Links 11/12/2022: Linux 6.1 and Floppy Disks Handling Bug Fixed

Posted in News Roundup at 9:40 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • Linux Made SimpleLinux Weekly Roundup #213

      Welcome to this week’s Linux Weekly Roundup. We had a full week in the world of Linux with these releases deepin 20.8, Kali Linux 2022.4, SparkyLinux 2022.12, KaOS 2022.12, MakuluLinux 2022-12-04.

    • Desktop/Laptop

      • Johan Thelin: Debian on the XPS13 Plus (9320) – Life of a Developer

        Still no sound, but I learned a couple of new things…

        So, I finally got around to upgrading my laptop. I decided to go for my fourth XPS13, and this time I opted for a maxed out XPS13 Plus. A really nice machine. However, the driver stack isn’t quite there yet. Yes, I should have read up more before buying, but I didn’t and I know it will be sorted out over time.

        As a vim user, the touch Esc key will be a challenge. Perhaps this is where I learn to bind to capslock, but I’ve not come to that point yet.

        So, after installing using the netinst image with non-free drivers (and my phone over USB tether for networking since the wifi still didn’t work), I had to move to testing for anything to work. Then I installed firmware-iwlwifi, iwlwifi and firmware-sof-signed from non-free. This got me into a graphical desktop and most things work (I could configure the touch pad for tap-to-click, and so on). I run a KDE desktop, so I installed some Plymouth stuff, breeze for SDDM and such, but that shouldn’t affect the issues described here.

    • Server

      • Kubernetes BlogKubernetes 1.26: We’re now signing our binary release artifacts! | Kubernetes

        The Kubernetes Special Interest Group (SIG) Release is proud to announce that we are digitally signing all release artifacts, and that this aspect of Kubernetes has now reached beta.

        Signing artifacts provides end users a chance to verify the integrity of the downloaded resource. It allows to mitigate man-in-the-middle attacks directly on the client side and therefore ensures the trustfulness of the remote serving the artifacts. The overall goal of out past work was to define the used tooling for signing all Kubernetes related artifacts as well as providing a standard signing process for related projects (for example for those in kubernetes-sigs).

        We already signed all officially released container images (from Kubernetes v1.24 onwards). Image signing was alpha for v1.24 and v1.25. For v1.26, we’ve added all binary artifacts to the signing process as well! This means that now all client, server and source tarballs, binary artifacts, Software Bills of Material (SBOMs) as well as the build provenance will be signed using cosign. Technically speaking, we now ship additional *.sig (signature) and *.cert (certificate) files side by side to the artifacts for verifying their integrity.

      • HPC WireFrontier Keeps Top Supercomputer Spot, Nvidia’s H100 Debuts on List [Ed: All of them run GNU/Linux]

        The 60th edition of the Top500 list, revealed today at SC22 in Dallas, Texas, showcases many of the same systems as the previous installment, with Frontier still out in front as the first official Linpack exascaler, clocking 1.102 exaflops. Installed at Oak Ridge National Laboratory, Frontier – a collaboration of the DOE, HPE and AMD – comprises 74 HPE Cray EX cabinets, housing 9,408 nodes, each equipped with one AMD Milan “Trento” Epyc CPU and four AMD Instinct MI250X GPUs.

        Frontier also scored highest on the HPL-MxP benchmark with 7.9 exaflops. A companion benchmark to the Top500, HPL-MxP was formerly known as HPL-AI. The benchmark “seeks to highlight the convergence of HPC and artificial intelligence (AI) workloads based on machine learning and deep learning by solving a system of linear equations using novel, mixed-precision algorithms that exploit modern hardware,” according to the backers.

    • Audiocasts/Shows

    • Kernel Space

      • 9to5LinuxLinux Kernel 6.1 LTS Released with Initial Support for the Rust Programming Language

        More than two months in the works, Linux kernel 6.1 is here to introduce experimental support for the Rust programming language. While this may sound very exciting for some, you should keep in mind that “experimental” means that it’s only a very basic implementation of Rust that cannot be used for any real-world use cases.

        Another major change in Linux 6.1 is the multi-generational LRU VM work to better identify the memory pages that are actually in use. In addition, the new kernel series brings the ability to perform PKCS#7 signature verifications in BPF programs and to create destructive BPF programs, and a new security-module hook for controlling how user namespaces are created.

      • Linux mailing listsLinux 6.1
        So here we are, a week late, but last week was nice and slow, and I'm
        much happier about the state of 6.1 than I was a couple of weeks ago
        when things didn't seem to be slowing down.
        Of course, that means that now we have the merge window from hell,
        just before the holidays, with me having some pre-holiday travel
        coming up too. So while delaying things for a week was the right thing
        to do, it does make the timing for the 6.2 merge window awkward.
        That said, I'm happy to report that people seem to have taken that to
        heart, and I already have two dozen pull requests pending for tomorrow
        in my inbox. And hopefully I'll get another batch overnight, so that I
        can try to really get as much of the merge window done with early. We
        all want to have a calm holiday season.
        And because of that "we all want to have a calm holiday season", I
        want to re-iterate that I'm going to be pretty strict about the merge
        window rules. The rules are that the pull requests sent to me during
        the merge window should have been ready _before_ the merge window, and
        have seen some time in linux-next. No last-minute batch of
        experimental new development that hasn't been seen by our test
        So to make my life easier, I will just drop any pull requests that
        come in late, or that look like they haven't been in linux-next. This
        time of year, we're all going to be much happier to deal with the
        stress of the season _without_ having to deal with the stress of any
        late development. So if you already realize that work hasn't been in
        linux-next, let's just all agree to not even send me the pull request
        at all, and we'll all be happy with the calm end-of-the-year season.
        Anyway,  I think I've harped on that enough, let's just enjoy this
        release and the upcoming festivities. As can be seen from the shortlog
        below, last week really was very quiet, and it's mainly a few
        last-minute fixes mostly dominated by drivers (networking in
        particular, but there's some media, HID and GPU noise in there too).
      • LWNThe 6.1 kernel is out [LWN.net]

        Headline features in 6.1 include reworked, LLVM-based control-flow integrity, initial support for kernel development in Rust, support for destructive BPF programs, some significant io_uring performance improvements, better user-space control over transparent huge-page creation, improved memory-tiering support, fundamental memory-management rewrites in the form of the multi-generational LRU and the maple tree data structure, the kernel memory sanitizer, and much more. See the LWN merge-window summaries (part 1, part 2) and the KernelNewbies 6.1 page for more information.

      • SlashdotLinux Kernel Fixes Longstanding Bug in Its Handling of Floppy Disks – Slashdot

        This isn’t the only such fix in recent years. As a series of articles on Phoronix details, there has been a slow but steady flow of fixes for the kernel’s handling of floppy drives since at least kernel 5.17, as The Register mentioned when it came out….

        Back in July 2016, SUSE kernel developer Jiri Kosina submitted a patch. The problem arose because this change broke something else and later got reverted, and so the problem hung around. In July last year, he sent in a new patch that fixed it again for the 5.12 kernel, and was later back-ported to 5.10, an LTS version, and again into kernel 5.15 — another an LTS version, and the one you’re running today if you’re on the current Ubuntu LTS release, or something built from it such as Linux Mint 21….

        Now, in December 2022, a new patch for the forthcoming kernel 6.2 fixes a memory leak that dates back to 5.11 or before.

    • Graphics Stack

      • InfoQAsahi Linux Gets Alpha GPU Drivers on Apple Silicon

        After two years of work to reverse engineer Apple Silicon GPU instruction set and to implement the kernel driver, Asahi Linux has finally got an alpha-quality release of its GPU driver that is already good enough to run a smooth desktop experience and some games, Asahi developers Alyssa Rosenzweig and Asahi Lina say.


        Being still an alpha release, there is still much work to do before the GPU driver becomes complete and stable. In particular, OpenGL 3 is still in early stage and Vulkan support is only nascent, although it can reuse the driver, the compiler, and some source code shared with the OpenGL driver. Additionally, the current OpenGL implementation has not passed yet the OpenGL (ES) conformance tests.

    • Applications

      • Make Use OfEmbrace the Christmas Season With a Log Fire and Rainstorm in Your Linux Terminal

        Fireplace and Puddle help you simulate log fire and rainstorms within your Linux terminal.

        Christmas is almost here, and in the Northern Hemisphere, nights are drawing in, the temperature’s dropping, and fuel prices aren’t getting any cheaper.

        As the hoarfrost settles across your eyebrows and icy stalactites form from your nostrils, warm yourself with the light of a log fire in your terminal, or embrace the weather with a CLI rainstorm.

      • OMG UbuntuOpen Source Video Editing Levels Up with OpenShot 3.0 – OMG! Ubuntu!

        A new version of OpenShot, a free, open-source video editor for Linux, is available to download.

        OpenShot 3.0 contains over 1,000 improvements and fixes, includes better stability and memory usage, and debuts interesting new performance and export capabilities. This is the first update to the non-linear video editor since last year.

        Jonathan Thomas, the creator of OpenShot, details the changes in a blog post, explain that he and the OpenShot team “worked tirelessly over the past 12 months to identify and fix as many stability issues as possible”. Those less familiar with the app may be unaware it has the nickname “OpenShut” due to recurrent performance issues.

        There’s also improved real-time video playback, said to be ‘smoother’ with ‘fewer freezes and pauses’ during preview thanks to changes made to the editor’s video decoding engine.

      • NeowinOpenShot Video Editor 3.0

        OpenShot Video Editor is a free, open-source video editor licensed under the GPL version 3.0. OpenShot can take your videos, photos, and music files and help you create the film you have always dreamed of. Easily add sub-titles, transitions, and effects, and then export your film to DVD, YouTube, Vimeo, Xbox 360, and many other common formats. What really sets OpenShot apart from other video editors is the easy-to-use user interface.

        OpenShot has many great features, such as trimming and arranging videos, adjusting audio levels, transitions between videos, compositing multiple layers of video, chroma-key / green screen effect, and support of most formats and codecs.

      • Beta NewsOpen Source video editor OpenShot 3.0 now available for Windows, Mac, and Linux

        One of the big reasons some people don’t switch to Linux is a lack of video editors. While it’s true there are more video editing programs on macOS and Windows, there are some great options on Linux too, such as Kdenlive and DaVinci Resolve.

        Another popular video editing application that runs on Linux is the open source OpenShot. This cross-platform video editor can run on Windows and macOS too, meaning you can try it on one of those platforms to see if it meets your needs before switching to Linux. And now, OpenShot has reached a new major milestone — version 3.0. The developers brag that it includes over a thousand changes.

        “We have worked tirelessly over the past 12 months to identify and fix as many stability issues as possible in OpenShot. This was a unique challenge, both in finding clever ways to identify and reproduce crashes, and finding solutions that don’t impact the performance of OpenShot. A few notable improvements are related to thread safety (during timeline changes and video playback caching), multi-threaded unit tests designed to flush out race conditions and concurrency issues, safer object clean-up and deletion, and updates to the Undo/Redo system to prevent crashes (for example, when spamming undo),” explains Jonathan Thomas, OpenShot Creator.

      • Vincent BernatAkvorado: a flow collector, enricher, and visualizer

        Earlier this year, we released Akvorado, a flow collector, enricher, and visualizer. It receives network flows from your routers using either NetFlow v9, IPFIX, or sFlow. Several pieces of information are added, like GeoIP and interface names. The flows are exported to Apache Kafka, a distributed queue, then stored inside ClickHouse, a column-oriented database. A web frontend is provided to run queries. A live version is available for you to play.


        The proposed deployment solution relies on Docker Compose to set up Akvorado, Zookeeper, Kafka, and ClickHouse. I hope it should be enough for anyone to get started quickly. Akvorado is performant enough to handle 100 000 flows per second with 64 GB of RAM and 24 vCPU. With 2 TB of disk, you should expect to keep data for a few years.

    • Instructionals/Technical

      • EarthlyBuilding and Managing a Kubernetes Cluster Using Kubeadm – Earthly Blog

        Are you looking for a tool to quickly bootstrap a Kubernetes cluster? Why not try kubeadm?

        Kubeadm is an excellent tool for quickly creating a Kubernetes cluster. By running a series of pre-checks, kubeadm ensures that the server has all the components and configurations needed for Kubernetes. In addition to bootstrapping a Kubernetes cluster with ease, kubeadm also allows you to customize and configure cluster components.

        In this guide, you’ll learn how to set up a Kubernetes cluster using kubeadm, upgrade the cluster, and deploy an application to test if it works.

      • ELinuxHow to install firewall on Ubuntu

        To install a firewall on a Linux server, you can use the ufw (Uncomplicated Firewall) command line utility

      • ELinuxScript to prevent spamming on cpanel server
      • Linux Made SimpleHow to install PyCharm Professional edition 2022.3 on a Chromebook

        Today we are looking at how to install PyCharm Professional edition 2022.3 on a Chromebook.

