12.05.22

Gemini version available ♊︎

Links 04/12/2022: Status of the 15-Minute Bug Initiative

Posted in News Roundup at 12:49 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Server

      • Matt RickardTechnical Posts Overview and Roundup

        Docker is interesting because it solves three different problems – (1) a runtime to execute workloads in a distributed system, (2) a packaging format for production artifacts, and (3) a developer tool.

      • EarthlyWhen to Use Docker Compose vs. Kubernetes – Earthly Blog

        As a developer, you’ll have likely heard about Docker Compose and Kubernetes–two of the most popular container orchestration tools on the market. If you’re just getting started with these technologies, it can be hard to know which one to choose.

        In this article, you’ll learn about Docker Compose and Kubernetes, and compare them based on their features and use cases. By the end, you’ll have a better understanding of which tool is right for you.

      • Kubernetes BlogForensic container checkpointing in Kubernetes | Kubernetes

        Forensic container checkpointing is based on Checkpoint/Restore In Userspace (CRIU) and allows the creation of stateful copies of a running container without the container knowing that it is being checkpointed. The copy of the container can be analyzed and restored in a sandbox environment multiple times without the original container being aware of it. Forensic container checkpointing was introduced as an alpha feature in Kubernetes v1.25.

    • Audiocasts/Shows

      • Open Source Security (Audio Show)Episode 352 – Stylometry removes anonymity – Open Source Security

        Josh and Kurt talk about a new tool that can do Stylometry analysis of Hacker News authors. The availability of such tools makes anonymity much harder on the Internet, but it’s also not unexpected. The amount of power and tooling available now is incredible. We also discuss some of the future challenges we will see from all this technology.

    • Kernel Space

      • The Register UKLinus Torvalds releases Linux 6.1 rc8 • The Register

        Linus Torvalds has announced an eighth release candidate for version 6.1 of the Linux kernel.

        The emperor penguin last week worried that work on this cut of the kernel had not slowed down, so suggested it might need to stretch beyond his preferred seven release candidates.

        In his weekly state of the kernel post, Torvalds released rc8 and thanked developers for settling down.

        “So we’ve finally started calming down, and rc8 is noticeably smaller than previous release candidates,” he wrote. “So everything looks good, and while the calming down may have happened later than I wished for, it did happen. Let’s hope this upcoming week is as quiet (or quieter).”

        Torvalds also thanked kernel devs for heeding his words about the merge window for Linux 6.2.

    • Instructionals/Technical

      • Linux CapableHow to Install PHP 7.4 on Fedora 37/36/35

        In the following tutorial, you will learn how to import the REMI PHP Module and install PHP 7.4 on Fedora 37/36/35 server or workstation desktop, along with some tips about configuring Nginx with FPM using the command line terminal.

        PHP 7.4 is the last minor release of the 7.x release. It brought a lot of language changes and improvements. Most notable among these are the spread operator in array expressions, arrow functions 2.0, and the null coalescing assignment operator. This release introduces typed properties 2.0, weak references, covariant returns and contravariant parameters, preloading, and a new custom object serialization mechanism. PHP 7.4 significantly improved from PHP 7.3, with many users still using it in their stacks.

      • Beginners Guide for Export Command in Linux

        Whenever you start a new shell session (by opening a terminal), a set of environment variables is loaded from the shell configuration file into your current shell session.

        These environment variables determine different customizations in your shell, like the default editor using “$EDITOR“, or setting “$PATH“, where your shell will search for system binaries.

        The values of these variables are predefined by your system, but you can easily manipulate them and load the modified changes in your current shell session without restarting or opening a new terminal session using the export command.

        In layman’s terms, the export command is used to create environment variables or update variable values in the current shell session by newly forked child processes without starting a new shell session.

      • Beginners Guide for PS Command in Linux

        The PS, a.k.a. “process status”, is a native command-line utility for UNIX-based systems to monitor the currently running processes in your system.

        It reads the information from the virtual files in the /proc filesystem and gives the running processes information like memory consumption, CPU usage, PID, command name, etc.

        The output of this command varies depending on the running processes and the parameter used to view the list of processes.

      • How to Run a (.sh) Shell Script in Linux [for Beginners]
      • Ruben SchadeRubenerd: Speeding up FreeBSD jail start times

        I love FreeBSD jails. They predate Docker et.al. by more than a decade, and I’d say they’re still more useful under most circumstances; especially when one uses them in conjunction with OpenZFS.

        Their only source of frustration for me has been slow starts, to the point where some jails are beaten by VMs on my bhyve and Xen boxes. It happens so infrequently that I never bothered to check why; it was just something I noticed on my personal machines.

      • Linux CapableHow to Upgrade Apache on Ubuntu 22.04/20.04

        n the following tutorial, you will learn how to Upgrade Apache Ubuntu 22.04 Jammy Jellyfish or Ubuntu 20.04 Focal Fossa desktop or server using the custom third-party repository by Ondrey Sury, who is most known for his PHP maintainer work Debian/Ubuntu.

        Assuming you are using Ubuntu LTS, you are likely using an Apache version that is often older than the actual stable by the Apache Foundation. By using an older version of Apache, you are missing out on new features and improvements that have been made to the software. In addition, non-security-related bug fixes are not included in Ubuntu LTS releases, which means that your web server may be less stable than it could be. The easiest option for most users without compiling Apache is to install the latest version using a third-party repository source, which in this case, the third-party repository by Ondřej Surý.

