for marriage under Mohammaden Law. The counsel further argued that since the girl had attained puberty at 15, the Prohibition of Child Marriage Act was not applicable.
The court rejected this by stating that since POCSO is a special Act, it overrides personal law.
The European Court of Justice (ECJ) ruled on Friday that Germany is not allowed to extradite a Serbian national to the United States. The ruling decrees that a non-EU citizen cannot be sent to serve jail time for the same crime twice.
Raneem’s husband, Janbaz Tarin, murdered both his wife and her mother, following an horrific campaign of domestic abuse towards Raneem. When they married in April 2017, Tarin, an Afghani Muslim, had warned Raneem: “We don’t have a divorce in our culture. The day you will be free from me is when I’ll kill you.”
Fieger also claimed White showed the public “edited videos” of the incident during the press conference.
“He has never provided those videos to the family and we don’t want an edited video…we want the full video,” Fieger said.
Despite his claims, Fieger says he and his team plan to obtain all video footage by issuing subpoenas to the Detroit Police Department and will release the videos to the public once obtained.
Little Rock, Ark.—It’s a scorching July day during the pandemic’s first summer. in the month since the murder of George Floyd, residents have gathered frequently in front of the Arkansas State Capitol, marching to protest the police killings of Black people across the country.1This story was reported in partnership with Type Investigations and produced with support from the Puffin Foundation and the Fund for Constitutional Government.
Writing in 1923, the prominent American judge and legal philosopher Learned Hand stated that “under our criminal procedure the accused has every advantage. While the prosecution is held rigidly to the charge, [the defendant] need not disclose the barest outline of his defense. He is immune from question or comment on his silence; he cannot be convicted when there is the least fair doubt in the minds of any one of the twelve [jurors]…. Our dangers do not lie in too little tenderness to the accused. Our procedure has been always haunted by the ghost of the innocent man convicted. It is an unreal dream.”
For example, they do say that it is good that the internet was brought to Lithuania 30 years ago. It was brought in three months, not [...] like the Vilnius stadium which is being built for 30 years. It is an example to me of how not to work.
Netflix essentially killed every part of the conventional television business when it launched a streaming video service 15 years ago. But now that it's facing an existential threat of its own from upstarts closing in on all sides, it's borrowing from the playbook of its old rival to save itself: advertising.
The Google-owned video giant announced the launch of Primetime Channels, a storefront stocked with 34 streaming services, available for any YouTube user to subscribe to. The lineup includes Paramount Global’s Paramount+ and Showtime, Lionsgate’s Starz, MGM’s Epix, AMC Networks’ AMC+ and TelevisaUnivision’s ViX+, along with more than two dozen niche-oriented channels. Users can sign up through YouTube’s Movies & TV hub; initially, the channels will be available only in the U.S.
Notably absent from YouTube’s Primetime Channels lineup are major streamers including Netflix, Disney+, Hulu and HBO Max — which are also unavailable in Amazon Prime Channels, its collection of third-party streaming services that Prime members can subscribe to.
The court has satisfied the request of the municipality of Sigulda to provide temporary protection for the “S!” trademark, which has been used by the municipality for over 12 years on its own and as part of the slogan S!gulda aizrauj (S!gulda excites). The municipality of Sigulda claims the right to be the only user of this trademark in Latvia in order not to create misleading associations with the values of the municipality.
The Court has prohibited the use of the trademark, including advertising and representation materials, without the permission of the municipality of Sigulda, until the final decision.
Copyright holders often write to internet billpayers claiming that their IP addresses have been linked to piracy. They say that billpayers are liable because they pirated content themselves or failed to stop someone else who did. When movie company Voltage Holdings tried to win default judgments against 30 internet subscribers, none of whom were shown to be the actual infringers, a judge refused to comply. In its appeal, Voltage says the judge made the wrong decision.
After winning a landmark legal battle against Yout.com last month, the RIAA is seeking $250,000 in attorneys fees from the stream-ripping site. The music group successfully thwarted Yout's request for a declaration that its service doesnt circumvent YouTube's technological protection measures. This was a futile endeavor from the start, the RIAA argues.
It is over a month since I last graced the pub with my ramblings, and I admit I need to do the courtesy of reading what you have all been saying these past few weeks.
I am trying to change habits. Again. The most sensible advice I have come across is to not to just stop doing something but to replace it with another action - don't leave a void. We all know how nature feels about voids.
* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.