Bonum Certa Men Certa

Links 23/11/2022: GNU Parallel 20221122 and Proxmox VE 7.3



  • GNU/Linux

    • Audiocasts/Shows

    • Kernel Space

      • Asahi Linux: Updates galore! November 2022 Progress Report

        Until now, Asahi Linux has only supported USB2 on the Thunderbolt ports. While the hardware USB2/3 controllers are reasonably well supported by Linux already, and the Type-C port controllers are also based on existing partially-supported hardware, there was one big missing piece: the PHY driver.

        M1 and later Apple Silicon machines use Apple-designed (or Apple-customized?) PHY hardware called “Apple Type-C PHY” (ATCPHY) that supports USB3, DisplayPort, and TB3/USB4 modes. This piece of hardware is in charge of turning the USB3/DP/TB protocol data into signals on the wires. Since we’re dealing with very high-speed signals (up to 20Gbps per pair), the PHY has to be very complex and there are a lot of analog knobs that need to be individually calibrated. With USB2, you can get away with having universal settings that work for every device, but that won’t work for USB3 and other higher-speed protocols!

        The job of the PHY driver is to configure the physical hardware with settings specific to your particular chip, which are calibrated at the factory, and to manage reconfiguration of the entire PHY hardware as different modes are switched in and out. In practice, this means a huge number of “magic” register pokes, including some with variable data that comes from factory-written eFuses. Sven has been working hard reverse engineer all of this, and this new release includes his new ATCPHY driver with support for USB3 mode!

        In addition to driving the PHY itself, the PHY driver has to very carefully coordinate with the USB controller driver (dwc3) and the Type C port controller driver (tipd). When devices are connected and disconnected, there is a complex dance of negotiation that has to happen that eventually leads to a decision on what protocols to run over which wires. This information has to be communicated to the PHY (including things like what orientation you plugged the cable in) so it can route its signals appropriately, and only after everything has been initialized in the right order can the USB controller be brought up. To make matters even trickier, the hardware is quite temperamental and if anything goes wrong the controller is likely to just lock up or fail to work!

        We think USB3 mode should be pretty solid, but you can expect some glitches when doing things like hotplugging devices quickly at this point. The good news is that, since mode-switching when you hotplug the cable involves resetting almost everything, any transient issues can usually be solved by just disconnecting and reconnecting the device. Actual USB3 operation should be solid once connected, but do let us know if you encounter any issues.

      • LWNAsahi Linux November 2022 progress report [LWN.net]

        For those who are waiting for Linux on Apple hardware, the Asahi Linux project has put out a detailed report on progress toward a working kernel and distribution.

    • Instructionals/Technical

      • It's FOSSapt remove vs apt purge: What’s the Difference?

        But in various forums, you may come across the suggestion to use the apt purge command for removing applications completely.

        [...]

        So, why are there two similar commands for removing packages? What’s the difference between the two? Let me explain it to you with a few examples.

      • AWS s3api CLI can be used to filter objects in a S3 bucket based on the Last Modified Date using the --query filter.
      • GNOMEWill Thompson: Recovering a truncated Zoom meeting recording on Endless OS

        One of my colleagues was recording a Zoom meeting. The session ended in such a way that the recording was left unfinished, named video2013876469.mp4.tmp. Trying to play it in Videos just gave the error “This file is invalid and cannot be played”. ffplay gave the more helpful error “moov atom not found”. It wasn’t too hard to recover the file, but it did involve a bit of podman knowledge, so I’m writing it up here for posterity.

      • BeebomHow to Install Google Chrome on Ubuntu (2 Methods) | Beebom

        Have you switched to Ubuntu and are looking for a straightforward way to install Google Chrome? Well, installing Chrome on Ubuntu is as simple as installing other popular browsers on Linux, Mac, or Windows. In fact, there are multiple ways to get Chrome running on Ubuntu Linux. So in this tutorial, we have included two simple ways to install Chrome on Ubuntu. Apart from that, we have also mentioned how to update Chrome on Ubuntu, and the steps to completely remove it. On that note, let’s jump to the steps.

      • Make Use OfHow to Use the less, more, and most Commands to Read Text Files in Linux

        There are many GUI text editors available on a Linux system to view and modify text files. But you might just want to read your text files within the terminal. There are many commands available on Linux that allow you to do that, three of which are less, more, and most.

        Read on to discover how you can use these three commands to effectively read text files on your Linux terminal.

      • ID RootHow To Install Podman on Ubuntu 22.04 LTS - idroot

        In this tutorial, we will show you how to install Podman on Ubuntu 22.04 LTS. For those of you who didn’t know, Podman is a container tool for virtualizing applications. It was originally developed by Red Hat and originated in the Cri-O project, which develops a lightweight container runtime environment alternative to the Docker runtime environment. Podman distinguishes itself from its competitors by allowing you to run Containers in both root and rootless modes. Additionally, Podman isn’t a running service, meaning that it’s daemons.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Podman on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

      • VideoHow to install Shotcut video editor on Linux Mint 21 - Invidious
      • VideoHow to install Red Hat Enterprise Linux 9.1 - Invidious

        In this video, I am going to show how to install Red Hat Enterprise Linux 9.1.

      • Linux Made SimpleHow to install OnlyOffice on a Chromebook

        Today we are looking at how to install OnlyOffice on a Chromebook.