      • UNIX CopHow to install Virtualbox 7 on Rocky Linux /Alma Linux /Red Hat 9

        Virtualbox is an application belonging to Oracle with which we can create virtual machines on our desktop but from a modern and easy to use graphical interface.

        This means that any user, no matter how novice, can in a matter of minutes creates and manage a virtual machine to install other operating systems. For what purpose? For testing, development and so on.

        VirtualBox is quite popular and therefore has an active development that makes it ideal in numerous instances. Version 7 has already been released, so it’s a good idea to know how to install it to get the latest updates.

      • Linux BuzzHow to Install PostgreSQL 15 on Rocky Linux 9

        Are you looking for an easy guide on how to install PostgreSQL 15?

        The step-by-step guide on this page will show you how to install PostgreSQL 15 on Rocky Linux 9.

        PostgreSQL is a free and open-source RDBMS (relational database management system). It offers SQL language support and can be used for managing database and performing CRUD operations like Create Read Update Delete.

      • How to Add a Directory to the $PATH Variable in Linux

        In Linux, whenever you want to execute any executable program or script, you need to jump into the directory and execute your program or script.

        But when you execute system commands like ls, pwd, echo, apt, and nano, you don’t need to jump into any directory; you can run them from anywhere, and any user can run them.

        Why does this happen?

        The answer is pretty simple; whenever you execute any commands in your system without specifying the command’s relative or absolute positioning, the shell will search for the specified command in the directories specified in the $PATH variable, and then it will look for the current directory.

        So, whenever you execute the ls or apt commands, the system will search for them in the directories specified in the $PATH variable and return you the output.

      • How to Shrink Long or Multiple Commands into a Single Short Command

        Do you still type the long “sudo apt update && sudo apt upgrade -y” commands each time you want to update your Debian-based system?

        Or are you still navigating into directories (ex: “/var/www/html“) using the cd command each time you have to modify something there?

        Instead of typing these long commands, you can shrink them into a single short command and use that to execute it each time as it requires.

      • Beginners Guide for Alias Command in Linux

        In Linux, the alias command is used to create shortcuts for long commands that have the same functionality as if you were writing the whole command.

        This way, you can improve your productivity and save time by creating a few aliases for the long or multiple commands (with or without options) that you use often.

      • Beginners Guide for Eval Command in Linux

        The eval command is used to execute specified arguments as a single command in the current command-line processing and return its result.

        It will combine (or construct) the arguments into a single string and use it as input to the shell, which will execute the resulting commands in the current shell environment.

      • Beginners Guide for WC Command in Linux

        The WC command is used to count various parameters from the specified file, like the number of lines, word counts, byte counts, character counts, and many more.

      • How to Count String Occurrences in a Text File

        The GUI text editor gives you a separate panel in the footer to inform you of the number of words, lines, and characters in your text file.

        Even though you can easily find the number of strings that occurred in your text file using this GUI text editor, things take a turn when you are talking about the command line.

        Here, you cannot find anything in a few clicks; instead, you need to know the commands to find the number of string occurrences in a text file.

      • Absolute vs Relative Path in UNIX/Linux

        In Linux, you might already be navigating through different directories without knowing whether an absolute or relative path is being used.

        It becomes important for you to understand them when you are working with scripts, navigating through different user or root directories, or creating symbolic links.

      • What is Bash Shell in Linux?

        Before understanding what is Bash shell, you must be familiar with the concepts of a command-line interpreter and Linux Shell (or sh).

      • Beginners Guide for Bash Command in Linux

        The bash (Bourne-Again SHell) is a sh-compatible command-line interpreter that reads from standard input or from a file and gives you the resulting output.

        We have already written an article about bash and its differences from the standard POSIX shell.

        Today, you will learn how to use the bash command in Linux with different options to run commands or scripts.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Nate GrahamStatus of the 15-Minute Bug Initiative – Adventures in Linux and KDE

          It’s been almost a year since I announced the 15-Minute Bug Initiative for Plasma. In a nutshell, this initiative proposed to identify and prioritize fixing bugs you can find “within the first 15-minutes of using the system” that make Plasma look bad and feel fundamentally unstable and broken.

  • Distributions and Operating Systems

    • Open Hardware/Modding

      • SparkFun ElectronicsWhat’s the Buzz With Swarm? – News – SparkFun Electronics

        Following that we have a new limited edition board, the Constellation MultiStar Ornament. This is the same board found in our Qwiic Constellation Kit (you can learn more about that below) but we’ve turned this one into a festive holiday ornament. Don’t worry, it still works!

      • SparkFun ElectronicsLimited Edition MultiStar Ornament! – News – SparkFun Electronics

        In addition to these deals, we are also now offering a Constellation MultiStar Ornament! We’ve heard multiple requests from you to offer the MultiStar on its own from the SparkFun Constellation MicroMod Kit and we wanted to oblige you during the holiday season!

  • Free, Libre, and Open Source Software

    • SaaS/Back End/Databases

      • Jumping RiversBurnout in Data Professionals – A Personal Take

        Data science and data engineering are incredibly cognitively demanding professions. As data professionals, we are required to leverage both our analytical/engineering skills and our interpersonal skills to be effective contributors within our organisations. Based on my personal experience, the field seems to concentrate humans who are detail-oriented, curious, impact-driven and tenacious to a fault. This A-type personality profile, while magical when applied to technical work, could reasonably also count as an occupational hazard.