        If you have any questions, please contact us via a Rumble comment and we would be happy to assist you!

        Please use the video as a visual guide, and the commands and links below to install it on your Chromebook.

      • UNIX CopGetting real-time network statistics using iptraf-ng

        In this post, you will learn how to analyze network traffic in real-time thanks to iptraf-ng. Let’s go.

        iptraf-ng is a console-based network statistic monitoring utility. Thanks to it, you will be able to get useful information from the network. It should be noted that, iptraf-ng is a fork of iptraf and is present in many Linux distributions. The ncurses text-based user interface makes it easy to configure and to use this tool.

      • Linux CapableHow to Install PHP 8.2 on Debian 11/10

        PHP 8.2 is now available to install on Debian 11 Bullseye or Debian 10 Buster using the well-known Ondřej Surý third-party repository. Most Debian users prefer using the distribution due to its name in open-source, especially since it is one of the most stable distributions. However, sometimes you may want to install the latest version of a particular software for development or, in most cases, performance for specific software like CMS systems.

        A quick overview of what is new with PHP 8.2 is new features and enhancements, including support for read-only classes, allowing constants in trait declarations, fetching enumeration values in constant expressions, MySQLi execute queries, and several bug fixes.

      • TecAdminPostfix: Configure SASL Authentication for Remote SMTP – TecAdmin

        Postfix SASL Authentication is one of the most popular methods for remote SMTP authentication. It’s a secure, reliable, and highly configurable way of sending and receiving emails. Essentially, the Postfix SASL Authentication consists of an authentication server and a client. The client is a mail program that sends the message, and the authentication server validates the credentials of the user. Once authentication is successful, the message is sent and authenticated at the receiving server.

        The following step will configure the Postfix server to relay emails from a remote SMTP server with authentication.

      • MJ FransenNetBSD 9.3 on FreeBSD bhyve – box.matto.nl

        I wanted to install NetBSD 9.3 as a virtual machine on a headless FreeBSD machine. This machine already has a bridge in place.

      • Installing Quarto-CLI on Linux-arm64 systems

        Quarto is Posit’s new open-source scientific and technical publishing system built on Pandoc that allows you to weave together narrative text and code to produce high-quality outputs including reports, presentations, websites, and more. It’s the successor of the highly successful, but R specific, R Markdown ecosystem, bringing all the benefits of R Markdown to other programming langues like Python, Julia and Observable.

        Unfortunately, because of the lack of official arm64 binary sources for some of its dependencies (e.g. Deno, SASS, Pandoc), and as explained to me, their limited bandwidth to support not sufficiently popular architectures like Linux arm64. Quarto does not officially support the arm64 architecture, but that doesn’t mean we can’t make it work on it ourselves.

      • ID RootHow To Install aaPanel on Rocky Linux 9 – idroot

        In this tutorial, we will show you how to install aaPanel on Rocky Linux 9. For those of you who didn’t know, aaPanel is a free and open-source hosting control panel easy to install LANMP/LAMP (Linux Apache/Nginx, MySQL, PHP), and OpenLiteSpeed with just a click. Being a web-based GUI control panel, it makes it easy to manage remote and local machines with its vast features.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of aaPanel open-source hosting control panel on Rocky Linux. 9.

      • DebugPointHow to Enable Sync and Vertical Tabs in Edge for Linux [Ed: Rather insane for a 'Linux' site to advise GNU/Linux users to give away all their passwords (sent to Microsoft and the NSA) through proprietary software that's in effect a password stealer]
    • Games

  • Distributions and Operating Systems

    • New Releases

      • LinuxiacKaOS 2022.12 Brings the Latest Plasma, Bugfixes, and New Apps

        This year’s latest update to KaOS, 2022.12, gives users Linux kernel 6.0.12, the latest Plasma 5.26 desktop, and adds new tools to the distro arsenal.

        KaOS is an independent rolling-release distribution inspired by Arch Linux and entirely focused on the KDE Plasma Desktop and related Qt Toolkit-based software.

        Although it uses Pacman as its package manager, KaOS does not rely on software repositories developed and maintained by Arch Linux. Instead, the software is available from in-house repositories, built exclusively for 64-bit systems.

    • BSD

      • Distro WatchReview: OpenBSD 7.2

        The OpenBSD project develops an operating system which is lean, clearly documented, and has a proactive approach to security. The project is also the source of such popular software packages as OpenSSH and LibreSSL which are included in many open source operating systems. OpenBSD’s latest release was version 7.2 which can run on over a dozen CPU architectures.

        The install media for OpenBSD is available in separate formats for optical media (ISO files) and USB thumb drives (IMG files). The ISO file for the x86_64 architecture is 556MB while the IMG file is 664MB. Booting the OpenBSD media brings up a text console where we are asked if we’d like to install a new copy of OpenBSD, upgrade the operating system, perform an auto-install, or run a command line shell.

        The command line shell provided on the install media offers a limited environment. There is just enough command software available to perform some tests and get the system installed. There isn’t a full array of tools provided like you’d get on a full install of OpenBSD or from most Linux live discs.

    • Fedora Family / IBM

      • Red Hat OfficialNew Slack integration with Red Hat Insights [Ed: Red Hat integrates with proprietary spyware]

        We are excited to announce an integration between Red Hat Insights and Slack is now available as Service Preview. This new communication channel facilitates initiatives to optimize IT operations (ITOps) and development operations (DevOps) by providing a Chat Operations (ChatOps) component to the Hybrid Cloud Console.

    • Debian Family

      • 9to5LinuxThis Is the Default Theme of Debian GNU/Linux 12 “Bookworm”

        For Debian GNU/Linux 12 “Bookworm,” which is expected to hit the streets in the summer of 2023, the Debian Project apparently didn’t hold its usual artwork contest. Instead, they decided to go, once again, with the artwork created by the famous Juliette Taka, who made the artwork of several previous Debian GNU/Linux releases.

        Juliette Taka’s “Emerald” artwork will be used as the default theme for Debian GNU/Linux 12 “Bookworm.” This will be used for the wallpaper, login screen, installer, Plymouth boot splash screen, GRUB boot loader, Syslinux / Isolinux, and even as a banner for the website, blog, and wiki.

    • Open Hardware/Modding

    • Mobile Systems/Mobile Applications

  • Free, Libre, and Open Source Software

    • Jon UdellBrowsing the Fediverse – Jon Udell

      A month ago, when the Great Discontinuity happened, I started working on a Steampipe plugin to enable SQL queries against the Mastodon API, along with a companion Steampipe “mod” (suite of dashboards) to display and chart the results of those queries.

      I expect these dashboards will soon be available in Steampipe Cloud, where it will take just a few seconds to pop in your Mastodon access token (from, e.g., https://mastodon.social/settings/applications/new) and begin using the dashboards.

      Meanwhile, if you’re so inclined, you can find the plugin here and the dashboards here. If you’re reasonably technical you can pretty quickly and easily install Steampipe, clone these repos, build the plugin, and start using the dashboards.

      Why would you want to? My own motivation, originally, was to do Mastodon analytics. I thought Steampipe’s SQLification of the API would be a handy way to discern and monitor activity trends during a period of extraordinary flux. And that’s proven to be true, to a limited extent. Here’s a snapshot of the dashboard that uses the instance activity API.

    • Libre ArtsLibre Arts – Weekly-ish recap — 11 December 2022

      Earlier this week, I did a quick poll to ask readers what time of week is the most convenient one for them to read these recaps. The majority said “whenever”, with “weekend” taking the second place. Weekend it is then.

      Highlights of the week: new releases of Blender, Inkscape, OpenShot, news from GIMP and Ardour.

    • Licensing / Legal

    • Programming/Development

      • The Register UKC++ overtakes Java in programming popularity index • The Register

        Java is no longer among the top three most popular programming languages in the TIOBE Index, one of several not particularly definitive yardsticks by which such things are measured.

        According to Paul Jansen, CEO of Netherlands-based TIOBE Software, the rising popularity of C++ has pushed Java down a notch. The index’s rankings are now: Python in first place, C second, C++ third, and Java fourth. C++ stepped up to third, and Java fell to fourth.

        “C++ surpassed Java for the first time in the history of the TIOBE Index, which means that Java is at position 4 now,” said Jansen in the December update for the TIOBE Index. “This is the first time that Java is not part of the top 3 since the beginning of the TIOBE Index in 2001.”

      • Get Your Data On: The Periodogram or Something Else?

        So, which spectral estimator should you pick? The flow chart below presents a reasonable way to pick between spectral estimators. The first question you should ask is, do you want to assume a model for the data? If you don’t know anything about the data or don’t trust what you know, then move to the left side of the flow chart. If the Fourier methods have enough resolution, use the periodogram or the Blackman-Tukey spectral estimator (BTSE). If they don’t, you could try the minimum variance spectral estimator (MVSE). If the MVSE does not have enough resolution, try a high order autoregressive (AR) estimate. The AR method does assume a model for the data, but a high enough AR model can estimate any PSD.

      • Data Science TutorialsHypothesis Testing in R – Data Science Tutorials

        Hypothesis Testing in R, A formal statistical test called a hypothesis test is used to confirm or disprove a statistical hypothesis.

      • Creating One Unified Calendar of all Data Science Events in the Netherlands – Roel’s R-tefacts
      • Jamie Brandon0030: lsm perf, colorblind concurrency, tracing, evacuating preimp, reading, fixing my shoulders

        The lsm tree is needed in tigerbeetle to reduce the time taken to recover from crashes and to reduce the cost (ram) of running large databases (vs just having a replicated log on disk and all other state in memory). It’s not ready yet though – merging the lsm tree reduced the single node performance on my laptop to ~23k transfers/second (the goal is >1m transfers/second). So that’s my main focus at the moment. I’ve identified a couple of issues so far but haven’t fixed any of them yet.

      • uni CornellProgramming tool turns handwriting into computer code | Cornell Chronicle

        A Cornell team has created an interface that allows users to handwrite and sketch within computer code – a challenge to conventional coding, which typically relies on typing.

        The pen-based interface, called Notate, lets users of computational, digital notebooks – such as Jupyter notebooks, which are web-based and interactive – to open drawing canvases and handwrite diagrams within lines of traditional, digitized computer code.

      • we iterate so that you can recurse — wingolog

        Sometimes when you see an elegant algorithm, you think “looks great, I just need it to also do X”. Perhaps you are able to build X directly out of what the algorithm gives you; fantastic. Or, perhaps you can alter the algorithm a bit, and it works just as well while also doing X. Sometimes, though, you alter the algorithm and things go pear-shaped.

        Tonight’s little note builds on yesterday’s semi-space collector article and discusses an worse alternative to the Cheney scanning algorithm.

        To recall, we had this visit_field function that takes a edge in the object graph, as the address of a field in memory containing a struct gc_obj*. If the edge points to an object that was already copied, visit_field updates it to the forwarded address. Otherwise it copies the object, thus computing the new address, and then updates the field.

      • Xe’s BlogAutomagically assimilating NixOS machines into your Tailnet with Terraform – Xe Iaso

        For the sake of argument, let’s say that you want to create all of your cloud infrastructure using Terraform, but you also want to use NixOS and Nix flakes. One of the main problems you will run into is the fact that Nix flakes and Terraform are both declarative and there’s no easy way to shim Terraform states and Nix flake attributes. I think I’ve found a way to do this and today you’re going to learn how to glue these two otherwise conflicting worlds together.

      • Ruben SchadeRubenerd: Goodbye Chris Seaton ♡

        Ruby programming language giant and lovely person Chris Seaton passed away last night.


        His social media posts showed his struggles with mental health of late. It’s heartbreaking that we couldn’t save him.

      • In Memory of a Giant | Tenderlove Making

        The Ruby community has lost a giant. As a programmer, I always feel as if I’m standing on the shoulders of giants. Chris Seaton was one of those giants.

        I’ve been working at the same company as Chris for the past 2 years. However, I first met him through the open source world many years ago. He was working on a Ruby implementation called TruffleRuby, and got his PhD in Ruby. Can you believe that? A PhD in Ruby? I’d never heard of such a thing. My impression was that nobody in academia cared about Ruby, but here was Chris, the Ruby Doctor. I was impressed.

      • Perl / Raku

        • RakulangDay 12: RedFactory – Raku Advent Calendar

          Since the elves started using Red (https://raku-advent.blog/2019/12/21/searching-for-a-red-gift/) they thought it was missing a better way of testing code that uses it. They tested it using several SQL files that would be used before each test to populate the database with test data. That works ok, but that’s too hard to understand what’s expected from the test not looking at those SQL files. It also added a big chunk of boilerplate at the beginning of each test file for runnig the SQL. In every file it’s the same code, changing only what file to use. So they decided to look for some better way of doing that.

          Searching for it they found a new module called RedFactory. It’s specific for Red and uses factories to make it easier to write and read tests written for code that uses Red. The idea about factories is to have a easy way of adding data to your test DB with default values making that easy to populate the test DB at the same file as the test and setting speccific values only for what is needed on the test.