        If you have any questions, please contact us via a Rumble comment and we would be happy to assist you!

        This tutorial will only work on Chromebooks with an Intel or AMD CPU (with Linux Apps Support) and not those with an ARM64 architecture CPU.

      • Make Use OfHow to Use diskonaut to Generate a Visual Treemap of Your Linux Disk Space

        Disk space fills up quickly on Linux, and before you know it, it's time to invest in another couple of terabyte drives to house your rapidly ballooning file system. How did it ever get so bloated?

        Tracking down and visualizing files and directories which are taking more than their share of the room is difficult—especially if you're a dedicated terminal dweller.

        diskonaut is an app that can finally help you to visualize, identify, manage, and delete overgrown branches of your file tree, all from the comfort of your favorite terminal.

      • Make Tech EasierHow to Install and Update Google Chrome in Ubuntu - Make Tech Easier

        Most users who want to install Google Chrome in Ubuntu tend to use an App Store or go through Ubuntu Software. What they don’t know is that Google Chrome isn’t available in any major Linux distribution archives, so it can’t be installed directly from the Software Center. Here we show you how to install Google Chrome in Ubuntu.

    • Games

      • PS4 Linux: PSXITA Team and developer Mircoho improve Linux performance on PS4 Pro - Wololo.net

        Team PSXITA have worked with developer Mircoho to fix performance issues of PS4 Linux on PS4 Pro on recent firmwares. They have released* binaries that should work as well as, if not better than, their equivalent on regular PS4s.

        As strange as it might sound, Linux tends to be slower on PS4 Pro than regular PS4s. This is mostly for historical reasons, as the folks behind the original Linux support for PS4 (Team Fail0verflow, in particular Marcan who’s now working on Linux support for Apple Silicon) worked on regular PS4s.

        The PS4 Pro has multiple significant differences from the PS4, and as such the Linux ports we’ve been using are critically under optimized for the PS4 Pro.

        A couple weeks ago, PSXITA have released new binaries that finally make Linux run reasonably fast on the PS4 Pro. It’s still not taking full advantage of the console’s extra power, but according to the devs this should be quite acceptable now.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Timothée RavierFinilazing rpm-ostree support in Discover - Siosm’s blog

          Initial support for rpm-ostre was added in Discover as part of a Season of KDE 2021 project that was completed by Mariam Fahmy.

          Unfortunately, we hit some hard to diagnose issues related to DBus interactions with rpm-ostree so the work was left in limbo for a while and kept disabled in Fedora Kinoite.

          I recently picked it up again and implemented a work around as I could not figure out the root cause of our original issue.

        • KDABCXX-Qt 0.4 Released - KDAB

          We just released CXX-Qt version 0.4!

          CXX-Qt is a set of Rust crates for creating bidirectional Rust ⇄ C++ bindings with Qt. It can be used to integrate Rust into C++ applications using CMake or build Rust applications with Cargo. CXX-Qt provides tools for implementing QObject subclasses in Rust that can be used from C++, QML, and JavaScript.

          For 0.4, most of the internals of CXX-Qt have been refactored into stages, which means it is easier to maintain. There are various small changes to the API, such as the capability of using attributes in more places rather than magic struct names. Relocatable Qt types have been marked as trivial to CXX (which means they don’t need to be wrapped in pointers).

          Some of the larger developer-facing changes are listed below.

      • GNOME Desktop/GTK

        • GNOMEVoice (gnome-voice) 1.0.1 with Multiple Voice Streaming and Recording - Ole Aamot



          The first stable Voice (gnome-voice) 1.0.1 release is now available at https://download.gnome.org/sources/gnome-voice/1.0/gnome-voice-1.0.1.tar.xz with Voicegram streaming and recording in Ogg Vorbis.

          Voice 1.0.1 is a new Public Voice Communication Software being built on GNOME 44 and published as GNOME Software as well as in the Bachelor thesis in Programming – Aamot, Ole Kristian: Public Voice Communication (NTNU, 2025).

  • Distributions and Operating Systems

    • New Releases

      • Proxmox VE 7.3 released! | Proxmox Support Forum

        we're very excited to announce the release of Proxmox Virtual Environment 7.3. It's based on Debian 11.5 "Bullseye" but using a newer Linux kernel 5.15 or 5.19, QEMU 7.1, LXC 5.0.0, and ZFS 2.1.6.

        Proxmox Virtual Environment 7.3 comes with initial support for Cluster Resource Scheduling, enables updates for air-gapped systems with the new Proxmox Offline Mirror tool, and has improved UX for various management tasks, as well as interesting storage technologies like ZFS dRAID and countless enhancements and bugfixes.

    • BSD

      • FreeBSDFall Foundation Software Development Update | FreeBSD Foundation

        During the third quarter of 2022, 300 src, 36 ports, and 13 doc tree commits were made that identified The FreeBSD Foundation as a sponsor. It’s challenging to concisely summarize all this work. It varies from complex new features to various bug fixes spanning the src tree. A few highlights include adding ZFS support to makefs, adding experimental 16k page support on arm64, removing the default pager, and fixing race conditions in the event timer.