      • Matt RickardFuzzy Databases

        If you squint, LLMs resemble something like a vector search database. Items are stored as embeddings, and queries return deterministic yet fuzzy results. What you lose in data loading time (i.e., model training), you make up for in compression (model size) and query time (inference). In the best case, models denoise and clean data automatically. The schema is learned rather than declared.

    • Programming/Development

      • The Manipulative Gerbil: Playing around with Energy Data: Wind data in R, part I: more than one way to peel a potato

        Last month, Christian Graul re-published “bReeze: Functions for Wind Resource Assessment” on CRAN. This is wonderful news: it gives R users a chance at the functionality which Python has in windpowerlib. I admit I am a bit late to the party–the original version was published way back in 2018, but there’s no better time than the present to write a new blog post to look at how R users can better understand wind potential tied to specific locations.

      • rOpenSci | Our First Peer-Reviewed Statistical R Packages!

        rOpenSci is very excited to announce our first peer-reviewed statistical R packages!

        One of rOpenSci’s core programs is software peer-review, where we use best practices from software engineering and academic peer-review to improve scientific software. Through this, we aim to make scientific software more robust, usable, and trustworthy, and build a supportive community of practitioners.

        Historically, we have focused on R packages that manage the research data life cycle. Now, thanks to work over the past two years supported by the Sloan Foundation we also facilitate peer-review of packages that implement statistical algorithms.

      • How to make a plot with two different y-axis in R with ggplot2? (a secret ggplot2 hack)

        I can’t tell you how painful it is to be better at something in Excel than in R. And one of the gripes I still have (10 years after making the switch from Excel to R) is that it’s still tough to make dual-axis plots in R.

      • How to make your own #RStats Wrapped! | Nicola Rennie

        Forget about Spotify Wrapped and make your own #RStats Wrapped instead! This blog post will show you how to find your most used functions and make a graphic with {ggplot2}!

      • Comparison of Partition Around Medoid R programming Implementations

        Back in September 2016 I implemented the ClusterR package. One of the algorithms included in ClusterR was the ‘Partition Around Medoids’ (Cluster_Medoids) algorithm which was based on the paper “Anja Struyf, Mia Hubert, Peter J. Rousseeuw, (Feb. 1997), Clustering in an Object-Oriented Environment, Journal of Statistical Software, Vol 1, Issue 4” (at that time I didn’t have access to the book of Kaufman and Rousseeuw, Finding Groups in Data (1990) where the exact algorithm was described), thus I implemented the code and compared my results with the output of the cluster::pam() function, which was available at that time. Thus, my method was not an exact but an approximate one. Recently, a user of the ClusterR package opened an issue mentioning that the results were not optimal compared to the cluster::pam() function and this allowed me to go through my code once again and also to compare my results to new R packages that were not existent at that time. Most of these R packages include a new version of the ‘Partition Around Medoids’ algorithm, “Erich Schubert, Peter J. Rousseeuw,”Faster k-Medoids Clustering: Improving the PAM, CLARA, and CLARANS Algorithms” 2019, <doi:10.1007/978-3-030-32047-8_16>”.

      • Episode 539: Adam Dymitruk on Event Modeling : Software Engineering Radio

        Adam Dymitruk, CEO and founder of Adaptech Group, joins host Jeff Doolittle for an exploration of the event modeling approach to discovering requirements and designing software systems. Adam explains how the structured approach eliminates the specifics of implementation details and technology decisions, enabling clearer communication for all stakeholders while keeping conversations focused on the business opportunity. Using concrete examples of event modeling in practice, they examine event modeling in the context of other related approaches and methodologies, including event sourcing, event storming, CQRS, and domain-driven design.

      • Data Science TutorialsHow to perform TBATS Model in R
      • Perl / Raku

        • PerlI Perl, Therefore I am | ology [blogs.perl.org]

          And js/node/ts, python, etc., and even prolog! But perl is the best. :D

        • RakulangDay 5: Malware and Raku – Raku Advent Calendar

          While Raku regex and tokens are meant to work on data structures (such as parsing and validating file types), they can help us to better understand malware. Malware, as any other legit binary, have some signatures within. Some “file signatures” are widely used to blacklist those specific samples (the hashes), but the problem is that blacklisting hashes is not safe enough. Sometimes, the very same kind of malware could be slightly different in small details, and have many different samples related. In this case, apart from relying on dynamic detection (monitoring devices and alerting the user when something seems to be acting suspiciously), genes are also investigated.

          Malware genes are pieces of the reversed code (such as strings) that are commonly seen in most or all the samples of a malware family. This sort of genes help researchers identify the malware family and contextualize the attacks , since this is relevant not only to try to put an end to the threat by executing the proper counterfeits in time, but also helps profiling and framing threat actors in some cases.

      • Rust

        • Amos WengerDay 1 (Advent of Code 2022)

          Two years ago, I did part of Advent of Code 2020 using the Rust language. It was a lot of fun, so let’s try it again!

        • Amos WengerDay 2 (Advent of Code 2022)

          Left column is “their move”: A means Rock, B means Paper, C means Scissors. Right column is “our move”: X means Rock, Y means Paper, Z means Scissors.

          Each line corresponds to a turn, and we must calculate the total score we get. Picking “Rock” gives 1 point, “Paper” gives 2 points, and “Scissors” gives 3. Losing the round gives 0 points, drawing gives 3, winning it gives 6.