        • Perl[ Perl, Raku TheWeeklyChallenge] TWC 194: Bag Time!
  • Leftovers

    • Zach FlowerChasing Imperfection | flower.codes

      This year, the diamond that I discovered was a leather craftsman by the name of Ed Mason. The son of a saddle maker, Ed has continued his father’s legacy, crafting some truly cool leather goods for the cowboy and cowboy-adjacent; saddle bags, gun cases, and other western tack make up most of his stock. What really caught my eye, though, was his selection of minimalist bifold card wallets.

      Now, I’m a sucker for a good leather wallet, and while the ones on display were pretty simple in design, it was the sales pitch that really sold me. As I was looking through his stock, Ed took the time to show me how he selected his leather specifically for its character. He appreciated how the scars, scrapes, wrinkles, and other defects from the processing of the leather to the condition of the actual animal added beauty to each piece, rather than removed it, and was eager to share that philosophy.

    • MongabayBlue jeans: An iconic fashion item that’s costing the planet dearly

      Eternally current and always fashionable, blue jeans are among the most-worn articles of clothing on Earth, transcending time, trends, and social class. Their popularity is ubiquitous, so much so that legendary designer Yves Saint Laurent once declared: “I wish I had invented blue jeans. The most spectacular, practical, relaxed and nonchalant. They have expression, modesty, sex appeal, simplicity — everything I hope for in my clothes.”

      Unfortunately for the planet, the production of this garment takes a huge environmental toll.

      A single pair of cotton jeans consumes between 10,000 and 20,000 liters (2,600-5,300 gallons) of water along its supply chain. Add to that large doses of synthetic pesticides, fertilizers, dyes and other chemicals that pollute soils and waterbodies, impacting wildlife and people, plus major energy expenditures that generate high greenhouse gas emissions.

    • Andre Alves GarziaThe city watch rejects survive their first dungeon • AndreGarzia.com

      My party survived their first dungeon in Four Against Darkness solo dungeon-delving game.

      I almost thought they were all gonna die on the second chamber where they faced a level 5 Minotaur (they are all level 1) and Sebastian miscast the sleep spell.

      The City Watch Rejects guild is composed of Clara (warrior), Inah (cleric), Zix (rogue), and Sebastian (wizard) who are now licking their wounds and counting their loot.

    • Matt RickardWill LLMs Disrupt Google Search?

      A few thoughts on how LLMs might (and might not) disrupt Google.

      Last year, I asked a more generalized version of this question in How to Beat Google Search. Funnily enough, I had written about the open-source GPT-3 model (GPT-J) only two days before and made zero connection to the two. But now, as LLMs are becoming more sophisticated, more people are using prompts to query specific knowledge.

      Why can’t Google do this? Much of the AI research that underpins LLMs originated at Google. They have no lack of talent or sophistication when it comes to this technology—a few reasons why Google might be disrupted by the AI it helped create.

    • Matt RickardElo Rating

      In 1978, Arpad Elo, a physics professor, and chess master, introduced the Elo rating system as a way to measure the relative skill levels of chess players. Since then, the system has been adapted and applied to a wide range of competitive activities, from video games and sports to online dating and even voting in political elections.
      The Elo system is based on a simple idea: each player has a numerical rating that represents their skill level, and this rating is adjusted based on the outcome of their games. For example, if a higher-rated player beats a lower-rated player, their rating will go up, while the loser’s rating will go down.

    • Science

      • Publishing a long overdue explainer about a scientific consensus

        You’ll most likely have seen instances where the term “scientific consensus” has been misused or misunderstood. People for example often confuse it with appeals to popular opinion or think it is the result of discussions or determined by a vote or just finding a compromise. Because of this, opinion polls – even if predominated by unqualified individuals – are used to argue that no scientific consensus exists for a particular topic even if it clearly does.

        It’s important to note that a scientific consensus is not proof for a scientific theory but that it’s the result of converging lines of evidence all pointing to the same conclusion. It is therefore not a part of the scientific method but is actually a consequence of it. When people argue against a scientific consensus, they are usually misunderstanding the term or are deliberately abusing the ambiguity of the term consensus. A scientific consensus is not infallible but nonetheless represents the best knowledge available on a given scientific topic at a given time. In addition, it provides the foundation for new knowledge by generating follow-up questions for scientists to explore.

      • Researchers Develop a Scaled-up Spintronic Probabilistic Computer

        Researchers at Tohoku University, the University of Messina, and the University of California, Santa Barbara (UCSB) have developed a scaled-up version of a probabilistic computer (p-computer) with stochastic spintronic devices that is suitable for hard computational problems like combinatorial optimization and machine learning.

        Moore’s law predicts that computers get faster every two years because of the evolution of semiconductor chips. Whilst this is what has historically happened, the continued evolution is starting to lag. The revolutions in machine learning and artificial intelligence means much higher computational ability is required. Quantum computing is one way of meeting these challenges, but significant hurdles to the practical realization of scalable quantum computers remain.

      • Extreme TechMIT Is Working on Self-Assembling Robots

        Today, humans build robots, but in the future, robots could be programmed to build more of themselves. Researchers at MIT’s Center for Bits and Atoms (CBA) have created robotic subunits called “voxels” that can self-assemble into a rudimentary robot, and then collect more voxels to assemble larger structures or even more robots.

        The researchers, led by CBA Director Neil Gershenfeld, concede that we’re still years away from a true self-replicating robot, but the work with voxels is answering some vital questions that will help us get there. For one, the team has shown that it’s feasible to make the assembler bot and the structural components of whatever you’re building can be made of the same subunits — in this case, voxels.

      • Scientists use machine learning to accelerate materials discovery | Argonne National Laboratory

        A new computational approach will improve understanding of different states of carbon and guide the search for materials yet to be discovered.

      • Ars TechnicaTired of laundry folding? AI breaks the robot folding speed record | Ars Technica

        While it’s possible that someone out there enjoys folding clothes, it’s probably not a beloved pastime. Accordingly, researchers at UC Berkeley’s AUTOLAB have developed a new robotic method of folding garments at record speed (for a robot) called SpeedFolding.

      • Building A Virtual Machine inside ChatGPT

        Unless you have been living under a rock, you have heard of this new ChatGPT assistant made by OpenAI. You might be aware of its capabilities for solving IQ tests, tackling leetcode problems or to helping people write LateX. It is an amazing resource for people to retrieve all kinds of information and solve tedious tasks, like copy-writing!

      • AAASMechanical neural networks: Architected materials that learn behaviors

        Aside from some living tissues, few materials can autonomously learn to exhibit desired behaviors as a consequence of prolonged exposure to unanticipated ambient loading scenarios. Still fewer materials can continue to exhibit previously learned behaviors in the midst of changing conditions (e.g., rising levels of internal damage, varying fixturing scenarios, and fluctuating external loads) while also acquiring new behaviors best suited for the situation at hand. Here, we describe a class of architected materials, called mechanical neural networks (MNNs), that achieve such learning capabilities by tuning the stiffness of their constituent beams similar to how artificial neural networks (ANNs) tune their weights. An example lattice was fabricated to demonstrate its ability to learn multiple mechanical behaviors simultaneously, and a study was conducted to determine the effect of lattice size, packing configuration, algorithm type, behavior number, and linear-versus-nonlinear stiffness tunability on MNN learning as proposed. Thus, this work lays the foundation for artificial-intelligent (AI) materials that can learn behaviors and properties.

      • Extreme TechAI Helps Biotech Labs Generate the Building Blocks for New Drugs [Ed: Overuse of the term "HEY HI" for hype's sake]

        Proteins are an essential part of life. Not only do they function as the “building blocks” for living organisms, but they also perform nearly every cellular task, from waste management to tissue repair. It tracks, then, that pharmaceuticals often contain or “target” proteins in an attempt to change or eliminate symptoms or disease within the body. There’s just one little problem: The only proteins we can use to create drugs are the ones we know.

      • IEEEThis Free-Space Optics System Could Boost Space Comms

        Optical fiber has long since replaced copper wiring in core information networks. But that’s not the case for free-space optical (FSO) communications using optical lasers to transmit data through the air. Despite FSO having the potential to provide orders of magnitude more data capacity compared with that of the traditional radio-frequency communications space missions currently rely on, the technology has been stuck on the launch pad because of atmospheric interference that can absorb and scatter the signals, as well as the strict acquisition and tracking requirements for communicating between ground stations and orbiting satellites.

        But now researchers from the International Centre for Radio Astronomy Research, in Western Australia, have developed a coherent FSO link operating at 1,550 nanometers across a turbulent atmosphere between an optical ground terminal and a retroreflector mounted on an airborne drone. Their findings were published this October in Scientific Reports.

      • Sci Tech DailyRobot Design May Revolutionize How We Build Things in Space

        Researchers at the U.K.’s University of Lincoln (UoL) designed an end-over-end walking (E-Walker) robot for space construction projects. The E-Walker robot features seven degrees-of-freedom motion capabilities. UoL’s Manu Nair and colleagues conducted an exercise in which they tested the E-Walker on the in-orbit assembly of a 25-meter (82-foot) Large Aperture Space Telescope. Nair said, “The proposed innovative E-Walker design proves to be versatile and an ideal candidate for future in-orbit missions. The E-Walker would be able to extend the life cycle of a mission by carrying out routine maintenance and servicing missions post assembly, in space.

      • New quantum computing feat is a modern twist on a 150-year-old thought experiment | UNSW Newsroom

        A team of quantum engineers at UNSW Sydney has developed a method to reset a quantum computer – that is, to prepare a quantum bit in the ‘0’ state – with very high confidence, as needed for reliable quantum computations. The method is surprisingly simple: it is related to the old concept of ‘Maxwell’s demon’, an omniscient being that can separate a gas into hot and cold by watching the speed of the individual molecules.

        “Here we used a much more modern ‘demon’ – a fast digital voltmeter – to watch the temperature of an electron drawn at random from a warm pool of electrons. In doing so, we made it much colder than the pool it came from, and this corresponds to a high certainty of it being in the ‘0’ computational state,” says Professor Andrea Morello of UNSW, who led the team.

      • uni MITMachine learning facilitates “turbulence tracking” in fusion reactors

        A new approach sheds light on the behavior of turbulent structures that can affect the energy generated during fusion reactions, with implications for reactor design.

    • Education

      • CERA Workshop on Slow Reveal Graphs for Social Studies Teachers | Computing Ed Research – Guzdial’s Take

        My collaborator, Tammy Shreiner, is running a workshop for social studies educators on teaching with Slow Reveal Graphs. The idea of slow reveal graphs is that visualizations are just too complex for students to pick out all the visual elements. Instead, a slow reveal graph is presented in stages, and at each stage, students are prompted to reflect (and discuss, or write about), “What do you notice now? What do you wonder about?”

        Tammy has been building a bunch of slow reveal graphs that really fascinating. I’m particularly amazed at the ones that she and her colleague Bradford Dykes have been building.

    • Hardware

      • ACMSetting the Internet of Things Free — of Batteries

        Energy harvesting reaps energy that would otherwise go to waste—from sources ranging from solar rays to vibrations to ambient gradations in heat, ocean waves/tides, wind, and even the metabolisms of living organisms. These sources can be tuned to produce electricity that is safe, sustainable, and deployable in conditions not suited to the use of batteries.

        Incorporating such energy harvesting into the Internet of Things (IoT) extends its reach to nearly any place on the globe—not just those that can access power lines or rechargeable batteries.

        “Energy harvesting has the potential to expand the capabilities of the Internet of Things to heights previously unattainable without the technology,” said ABI Research analyst Taylor Jensen, who is just putting the finishing touches on a study on energy harvesting for IoT applications.

      • New Photonic Chip “Squeezes” More out of Light | www.caltech.edu

        Electronic computing and communications have come a very long way since the days of radio telegraphy and vacuum tubes, with consumer devices now containing levels of processing power and memory that would be unimaginable just a few decades ago.

        But as computing and information processing devices get ever smaller and more powerful, they are running into some fundamental limits imposed by the laws of quantum physics. The future of the field may lie in photonics—the light-based parallel to electronics. Photonics is theoretically similar to electronics but substitutes photons for electrons, and photonic devices may be capable of processing data much faster than their electronic counterparts, including for quantum computers.

    • Health/Nutrition/Agriculture

      • BBCChina abandons key parts of zero-Covid strategy after protests – BBC News

        China is lifting its most severe Covid policies – including forcing people into quarantine camps – just a week after landmark protests against the strict controls.

        People with Covid can now isolate at home rather than in state facilities if they have mild or no symptoms.

        They also no longer need to show tests for most venues, and can travel more freely inside the country.

      • Ruben SchadeRubenerd: Elective Surgery is the “micropayments” of health

        It’s bunk. Surgery that isn’t immediately life-threatening still can have a huge impact on quality of life. People also don’t (generally) get surgery for the sake of it, which deflates any idea of it being optional.