      • FreeBSDInvest in FreeBSD | FreeBSD Foundation

        Giving Season. It’s a term we use often as the year comes to an end. A time when we reflect on what’s been impactful to us over the past year and how to give back. Just like many other non profit organizations, Giving Season is an important time for the FreeBSD Foundation. It’s when we remind folks of the work we’re doing to support FreeBSD and ask for your help in continuing that work. However, it’s also important to know that when you support the FreeBSD Foundation, you’re not only giving back to what is important to you, you are also investing in the future of FreeBSD. Your funds directly impact the success of the operating system. Your investment ensures that FreeBSD stays the relevant, secure, and sustainable operating system you’ve come to rely on.

      • MWLFifty Books. Thirty Years. What Next?

        I edited my SNMP MIB to include the two new books, Prohibition Orcs and Frozen Talons, and realized that the first book in that table came out in 1992.

        Thirty years ago.

        Plus, Frozen Talons is my 50th full book. If you count “things with my name on them,” including anthologies and chapbooks but not translations, it’s number 96. No–wait–my list is missing one thing. It’s 97. Quick, someone send me a neurotypical personal assistant to track all this crap!

    • Fedora Family / IBM

      • Fedora MagazineFirst Anaconda preview image now public!

        We are excited to announce the first public preview image of the new Anaconda web interface! Our vision is to reimagine and modernize our installer’s user experience (see our blog post “Anaconda is getting a new suit”). We are doing this by redesigning the user experience on all fronts to make it more easy and approachable for everyone to use.

        Today, we would like to introduce our plans for the public preview release, as our new project has already reached a point where core code functionality is already developed and the new interface can be used for real installations.

    • Canonical/Ubuntu Family

      • OMG Ubuntu’Folder Color' Tool Adds Support for Ubuntu 22.10 - OMG! Ubuntu!

        You’re probably already familiar with Folder Color, a terrifically nifty tool that makes it easy to change the colour of folder icons in Nautilus.

        Well, I’ve some good news: it recently added support for Ubuntu 22.10 and GNOME 43. This means you can continue to change the colour of any folder in Nautilus (as well as badge folders with a selection of emblems) to suit your own tastes.

        If you’ve used the tool in earlier versions of Ubuntu/Nautilus then nothing has changed: right-click on any folder in the file manager and page into the ‘folder color’ menu to pick a hue from the list available. The change applies instantly.

    • Devices/Embedded

      • LiliputingOrange Pi OS: Android and Linux-based operating systems for Orange Pi single-board PCs

        The maker of the Orange Pi line of single-board computers (among other things) offers a handful of Android or Linux images that can be installed on most of the company’s products. But for the most part they’re just existing operating systems that have been tweaked to support Orange Pi hardware.

        Now Shenzhen Xunlong Software has started to develop its own Orange Pi OS for some of its most recent computers. Actually, there are a few different version of Orange Pi OS. One is based on Android, and it’s already available for installation on the Orange Pi 800 computer-in-a keyboard. Next year the company plans to launch an operating system based on Arch Linux and another based on OpenHarmony.

      • CNX SoftwareOrange Pi OS - An Android-based desktop OS with Windows 11’s look and feel - CNX Software

        The manufacturer of Orange Pi boards, Shenzhen Xunlong Software, has formally announced the release of Orange Pi OS based on Android with a Windows 11-styled desktop that we are told can also be switched to macOS look and feel, and offering features typically found in desktop operating systems such as multi-window support.

        I understand the current release of the operating system works on Orange Pi 800 keyboard PC and the Orange Pi 5 SBC should also be supported once soon. We’re told Orange Pi OS is based on Android 12, but that may be an error since I’m not aware of an Android 12 SDK for the Rockchip RK3399 processor. The company plans to release an Arch Linux Arm version named Orange Pi OS (Arch) as well as an Open Harmony variant called Orange Pi OS (OH) next year.

      • LinuxiacLinkStar H68K Is a Portable WiFi Pocket Router Able to Run Linux

        Based on a quad-core Cortex-A55 RK3568 chip, the LinkStar H68K is a portable pocket WiFi router that can also function as a media player.

        Home routers are a market with a wide range of devices and functions. However, now and then, models emerge that break the established mold, as is the case with the LinkStar H68K. So let’s see what difference has to offer.

        [...]

        We’re not sure which of the two statements is correct – that the LinkStar H68K is a WiFi router with SBC (Single Board Computer) capabilities or vice versa – because the device is meant to combine both functions well enough.

      • Geeky GadgetsLinkStar H68K compact router and mini PC

        LinkStar-H68K is a new portable router and mini PC that can not only run Android and Linux operating systems but also features 4 x Ethernet interfaces offering users dual-2.5G and dual-1G in a compact form factor. Powered by a quad-core Cortex-A55 RK3568 chip the mini PC/router has been created to provide “great extensibility and media player functionality, functioning well both indoors and outdoors, whether for traveling or stationary” says LinkStar.

    • Open Hardware/Modding

      • Tom's HardwareHow to Set Up RetroPie on Raspberry Pi 4 (or earlier) | Tom's Hardware

        In the 1980s and 1990s, the arcades were the place to be. The latest games ate our quarters as we pursued ever higher scores. Those days are now sadly behind us but retro gaming has seen massive growth in the past decade.

        Using a Raspberry Pi, you can run a variety of emulators that allow you to play not only old-time arcade games, but also your favorite titles from tons of old consoles, including the Atari 2600, NES, Nintendo 64, Sega Genesis and Gameboy. There are a number of emulation platforms available, but RetroPie is by far the most popular and arguably the best.