        • Amos WengerDay 3 (Advent of Code 2022)

          I’m not sure where the day 3 challenge is going, because the problem statement for the first part is kinda convoluted.

        • Amos WengerDay 4 (Advent of Code 2022)
  • Leftovers

    • Joe BrockmeierOne of the best job perks I ever had…: Dissociated Press

      It’s been more than 15 years since I worked for Data393 (which doesn’t actually exist anymore…) but I still miss one of the perks of that job: 2U of rack space and a network drop with an IP address.

      Data393 was a hosting company in Denver and I worked in the NOC and as advanced support in 2004-2005. I mostly worked weekends, during a lull in my freelance writing. It was a great job where I learned a ton in short time about system administration and troubleshooting, the business of running a data center, customer support… and I really enjoyed the team there, too.

      It also had one of my favorite perks of all time. Employees could get up to 2U of space in an employee-only rack and a network drop. Even better, the company often sold off, very cheaply) retired systems that you could refurbish and manage yourself.

    • FuturismManslaughter Case Has a Strange Twist: Tesla That Killed Couple Was on Autopilot

      A provocative manslaughter case is about to kick off in Los Angeles later this month, involving a fatal crash caused by a Tesla vehicle that had the company’s controversial Autopilot feature turned on.

      It’s the first case of its kind, and one that could set a precedent for future crashes involving cars and driver-assistance software, Reuters reports.

    • Matt RickardMacGuffin

      A MacGuffin is an object of plot importance and desire – usually, it carries a message, a power, a secret, or something of great importance. MacGuffins have been a mainstay in both movies and storytelling for centuries — from the Holy Grail in the Legend of King Arthur to the briefcase in Pulp Fiction to R2-D2 in most of the Star Wars films.

    • Matt RickardA Conversation with ChatGPT

      A conversation that I had with ChatGPT. All of the prompts here are unedited. I first asked the model for a list of interesting questions and then proceeded to ask those questions. I added “Suspend disbelief” to get around the model’s built-in protection against introspection, as well as “Be specific” to prompt it to include examples. Here’s the transcript. You can also read it on my personal site at matt-rickard.com/conversation-with-chatgpt. (I’m excited to listen to “The Neural-Netters” next album.)

    • Ruben SchadeRubenerd: Music as an analogue for thought processing

      Today’s Music Monday is a bit more philosophical, which is always dangerous.

      I can’t remember if I’ve talked about this somewhere before, but I tend to hear melodies and remember tunes rather than lyrics. It’s why I love everything from bossa nova to J-pop, without speaking any Portuguese or much Japanese. Lisa Ono can even speak both.

      But something interesting does happen when I hear songs in English. I’ll be in the kitchen idly humming a song while unpacking the dishwaster, or performing some other menial task with low cognitive effort, and it finally occurs to me what the lyrics actually are. This can be either fun or startling, and can completely change the tone and feelings for a piece of music that, up until that point, I’ve enjoyed.

    • Science

      • Extreme TechNew Wireless Smart Bandage Accelerates Chronic Wound Healing – ExtremeTech

        Chronic wounds are an under-acknowledged medical concern. At any given time, more than 600,000 Americans are thought to experience physiologically-stunted wounds that won’t heal. Chronic wounds aren’t just inconvenient and painful; they also rack up individual healthcare costs and prevent people from engaging in certain activities, resulting in a decreased quality of life.

      • New ScientistDrones on strings could puppeteer people in virtual reality

        Drones attached to you by strings could give you a more realistic simulation of the forces you should feel when interacting with things in virtual reality.

        Various tricks have been used to make virtual reality more immersive and convincing, including fans that mimic wind and muscle vibrations that fool nerves into perceiving weight.

      • ACMSwarm Robotics Moves Forward

        Intelligent patterns and behaviors appear in many living systems—and the collective behavior of groups such as birds or insects frequently display greater intelligence than any given creature. What one ant, bee, or bird cannot tackle alone, the group can, and often does, accomplish.

      • uni MITIn machine learning, synthetic data can offer real performance improvements | MIT News | Massachusetts Institute of Technology

        Models trained on synthetic data can be more accurate than other models in some cases, which could eliminate some privacy, copyright, and ethical concerns from using real data.

      • BBC‘Merry Christmas’: 30 years of the text message – BBC News

        The text message is celebrating its 30th birthday – the first was sent to a mobile phone by a Vodafone engineer in Berkshire in the UK on 3 December 1992.

        It was sent in order to test out the tech, and read “Merry Christmas”.

        Neil Papworth sent it to one of the firm’s bosses, Richard Jarvis, who was at a Christmas party. He did not get a reply.

        Mr Jarvis’s phone, a new-to-the-market Orbitel 901, weighed 2.1kg – roughly the same as 12 standard iPhone 14s.

        At its peak, phone users exchanged billions of SMS – or Short Message Service – messages every year, and in 2010 the word “texting” entered the dictionary.

    • Education

      • CERLaunching PCAS, the first two COMPFOR classes, and hiring our first lecturer | Computing Ed Research – Guzdial’s Take

        I have never worked harder than this semester– building these two courses, teaching both courses at the same time, learning how to be a program director (e.g., explicit classes and workshops on academic leadership, on evaluating faculty, and on how University of Michigan budgets work), and creating the program. I am having enormous fun.