        I’ve been lucky to only need two elective surgeries in my life thus far, once in my twenties, and another last year in my thirties. If you haven’t, you probably know someone who has. Frankly, I resent the idea that anyone in that situation is doing it for kicks; worse if it’s being used as evidence for why universal healthcare for the unwashed masses in places like the US would be a waste of money.

    • Entrapment (Microsoft GitHub)

      • Chris HannahFoundation Is Becoming Fully Swift and Open Source [Ed: Microsoft's GitHub is the wrong place]

        The post has the project launching on GitHub in 2023, which isn’t that helpful. Still, it would be pretty cool to say I contributed to Foundation.

    • Security

      • University of TorontoWhy being able to partially distrust a Certificate Authority is good

        One of the arguments I’ve heard against supporting partial distrust of Certificate Authorities in places like Linux root certificate stores (which you currently can’t really do) is that a bad CA can simply backdate TLS certificates to get around things like ‘certificates issued from December 1st 2022 onward won’t be trusted’. On the one hand, this is technically true (although these days either such a TLS certificate wouldn’t be usable in the majority of web browsers or it would soon be detected through Certificate Transparency logs). On the other hand, there are a collection of reasons to think that it’s a good thing that browser can do this sort of thing (and thus that more software should support it).

        The original view of CA trust was that it was binary; either the CA was working perfectly fine and would in the future, or the CA was entirely bad and compromised, and should be distrusted immediately. While there have been some CA incidents like this, such as the DigiNotar compromise, in practice a significant number of the CA problems that have come up over the years have been less clear cut than this, such as the WoSign case (and the WoSign case was exceptionally bad in that WoSign actively issued bad TLS certificates). The recent case of TrustCor is illustrative; as far as was reported to Mozilla (and summarized by them), TrustCor never mis-issued any TLS certificates or committed any other clear violations of CA requirements. They were merely sketchy.

      • SBOM: An Up-Close Look at a Software Bill of Materials [Ed: 12 months later they still use Log4j for FUD; Microsoft et al took over the messaging of the ‘Linux’ Foundation]

        Unless you’ve been living under a rock the past few years, you’ve likely at least heard of Log4j. This is an Apache open source library that’s commonly used in just about everything Java-related online. Unfortunately, in late 2021 the logging package was discovered to be critically vulnerable to remote code execution attacks, meaning an attacker could exploit it to install malware (e.g., ransomware) onto vulnerable systems and inject larger networks.

      • Hard to crack hardware | KAUST Discovery

        Next-generation electronic devices could feature enhanced security systems built directly into their circuitry to help fend off malicious attacks. Protective “logic locks” — based on an advanced branch of electronics called spintronics — could be incorporated into the integrated circuits of electronic chips to defend chip security, KAUST researchers have shown.

        “The need for hardware-based security features reflects the globalized nature of modern electronics manufacture,” explains Yehia Massoud from KAUST. Electronics companies usually employ large specialized, external foundries to produce their chips, which minimizes costs but introduces potential vulnerabilities to the supply chain. The circuit design could simply be illegally copied by an untrusted foundry for counterfeit chip production or could be maliciously modified by the incorporation of “hardware Trojans” into the circuitry that detrimentally affects its behavior in some way.

      • BSDlyThat grumpy BSD guy: Harvesting the Noise While it’s Fresh, Revisited

        Returning readers will be almost painfully aware that here at nxdomain.no (also known as bsdly.net) we host and maintain a blocklist, which in turn is the product of traffic that hits our mail system with attempts at delivery to one or more of the now more than three hundred thousand known bad addresses, also featured at the blocklist home page.

      • Open Source Security (Audio Show)Episode 353 – Jill Moné-Corallo on GitHub’s bug bounty program [Ed: What a disgrace that they have Microsoft, NSA’s back doors facilitator, there on the show to talk about “security”]

        Josh and Kurt talk to Jill Moné-Corallo about GitHub’s bug bounty and product security team. It’s a treat to discuss bug bounties with someone who is managing a very large bug bounty for one of the most important web sites in the world of software today.

    • Defence/Aggression

      • Ars TechnicaSan Francisco decides killer police robots aren’t such a great idea [Ed: US cops have already used killer robots for at least 7 years]

        The robot police dystopia will have to wait. Last week the San Francisco Board of Supervisors voted to authorize the San Francisco Police Department to add lethal robots to its arsenal. The plan wasn’t yet “robots with guns” (though some police bomb disposal robots fire shotgun shells already, and some are also used by the military as gun platforms) but to arm the bomb disposal robots with bombs, allowing them to drive up to suspects and detonate. Once the public got wind of this, the protests started, and after an 8–3 vote authorizing the robots last week, now the SF Board of Supervisors has unanimously voted to (at least temporarily) ban lethal robots.

        Shortly after the initial news broke, a “No Killer Robots” campaign started with the involvement of the Electronic Frontier Foundation, the ACLU, and other civil rights groups. Forty-four community groups signed a letter in opposition to the policy, saying, “There is no basis to believe that robots toting explosives might be an exception to police overuse of deadly force. Using robots that are designed to disarm bombs to instead deliver them is a perfect example of this pattern of escalation, and of the militarization of the police force that concerns so many across the city.”

    • Transparency/Investigative Reporting

      • 33,000+ DMCA notices sent in an apparent attempt to defend the reputation of an alleged Russian criminal–systematic abuse of the DMCA notice-and-takedown procedure

        In April, 2022, Lumen Research Fellow Shreya Tewari reported discovering more than 30,000 fraudulent copyright infringement notices, dating as far back as June 2019, that appeared to be deliberate attempts to misuse the Digital Millennium Copyright Act’s (DMCA’s) notice-and-takedown procedure. In August, Shreya and I discovered an additional 33,000+ notices, some sent as recently as January 2021, strikingly similar to the initial set. The content at the allegedly infringing URLs in the new set is almost entirely related to Stanislav Kondrashov, a controversial Russian oligarch, and his alleged criminal activity. This steady stream of apparently fraudulent notices on just one “topic” is a powerful indicator that systematic misuse of the DMCA notice-and-takedown (N&TD) process is real and ongoing. However, questions such as, how long and how frequently fraudulent or otherwise problematic notices have been or will continue to be submitted, have yet to be answered.

        Since June 2022, I have been assisting with research within the Lumen Database, searching for possible evidence of misuse of the DMCA process. Because I had the example notices that Ms.Tewari discovered, I had a basic understanding of how fraudulent notices might appear and what search methodology to use. My own searches within Lumen found 33,396 notices sent to Google over the course of almost two years by over 40 different notice senders, targeting more than 500 unique URLs.

        Submitted to Lumen between June 2019 and January 2021, these new notices shed light on the abuse of copyright law as a tool for reputation management. They reveal how notice senders, likely acting on behalf of others, fake copyright claims to remove or censor legitimate journalism linking the notice sender’s clients to accusations of criminal activity, corruption, murder, drug trafficking, and the like. This particular set of notices, all revolving around Stanislov Kondrashov, is most probably one of many others just like it.

        According to various news reports, Stanislav Kondrashov is a Russian businessman with a long history of alleged corruption, hostile corporate takeovers, tax evasion, and contract killings. Most of the articles which were cited as infringing in this notice set include material about Kondrashov’s alleged involvement in: the murder of Denis Voronenkov, laundering through the company Telf AG and VEC, funding of the Wagner mercenary group, and large-scale scams involving the resale of coal and refined oil products, among other details.

        Most of the domain names targeted by the 33,396 notices appear to be online news forums. I individually analyzed a randomly selected representative pilot set of 400 DMCA notices within the larger notice set, originating from five different jurisdictions as marked by the notice sender: the USA, UK, Ukraine, Russia, and the Netherlands. Of the 400 randomly selected notices, all were related to Kondrashov’s criminal activity. Within that pilot group, the domains targeted for takedown include legitimate news sources in Ukraine, Russia, Luxembourg, and Norway, including Antikor News, Rus Republic, Vlasti Info, Fraza, Glavk.net, and The Russian Crimes, along with many more.

    • Environment

      • Energy

        • Michael GeistThe Law Bytes Podcast, Episode 149: Ryan Clements on the FTX Collapse and Canada’s Approach to Crypto Regulation – Michael Geist

          The stunning collapse of FTX, one of the world’s leading crypto exchanges, has not only shaken the crypto world but called into question the future of blockchain and digital assets. In a year of repeated failures and crashes, the calls for increased regulation are getting louder. Ryan Clements is a law professor at the University of Calgary, where he holds the chair in Business Law and Regulation and specializes in the regulation of fintech, blockchain and crypto-assets. He’s written extensively on crypto regulatory issues, including an expert report on Canadian cryptocurrency governance for the Public Order Emergency Commission. He joins the Law Bytes podcast to provide some background into the growth of crypto, the collapses of Luna and FTX, and where Canada sits on the regulatory spectrum.

        • IEEEThe EV Transition Explained: Charger Infrastructure

          The ability to conveniently charge an EV away from home is a top concern for many EV owners. A 2022 survey of EV owners by Forbes indicates that 62 percent of respondents are so anxious about their EV range that travel plans have been affected. While “range anxiety” may be overblown, the need for an extensive and reliable external charging infrastructure is not.

        • Don’t get fooled: Electric vehicles really are better for the climate

          Electric vehicles, often called EVs, are responsible for less global-warming pollution over their life cycle than gas-powered vehicles, despite the fact that battery manufacturing — for the moment — increases the climate impacts of EV production.

    • AstroTurf/Lobbying/Politics

      • Misinformation/Disinformation/Propaganda

        • Security WeekFBI Director Raises National Security Concerns About TikTok

          FBI Director Chris Wray is raising national security concerns about TikTok, warning Friday that control of the popular video sharing app is in the hands of a Chinese government “that doesn’t share our values.”

          Wray said the FBI was concerned that the Chinese had the ability to control the app’s recommendation algorithm, “which allows them to manipulate content, and if they want to, to use it for influence operations.” He also asserted that China could use the app to collect data on its users that could be used for traditional espionage operations.

    • Civil Rights/Policing

      • The Strike that Started the Red Wave – In These Times

        Ten years ago, Chicago teachers modeled what a militant fight for public education looks like by walking off the job. A decade later, the legacy of social justice unionism continues to animate the U.S. labor movement.

      • EU Pressures

        In light of the conditions that Europe is experiencing, in terms of high energy prices and the repercussions on the industrial sector, like the closure of factories and the high cost of production. In your opinion do European countries have the capacity and resources to prevent industrial investments from “escaping”? Especially since the US plans in general to restore industry to its lands, thus, it may represent an opportunity to lure European industries to move to there and take advantage of cheap energy prices. This shift will have wide repercussions on Europe’s productive capacities and competitiveness, as well as on its trade balance. So, what happens to the position of Europe in the global economic system? Will it remain part of the capitalist center or deviate from it?

    • Internet Policy/Net Neutrality

      • Michael GeistBig Cost, Smaller Benefit: Government Modelling Pegs Likely Bill C-18 Revenues at Less Than Half of Parliamentary Budget Officer Estimates

        Canadian Heritage Minister Pablo Rodriguez has touted Bill C-18, the Online News Act, as critical for Canada’s media sector, but government’s internal modelling suggests there will be limited benefits for most news outlets. Earlier this fall, the Parliamentary Budget Officer estimated that it would generate $329 million per year, with over 75% of that revenue going to broadcasters such as Bell, Rogers, and the CBC. At the time, I noted that meant that “newspapers will receive less than 25% of the funding or about $81 million to split among hundreds of news outlets.” It turns out that the government believes that vastly overstates the benefit as its own modelling estimates about $150 million in total revenues, less than the 50% of the PBO’s estimate. Assuming a similar apportionment of revenues between broadcasters and newspapers, that would place the benefit at just over $37 million for the entire newspaper sector. In fact, as the government has expanded the eligibility to hundreds of additional outlets, the benefits for each organization shrinks even further.

  • Gemini* and Gopher

    • Personal

      • 🔤SpellBinding: YCEORTB Wordo: DUELS
      • Winter

        Last night we had a light snowfall, just enough to sugarcoat the

        rooftops and everything not covered with concrete.

        Today is already the 3rd Sunday of Advent, so only 7 workdays to go

        before Christmas vacation. Work’s been a bit too much lately with a

        lot of problems to solve and many meetings to attend.

    • Technical

      • Thoughts on the New Dwarf Fortress

        In which I share my thoughts and complaints on the new 0.5x version of Dwarf Fortress, with an extra addendum helping new players get started with the game.

        Written on a 2015 Macbook Pro (running Linux), naturally while listening to the new Dwarf Fortress Soundtrack[1]. (IDK I’ve seen a lot of phlogs do this and I want to be cool and hip).

      • no more pgp for me

        it all started when i wanted to find a cli based pgp utility that was simpler than gnupg. i’ve been using gnupg off and on for years and if you have tried it, you’d know too how terrible the user experience is.

      • Internet/Gemini

        • It’s been a while eh!