      • Tom's HardwareRaspberry Pi Creators Honored With Museum Fellowship | Tom's Hardware

        Raspberry Pi's Liz and Eben Upton, the chief marketing and communications officer and CEO of Raspberry Pi Ltd, respectively, have received honorary fellowships from the UK’s National Museum of Computing for their services to computer science.

      • Tom's HardwareRaspberry Pi Hoverboard Project Rolls in for a Ride | Tom's Hardware

        When it comes to tech, sometimes it’s just more fun to build the gadget yourself — and what better tool could you ask for than the Raspberry Pi? Maker and developer Orhan Günsal apparently had the same thought when devising this Raspberry Pi-powered hoverboard project. Not only is it Pi-powered, but it’s got additional features that take it to the next level with wireless support.

        This hoverboard is fitted with four wheels, each controlled by the Raspberry Pi using 250-watt motors. In a demo video of the project shared by Günsal, he shows off the mobility of his custom Pi-powered hoverboard using a web interface with a few pre-programmed control options.

      • ArduinoDIY vacuum gauge controller saves big money | Arduino Blog

        Measuring vacuum works in the same way as measuring any other gas pressure, because a perfect vacuum is unachievable and so it is a measure of how close to zero the air pressure inside a container becomes. But typical pressure gauges aren’t meant to measure pressures below ambient atmospheric pressure (vacuums). That requires special sensors and Advanced Tinkering built his own vacuum gauge controller to handle them.

        The vacuum sensors that Advanced Tinkering purchased were designed for use with a proprietary controller that costs thousands of dollars. The sensors don’t just send an analog signal corresponding to pressure level (which would be very easy to read), but also status information. Even with that added complexity, the proprietary controller is very expensive for what it is. Advanced Tinkering correctly assumed that he could replicate its functionality with affordable off-the-shelf hardware. The communication protocols for his sensors are well-defined in published documents, which made them much easier to work with.

    • Mobile Systems/Mobile Applications

  • Free, Libre, and Open Source Software

    • AMD

    • Web Browsers/Web Servers

      • Chromium

        • WebRTC (Chromium): Year end report - Jan Grulich

          Although Wayland screen sharing is still not yet enabled by default in Chromium, which is what I hoped to achieve this year, I think I can say we are almost there and you can expect it sooner than later. Let’s summarize what we have accomplished this year to make this change happen...

      • Mozilla

        • ThunderbirdHelp Keep Thunderbird Alive and Thriving In 2023

          Since 2003, part of our mission has been giving you a customizable communication experience full of powerful features. The other part of Thunderbird’s mission is more personal: Respecting your privacy and putting you in control – not a corporation.

          We never show advertisements, and we never sell your data. That’s because Thunderbird is completely funded by gifts from generous people just like you. You keep this great software free, and you keep us thriving!

          But accomplishing this mission is expensive. Consistently improving Thunderbird and keeping it competitive means ensuring your security in a constantly changing landscape of mail providers. It means maintaining complex server infrastructure. It means fixing bugs and updating old code. It means striving for full accessibility and a refreshing, modern design.

        • Firefox Nightly: More improvements than can fit into this title – These Weeks in Firefox: Issue 127
        • MozillaImproving Firefox stability with this one weird trick - Mozilla Hacks - the Web developer blog

          The first computer I owned shipped with 128 KiB of RAM and to this day I’m still jarred by the idea that applications can run out of memory given that even 15-year-old machines often shipped with 4 GiB of memory. And yet it’s one of the most common causes of instability experienced by users and in the case of Firefox the biggest source of crashes on Windows.

          As such, at Mozilla, we spend significant resources trimming down Firefox memory consumption and carefully monitoring the changes. Some extra efforts have been spent on the Windows platform because Firefox was more likely to run out of memory there than on macOS or Linux. And yet none of those efforts had the impact of a cool trick we deployed in Firefox 105.

          But first things first, to understand why applications running on Windows are more prone to running out of memory compared to other operating systems it’s important to understand how Windows handles memory.

    • Productivity Software/LibreOffice/Calligra

      • Document FoundationWelcome Stéphane Guillou, new QA Analyst for LibreOffice - The Document Foundation Blog

        I am from France, with roots also in Peru, but lived for the last 10 years in Australia with my awesome little family before coming back to France. We now live in Alsace, close to the forest in the Vosges mountains.

        I studied plants, ecology and sustainability before working in agricultural research. I am still very passionate about plants and the environment, but my focus has moved towards supporting researchers in their data analysis, promoting Open Science principles and offering training about FLOSS research software, which I was able to do for the last 4 years at the University of Queensland’s Library, and before that as a certified instructor of the Carpentries organisation.

        I am passionate about sharing information about Open Science, and contributing data to the Commons. You can for example find me on other wonderful projects like OpenStreetMap, iNaturalist and MusicBrainz.

      • LWNWelcome Stéphane Guillou, new QA Analyst for LibreOffice (Document Foundation)

        The Document Foundation has announced the hiring of a quality-assurance analyst, bringing its staff up to 13 people.

    • Content Management Systems (CMS)

      • WordPressState of the Word 2022

        Mark your calendars; it’s almost time for State of the Word 2022!