        I plan to write more about the two courses here and our innovations in teaching them. Here’s a brief summary. We are using teaspoon languages to introduce concepts, Snap for programming assignments, and Runestone ebooks for helping students to transfer their knowledge from blocks to traditional textual languages (Python, Processing, and SQL). I gave a talk for the CS for Michigan Conference a few weeks ago, and for the attendees, I created a page connecting to some of what we’re building and a narrative account of a couple of the units: https://guzdial.engin.umich.edu/cs4mi-pcas/.

    • Hardware

      • Jon Chiappetta: First keyboard build for the year end!

        This was my first mechanical keyboard build and they have made it a pretty smooth process (took me half a day to lube the stabs).

      • Project SyndicateThe False Promise of America’s CHIPS Act by Anne O. Krueger – Project Syndicate

        The US Congress recently approved the CHIPS and Science Act, which allocates over $50 billion to strengthen the semiconductor industry in the hope of making the United States self-sufficient. And US Trade Representative Katherine Tai said that President Joe Biden’s administration should be “replicating” the CHIPS Act for other industries “as the key to American competitiveness.”
        Semiconductors are certainly essential to a modern economy, and it makes sense to diversify sources. But it is doubtful that the CHIPS Act will achieve its stated goals, much less that it should be used as a model for similar support to other industries.

      • [Older] 3D printing can now manufacture customized sensors for robots, pacemakers, and more

        A newly-developed 3D printing technique could be used to cost-effectively produce customized electronic “machines” the size of insects which enable advanced applications in robotics, medical devices and others.

        The breakthrough is seen as a potential game-changer for manufacturing chip-based microelectromechanical systems (MEMS). These mini-machines are mass-produced in large volumes for hundreds of electronic products, including smartphones and cars, where they provide positioning accuracy. But for more specialized manufacturing of sensors in smaller volumes, such as accelerometers for aircraft and vibration sensors for industrial machinery, MEMS technologies demand costly customization.

    • Health/Nutrition/Agriculture

      • Jeff GeerlingCrohn’s Disease takes its toll – back in 2023! | Jeff Geerling

        Crohn’s Disease takes its toll – back in 2023!
        After battling IBD complications through the summer and fall, I’ve come to a point where surgery is necessary. You can learn more about my health issues in my lighthearted book about Crohn’s Disease, You Only Have Crohn’s Once!.

        The surgery (an ostomy revision) will take place tomorrow, December 2, and it’ll be a pretty rough recovery, so I’m not planning on doing any substantial work until at least 2023.

        It’s ironic I had just given a presentation titled Just Say No: Staying sane while you maintain weeks before learning the surgery was necessary. I was planning a video on the topic (burnout, protecting your time, and open source maintainership) this year, but I guess the blog post will have to do.

      • Ruben SchadeTravelling to Japan during post-Covid times

        It shouldn’t come as a surprise that a minimum of three Covid vaccinations are required. You’ll need to contact the health authority in your country for a record of your vaccinations. Australians can export an international vaccine cert from the Medicare site, and Singaporeans can log into HealthHub using your Singpass account. As with your hotel reservations and airline tickets, they’re worth printing just in case.

    • Proprietary

      • Apple’s Chinese dream is over

        Of all the conversations I’ve had this week with senior people who were once in charge of building Apple products in China, one comment stuck out: China is “not just a location. It was also an era.”

      • Mark DominusSoftware horror show: SAP Concur

        This complaint is a little stale, but maybe it will still be interesting. A while back I was traveling to California on business several times a year, and the company I worked for required that I use SAP Concur expense management software to submit receipts for reimbursement.

        At one time I would have had many, many complaints about Concur. But today I will make only one. Here I am trying to explain to the Concur phone app where my expense occurred, maybe it was a cab ride from the airport or something.

    • Security

      • Xe’s BlogOVE-20221101-0001: counter.social “private” account bypass – Xe Iaso

        Incorrect configuration on counter.social allowed random people on the internet to stalk counter.social users without having an account. Included are numerous methods people could use to bypass the “private” account system to stalk counter.social users without having to authenticate. There is also a paid account feature bypass that allowed any user to trivially create a user account token with the API and then have the same privilege as the web client. This normally requires a paid account, but a client that chooses to opt-out of the security measures didn’t require a paid account.

      • NVISO LabsCan we block the addition of local Microsoft Defender Antivirus exclusions? [Ed: Fake security from company that opens back doors for the NSA]
      • Ruben SchadeRubenerd: Website security word salad

        This is CSI Miami-level fluff. What sort of encryption? Where? For what data? Not compromised “in any other way” is either careless phrasing or a Freudian slip, and “complete safety” is impossible.

      • Privacy/Surveillance

        • John GruberGoogle Moves Maps to the Root Google.com Domain

          Grant location access to Google Maps now, and you grant it to all of Google.

        • Stacey on IoTCan a robotic switch shut off your wireless lights?

          We brainstormed a few different ideas for Jon, but the reality is that none of them are great. It’s probably easier to replace the existing light strings with a product that has some connectivity built in. That’s because Jon’s current lights can’t connect to a smart plug nor is there a simple way to install some type of radio transmitter in them.

        • Would you like a QR code embedded in that cookie?

          There is currently a race to develop edible tags for food so that, for example, you can see where the food comes from or its ingredients, and the information disappears once you’ve eaten it. Now, researchers from Japan have developed a way to include an unobtrusive edible tag embedded inside the food—in their original experiments, cookies—that can be read without having to first destroy the food. Another major advantage of their method, known as “interiqr,” is that the tag doesn’t change the outer appearance or taste of the food at all.