          I seem to be following my normal pattern of blogging for a bit, and then forgetting to update it for months at a time cos I don’t think I have anything fun, interesting or blog worthy to report.

          Anyways, living in the country has been OK. We got the insulation and double glazing finished up in early spring, and we had a few cold (0°C overnight, top of 9°C) days, and the diffrence was pretty astounding. The kitchen felt so warm we thought we’d left the oven on accidentally. We eventually got the fire managed so that we were maintaining ~20°C on those colder days with it damped almost all the way down, which is a big diffrence from not being able to sustain more than about 18°C with the fire on full blast previously!

      • Programming

        • Editor 100% CPU Usage

          ## or, how to avoid debugging as much as possible by among other things writing yet another blog entry instead of working on the actual problem

          Whist trying out some new terminal IRC client on the grounds that irssi is both long of tooth and short on security I noticed that the new IRC client had a feature to edit a message using the EDITOR environment variable. This is not very notable. That the CPU usage of that editor then went to 100% is somewhat notable. Normally the editor does not use 100% CPU so presumably the issue has to do with the environment that the editor, ex, is

        • I made a C REPL linker thingy…

          I really like the interaction of the Forth REPL, and I’ve written many forths… But at the end of the day, all you have is a Forth, syntactically annoying, and you kind of need to reinvent the wheel every time you want to do anything. On the other end of the spectrum, Lisp is great, but binding to the C infrastructure is a challenge, and you wind up with 100MB of code.

          So why not use the C compiler to generate code, but keep a Forth-like interactive environment in which compiled C functions and data live? Actually, not quite: when functions are edited, the new one supersedes the old one, and all callers are automatically updated. And yes, the source for every compiled function is there, to be looked at or edited.

        • Announcing GNUnet++, experimental high level GNUnet C++ wrapper

          Today I’m announcing GNUnet++. An experimentable yet sensable C++ wrapper for GNUnet services. You can find my introduction to GNUnet in my older articles [1][2]. TL;DR GNUnet is GNU’s version of IPFS and libp2p. It has some pros and cons over `libp2p`. Like built-in trafic covering, firewall bypass, etc.. But has (much) lower adoption rate and stablity. In any case, it’s a fun project and I see potential in it. The pure C API is a pain point I can help fix – with GNUnet++.

* Gemini (Primer) links can be opened using Gemini software. It’s like the World Wide Web but a lot lighter.

Links 11/12/2022: KaOS 2022.12 and More

Posted in News Roundup at 9:50 am by Dr. Roy Schestowitz

  • GNU/Linux

    • Linux LinksLinux Around The World: USA – New York – LinuxLinks

      New York, officially known as the State of New York, is a state in the Northeastern United States. The state is bordered by New Jersey and Pennsylvania to the south, and Connecticut, Massachusetts, and Vermont to the east; it has a maritime border with Rhode Island, east of Long Island, as well as an international border with the Canadian provinces of Quebec to the north and Ontario to the northwest.

    • Audiocasts/Shows

    • Benchmarks

    • Applications

      • OpenSource.comSimplify your Linux PC with the PCManFM file manager

        The PCMan File Manager, or PCManFM for short, is a fast and lightweight file manager that’s full of features. It was developed for the LXDE desktop environment, but is a stand-alone application and can be used with the desktop or window manager of your choice.

    • Instructionals/Technical

      • ID RootHow To Install Scala Programming on Ubuntu 22.04 LTS – idroot

        In this tutorial, we will show you how to install Scala Programming on Ubuntu 22.04 LTS. For those of you who didn’t know, Scala is a programming language that is designed to be concise, scalable, and high-performing. It is a statically-typed language that runs on the Java Virtual Machine (JVM), and it can be used to build a wide range of applications, from the web and mobile apps to data analysis and machine learning tools.

        This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the Scala programming language on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

      • Trend OceansHow to Show Welcome Message to Logged SSH Users – TREND OCEANS

        Today, you are about to learn how to display a welcome message after authorized or unauthorized users log into the system.

      • Manuel MatuzovicDay 55: anonymous layers

        In all previous posts about cascade layers I’ve used named layers in the demos, but it’s actually not required to name them.

      • Run Your Own Instant Messaging Service on FreeBSD

        What if you could host your own instant messaging service for you and your friends, to communicate privately and securely, away from the prying eyes of big tech? Turns out you can, and it’s actually quite easy to do.

      • [Old] IT TavernSSH server hardening

        We all know that it is important to secure your machines. I am going to show you some ways to do so. Some are trivial and should be set immediately, and some require some more work. Part 2 will follow with the advanced options.

        I’ll use a random Linux machine with a SSH server as reference (OpenBSD Secure Shell server according to systemd and config file). For the upcoming changes of the config, I have to edit /etc/ssh/sshd_config. It might differ from your setup.

      • IT TavernGetting started with tmux

        This post hopefully will help you to get started with tmux. I’ll cover more topics and features of tmux in the future.

      • H2S MediaHow to use Visual Studio Code as default editor for git? [Ed: But it is proprietary software Microsoft uses to spy on developers and users; it's also being vertically integrated with proprietary GitHub to push people into traps that attack Git, attack GPL, and so on]

        Let’s learn the simple steps to set Visual Studio Code as the default editor in Git. This will help the developers to edit their code directly in VSCode instead of Notepad or other editors.

        Git is a popular free version control software that was created initially to develop the Linux kernel. So that multiple developers can easily work and collaborate on the same project. Git allows developers to split project data into individual snippets. This makes it possible to work in a team and easily find the extensions or adjustments done to code by the individual team member.

        The beauty of the Git version control system is it can track all the changes to files and allows multiple users to coordinate updates to those files. In addition, Git can also be used to manage file updates of any kind, is the version control standard for GitHub and other source code management systems, and is widely used in DevOps initiatives to implement CI/CD. Although Git is not a programming language, become an important part of software development.

    • Games

  • Distributions and Operating Systems

  • Free, Libre, and Open Source Software

    • MedevelVikunja: Boost Your Project Management To The Next Level

      Vikunja is a fairly new style open-source task management system that you can install it on your server or local machine.

      Vikunja features an organized workflow to manage your tasks and projects within a fancy clutter-free interface.

      Vikunja is formed of two parts an API core which is written in the Go programming language and a frontend which uses the Vue framework.

    • MedevelAmbar: Libre Document Search Engine for Office, Text and PDF Documents

      Ambar is an open-source document search engine with automated crawling, OCR, tagging and instant full-text search.
      Ambar defines a new way to implement full-text document search into your workflow.

    • FOSS WeeklyFOSS Weekly #27 – Thunderbird Android, open-source keyboard, Apple drivers in Asahi, and more | FOSS Weekly

      Here is everything that has happened in the open source world in the past week. The highlights include a preview of Thunderbird on Android, the availability of Apple Silicon GPU driver in Asahi Linux, and releases from Blender, Tor Browser, PipeWire, etc.

    • Tom MacWrightPlaying with ActivityPub

      ActivityPub, WebFinger, and Mastodon are getting some attention because of chaos at Twitter

      It’s anyone’s guess how this all shakes out. As an active user of Twitter, it’ll be sad if it goes away. But in the meantime, let’s have some fun with ActivityPub.

    • MedevelMarkdownify: A Minimal Yet Feature-rich Markdown Editor

      Markdownify is a simple yet feature-rich Markdown document editor for Windows, Linux, and macOS.

      It is built on top of Node.js technologies, Electron, and using Marked library to parse Markdown, Showdown library, CodeMirror, and highlight.js.

      Although it is a lightweight app, it comes packed with many useful features, clutter-free interface with full-screen distraction free mode, LaTeX support, and PDF file export.

    • MedevelTask Coach Is a Multi-platform Task Manager

      Task Coach is an open-source lightweight task management app that help you keep track and organize your messy task and project workspaces.

      It is available for Windows, Linux, and macOS. There is also an Android separate project.

      With Task Coach, you can add your tasks, organize them in lists, categories, or tags, export them to software and programs as Outlook, Claws Mail, Apple Mail and Thunderbird.

    • Web Browsers/Web Servers

      • Ruben SchadeAnother lacklustre RSS pitch

        RSS is more than plumbing, just as blogging is more than advertising. It’s a shame one of the world’s largest blog hosting platforms misses this potential. Heck… they may even be more money it for them! cough.

    • SaaS/Back End/Databases

      • Jon UdellWhen your database is an HTTP client

        A couple of years ago I found a way to unify those ingredients: Run the script inside the database. You can do a lot with Postgres’ built-in procedural language, and even more if you activate Python inside Postgres. I went deeply into both and explained why in an earlier episode.

      • YottaDBWhere are the Users?

        Where are the users? Most assuredly, they are here on our planet, but where on Earth are they? For software released under proprietary licenses, one knows ones licensees at least in theory. But for code released under a free / open source software (FOSS) license that is free to anyone to use and redistribute, as all YottaDB software is, that is not as easy. To best serve users, whether or not they are customers, software developers should really understand the applications for which their software is used.

    • Programming/Development

      • HackadayFossil Files: My .Emacs

        Last week, I wrote about cargo culting in a much more general context, so this week I’m going to come clean. The file that had me thinking about the topic was the worst case you’ve probably ever seen: I have a .emacs file kicking around that I haven’t really understood since I copied it from someone else – probably Ben Scarlet whose name is enshrined therein – in the computer lab in 1994! Yes, my .emacs file is nearly 30, and I still don’t really understand it, not exactly.

      • HackadayFlipper Zero Hacker Tool Gets UI Editor For Custom Apps

        [Mikhail] released a handy GUI editor/generator tool for the Flipper Zero multipurpose hacker tool, making layouts and UI elements much easier and more intuitive to craft up.

      • Ben HoytCode coverage for your AWK programs

        I also thought that it would be cool to be able to say that GoAWK is the only AWK implementation we know with code coverage support.

        Thanks to Volodymyr’s efforts, GoAWK version 1.21.0 includes the code coverage feature. There was some refactoring that needed to happen before the main code change – thanks again, Volodymyr, for having the patience to see this through.

      • [Old] uni ArizonaA Brief Introduction to Icon

        Icon is a very high-level imperative language with a rich repertoire of string and structure processing facilities. It is available on a wide range of computers and is in wide use.

        In Icon, values, not variables, are typed. Built-in data types include numerics, character sets, strings, sets, lists, associative tables, records, and procedures. The aggregate types – sets, lists, tables, and records – can hold values of any type. Tables can be indexed by values of any type. Numerics, character sets, and strings are atomic values; operations on them produce new values. Aggregates use pointer semantics; operations on them can change existing values as well as produce new ones. Strings and aggregates can be of arbitrary size, and their sizes can change during execution. Memory management is automatic.

        Icon has an expression-oriented syntax; even control structures are expressions. Procedures consist of zero or more expressions separated by newlines or semicolons. Icon programs consist of one or more procedure definitions, and execution begins by calling the procedure named main.

      • Amos WengerDay 8 (Advent of Code 2022)

        This is a 5×5 grid, and every number denotes the height of a tree. For part 1, we must find out how many trees are visible from the outside of the grid.

      • Bozhidar BatsovWhat’s the Term for a Filename Without Its Extension?

        Today someone asked in OCaml’s Discord “How do you call a variable that refers to a filename without its extension?”. I always thought there was no specific term for this and I always named such variables filename-sans-extension (or similar), but it turns out I was wrong. It’s never too late to learning something new! But first a bit of (subjective) terminology: [...]

      • Jason SwettKeep test code and application code separate

        Sometimes you’ll be tempted to add things to your application code that don’t affect the functionality of your application but do make testing a little easier.

        The drawback to doing this is that causes your application code to lose cohesion. Instead of doing just one job—making your application work—your code is now doing two jobs: 1) making your application work and 2) helping to test the application. This mixture of jobs is one straw on the camel’s back that makes the application code just that much harder to understand.

      • Matt RickardSpam Filtering AI Content

        As generative AI becomes more advanced, it’s likely that we will see an increase in spam that is difficult to distinguish from human-generated content. Some ways that we can combat the next wave of AI-generated content.

      • Sean ConnerSome comments on delimiter-first code

        That doesn’t look half bad, I thought. It could make for smaller diffs in some cases. For instance, I have this: [...]

      • [Old] The Chapel Parallel Programming LanguageAdvent of Code 2022: Twelve Days of Chapel

        To kick off the Chapel blog and gain some experience with the site during this month’s “soft launch”, we plan to spend the next few weeks writing daily articles about participating in Advent of Code 2022 (AoC 2022) using Chapel.

      • GeshanHow to use Axios interceptors, a step-by-step guide with example

        Axios is one of the most popular JavaScript libraries to perform HTTP requests. Axios interceptors are powerful mechanisms built into Axios for making changes to requests and responses in a non-intrusive way. In this guide, you will walk through the basics of Axios interceptors and step through a useful example of how they can be used. By the end, you should have a good understanding of how to use Axios interceptors in your own applications.