        State of the Word is the annual keynote address delivered by the WordPress project’s co-founder, Matt Mullenweg. Every year, the event shares reflections on the project’s progress and the future of open source. Expect this and more in this year’s edition.

        This year’s event will take place in person in New York City and live-streamed via various WordPress.org social media platforms.

        Join Matt as he provides a retrospective of 2022, the latest WordPress releases, Site Editor advancements, and a return to in-person events around the globe, among other topics.

      • WordPressThe Month in WordPress - October 2022 - WordPress News

        With the end of the year fast approaching, the WordPress project has not slowed down. Read on to learn more about the latest major release, WordPress 6.1, and the State of the Word 2022 live event, among other exciting news. It’s time to catch up on all things WordPress!

    • FSFE

      • Daniel PocockMatthias Kirschner, FSFE: Plagiarism & Child labour in YH4F

        Their original announcement promised an award ceremony in June 2022. Many people noticed that June came and went and there was no news about the awards. It looks like they moved it to October. Why? Could it be because the ILO decided to call a week of action against child labour from 3 to 12 June 2022?.

        One of the most startling things in FSFE's recent announcement is the obfuscation of the children's names. While we can see the name of Kylie Minogue in the credits of her early TV appearances, we can't see the names of the children who did unpaid work for FSFE. They only show the names of the children who won a prize and even then, FSFE only shows us their first names.

        Matthias Kirschner wants to be a middleman. If you use the code created by these children and if you want to make a donation then he wants you to give the money to him and not directly to the children who wrote the code. Obfuscating the names of the real authors in this way is very close to plagiarism.

        If you look at the FSFE staff list, none of the adult staff are developers. They are entirely dependent on children and volunteers to write code.

        An earlier report tells us that over 100 children registered for the program. We don't know how many of those children started working on a project or how many hours each child worked. We only know 6 children received fixed-fee payments in the form of prizes at the end.

    • GNU and S/W Freedom

    • Programming/Development

      • Red HatPipenv and S2i: A better way to manage Python dependencies in containers | Red Hat Developer

        Managing the many libraries and packages used by an application is complex and has some hidden risks. The difficulties increase when you want to run an application in a container, because you need to manage a development environment when creating a different set of libraries and packages for the containerized application. This article discusses some of the common problems Python developers face when containerizing Python applications, and how Pipenv and Source-to-Image (S2I) can help to resolve those problems. We will build a simple Python application on the Red Hat OpenShift container platform using those tools.

      • Red Hat OfficialPython vs. Bash? Why not both with Python’s subprocess module | Enable Sysadmin

        Python's subprocess module easily integrates Bash into your Python scripts.

      • Dirk EddelbuettelThinking inside the box

        A new package made it to CRAN today: spdl. It provides a very simple interface to spdlog with the key focus being that provides the same interface from both R and C++. I had brought spdlog to R a little while ago via RcppSpdlog, but its use was generally limited to C++ code where we would write something like (taken from one of the examples included in the package)...

      • MedevelBuild A Map-rich Apps with React and React Simple Maps

        React Simple Maps is a free open-source React Library that allows developer to add interactive colorful SVG maps in their applications.

      • Red HatHow I developed a faster Ruby interpreter | Red Hat Developer

        In this article, I will describe my efforts to implement a faster interpreter for CRuby, the Ruby language interpreter, using a dynamically specialized internal representation (IR). I believe this article will interest developers trying to improve the interpreter performance of dynamic programming languages (e.g., CPython developers).

  • Leftovers

    • Hardware

      • CNX SoftwareBedrock V3000 Basic fanless industrial computer is powered by an AMD Ryzen Embedded V3000 processor - CNX Software

        SolidRun Bedrock V3000 Basic is an industrial fanless computer based on the new AMD Ryzen Embedded V3000 Zen3 processor family designed for storage and networking applications.

        More specifically, the embedded computer is based on the AMD Ryzen Embedded V3C48 octa-core/sixteen-thread processor with up to 64 GB DDR5 memory, support for up to three M.2 key-M 2280 NVMe SSDs, and impressive network connectivity options with two SFP+ cages capable of 10 Gbps speeds, four 2.5GbE RJ45 ports, and optional support for WiFi 6, 4G and/o 5G cellular connectivity.

        [...]

        Windows 10/11/IoT and Linux are supported, but the company says other x86 operating systems should work too.

    • Proprietary

      • IT WireiTWire - Nozomi researchers find 13 BMC firmware flaws in OT, IoT devices

        Security researchers at Nozomi Networks, a California firm devoted to industrial cyber security, have found 13 vulnerabilities in the firmware of baseboard management controllers on an expansion card made by a Taiwan-based company.

        The firmware in question was on an IAC-AST2500A expansion card and was based on a product from American Megatrends that is used by ASUS, Dell, HP, Lenovo, Gigabyte and Nvidia.

        The card is used in both operational technology and IoT devices and is made by Lanner. Five of the 13 vulnerabilities were found to be critical.

        The team said it had uncovered further vulnerabilities as well and would reveal these at a later date after consulting the vendor.

    • Linux Foundation

    • Security

      • UbuntuOpen source and cybersecurity: from prevention to recovery

        So you have just installed the latest antivirus and turned on your shiny new firewall. Now your organisation is fully secure, right?

        The reality is that all the security products in the world will never be able to fully protect your data centre or your business from security threats. Because of the asymmetry between attackers and enterprises, cybersecurity is a problem that can never be solved and is never going away. The key is to realise that the journey towards a healthy infrastructure is one that has a beginning but not an end.

        So what does a good cybersecurity strategy look like? While Canonical is not a cybersecurity vendor, we make sure countless organisations around the world are safe from potential attackers. As the first link in the software supply chain, we play a critical role here.

      • CISACISA Releases Eight Industrial Control Systems Advisories | CISA

        CISA has released eight (8) Industrial Control Systems (ICS) advisories on 22 November 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

      • CISAAVEVA Edge [Ed: 9.8 out of 10 in severity. Microsoft TCO: "Windows UNC Share".]

        Successful exploitation of these vulnerabilities could allow an attacker to insert malicious DLL files and trick the application into executing code.

      • GoogleProject Zero: Mind the Gap

        In June 2022, Project Zero researcher Maddie Stone gave a talk at FirstCon22 titled 0-day In-the-Wild Exploitation in 2022…so far. A key takeaway was that approximately 50% of the observed 0-days in the first half of 2022 were variants of previously patched vulnerabilities. This finding is consistent with our understanding of attacker behavior: attackers will take the path of least resistance, and as long as vendors don't consistently perform thorough root-cause analysis when fixing security vulnerabilities, it will continue to be worth investing time in trying to revive known vulnerabilities before looking for novel ones.

      • MacRumorsApple Device Analytics Contain Identifying iCloud User Data, Claim Security Researchers - MacRumors

        On Twitter, security researchers Tommy Mysk and Talal Haj Bakry have found that Apple’s device analytics data includes an iCloud account and can be linked directly to a specific user, including their name, date of birth, email, and associated information stored on iCloud.

      • Bruce SchneierApple’s Device Analytics Can Identify iCloud Users - Schneier on Security

        Apple was just sued for tracking iOS users without their consent, even when they explicitly opt out of tracking.

      • Privacy/Surveillance

        • Citizen LabMobility Data and Canadian Privacy Law Explained - The Citizen Lab

          In the report, we investigate the collection of mobility data by the federal government, its legality under the existing and proposed commercial privacy regime, and proposed recommendations for the reform of draft Bill C-27 which would address many of the issues in the governance of mobility data.

          The federal government obtained de-identified and aggregated mobility data from Telus and BlueDot, beginning as early as March 2020, but this only came to the public’s attention in December 2021. The Standing Committee on Access to Information, Ethics, and Privacy (ETHI) investigated this data collection and ultimately raised concerns about the federal government’s inadequate consultation with the Office of the Privacy Commissioner, the failure of the government to verify consent had been provided to collect or disclose the mobility information, the broad purposes for data collection, and the unclear timeline for the government’s retention of data.

          When we assessed the lawfulness of the collection of mobility data, we found that BlueDot and Telus likely complied with current private sector privacy legislation PIPEDA. Specifically, the de-identified information likely did not constitute personal information within the meaning of PIPEDA. This, however, led us to spotlight deficiencies in current privacy legislation.

        • Citizen LabMinding Your Business: A Critical Analysis of the Collection of De-identified Mobility Data and Its Use Under Socially Beneficial and Legitimate Business Exemptions in Canadian Privacy Law - The Citizen Lab

          The Government of Canada obtained de-identified and aggregated mobility data from private companies for the socially beneficial purpose of trying to understand and combat the spread of COVID-19. This collection began as early as March 2020, and the information was provided by Telus and BlueDot. It wasn’t until December 2021, after the government issued a request for proposals for cellular tower information that would extend the collection of mobility information, that the public became widely aware of the practice. Parliamentary meetings into the government’s collection of mobility data began shortly thereafter, and a key finding was that Canada’s existing privacy legislation is largely ineffective in managing the collection, use, and disclosure of data in a manner that recognizes the privacy rights of individuals. In spite of this finding, the federal government introduced Bill C-27: An Act to enact the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act and the Artificial Intelligence and Data Act and to make consequential and related amendments to other Acts in June 2022 which, if passed into law, will fail to correct existing deficiencies in Canada’s federal commercial privacy law. In particular, Bill C-27 would make explicit that the government can continue collecting information, including mobility data from private organizations, so long as uses were socially beneficial and without clearly demarcating what will or will not constitute such uses in the future.

        • AccessNowPhone contracts should not bind survivors to abusers — SAFE Connections Act needed now

          The U.S. Senate passes the SAFE Connections Act, and the bill heads to President Biden’s desk to become law.

    • Environment

      • Energy

        • IT WireGovernment reaches deal with Greens on bill cutting EV prices

          The Federal Government has reached an agreement with the Greens to reduce the prices of electric and hybrid vehicles.

          A statement from the Greens said changes to the bill in question would mean that any cuts in prices for plug-in vehicles would end on 1 April 2025.

          Apart from this, the government also agreed to prioritise the use of zero-emission vehicles in its fleet.

          The law in question cuts the import tariffs for eligible vehicles and also removes the fringe benefits tax. The latter would make the purchase of these vehicles cheaper through packages provided by their employers.

          {loadposition sam08}Labor proposed the law on 1 May prior to the election. Estimates from the Electric Vehicle Council at the time claimed the cost of a $50,000 EV would drop by $2000 if the tariffs were cut and removing the fringe benefits tax would reduce costs by $9000.

    • Finance

    • AstroTurf/Lobbying/Politics

      • AxiosTwitter tech glitches mount as staffers depart

        Waves of layoffs and departures from Twitter last week led many users to fear the service might face a sudden crash of some kind, as hashtags such as #RIPTwitter and #TwitterDown trended in the U.S.

    • Censorship/Free Speech

      • VOA NewsEthiopia Prepares to Host UN Internet Forum Amid Tigray Blackout

        Ethiopia is set to host the U.N.'s annual Internet Governance Forum later this month, despite an ongoing communications blackout in its war-damaged Tigray region. The government-imposed blackout in the Tigray region has left six million people without phone or internet access for nearly two years.

        The November 28 forum is expected to draw over 2,500 delegates to Addis Ababa, one of the largest international gathering in Ethiopia's capital in years.

        Those not able to attend in person will be able to log in virtually to hear sessions dealing with topics such as "connecting all people" and "meaningful access" to the internet.

        People living in Tigray will not be tuning in, however. The northern region was subjected to one of the world's tightest communications blackouts, when war broke out between the federal military and forces led by the Tigray People's Liberation Front, or the TPLF, in November 2020.

        A peace deal struck earlier this month commits the federal government to restoring the services, but the blackout is still firmly in place.

    • Freedom of Information / Freedom of the Press

      • GizmodoWikiLeaks' Website Is Falling Apart

        As Julian Assange faces extradition, his once prominent platform for government document reveals and data dumps has seen better days.

        [...]

        Of the 65 internal links listed on the site’s central “Leaks” page, 20 were broken or led to error pages, according to Gizmodo’s assessment at the time of writing. The organization claimed, on its 10th anniversary, that it had released 10 million documents onto the internet. However, only around 3,000 were still available on the site this week, according to Daily Dot.

        [...]

        Yet whatever problems the site and non-profit have been reckoning with over the past few years appear to have multiplied this month. WikiLeaks’ homepage has been down because of server errors more often in Nov. 2022 than any other time in the past 12 years, based on the Wayback Machine’s archive of data.

        Additionally, sometime between Nov. 10 and Nov. 21, Defend WikiLeaks, a site once dedicated to fundraising for Assange’s legal fees and advocating for his release, was usurped by a Vietnamese sports blog and/or a Japanese fashion blog. For a time, the same Japanese blog page showed up at the URL for the Courage Foundation—a related whistleblower fundraising site, as pointed out by the Daily Dot.

        In contrast, WikiLeak’s Twitter page remains very active, mostly tweeting out posts in support of Assange. Gizmodo reached out to WikiLeaks’ Twitter via DMs to get more information about the org’s website, but the account holder didn’t immediately respond.

    • Internet Policy/Net Neutrality

      • IT WireAsia-Pac telcos selling towers to ease financial strain, claims S&P

        Telecommunications providers in the Asia-Pacific region are increasingly turning to selling towers to ease the financial strain they are under, the global ratings agency S&P Global Ratings says in a research note.

        The company said it believed the sales made sense both for the telcos and the tower specialists who bought the assets.

        The revenue raised by such sales provided breathing space for telcos whose balance sheets were stretched by years of heavy capital expenditure, S&P said.

        It pointed out that telcos' earnings had not kept pace with the increased costs of upgrading to more advanced networks.

    • Monopolies

      • IT WireUK to investigate Apple, Google dominance in mobile browsers, cloud gaming

        The UK competition regulator has confirmed it is investigating the dominance enjoyed by Apple and Google in cloud gaming and mobile browsers.

        The Competition and Markets Authority said in a statement on Tuesday it had launched a consultation in June as to whether it should conduct such an investigation and had now received wide support to go ahead.

        The consultation followed the publication of a Mobile Ecosystem Market Study report which found that Apple and Google enjoy a duopoly "on mobile ecosystems that allows them to exercise a stranglehold over operating systems, app stores and web browsers on mobile devices".

      • Copyrights

        • Public Domain ReviewDisplaying the Dead: The Musée Dupuytren Catalogue – The Public Domain Review

          When Paris’ infamous museum of anatomical pathology closed its doors in 2016, a controversial collection disappeared from view. Daisy Sainsbury explores the history of the Musée Dupuytren, and asks what an ethical future might look like for the human specimens it held.

        • Public Domain ReviewThe Tanzmasken of Lavinia Schulz and Walter Holdt (ca. 1924) – The Public Domain Review

          In January 1924, a German studio photographer of some status, Minya Diéz-Dührkoop, took portraits of a young avant-garde artist couple, Lavinia Schulz (1896–1924) and her husband Walter Holdt (1899–1924). The photos are unusual, partly because the couple’s faces are never visible, and partly because the costumes they’re wearing are so bizarre: Grandiose, but also earthy and oddball — a brigade of science fiction bogeymen, homespun.

          Schulz and Holdt made these costumes for dancing; they performed under the name Die Maskentänzer (The Mask Dancers). The outfits are more sculpture than clothing, and they entirely swallow up the wearer. Some suggest a mongrel collision of characters — a buggy-eyed insect meets a jester meets a bearded tomato — and others allude to zippy motion, with eyeballs cartoonishly pulling off the face. Wires poke out and wooden blocks dangle, a bridge seesaws from shoulder to shoulder. Many of the geometric silhouettes defy anatomy; hands, feet, and heads are all boxed in, with no apparent exit. The bright, discordant colors were apparently chosen based on esoteric rules. Remarkably, Schulz and Holdt’s craftsmanship, especially the sewing, keeps pace with their imaginative reach.