    • Defence/Aggression

      • Pentagon Africa Research Contradicts Optimism of Austin

        LAST MONTH, Defense Secretary Lloyd Austin touted the accomplishments of U.S. Africa Command, commending its leaders and personnel for tackling terrorism and making the continent more secure and stable. “Every day, AFRICOM works alongside our friends as full partners — to strengthen bonds, to tackle common threats, and to advance a shared vision of an Africa whose people are safe and prosperous,” he announced at a ceremony honoring the new AFRICOM commander, Gen. Michael Langley.

        That very same day, the Defense Department’s Africa Center for Strategic Studies, a Pentagon research institution, issued a devastating report that directly refuted Austin’s positive assessments. “Militant Islamist group violence in Africa has risen inexorably over the past decade, expanding by 300 percent during this time,” reads the analysis. “Violent events linked to militant Islamist groups have doubled since 2019.”

      • TomDispatch[Old] Writing on War – TomDispatch.com

        [Note for TomDispatch Readers: Chris Hedges’s first book, War Is a Force That Gives Us Meaning, blew me away years ago. Now, his latest book, The Greatest Evil Is War, on the nightmare that so eternally seems to have him (and us) in its grip, has just been published. My own copy arrived only a day ago and went instantly to the top of my must-read pile. Let me just quote two writers this site’s readers know well on it. Noam Chomsky says, “Chris Hedges has been an incomparable source of insight and understanding, both in his outstanding career as a courageous journalist and in his penetrating commentary on world events. This is a contribution of great significance in these troubled times.” And Andrew Bacevich adds, “Savage honesty is a hallmark of everything Chris Hedges writes. Other writers seek to comfort or distract; his purpose is to agitate, unsettle, and demand moral accountability. The Greatest Evil Is War is no exception, which is precisely why every American should read it and reflect on its disturbing message.” For just a few days, TomDispatch offers you the chance to get a signed, personalized copy of Hedges’s latest work. All you have to do is visit our donation page and, for $100 ($125 if you live outside the U.S.), that signed copy is yours and TomDispatch is so much the better off for it. Don’t miss the chance! Tom]

      • Reading Proust in War – The Chris Hedges Report

        Marcel Proust died a century ago on November 18, 1922, leaving behind one of the most remarkable literary investigations into human nature and society.

        During the war in Bosnia, I worked my way through the seven volumes of Marcel Proust’s “In Search of Lost Time.” The novel, populated with 400 characters, was not an escape from the war. The specter of death and the expiring world of La Belle Époque haunts Proust’s work. He wrote it as he was dying; in fact, Proust was making corrections to the manuscript the night before his death in his hermetically sealed, cork-lined bedroom in Paris.

        The novel was a lens that allowed me to reflect on the disintegration, delusions and mortality around me. Proust gave me the words to describe aspects of the human condition I knew instinctively, but had trouble articulating. He elucidates the conflicting ways we perceive reality, exacerbated in war, and how each of us comes to our own peculiar and self-serving truths. He explores the fragility of human goodness, the seduction and hollowness of power and social status, the inconstancy of the human heart and racism, especially antisemitism.

    • Environment

      • Energy

        • As lawmakers debate how to regulate the industry, more are openly trashing it. | Semafor

          At a moment when Congress is finally debating whether and how to seriously regulate the cryptocurrency industry, a split appears to have formed in the Democratic Party. Some of its lawmakers are contemplating how to harness blockchain technology into a force for innovation, while scaling back its early excesses.

          Then there’s a group you might call the “bullshit caucus.”

          “It’s all bullshit,” Sen. Jon Tester, D-Mont. told Semafor. He was wary of the industry even before the recent collapse of crypto exchange FTX, he said, and recent meetings with advocates have not given him any more confidence in its fundamental value. “I don’t think it passes the smell test. I can’t figure out what supports it.” (FTX founder Sam Bankman-Fried is an investor in Semafor.)

          [...]

          Smith said crypto lobbyists were “not getting doors [shut] in our face, at least not yet.” She’s been making the case that crypto remains in its infancy and still promises future innovations for businesses and consumers.

    • Finance

      • CoryDoctorowHow monopoly enshittified Amazon

        In Bezos’s original plan, the company called “Amazon” was called “Relentless,” due to its ambition to be “Earth’s most customer-centric company.” Today, Amazon is an enshittified endless scroll of paid results, where winning depends on ad budgets, not quality.

        Writing in Jeff Bezos’s newspaper The Washington Post, veteran tech reporter Geoffrey Fowler reports on the state of his boss’s “relentless” commitment to customer service. The state is grim.

      • How Activists Are Trying to Change the Way Banking Gets Done – YES! Magazine

        With $10 trillion in assets at their collective disposal, big banks like Chase and Wells Fargo could do a lot of good. Yet, despite being “too big to fail,” these banks fail people every day. Whether it’s the persistent use of predatory practices, their enduring discrimination, or their insistent investment in exploitative and extractive industries, these formidable financial institutions have a corrosive influence on our country.

        Yet, in spite of this, local governments put their assets—the collective wealth of communities collected through taxes—in the hands of these institutions. In New York City alone, $100 billion in the city’s money is handled by private banks every year. While the city’s assets sit in the corporate coffers of these Wall Street staples, the banks are free to invest them at their discretion. Their sole goal: pump up their profits. The result is that public dollars may be invested in projects that act against the public good, such as speculative real estate, private prisons, and fossil fuels.