      • A Programmer-Friendly I/O Abstraction Over io_uring and kqueue | TigerBeetle

        Consider this tale of I/O and performance. We’ll start with blocking I/O, explore io_uring and kqueue, and take home an event loop very similar to some software you may find familiar.


        When you want to read from a file you might open() and then call read() as many times as necessary to fill a buffer of bytes from the file. And in the opposite direction, you call write() as many times as needed until everything is written. It’s similar for a TCP client with sockets, but instead of open() you first call socket() and then connect() to your server. Fun stuff.

        In the real world though you can’t always read everything you want immediately from a file descriptor. Nor can you always write everything you want immediately to a file descriptor.

        You can switch a file descriptor into non-blocking mode so the call won’t block while data you requested is not available. But system calls are still expensive, incurring context switches and cache misses. In fact, networks and disks have become so fast that these costs can start to approach the cost of doing the I/O itself. For the duration of time a file descriptor is unable to read or write, you don’t want to waste time continuously retrying read or write system calls.

      • HackadayLisp Runs This Microcontroller Pendant

        As a programming language, Lisp has been around longer than any other active language except for Fortran. To anyone who regularly uses it, it’s easy to see why: the language allows for new syntax and macros to be created fluidly, which makes it easy to adapt it to new situations, like running it on a modern Atmel microcontroller to control the LEDs on this star pendant.

      • The Register UKGoogle’s Dart language soon won’t take null for an answer • The Register

        When the third major release of the Dart programming language debuts in mid-2023, null values will no longer be allowed where they’re not expected.

        Null in this context is an assignment value indicating the absence of a value or referenced object. Null references date back to around 1964 when British computer scientist Tony Hoare introduced the concept in the ALGOL family of languages. He considered them his “billion dollar mistake” for the amount of time and money they’ve cost in error repairs – an issue to this day.

        Dart, an object-oriented, garbage-collected C-like language that once aspired to replace JavaScript, supported sound null safety – a way to prevent errors from accessing variables set to null – as of version 2.12. But it maintained modes for running code without null safety or with partial null safety.

        Dart 3 will no longer entertain those suboptimal possibilities.

      • R

        • Data Science TutorialsHow to Calculate Ratios in R – Data Science Tutorials

          How to Calculate Ratios in R? The following two techniques can be used in R to determine the ratio of values in two columns.

          The following data frame, which displays the total number of shots taken and attempted by different basketball players, is used to demonstrate how each strategy should be used in practice.

        • Linux FoundationSpreading a Passion for R with the Münster Community in Germany – R Consortium

          Dr. Shirin Elsinghorst recently shared her great experience with the R language, motivating her to start the Münster R useR Germany. Shirin shared how R has become a very important part of her life, from her first contact with the language while receiving her Bachelor’s degree, in the workplace, and even as part of her spare time activities. She also emphasizes how significant is the presence of women in the IT world, describing herself as a staunch supporter of the R-Ladies.

        • 30 Day Map Challenge 2022 | Nicola Rennie

          The #30DayMapChallenge is a month-long mapping, cartography, and data visualization challenge aimed at the spatial community. Here are the things I’ve learnt from participating in the challenge for a second time.

        • Data Science TutorialsAutocorrelation and Partial Autocorrelation in Time Series

          The correlation between two values in a time series is known as autocorrelation. In other words, the name comes from the fact that the time series data are self-correlative.

          We use the term “lags” to describe these connections. By measuring a feature at regular intervals, such as daily, monthly, or yearly, analysts collect time-series data.

          The lag is the total number of time gaps between the two observations. For instance, there is a one-observation lag between the current and previous observations.

          The lag increases by one if you go back one more interval, and so on.

          The observations at yt and yt-k are mathematically separated by k time units.

      • Python

        • MedevelLighting: A Low-code and Admin Dashboard for Django

          Lighting is a fairly new project that adds a low-code flavor into your Django project in a matter of minutes. It allows you to generate a comprehensive admin panel for your data models, with minimal configuration.

          It uses Django, React and Ant Design frameworks to create a smooth user experience. However,

          Lighting requires Python 3.6, and Django 2.2.x. However, Django 3.x is not yet supported, but it may be in the near future.

        • University of TorontoPython version upgrades and deprecations

          Recently I read Itamar Turner-Trauring’s It’s time to stop using Python 3.7 (via). On the one hand, this is pragmatic advice, because as the article mentions Python 3.7 is reaching its end of life as of June 2023. On the other hand it gives me feelings, and one of the feelings is that the Python developers are not making upgrades any easier by slowly deprecating various standard library modules. Some of these modules are basically obsolete now, but some are not and have no straightforward replacement, such as the cgi module.

  • Leftovers

    • New York TimesIn a Future Filled With Electric Cars, AM Radio May Be Left Behind

      Carmakers say that electric vehicles generate more electromagnetic interference than gas-powered cars, which can disrupt the reception of AM signals and cause static, noise and a high-frequency hum. (FM signals are more resistant to such interference.)

      “Rather than frustrate customers with inferior reception and noise, the decision was made to leave it off vehicles that feature eDrive technology,” BMW said in a statement, referring to the system that powers its electric vehicles.

    • Nicholas Tietz-SokolskyRC Week 11: Learning is best when multiplayer

      As I come up on the end of my batch at Recurse Center, I’ve been doing some reflecting on my time here. One of the standout themes is how much I’ve learned through struggling with other people. In particular, this learning together has make some difficult topics approachable, where I may have given up or gotten stuck on my own.


      Some of the proofs in chapter 5 were just absolute beasts to get through until we figured out the particular techniques we needed. In particular, we had to remember to always include eqn:E (or similar) for every destruct tactic; it doesn’t hurt (just adds more into the context, which can be overwhelming), but if you don’t do this you sometimes get into a situation where you lack what you need in the context, so the goal is not provable! Getting to this technique required a lot of back and forth between a couple of us.

    • Phil EatonIs it worth writing about?

      You acquire a skill or experience through time and effort, then downplay the impact of writing and sharing the learning process.

      Professionals seem naturally to imagine a high bar for what is worth writing about.

      I think that’s misguided. This article is not criticism of folks with these beliefs, but rather encouragement for folks looking for a reason to write.

      There are (at least) a few concrete reasons to write about what you’ve learned, even when you don’t think it’s novel.


      When I learn a topic I normally go through dozens of posts, papers, videos or books to find a version that clicks. If I can. I prefer to start with blog posts and often there are not blog posts on the subject. Books, videos, and academic papers aren’t often as accessible.

      Even if you’re writing about a popular topic, there’s still a chance your post gets through to someone where other posts do not.

      For programmers there are notorious topics you can avoid if you’d like (“What is a monad”, “Why is lisp interesting”, “Kubernetes sucks”). Or not. I’ve fallen into those traps.

      Additionally, as you gain experience as a programmer (or product manager, or whatever), your perspective and approach becomes both more interesting and more valuable.

    • Xe’s BlogThe cheese grater that saved Christmas – Xe Iaso

      Twilight Sparkle and the cheese grater both try to remind them that there are more important things to focus on, like the importance of mental health and the need to be prepared for any future threats.

      Despite their differences, the group comes together to enjoy the holiday season and celebrate their victory. They exchange gifts, enjoy festive meals, and spend time with their loved ones.

      As the year comes to an end, they reflect on the events of the past year and make plans for the future. They vow to continue to work together and support each other, no matter what challenges they may face.

      Despite their differences, they remain united in their determination to protect Earth and its inhabitants from any threats that may come their way.

    • Science

      • The EconomistJay Pasachoff travelled the world to catch the Moon eclipsing the Sun

        It was the corona, the outermost layer of the Sun’s atmosphere, that most interested him. His love of eclipses was partly because he could study the corona properly while the Sun’s disc was dark, noting its flares, its loops of ionised gas and the plumes from the polar regions. With the data he recorded he could try to discover why the corona, one millionth as bright as the disc, was 300 times hotter. Was that heat generated by thousands of constantly erupting nanoflares? Or was it caused by vibrations in the gas loops, which were held in place by the Sun’s magnetic field? Both were plausible, but there were at least a dozen other theories around.

        The unadventurous wondered why he had to see so many eclipses. (He also studied the much rarer transits across the Sun of Mercury and Venus.) But no two were alike, because the Sun, he explained, was never the same twice. It was like a river, forever changing, not least because it was married to the sunspot cycle. Sceptics also asked why he did not rely on space-based telescopes, with coronagraphs that could block out the Sun’s photosphere. But those either hid too much of the corona, or failed to block the disc entirely; and even with 99% of it obscured, the sky would be 10,000 times brighter than in a total eclipse.

      • HackadayA VM In An AI

        AI knoweth everything, and as each new model breaks upon the world, it attracts a new crowd of experimenters. The new hotness is ChatGPT, and [Jonas Degrave] has turned his attention to it. By asking it to act as a Linux terminal, he discovered that he could gain access to a complete Linux virtual machine within the model’s synthetic imagination.

    • Education

      • ChrisSampling For Managers

        Every year I’m asked to produce a very peculiar number: how many gigabytes of storage my department has reserved at cloud providers. This is apparently useful input into some methodology for estimating the environmental impact of renting cloud resources.

    • Hardware

      • HackadayOld-School Video Switching Levels Up With Modern USB Control

        Video effects and mixing are done digitally today, but it wasn’t always so. When analog ruled the video world, a big switch panel was key to effective results.

      • Linux GizmosFanless Mini-PC supports Legacy and modern operating systems

        The EBOX-58 from ICOP is an industrial Mini-PC equipped with Braswell Series low-power processors from Intel. The device supports up to 8GB DDR3L, SATA 3.0, 1x HDMI port, 2x GbE RJ45 and optional serial interfaces. Additionally, it’s compatible with legacy OS such as DOS, Win7/10/11, QNX, Androidx86 and many more.

      • HackadayRetro Alarm Clock With Nixies Is Thoroughly Modern Inside

        We feature a lot of clocks here at Hackaday, but alarm clocks seem to be less popular for some reason. Maybe that’s because no-one enjoys being woken up in the morning, or simply because everyone uses their smartphone for that purpose already. In any case, we’re delighted to bring you [Manuel Tosone]’s beautiful Nixie tube alarm clock that cleverly combines modern and classic technologies in a single package.

    • Health/Nutrition/Agriculture

      • New York TimesBefore Beer Became Lager, a Microbe Made a Mysterious Journey

        But while brewer’s yeast is common enough, how the lager yeast’s other parent wound up in Bavaria has been harder to trace. It was first spotted in the wild in 2011, when biologists discovered the cold-loving yeast, S. eubayanus, living happily in the forests of Patagonia in South America. Then there were some tantalizing traces found in the Italian Alps, Tibet, western China and North Carolina.

      • Sabine HossenfelderNuclear Waste: What Do We Do With It?
      • Projection, thy name is Joe Mercola (and Aseem Malhotra)

        As I sat down to write this, I realized that this weekend (tomorrow, actually) is my 18th blogiversary. Yes, it will be 18 years ago tomorrow since I first sat down in front of my computer on a gray, cold December Saturday afternoon to write my first ever post for this blog. True, the blog was then on Blogspot—does anyone remember that or still use it?—and I didn’t know what I was doing, but that was the start. So perhaps it’s appropriate that the post I noticed yesterday that I wanted to write about involved a massive case of projection by an old “friend,” über-quack Joe Mercola, doctor who started out selling “natural health” and then became a “pioneer” selling quackery on the Internet in the late 1990s, which led to him becoming fabulously wealthy, to the tune of a net worth upwards of $100 million. Naturally, with the arrival of the pandemic, Mercola pivoted to the even more profitable selling of COVID-19 disinformation. So it’s not surprising that he’d now publish an exercise in projection that combines old antivax tropes with newer COVID-19 disinformation, all with the help of a doctor who’s recently gone from “soft antivax” to totally antivax, Dr. Aseem Malhotra.

      • TruthOutMichigan Judge Drops Flint Water Charges Against Ex-Gov Snyder, Sparking Outrage
    • Proprietary

      • Chris HannahTwitter Blue Will Cost More on an iPhone

        There are quite a few publications sharing information regarding the pricing of Twitter’s Blue subscription, that it will be more expensive from an an iPhone. This is to cover the revenue cut that Apple take from all purchases on the App Store and their in-app payment system.

        This isn’t exactly a solution that everyone can suddenly adopt. However, I think for large companies such as Twitter, it’s a clever decision. That’s as long as there is an alternative method to start a subscription from another device at a lesser price.


        I’m not sure how this will play out. Especially as to some, Twitter isn’t even a place to be for free, let alone pay for it.

      • Help Net SecurityRackspace Hosted Exchange outage was caused by ransomware [Ed: Microsoft Windows TCO]

        “As you know, on Friday, December 2nd, 2022, we became aware of suspicious activity and immediately took proactive measures to isolate the Hosted Exchange environment to contain the incident. We have since determined this suspicious activity was the result of a ransomware incident,” the company stated in the newest released service announcement.

        “Alongside our internal security team, we have engaged a leading cyber defense firm to investigate. Our investigation is still in its early stages, and it is too early to say what, if any, data was affected. If we determine sensitive information was affected, we will notify customers as appropriate.”

        The confirmation came just a few hours after the publication of a press release on the situation, in which Rackspace said the security incident “may result in a loss of revenue for the Hosted Exchange business, which generates approximately $30 million of annual revenue in the Apps & Cross Platform segment,” and that they expect to have “incremental costs associated with its response to the incident.”

        The company did not share details about how the attackers got in and deployed the ransomware.

    • Security

      • Privacy/Surveillance

        • Patrick BreyerChat control: Mass surveillance proposal will let children down

          EU Interior Ministers today discussed the proposal to automatically search all private correspondence for suspected content (so-called „chat control“). They insisted in pursuing an approach of mass surveillance. Member of the European Parliament Patrick Breyer (Pirate Party), negotiator for the Greens/EFA group, comments: [...]

        • India TimesBanks need to upgrade pre-mobile era core banking

          Most of the public sector banks have installed their core banking system more than 15 years ago much before the advent of smart phones. However, many have upgraded their systems during the consolidation exercise which saw ten banks merge into four. The merger of psu banks has also increased their capacity to invest in technology.

        • Pro PublicaHow We Protect Families’ Privacy When Reporting on Vulnerable Kids

          In November, we published a story about three New York City teenagers who struggled to get mental health services that the city’s public schools are legally obligated to provide. We identified one of those teenagers by her full name and the second by his first name only. For the third teenager, we agreed to use just his middle name and — unlike the other two — to refrain from naming a parent at all.

          We followed families’ stated preferences for their children’s privacy. But in doing so, we wrestled with difficult questions about how to best serve readers and the kids we were writing about.

    • Defence/Aggression

    • Transparency/Investigative Reporting

      • The HillAmerican author Michael Shellenberger releases ‘Twitter Files Part 4’

        This latest portion of uncovered information regarding Twitter’s content moderation pre-Musk focused on employees’ reactions to the Jan. 6 attack on the U.S. Capitol, leading up to the ban of former President Trump instituted on Jan. 8, 2021.

        Shellenberger shared screenshots of a conversation on Jan. 7 between former Twitter Head of Trust & Safety Yoel Roth and an anonymous coworker where he asked to blacklist the terms “stopthesteal” and “kraken,” which propped up the conspiracy that Trump won the 2020 election.

    • Environment

      • DeSmog1.5 and 2°C: A Journey Through the Temperature Target That Haunts the World

        Two numbers. One long-term goal. In 2015, nearly 200 countries agreed to “Holding the increase in the global average temperature to well below 2°C above pre-industrial levels and pursuing efforts to limit the temperature increase to 1.5°C above pre-industrial levels, recognizing that this would significantly reduce the risks and impacts of climate change”. It was at COP21, where the Paris Agreement, the most important climate pact to date, was enshrined.

      • ReutersKeystone pipeline shut after 14,000-barrel oil spill in Kansas

        The cause of the leak, which occurred in Kansas about 20 miles (32 km) south of a key junction in Steele City, Nebraska, is unknown. It is the third spill of several thousand barrels of crude on the pipeline since it first opened in 2010.

      • New York TimesOil Spill in Kansas Prompts Shutdown of Keystone Pipeline System

        An estimated 14,000 barrels of oil spilled into a creek in Washington County, Kan., south of the Nebraska border, TC Energy said in a statement on Thursday. Washington County has a population of about 5,500, according to government data.

      • CNNKeystone Pipeline shuts down after oil leak, halting flow of 600,000 barrels a day

        Canada’s TC Energy (TRP) said it launched an emergency shutdown of the Keystone Pipeline System at 9 p.m. ET on Wednesday after alarms were triggered and pressure dropped in the system. The company said the system remains shut as “our crews actively respond and work to contain and recover the oil.”

        Calgary-based TC Energy said there has been a “confirmed release of oil” into a creek located about 20 miles south of Steele City, Nebraska. An estimated 14,000 barrels of oil have been discharged as of late Thursday, the company said.

      • CBCKeystone pipeline ordered shut down after leak of 14,000 barrels of oil

        The amount of oil spilled has been estimated at 14,000 barrels, making it larger than all of the 22 previous spills combined on the Keystone pipeline since it was opened in 2010, according to Zack Pistora, a lobbyist for the Sierra Club in Kansas.

        “This is going to be months, maybe even years before we get the full handle on this disaster and know the extent of the damage and get it all cleaned up,” he said.

      • PBSKeystone oil spill in Kansas is largest in pipeline’s history, federal data shows

        The TC Energy permit included more than 50 special conditions, including on its design, construction and operation, the GAO report said. Bill Caram, executive director of the nonprofit advocacy Pipeline Safety Trust, said Friday that he would have thought that the additional safety measures would have been enough to offset the pipeline’s higher pressure.

        “When we see multiple failures like this of such large size and a relatively short amount of time after that pressure has increased, I think it’s time to question that,” Caram said, noting the 2017 and 2019 spills.

      • Energy

        • Neil SelwynResisting the environmental costs of AI

          The IT industry business model is built on a range of environmentally unsustainable practices – such as the extraction of rare minerals and metals, alongside sucking up massive volumes of water. The scale of this natural resource consumption is staggering – for example, one 2021 study reckoned Google to have used 15.8 billion litres of water, with many observers noting that such IT industry figures are routinely under-reported.

        • NPRAmid rising energy costs, Italian cooks go old-school to save gas

          Russia’s invasion of Ukraine — and decision to throttle natural gas exports to Europe — has sent energy prices and utility bills higher. The rising costs have forced many households to get creative to save money.

          In this Tuscan town, some cooks have rediscovered the energy-saving cooking box, a tool their grandparents used during World War II. An enterprising nonprofit here is producing useful — and stylish — insulating boxes that use less gas than traditional Italian cooking.

        • SalonWhy in the hell did we need cryptocurrency? The collapse of FTX and SBF explained, sort of

          Or, in this modern age, you could use your money to buy a bitcoin, or even multiple bitcoins, or some other form of cryptocurrency, which if you’ve been reading the headlines lately, can turn out to be a little like taking your money and exchanging it for chips at a casino and putting piles of them on every single number or red or black or odd or even betting line at a roulette table and then watching the croupier — wow, there’s a guy in a vest and a bow tie called a croupier, kind of like a fancy teller! — spin the roulette wheel and wait for the little ball to fall into a slot that allows the croupier to take all of your money except for however much of it you put on the number or color or odd or even that won.

        • BitcoinFTX Co-Founder Sam Bankman-Fried Agrees to Testify Before US Congress

          Former FTX CEO Sam Bankman-Fried (SBF) has agreed to testify before the House Committee on Financial Services after the committee’s chair, Congresswoman Maxine Waters, politely tweeted inviting him to testify several times.

        • TruthOutCrypto Industry Ally Joins House GOP Leadership, Nixing Hopes for Reform
      • Wildlife/Nature

        • Common DreamsRed List Calls Out ‘Perfect Storm of Unsustainable Human Activity Decimating Marine Life’

          During the United Nations biodiversity summit in Montreal, an international conversation group on Friday highlighted how humanity is dangerously failing marine life with illegal and unsustainable fishing, pollution from agricultural and industrial runoff, and activities that drive up global temperatures.

          “If we are to secure a new future for the world’s oceans and the essential biodiversity they harbor, we must act now.”

        • Common DreamsOpinion | This Human Rights Day, Stand With the Maasai to End Fortress Conservation

          The Universal Declaration of Human Rights, adopted by the United Nations General Assembly 74 years ago, enshrines a host of fundamental rights for all people. Today, human rights remain under attack from the usual suspects—authoritarian governments and greedy corporations—as well as from the Western conservation industry that garners much international respect.

        • HackadayGaze Upon The Swimming Mechanical Stingray, Made With LEGO

          Stingrays have an elegant, undulating swimming motion that can be hypnotic. [Vimal Patel] re-created this harmony with his fantastic mechanical mechanical stingray using LEGO pieces and a LEGO Technics Power Functions motor. The motor is set in a clever arrangement that drives the motion remotely, so that it and electrical elements can stay dry.

    • Finance

    • AstroTurf/Lobbying/Politics

      • The HillFormer Twitter employees file class-action lawsuit, alleging company targeted women in layoffs

        They also argued that Musk’s comments saying that he wanted to prioritize keeping employees who were in engineering-related roles cannot explain the disparity. They said 63 percent of female employees in these roles were laid off, while only 48 percent of men in these roles were.

      • India TimesTwitter will delete 1.5 billion accounts to free up space: Elon Musk

        Twitter earns nearly 90% of its revenue from selling digital ads. Musk recently attributed a “massive drop in revenue” to civil rights organizations that have pressured brands to pause their Twitter ads.

      • Chris HannahTwitter Blue Will Cost More on an iPhone #

        It’s one thing to offset the commission that Apple take, but I would imagine it also makes the cut that Apple take off all payments, a bit more visible.

      • Common DreamsOpinion | ‘Megalomaniacal, Narcissistic Tyranny’: The Mars of Elon Musk

        Not long after commandeering Twitter in October for a sum of $44bn, Elon Musk—who is also the CEO of SpaceX and the self-branded “Technoking” of Tesla—dispatched an ultimatum to Twitter employees giving them two options. The first was to commit to being “extremely hardcore” and working “long hours at high intensity”. The second was to quit.

      • Common DreamsFollowing Trump’s Lead, Kari Lake Files Suit to Reverse Loss in Arizona Governor’s Race

        This is a developing story… Please check back for possible updates…

        Failed Arizona Republican gubernatorial candidate Kari Lake on Friday followed in the footsteps of her political ally former President Donald Trump by challenging her loss to Democrat Katie Hobbs in state court.

      • VarietyTwitter Sets Relaunch of Twitter Blue With Safeguards to Prevent Blue Check-Mark Imposters

        However, subscribers won’t automatically get the blue check-mark. That will occur only “after your account has been reviewed,” Twitter said in announcing the service relaunch Saturday. In addition, subscribers will be able to change their handle, display name and profile photo, but “if they do they’ll temporarily lose the blue check-mark until their account is reviewed again.”

      • The Economist“I thought I’d been [cracked]. It turned out I’d been fired”: tales of a Twitter engineer

        The following Tuesday I was on a call talking about a new project, end-to-end encryption on direct messages. About 15 minutes into the conversation my video stopped: I’d been signed out of my work email. I tried to log back in, but a message flashed up saying that my password had just been changed. Then my laptop screen turned grey. I wondered if I’d been hacked – I’d received a text message from corporate security during the meeting saying that they needed to speak to me urgently.

        I never found out what they wanted: a few minutes later my boss’s boss called me to tell me I was fired, with immediate effect. As far as I know I was the first Twitter engineer this happened to. Musk has sacked about half the workforce since then. My boss was fired. So was his boss. And his boss’s boss. And their boss.

    • Censorship/Free Speech

      • VOA NewsIran Government Vows to Execute More Protesters

        One day after announcing the execution of an anti-government protester, Iranian state media said Iranian President Ebrahim Raisi and other government officials pledged to continue to crack down on unrest in the country despite widespread condemnation from the West.

    • Freedom of Information / Freedom of the Press

      • Eesti RahvusringhäälingEstonian tabloid press celebrates 100th anniversary

        “Talking about regular journalism, it started with Esmaspäev in 1922, which was a weekly. Oh the sensation of it all. Whether we’re talking about stories about important, let us say princes and princesses, pieces about local movie stars or athletes or articles on crime – everything was used,” scholar of journalism Tiit Hennoste said.

        One innovation Esmaspäev imported were so-called reader games that quickly proved very successful.

      • ScheerpostFormer CIA Director’s Institute Hosts Event on the Assange Case (and Madness Ensues)

        An institution founded by former CIA director Michael V. Hayden hosted a panel on WikiLeaks founder Julian Assange’s case. They billed it as a debate over whether he was a “techno spy” or “modern day journalist” and drew the attention of several Assange supporters. While press freedom advocates and […]

    • Civil Rights/Policing

      • QuilletteThe Philadelphia Experiments

        Dr. Kligman would die in 2010 at the age of 93. His New York Times obituary described his many accomplishments and the critical role he played in bringing a “scientific base to dermatology.” It mentioned his “innovative” and “very charismatic” personality, his coinage of new terms such as “photoaging” and “cosmeceuticals,” and his wildly profitable commercial products, Retin-A and Renova. However, the Times also mentioned my book, Acres of Skin, which illuminated Kligman’s darker side—his use of vulnerable populations for medical research and the many “ethical questions that dogged his career.” In fact, the last 10 years of his life would be, in some respects, a bulwark action in defense of his scientific contributions as he fended off attacks that cast him as a modern day Mengele, who used institutionalized back men as grist for his research mill and personal enrichment.

      • BBCNobel Peace Prize: Russian laureate ‘told to turn down award’

        Yan Rachinsky, who heads Memorial, said he was told not to accept the prize because the two other co-laureates – a Ukrainian human rights organisation and jailed Belarusian rights defender – were deemed “inappropriate”.

        Memorial is one of Russia’s oldest civil rights groups, and was shut down by the government last year.

      • The HillRussian Nobel Peace Prize winner says authorities ordered him to decline award

        The Russian co-winner of the 2022 Nobel Peace Prize said the country’s authorities ordered him to decline the award because his fellow co-winners were a Ukrainian human rights organization and a jailed Belarusian rights defender.

        Yan Rachinsky — who leads one of Russia’s oldest civil rights groups, Memorial — told the BBC in an interview that he was told to turn down the prize because the other winners were deemed “inappropriate,” but he ignored the advice.

      • IndiaRussian Nobel Peace Prize Winner Says Kremlin Ordered Him To Decline Award

        One of the main reasons was his work towards the Memorial which has been the oldest Civil Rights Group and has also documented historical Soviet repression. The group had its first chairman, Arseny Roginsky, who was punished in Soviet labor camps for “anti-communist” study of history. Memorial was founded on the idea that “confronting past crimes is essential in preventing new ones”, said the Nobel committee while announcing Nobel Peace Prize winners.

      • ScheerpostTaking ‘Peace’ Out of the Nobel Peace Prize

        Despite the occasional polite nod to Alfred Nobel, the committee — which will name this year’s award on Saturday — has never made known his vision of peace through global demilitarization, writes Fredrik S. Heffermehl.

      • ScheerpostPeru’s Oligarchy Overthrows President Castillo

        The coup against Pedro Castillo was led by an odious right-wing that refused to accept the people’s aspiration for a progressive project.

      • ScheerpostJudicial Coup in Argentina: Corrupt Judges Conspire With Media Oligarch to Ban Cristina Kirchner From Office

        Leaked messages show Argentina’s corrupt judges and prosecutors conspired with right-wing media oligarchs to launch a judicial coup against left-wing ex President and current VP Cristina Fernández de Kirchner, sentencing her to six years in prison and banning her from running in the 2023 elections.

      • Common DreamsRussian Authorities Told Rights Group to Reject Nobel Peace Prize, Says Leader

        An embattled Russian rights group that received this year’s Nobel Peace Prize was pressured by the Kremlin to decline the honor because of the Ukrainian organization and jailed Belarusian activist who also received the award, BBC News revealed Saturday.

        “Maybe we should take this award not only as an assessment of what we have managed to do in 35 years, but also as a kind of advance on what we aim to do.”

      • CoryDoctorowHow tech changed global labor struggles for better and worse

        The original sin of both tech boosterism and tech criticism is to focus unduly on what a given technology does, without regard to who it does it to and who it does it for. When it comes to technology’s effect on our daily lives, the social arrangements matter much more than the feature-sets.

        This is the premise behind my idea of the “shitty technology adoption curve”: if you want to do something horrible to people with technology, you must first inflict it on people without social power and then work your way slowly up the privilege gradient, smoothing the tech’s rough edges by sanding them against the human bodies of people who can’t fight back.

        Thus we see the rise of all disciplinary technology, especially bossware, which started off monitoring forced prison labor, then blue-collar workers, then pink collar workers (like the largely female, largely Black work-from-home customer service reps who work for Arise)…

      • Common DreamsOpinion | People Power Overcomes Voter Suppression in Georgia Senate Runoff

        “It is my honor to utter the four most powerful words ever spoken in a democracy: The people have spoken,” Senator Raphael Warnock said on Tuesday night before a cheering crowd, after winning the runoff election for the U.S. senate in Georgia. Warnock ran against Republican Herschel Walker, a retired football star. Walker, recruited to run by former president Donald Trump, proved to be a deeply flawed candidate. Nevertheless, the Warnock campaign had to overcome a complex array of voter suppression laws and tactics deployed by Georgia Republicans.

      • Counter PunchHow Alaa Abd El-Fattah Connects Everything
      • TruthOutAs NYT Staffers Strike, Sanders Calls to Empower Workers Battling Media Giants
    • Digital Restrictions (DRM)

      • Terence EdenYou can’t screenshot or right click this image

        I tried to explain to them that DRM always fails; you can’t make data which can’t be copied. I explained that artificial scarcity was harmful. They didn’t care.

        But, their proposed solution was intriguing. And, with their kind permission, I’m posting it here. To be clear, I don’t think this is good but I think it is vaguely interesting.

    • Monopolies

      • New York TimesLina Khan, Aiming to Block Microsoft’s Activision Deal, Faces a Challenge

        The case is shaping up as a test of Ms. Khan’s belief that the F.T.C. must become more aggressive to check the power of corporate giants in the modern economy, including the biggest tech companies. Appointed to lead the agency by President Biden, she has signaled she wants to take more lawsuits to court — instead of settling with companies — to push the boundaries of antitrust law and return to the kind of trustbusting not seen since the last century.

      • Copyrights

        • Torrent FreakU.S. Govt Seizes Domains of Popular Sports Streaming Piracy Sites

          With the FIFA World Cup in full swing, U.S. law enforcement authorities appear to have seized the domain names of several popular sports streaming sites. The targeted sites, which include score808.com, hesgoal.com, freestreams-live1.com, and weakstreams.com, each have millions of monthly visitors.

  • Gemini* and Gopher

    • Personal

      • Death

        Last Friday, my Grandad died. He had been ill for a pretty long time.

        His quality of life hasn’t been great for the past 5 years but it has

        really tanked in the last year. He had a few strokes and heart attacks

        which left him bed ridden. I am glad he is not sufferring any more and

        I am glad for my Grandma. She was making herself ill trying to care

        for him. Since he fell ill again last Tuesday, she has spent all of

        her time with him and moistening his lips. Thankfully she no longer

        has to do that.


        Death can be a terrible thing but it can also be good. It all depends

        on when and how it happens.

    • Technical

      • New Laptop

        So I have bought a new laptop. This is a bit unusual for me as I have

        previously bought second hand as a rule. However, I have been looking

        for a replacement smallish laptop to replace a Thinkpad Helix2. This

        is a convertible affair where the keyboard detaches. I have found it a

        fairly annoying machine physically as it is heavy and tends to suffer

        from wobble. I also find I cannot carry it around without worrying

        about bits flexing. With a recent business trip, I found the keyboard

        part to have started rattling. It appears a speaker has become loose.

        The performance side is pretty good though. The battery has reached a

        point where it is being a pain too. I have started having to carry the

        power cable for meetings.

      • well then, I will just say a little something right here :)

        I was watching a video about setting up a Teleguard BBS in 2021(22?), and found it fascinating. One of the rules a mod/admin would implement, is to require the members of a BBS to post every so often. Like a couple times a week, or something. To keep things interesting, moving along. So, I do this with…everything I participate in (most of the time).

* Gemini (Primer) links can be opened using Gemini software. It’s like the World Wide Web but a lot lighter.

eBuzz Central: Microsoft Still HATES Linux & Open Source

Posted in Free/Libre Software, GNU/Linux, Microsoft at 3:16 am by Dr. Roy Schestowitz

Summary: Earlier this month this video was published. It’s entitled “Microsoft Still HATES Linux & Open Source”.

IRC Proceedings: Saturday, December 10, 2022

Posted in IRC Logs at 2:04 am by Needs Sunlight

Also available via the Gemini protocol at:

Over HTTP:

HTML5 logs

HTML5 logs

#techrights log as HTML5

#boycottnovell log as HTML5

HTML5 logs

HTML5 logs

#boycottnovell-social log as HTML5

#techbytes log as HTML5

text logs

text logs

#techrights log as text

#boycottnovell log as text

text logs

text logs

#boycottnovell-social log as text

#techbytes log as text

Enter the IRC channels now

IPFS Mirrors

CID Description Object type
 QmaoeWiYuTvXkW9Nyc4D9TH3q5q56xAA6MddsCosmoneEw IRC log for #boycottnovell
(full IRC log as HTML)
HTML5 logs
 QmaGyHF97cq4P324pjhYmPwH2MkaxxymVWvs7zC7kvVRw8 IRC log for #boycottnovell
(full IRC log as plain/ASCII text)
text logs
 QmRTEL7o6ZJ9vnfBtysUTDha1JoMx3N6K7Db2VTYjnNRky IRC log for #boycottnovell-social
(full IRC log as HTML)
HTML5 logs
 QmeceDpiigvwYCfCk4h9aia8jfFhq8z1RAGMGG33gcgY6d IRC log for #boycottnovell-social
(full IRC log as plain/ASCII text)
text logs
 Qmbm3GDfnP67CYqur4FUp4eBbPSk2fouS8hAscPXzySXjm IRC log for #techbytes
(full IRC log as HTML)
HTML5 logs
 QmZsQ1nCEtA8EDnYba4U2rPL6JWyVGqqYRK48MpPXmUBL4 IRC log for #techbytes
(full IRC log as plain/ASCII text)
text logs
 QmUoaRVSULHBM2oxy44MEsrFsfLx9fsWMrkbYj5FQ1HiDN IRC log for #techrights
(full IRC log as HTML)
HTML5 logs
 QmeDdrTAGkwvF3qC1DadQ3p6T1rYhKR7T9tAX68VGhNXrs IRC log for #techrights
(full IRC log as plain/ASCII text)
text logs

IPFS logo

Bulletin for Yesterday

Local copy | CID (IPFS): QmRDqLW6m2gg8NR4aFbzPgtLMjZfkcdrwfoBbBrENHTXKj

[Meme] Outsourcing to Spying Firms

Posted in Deception, Google at 12:27 am by Dr. Roy Schestowitz

Every day I wake up: 'Google is your friend'; *Google service is down*; [crying]

Summary: In the name of ‘cost-savings’, Sirius ‘Open Source’ outsourced many of its operations to proprietary software that does not even work properly

Sirius Open Source: Secure Only ‘on Paper’

Posted in Deception, Free/Libre Software at 12:25 am by Dr. Roy Schestowitz

Sirius Open Source pamphlet

Summary: Sirius ‘Open Source’ has adopted shoddy practices that impede audits, undermine security, and subvert proper inspection of the network; outsourcing is not security, and “clown computing” is more like an “acceptable” security breach (giving some shady companies control over your systems and data), but that’s not something today’s Sirius ‘Open Source’ can still grasp (Intel experienced something similar when geeks left)

THE previous part spoke about a lack of real security and today we turn our attention to GAFAM-friendly policies which wrongly assume that VPN or GAFAM mean security. They don’t. VPN, like a firewall, makes false assumptions. And outsourcing assumes that some other companies are in fact security-oriented and respecting of privacy. They’re neither. Sending passwords from one’s local network (already access-restricted on several levels, namely access credentials and IP address) to something like LastPass is beyond insane. But good luck explaining that to people who worship brands instead of technology and find appeal in anything “new” (for no actual reasons other than perceived novelty).

Here is the relevant part of the report sent at the start of this month.

Band-Aid Instead of Robust Policies

Speaking of security breaches, some of the company’s Ubuntu servers are using very old — even way outdated — versions, as noted by the company itself (it’s also controlled by a host in another country, which poses another attack surface issue).

Security isn’t taken seriously enough and VPN is presented as ad hoc Band-Aid. VPN is not the solution, it’s a hallmark or a symptom of neglect at the intranet (internal) level. Firewalling and restrictions, for instance, have unusual exceptions. Since “Google is your friend”, for instance, Google IP addresses are allowed. As if Google never spies or collaborates with spy agencies (or even suffers security breaches). So Sirius VPN does not trust BBC network, but does trust (or whitelists) Google/Alphabet.

The neglect extends outwards, i.e. outside internal infrastructure of Sirius. For instance, in the past some staff transmitted in plain text messages (via E-mails) with passwords to accounts and servers of a very large client that is the target of foreign operations and aggressive spies (political espionage operations of this type are very common with clients such as these).

There are even very recent examples, so there’s no need to go far back; a colleague who is close to management dared suggest — only months ago — that an entire political Web site (including user details, passwords etc.) be migrated by dumping a lot of data into Google Drive, without any encryption either, clearly not comprehending that “Google is your friend” is a laughable fallacy (an understatement; Google is legally obligated, through US Clarifying Lawful Overseas Use of Data Act or CLOUD Act 2018, to give full access to the US government and more).

It wouldn’t be controversial to state that such practices can be off-putting to clients, e.g. when decision makers in Sirius have rather poor grasp or appreciation for privacy and security, let alone critical care by introspection (staff cautioning about this is subjected to gaslighting at best or even outright threats).

If Sirius views itself as a champion of “Alexa” and “OK Google”, then the company should seriously consider a rebrand.

RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channels: Come and chat with us in real time

New to This Site? Here Are Some Introductory Resources




Samba logo

We support

End software patents


GNU project


EFF bloggers

Comcast is Blocktastic? SavetheInternet.com

Recent Posts