  • Gemini* and Gopher

    • Technical

      • Returning to 80-character line widths

        After years of passively advocating for 115-column lines in source code, I've recently moved back to openly advocating for 80-column limits. This seems pedantic and tech-y enough to be fit for a gemlog post so here we go.

        The main argument for column limits in general are that excessively long lines of text are difficult to read (because we have human eyes), and enforcing a standard makes code less difficult to follow specifically because of uniformity in program structure. There are more niche reasons to prefer or oppose hard limits, but the main argument against them is that modern computers have very large screens so artificially shrinking code's horizontal width is less efficient, because it pushes complexity into the vertical expanse.

      • Federating with the Devil



        I'm going to assume consequentialist outlook, because I'm a consequentialist, and because other schools of ethical thought have no ability to measure anything other than book-sales.

        I also want to avoid the temptation to consider what 'the fediverse' should do, because there is no such place or person - the choices will be made by individual administrators, I have to assume that some administrators will federate, and others won't. Even if we could all achieve something amazing by working together, it doesn't mean that individual servers should do it - everyone instance makes the choice alone.

      • Slowing the Terminal

        The original terminal interface let you type to the computer in a type-writer, and the computer would type back - no screen required, just typed-text. Since then, computers have become so fast that no human could possibly read the text spat back out at the user.

        I don't think proper distinctions have been made with a lot of this text. Should I read the output of and update? In this case, is the interface assuming that I should scroll up and read from the top, since nobody could possibly read the real-time output? In this case, should the terminal not have a maximum character limit which guarantees that you can read the output? Or some way to ensure that no more than 3,000 lines of text come out?

      • Mastodon Users, You can Help Open Source

        With the new wave of users to Mastodon, the conversations online have been a little more meta than usual. There are about a million people coming over all having a brand new experience. This also means a lot of posts asking "What is this?", "How do I do X?", and "Why can't I do Y? Twitter let me do Y." The community is doing a good job responding, throwing out help when possible. But the benefit and bane of open source projects is there are a ton of different user interfaces and they all do things slightly different.

        Just like the community you find in the service, there is a community of developers who create the apps and services you use. The nice thing about open source is you the user have a direct line to the developers. You can provide bug reports. You can provide feature requests. If the documentation is lacking, you can easily provide support by making it better. And of course, you can toss them a few bucks to thank them and help keep their lights on. Below I've compiled a list of links to many of the projects so that you can easily let the developers know what is broken and what can be done better.

      • Announcements

        • Toe 0.2 release

          Some of the recent changes to Agis had application to Toe as well, with minor changes. Toe now shuts down gracefully when receiving sigint, sigterm, etc. I've also done some general code cleanup and housekeeping.

        • Agis 0.4 release

          I release version 0.4 of Agis this evening. This release adds a number of new features as well as greater stability. Agis has been serving this capsule over the Spartan protocol for the past six months.


* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.



Recent Techrights' Posts

Topics We Lacked Time to Cover
Due to a Microsoft event (an annual malware fest for lobbying and marketing purposes) there was also a lot of Microsoft propaganda
 
Links 23/11/2024: "Real World" Cracked and UK Online Safety Act is Law
Links for the day
Links 23/11/2024: Celebrating Proprietary Bluesky (False Choice, Same Issues) and Software Patents Squashed
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, November 22, 2024
IRC logs for Friday, November 22, 2024
Gemini Links 23/11/2024: 150 Day Streak in Duolingo and ICBMs
Links for the day
Links 22/11/2024: Dynamic Pricing Practice and Monopoly Abuses
Links for the day
Microsofters Try to Defund the Free Software Foundation (by Attacking Its Founder This Week) and They Tell People to Instead Give Money to Microsoft Front Groups
Microsoft people try to outspend their critics and harass them
[Meme] EPO for the Kids' Future (or Lack of It)
Patents can last two decades and grow with (or catch up with) the kids
EPO Education: Workers Resort to Legal Actions (Many Cases) Against the Administration
At the moment the casualties of EPO corruption include the EPO's own staff
Gemini Links 22/11/2024: ChromeOS, Search Engines, Regular Expressions
Links for the day
This Month is the 11th Month of This Year With Mass Layoffs at Microsoft (So Far It's Happening Every Month This Year, More Announced Hours Ago)
Now they even admit it
Links 22/11/2024: Software Patents Squashed, Russia Starts Using ICBMs
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, November 21, 2024
IRC logs for Thursday, November 21, 2024
Gemini Links 21/11/2024: Alphabetising 400 Books and Giving the Internet up
Links for the day
Links 21/11/2024: TikTok Fighting Bans, Bluesky Failing Users
Links for the day
Links 21/11/2024: SpaceX Repeatedly Failing (Taxpayers Fund Failure), Russian Disinformation Spreading
Links for the day
Richard Stallman Earned Two More Honorary Doctorates Last Month
Two more doctorate degrees
KillerStartups.com is an LLM Spam Site That Sometimes Covers 'Linux' (Spams the Term)
It only serves to distract from real articles
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, November 20, 2024
IRC logs for Wednesday, November 20, 2024