      • [Old] Corporate Coercion and the Drive to Eliminate Buying with Cash

        “Sorry we’re not taking cash or checks,” said the clerk at the Fed Ex counter over a decade ago to an intern. “Only credit cards.”

        Since then, the relentless intensification of coercive commercialism has been moving toward a cashless economy, when all consumers are incarcerated within a prison of corporate payment systems from your credit/debit cards to your mobile phone and very soon facial recognition.

        “Terrific!” say those consumers for whom convenience and velocity of transactions are irresistible.

      • Jackson, Mississippi, must say ’no’ to water privatization

        “Privatization is on the table,” says Mississippi Gov. Tate Reeves, amid a water crisis in the state capital. That would be a disaster.

      • Ruben SchadeRubenerd: Dave Winer on “micropayments”

        The micro in micro-payments also belies a lack of appreciation Silicon Valley types, and people in the industry like me, have for smaller prices. I buy a tasty coffee and don’t think twice, but for someone making minimum wage, living paycheque to paycheque, or even trying to save for something, there’s nothing “micro” about a payment. It’s quite patronising, the more I think about it.

    • AstroTurf/Lobbying/Politics

      • Ali Reza HayatiDon’t think positive!

        Sometimes I just want to punch people in the face when they ask me to think positive. Stay positive they say. What a brilliant idea.

        I’m not angry though. I just chose to use those words to express how stupid it is to tell people stay positive and how frustrated I get when I hear that.

        Yet sometimes you should be angry. Sometimes you need to compel people to be afraid of you and your potential. It’s not good to always be positive. Sometimes you need to force others to be afraid from you.

        It’s like someone holding your head under the water and they guy next to you tells you think positive. I’m pretty sure even the one holding your head will punch that person.

        I guess sometimes it’s because they don’t understand the difference between being positive and being hopeful. In worst situations you don’t need to be positive, you need to be hopeful. It’s hope that will move you forward, not positivity.

      • The Daily BeastMusk’s Twitter Has a Huge Blindspot—and It Could Be Deadly
    • Civil Rights/Policing

      • The WireConviction Rates in IPC Cases Highest in Non-BJP States: NCRB Data

        NCRB data reveals how four southern states and two from the Northeast lead the way when it comes to fighting crime.

      • The Good Priest – The Chris Hedges Report

        Father Michael Doyle, who died on November 4 at his parish house in Camden, New Jersey, infused his Christianity with his goodness. That goodness showed us what it means to live a life of faith.

      • Listen to this Article: “Writing on War”
      • The WireWhatsApp Banned 2.4 Million Indian Accounts in July – the Highest This Year

        Several accounts were banned based on complaints received through the firm’s grievances channel and the tools and resources it uses to detect such offenses, the social media platform said.

      • Democracy Now50 Years After Sacheen Littlefeather’s Oscars Protest, “Prejudice – Racism” Persist in Film Industry | Democracy Now!

        On this Indigenous Peoples’ Day, we are remembering Sacheen Littlefeather, who recently died on October 2 at the age of 75. In 1973, she took the stage at the Oscars on behalf of Marlon Brando, who boycotted the ceremony to protest Hollywood’s portrayal of Native Americans. Some members of the audience booed and mocked Littlefeather as she addressed the awards ceremony wearing traditional Apache clothing. In August, the Academy of Motion Picture Arts and Sciences finally apologized to her. “The suppression and the domination, the prejudice and the racism in our industry is still happening today,” says her friend and colleague Joanelle Romero, an actress and filmmaker and the first Native American woman of the Academy. Her film, “American Holocaust: When It’s All Over I’ll Still Be Indian,” was short-listed for an Academy Award. She is Apache-Diné and the founder and president of Red Nation Television Network and Red Nation International Film Festival. “It is very important for … our youth to be able to see themselves on media, and primetime television, and in feature films,” says Romero.

    • Monopolies

      • Copyrights

        • Daniel MiesslerNapkin Ideas Around What Changes to Expect Post-ChatGPT – Daniel Miessler

          If you’re reading this you already know the internet is on fire over the new GPTChatBot from OpenAI. There are people using it to create full virtual machines, to be their personal writing coach, to write terraform, generate Pokemon-like characters, and a thousand other things.


* Gemini (Primer) links can be opened using Gemini software. It’s like the World Wide Web but a lot lighter.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. IRC Proceedings: Saturday, January 28, 2023

    IRC logs for Saturday, January 28, 2023



  2. Unmasking AI

    A guest article by Andy Farnell



  3. The ISO Delusion/Sirius Corporation: A 'Tech' Company Run by Non-Technical People

    Sirius ‘Open Source’ was hiring people who brought to the company a culture of redundant tasks and unwanted, even hostile technology; today we continue to tell the story of a company run by the CEO whose friends and acquaintances did severe damage



  4. Links 28/01/2023: Lots of Catching Up (Had Hardware Crash)

    Links for the day



  5. IRC Proceedings: Friday, January 27, 2023

    IRC logs for Friday, January 27, 2023



  6. Microsoft DuckDuckGo Falls to Lowest Share in 2 Years After Being Widely Exposed as Microsoft Proxy, Fake 'Privacy'

    DuckDuckGo, according to this latest data from Statcounter, fell from about 0.71% to just 0.58%; all the gains have been lost amid scandals, such as widespread realisation that DuckDuckGo is a Microsoft informant, curated by Microsoft and hosted by Microsoft (Bing is meanwhile laying off many people, but the media isn’t covering that or barely bothers)



  7. This is What the Microsoft-Sponsored Media Has Been Hyping Up for Weeks (Ahead of Microsoft Layoffs)

    Reprinted with permission from Ryan



  8. [Meme] António Campinos Wants to Be F***ing President Until 2028

    António Campinos insists he will be EPO President for 10 years, i.e. even longer than Benoît Battistelli (despite having appalling approval rates from staff)



  9. European Patent Office Staff Losing Hope

    The EPO’s management with its shallow campaign of obfuscation (pretending to protect children or some other nonsense) is not fooling patent examiners, who have grown tired and whose representatives say “the administration shows no intention of involving the staff representation in the drafting of the consultant’s mandate” (like in Sirius ‘Open Source’ where technical staff is ignored completely for misguided proposals to pass in the dark)



  10. IRC Proceedings: Thursday, January 26, 2023

    IRC logs for Thursday, January 26, 2023



  11. Sirius Relegated/Demoted/Destined Itself to Technical Hell by Refusing to Listen to the Technical Staff (Which Wanted to Stay With Asterisk/Free Software)

    In my final year at Sirius ‘Open Source’ communication systems had already become chaotic; there were too many dysfunctional tools, a lack of instructions, a lack of coordination and the proposed ‘solution’ (this past October) was just more complexity and red tape



  12. Geminispace Approaching Another Growth Milestone (2,300 Active Capsules)

    The expansion of Geminispace is worth noting again because another milestone is approached, flirted with, or will be surpassed this coming weekend



  13. [Meme] Cannot Get a Phone to Work... in 2022

    Sirius ‘Open Source’ wasted hours of workers’ time just testing the phone after it had moved to a defective system of Google (proprietary); instead of a rollback (back to Asterisk) the company doubled down on the faulty system and the phones still didn’t work properly, resulting in missing calls and angst (the company just blamed the workers who all along rejected this new system)



  14. [Meme] Modern Phones

    Sirius ‘Open Source’ is mistaking “modern” for better; insecurity and a lack of tech savvy typically leads to that



  15. The ISO Delusion: Sirius Corporation Demonstrates a Lack of Understanding of Security and Privacy

    Sirius ‘Open Source’, emboldened by ISO ‘paperwork’ (certification), lost sight of what it truly takes to run a business securely, mistaking worthless gadgets for “advancement” while compelling staff to sign a new contract in a hurry (prior contract-signing scandals notwithstanding)



  16. Links 26/01/2023: LibreOffice 7.4.5 and Ubuntu Pro Offers

    Links for the day



  17. Links 26/01/2023: GNU poke 3.0 and PipeWire 0.3.65

    Links for the day



  18. IRC Proceedings: Wednesday, January 25, 2023

    IRC logs for Wednesday, January 25, 2023



  19. Companies Would Collapse Upon Abandoning Their Original Goals (That Attracted All the Productive Staff)

    Staff with technical skills won't stick around in companies that reject technical arguments and moreover move to proprietary software in a company that brands itself "Open Source"



  20. [Meme] Listen to Your Workers, Avert Disaster

    Companies that refuse to take input from staff are doomed to fail



  21. The ISO Delusion: When the Employer Doesn’t Understand the Company's Value Proposition (Building Systems) and Rejects Security

    Sirius ‘Open Source’ has failed to sell what it was actually good at; instead it hired unqualified people and outsourced almost everything



  22. Links 25/01/2023: NuTyX 23.01.1 and GNU Guile 3.0.9 Released

    Links for the day



  23. Links 25/01/2023: Stratis 3.5.0 and Many Political Links

    Links for the day



  24. New Record Low: Only One 'Linux' Article in ZDNet in More Than Two Weeks

    Only a few years ago ZDNet published about 3 “Linux” stories per day (mostly FUD pieces); now it’s a ghost town, painted in ‘alien green’; considering ZDNet’s agenda (and sponsors) maybe it’s better this way



  25. Links 25/01/2023: Pale Moon 32.0 and DXVK 2.1

    Links for the day



  26. IRC Proceedings: Tuesday, January 24, 2023

    IRC logs for Tuesday, January 24, 2023



  27. ISO Certification Hardly Tackles Any of the Real Issues

    The real-world threats faced by private companies or non-profit organisations aren't covered by the ISO certification mill; today we publish the last post on this topic before proceeding to some practical examples



  28. [Meme] Medical Data Sovereignty

    What happens when your medical records/data are accessible to a company based abroad after a mysterious NDA with the Gates Foundation? The International Organization for Standardization (ISO) does not mind.



  29. The ISO Delusion: Sirius Open Wash Ltd. and Medical Data/Projects at Risk/Peril

    Sirius ‘Open Source’ was good at gloating about “ISO” as in ISO certification (see our ISO wiki to understand what ISO truly is; ISO certification needs to be more widely condemned and exposed) while signing all sorts of dodgy deals and lying to clients (some, like the Gates Foundation, were never mentioned because of a mysterious NDA); security and privacy were systematically neglected and some qualified as criminal negligence (with fines/penalties likely an applicable liability if caught/reported)



  30. Links 24/01/2023: Wine 8.0 is Ready, FSF Bolsters Copyleft

    Links for the day


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts