LapPi 2.0 is a kit, made up of individual acrylic parts (available in five colors), held together with machine screws. The kit comes with everything you need to assemble LapPi, including a Raspberry Pi 4 if you pay for a higher pledge. You can also pay a little more for a pre-built model, ready for your next project.
LapPi 2.0 dimensions are 270 x 190 x 75mm, which makes for a compact, yet chunky laptop.
In the lid we have a 7 inch IPS display, with a resolution of 1024 x 600 and connected to the Pi via HDMI. The screen has five-point touch and has audio output which is used with the two speakers flanking the screen. Just under the screen is the official Raspberry Pi camera, specifically the Pi NOIR camera which uses a Sony IMX219 8 megapixel camera. Not the official Raspberry Pi HQ camera, but it can record video at 1080p30 or 720p60. We should note that the camera does not feature a microphone.
In the base we have our Raspberry Pi 4, placed in the back right. This provides access to the USB and Ethernet ports and routes HDMI, powers and micro SD card access to inside the case. LapPi 2.0 is compatible with all Raspberry Pi boards, all we need are the adapters to convert HDMI / power for our chosen model. In theory it would also make it compatible with other single board computers, such as the Khadas VIM 4 and Edge 2 Pro.
SB Components just launched a user-friendly DIY modular laptop on Kickstarter. The LapPi 2.0 is being offered with the Raspberry Pi 4 board, but the company mentioned that the product should be compatible with other SBCs i.e., RockPi, Asus Tinker, etc.
Developer tooling and multi-tenancy specialist solutions for Kubernetes company Loft Labs has donated the open source project DevSpace to the Cloud Native Computing Foundation (CNCF).
The CNCF Sandbox will provide a neutral home for the project to receive external contributions from the cloud-native community and to benefit from vendor-independent governance.
Last month I had the opportunity to talk at the EMEA Oracle Data Infrastructure Forum.
More were the compelling topics I could have discussed about but the most demanding one was for Oracle Cloud Native Environment.
After the announcement of the new Oracle Cloud Native Environment 1.5.7 release, in this quick and coincise recording I share all the advatanges of an open-source solution, like Oracle Cloud Native Environment, mostly while the support for the same is included in the same Oracle Linux Premier Support subscription.
The good news in this major update is that the progress bar has been improved and the application is now faster and eats less RAM when archiving or decompressing files. For example, the devs say that PeaZip is now about 10 percent faster and uses up to 10 percent less memory when opening archives with more than 250.000 items. Also, PeaZip is now about three times faster when adding files to archives.
The graphical user interface now better adapts the number of displayed items on the width of the app’s window to improve usability, features the ability to show the main functions like add or extract on the right side of the address bar when the Tool Bar is hidden, and lets you set “Sort dirs before files” from Main Menu > Organize.
Dragonfly Navigator is a general-purpose file manager written in Python and Qt. It's easy to install, easy to use, and a great example of what Python can do.
Python is a popular language for several reasons, but I think one of its primary strengths is that it's equally useful to beginner-level programmers and to experienced coders. There's something exciting about a language you can take from drawing basic geometric shapes to scraping the web to programming a zombie apocalypse video game, or writing desktop applications you can use every day. And that's what Dragonfly Navigator is: a desktop utility that everyone can use.
Every so often, I find myself needing to calculate complementary colors. For example, I might be making a line graph in a web app or bar graphs for a report. When this happens, I want to use complementary colors to have the maximum "visual difference" between the lines or bars.
Online calculators can be useful in calculating two or maybe three complementary colors, but sometimes I need a lot more–for instance, maybe 10 or 15.
Many online resources explain how to do this and offer formulas, but I think it's high time for a Groovy color calculator. So please follow along. First, you might need to install Java and Groovy.
Dmenu is hard to describe. It's often called a 'dynamic menu'; at a technical level it's a pop up text entry widget with autocompletion (with what it autocompletes taken from standard input) that prints your entered (or autocompleted) text to standard output. I've been using dmenu for quite a while and as part of that I've built an elaborate setup around it. One of the things my dmenu does is run commands, and part of my setup is that I invoke commands with a custom $PATH with a collection of directories that are only used for dmenu.
SSH keys use asymmetric cryptographic algorithms that generate a pair of separate keys (a key pair). A private and a public key.
We are using the command ssh-keygen to generate our secure key pair. There are 3 common algorithms to choose from.
We are going to create a private and public key with the name nameofthekey in the current directory. You should choose a expressive name tho. It makes it easier to manage especially if you work with multiple keys.
Scott Kelby shared this super easy tip on Lightroom Killer Tips that you can use to start shooting RAW on your iPhone: [...]
You don’t need a brand new iPhone 14 Pro to shoot in Raw – as long as you have an iPhone made in the last eight years (at least an iPhone 6s, 6s Plus, or SE, all of which came out in 2014), or newer, you can use Lightroom’s awesome built-in camera to shoot in RAW mode (It was IOS 10 that let 3rd party apps like Lightroom on your iPhone shoot in Raw, even though Apple’s own Camera app didn’t include that option). Here’s how to turn it on: [...]
Unlike conventional databases such as MySQL / MariaDB, SQLite is small self contained database that can be installed and manipulated locally.
To get started with SQLite we first need to install the SQLite Browser in your Debian based Linux distribution.
In this tutorial, we are going to show you how to protect SSH with Fail2ban on Ubuntu 22.04
SSH stands for Secure Shell Protocol and is a cryptographic network protocol for operating network services securely over an unsecured network. Fail2ban is an intrusion prevention software framework. Fail2ban is written in Python and is used to prevent brute-force attacks. In the next paragraphs, we are going to install Fail2ban and will provide you with commands for managing the fail2ban service. Then we will proceed with the fail2ban configuration for SSH protection.
Installing Fail2ban and protecting SSH is a straightforward process and may take up to 15 minutes. Let’s get started!
In this tutorial, we will show you how to install RethinkDB on Ubuntu 22.04 LTS. For those of you who didn’t know, RethinkDB is a free and open-source database management system (DBMS) that is designed to be easy to use and scalable. It is based on a distributed architecture, which means that it can scale horizontally across multiple machines, making it well-suited for applications that require high performance and the ability to handle large amounts of data. RethinkDB has very minimal response times and updates. In addition, it has a beautiful and user-friendly web interface that allows you to manage databases over the web.
This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of the RethinkDB No-SQL database management system on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.
Are you looking to create a wordpress website from scratch? Do you want to start blogging & need to host a wordpress website for that but don’t know how to? Worry not. In this tutorial, we will learn the step by step process to create a WordPress website from scratch.
But one can ask why should you create your website on WordPress? There are plenty of other hosting methods to use, so why use WordPress?
I'm always on the lookout for old Windows software, so a few months ago I looked on Ebay to see if I could find any old boxed versions of Adobe Photoshop.
There's always plenty for Mac, but when it comes to Windows versions of Photoshop they are actually quite rare. To my surprise someone was selling a boxed version of Adobe Photoshop CS2 for Windows, so I purchased this immediately for only €£28.00 including delivery. This software was released way back in 2005, and would have cost you or the company you work for $599 approx, that's about €£480 GBP, I think I got myself a good bargain.
I’ve become increasingly infatuated with old video games. Lord knows I still play lots of new stuff, but more and more, the loudest parts of modern gaming – the live services explicitly designed to monopolize your attention, the market-tested blockbusters devoid of any edge, the constant stream of power fantasies – bore me. Being old doesn’t make a game good, but when I go back to my favorite retro games, I find a focus and honesty in their design that I don’t see in many of the more acclaimed games of today.
I took to collecting old games and consoles a couple of years ago – in just one of the many ways the pandemic broke my brain – but actually enjoying those on a modern TV is notoriously annoying. And while I could always emulate the classics on my phone or PC, I liked the idea of keeping my retro library on a distinct machine, something I could fire up when I’m in the mood but just as easily walk away from when I’m not.
We're about to see a whole lot more people gaming on Linux, with a shiny Steam Deck arriving at the door of many people across Asia.€ ICYMI:€ Valve hit a home run with the first year of Steam Deck.
Just a little update for you here, that during the GOG Winter Sale they're now giving away a free copy of King of Seas. At time of writing there's about 50 hours left on the giveaway, so you still have a fair bit of time to go and claim it.
Long-time Slashdot reader slack_justyb brings news from the world of Linux desktop environments...
Yet another year is coming to an end and we’re taking a look back at how we advocated for FreeBSD over the past year. 2022 started with a bit of uncertainty, but thankfully has ended with a bit of a return to “normal” whatever that means. Through it all, the Foundation staff continued to work together to expand the ways to spread the word about FreeBSD. Take a look at what we’ve been doing for the past year.
When sending out an article, blog post, or newsletter, we at the Foundation, always have a second (or third or fourth) pair of eyes to review it. Is the messaging working as intended? Does the structure make sense? Are we getting the point across? Software development work is no different. More often than not, other developers will come in and review and update work previously done by someone else. That second pair of eyes is invaluable. It allows for a different perspective and many times gets those pesky problems solved more quickly. The FreeBSD Foundation often funds work in this very vein. We fund developers to take software that is running into issues and update it. Case in point, earlier this year, we funded work to update the FreeBSD Kernel WireGuard Port.
WireGuard’s simplicity makes it an elegant VPN solution. This general-purpose VPN tunnel is fast and lean, and provides a good alternative to existing tools like IPsec and OpenVPN. An updated version for FreeBSD ships out-of-the-box in the next release, thanks to the Foundation’s support.
“The main advantage of WireGuard over other existing solutions, like IPsec, or something like OpenVPN, is that WireGuard is rather simple to configure and use, especially for the simple point-to-point kind of single client setups. It’s very simple to get started,” says John Baldwin, a long-time project contributor and paid consultant. The FreeBSD Foundation contracted him to complete the integration of the updated driver for FreeBSD.
While I slowly work on the layout, here’s something that can’t wait: ChiBUG meets tomorrow at the usual place, 6 PM. Go, if you are anywhere near Chicago.
 Two months after the last release, SystemRescue (formerly known as SystemRescueCd) Linux system rescue toolkit has been updated today to version 9.06, a release that adds new options to the boot menu, updated components, and new tools.
SystemRescue 9.06 is here with the latest and greatest Xfce 4.18 desktop environment. We could say that this is the first ISO release of a GNU/Linux distribution that ships with Xfce 4.18, but SystemRescue is not a full-fledged desktop system as it’s designed mainly as a bootable medium for administrating or repairing your system.
Things have improved a little, since writing PART 1 of my experience. Instead of a patched bflb-mcu-tool to flash, it is now possible to use a modified picoprobe with the Dev Cube flashing tool.
I am a huge fan of finding creative ways of using the serial port on older computers to get them On-Line — and otherwise extend their functionality.
One of my favorite such approaches is using a single board computer to emulate an old-school, analog modem… bridged to a WiFi connection. This allows an old computer — even ones which never had a networking stack — to use any plain old telecom software (the kind you might use to dial up a BBS in the 1980s) to connect to a Telnet or SSH server.
As I mentioned last time, the Steampipe dashboard for Mastodon has evolved in unexpected ways. I imagined that the components — a plugin that maps Mastodon APIs to Postgres foreign tables, and a suite of views that query the APIs — would combine to enable a broad overview of activity in the Fediverse. That didn’t pan out for two reasons.
France/US-headquartered AI biotech company Owkin is open sourcing the Artificial Intelligence (AI) software behind Melloddy and Substra.
Big fans of ‘open science’, Owkin hopes to help universities, hospitals and pharmaceutical companies to benefit from its privacy-preserving, secure and collaborative AI technologies.
Owkin is open sourcing Substra, its Federated Learning (FL) software, to allow researchers and developers to collaboratively train ML models without the data leaving its source.
The team has set its sights on overcoming data privacy and security barriers.
The move will enable users to use an AI technology that has already proven its ability to improve the performance of ML models.
Closing duplicates seems like a good idea: having a single, canonical, question on a given topic with a single, canonical, answer seems like a good thing. It’s not.
The reason it’s not is that it makes two false assumptions:
that a given question has a single best answer;
that this answer does not change over time.
Neither of these assumptions is true for a large number of interesting questions.
Of course, we know why. Incentives in academia are irremediably broken, so we're stuck with old practices, bad formats, a lack of funds for projects that would make everyone's life better, and a structural impossibility to do much about it. My friend a3nm lays out all of these root causes much better than I possibly could, and this LaTeX-to-HTML story is a good illustration. Imagine that we lived in a world where it was trivial to make beautiful web pages out of scientific papers. Wouldn't that encourage more researchers to share their work more widely? Wouldn't that create whole new categories of readership, given that most people consume content on their phone? If HTML was the default format for research, would more people realize how ridiculous it is that paywalled research papers are still a thing in 2021?
Open access is the principle that the output of academic research, in particular research papers, should be made available to everyone at no cost on the Web. This principle is intuitively reasonable but not yet widespread. This page describes briefly the issue of open access, presents my perspective on it, and outlines the steps I have been taking to push academia towards open access.
In summary: I try to avoid submitting to closed-access conferences and journals, I refuse to review for such venues, and I put the definitive version of my papers online: you can jump to the specific commitments if you don't care about the motivation. If you wish to take specific commitments yourself, you can sign the pledge No free view? No review!.
My friend Zyni pointed out that someone has been getting really impressively confused and cross on reddit about empty lists, booleans and so on in Common Lisp, which led us to a discussion about what the differences between CL and Scheme really are here. Here’s a summary which we think is correct.
The basic bootstrapping procedure is as follows:
Take k repeated replacement samples from a given dataset.
Calculate the statistic of interest for each sample.
These yields k different estimates for a given statistic, which you can then use to calculate the statistic’s standard error and create a confidence interval.
We can perform bootstrapping in R by calling the following boot library functions: [...]
Earlier this year, Posit (formerly RStudio) released Quarto. Quarto is an open-source scientific and technical publishing system that allows you to weave together narrative text and code to produce high-quality outputs including reports, presentations, websites, and more.
One of the main features of Quarto is that it isn’t just built for R. It’s language-agnostic. It can render documents that contain code written in R, Python, Julia, or Observable. That makes it incredibly useful if you work in multilingual teams, or collaborate with people who write in a different programming language from you. But what if you don’t use any other programming languages? What benefits does Quarto bring to people who only use R?
In this post we first review the concept of semi-parametric copula and the accompanying estimation procedure of pseudo-likelihood estimation (PLE). We then generalize the estimation problem to the setting where the copula signal is hidden in a semi- or non-parametric regression model. Under this setting we have to base the PLE on the residuals. The particular challenge of the diverging score function is handled via the technique of the weighted residual empirical processes.
This week, we’ve been reminding ourselves of some of the amazing talks from the Shiny in Production conference in October. The recordings are now up on our YouTube channel, for anyone to view!
There are fancy ways to extract colours from images but sometimes it’s easier if you could simply click on the image and choose the colours you want.
With eyedroppeR you can click on an image to return the hex codes of the selected pixels all within R.
IoT events are changing to accommodate users worldwide by having both in-person and virtual options in 2023. Learn more about this year's top 12 conferences.
If you need to remove double whitespaces from a string of text using PHP, we can use the preg_replace function.
Every year, ISO, IEC, and ITU collaboratively develop campaign elements to empower the global community. It was in 1946 that the world felt the need to bring standardisation for the first time. Therefore in the presence of known delegates and experts from around 25 nations in London, on 14 October 1946, World Standards Day was first created. These delegates decided to design a global organisation for facilitating standardisation. Therefore a year later in 1947, the International Organisation for Standardisation was created with 67 technical committees. However, it was in 1970 that World Standards Day was first celebrated by the then President of IES Faruk Sunter, who wished to facilitate standardisation in the industrial sectors.
We’ve looked at the TinySA spectrum analyzer in the past. However, the recent Ultra edition offers an increase in range from 800 MHz to 6 GHz. How does it work? [IMSAI Guy] tells us in a recent video that you can watch below. In addition to an increased frequency range, the new device offers a larger display and enhancements to the signal generator and bandpass filtering. It also has an optional LNA. All this, of course, is at a price since the Ultra sells at a little more than twice the original unit’s price. Still, $120 or so for a 6 GHz spectrum analyzer isn’t bad.
No, he's not dead, and yes, he'll still be broadcasting, just not on terrestrial AM radio. But this is the last weekend of the Tech Guy Show on AM radio (the next couple weekends are reruns), something of an institution here in greater Los Angeles where he's been a Saturday morning fixture since 2004 on KFI, the 50,000-watt talk radio blowtorch of southern California (syndicated on Premiere Radio Networks from the iHeartMedia evil empire). After 1,954 episodes, the toll-free call-in number 1-88-88-ASK-LEO will be retired and it'll be back to podcasts.
Flaherty came up with the idea of indexing Web pages, a concept that made AltaVista one of the most popular Internet search tools in the mid-1990s.
He was a research engineer at Digital Equipment Corp. in Palo Alto when he teamed up with two other staff researchers in 1995 to develop AltaVista’s technology.
As the authors put it in the study, "Our results reveal that primarily stylistic and self-disclosure features predicted higher text originality scores. It seems that profiles that were perceived as more original were more likely to contain fixed and novel metaphors (stylistic features), and more and concrete self-disclosures (self-disclosure features). Finally, profiles deemed original were less likely to be (fully) written from a self-perspective (perspective-taking feature)."
Every year, Bob sends Chris Hedges and Mr. Fish into the blistering cold of the New Jersey woods to chop down a tree for the annual ScheerPost Christmas party. Please donate to ScheerPost so we can start buying a tree instead—and so you can get a book.
The competition for positions and grants has lead academia to focus on papers and citations as the primary indicators of success. This is influencing how research is conducted and presented, and makes it hard to complement traditional publishing with new ways to share knowledge.
An Oakland Circuit Court judge ruled teachers’ classroom materials are not public records
It's tragic how the modern PC has put us into this situation, where we no longer have control or even visibility into the working of core, privileged components of our computers---components running software that could potentially be malicious. By the modern PC I do, of course, mean the IBM PC of 1981.
I don't want to belabor this post with much background, but if you are quite new to the world of computer history I will briefly state one of the field's best-known facts: for reasons that are ultimately more chance than logic, the original IBM PC established many de facto standards that are still used in computers today. "PC compatibles," in the 1980s meaning computers that could run software targeted originally at the IBM PC, had to duplicate its architecture rather exactly. The majority of modern computers, with Apple products as a partial exception, are directly descended from these PC compatibles and are thus strongly influenced by them.
An experimental composer, Mr. Deutsch collaborated with Robert Moog to create the first synthesizer to make a significant impact on popular music, launching a revolution in electronic music.
Countless companies made and sold these UNIX workstation. SGI was a big player in this market, with their fancy, colourful machines with MIPS processors running IRIX. There was also Sun Microsystems (and Oracle in the tail end), selling ever more powerful UltraSPARC workstations running Solaris. Industry legend DEC sold Alpha machines running Digital UNIX (later renamed to Tru64 UNIX when DEC was acquired by Compaq in 1998). IBM of course also sold UNIX workstations, powered by their PowerPC architecture and AIX operating system.
When the British budget electronics brand Amstrad released their first budget VHS camcorder in the mid 1980s, they advertised it as making a filmmaker out of everyone. Now everyone truly is a filmmaker of sorts with their always-handy mobile phones, even though possessing a camera does not give you the talent of Steven Spielberg.
The 1996 release of the first Palm Pilot was, in the minds of many, the first truly successful launch of a PDA (Personal Digital Assistant). But the seeds of the Palm Pilot were planted several years earlier.
In fact the company behind the Palm Pilot, “Palm Computing Inc.”, was founded back in 1992 for the sole purpose of creating software for another just released PDA… the Tandy Zoomer.
The BBC Micro:bit, while not quite as popular in our community as other microcontroller development boards, has a few quirks that can make it a much more interesting piece of hardware to build a project around than an Arduino. [Turi] took note of these unique features and decided that it was the perfect platform to build a synthesizer on.
I thought about trying to fill it in and sand it down - but I don't have the skills for that. But I can rebuild him - I have the technology.
I wanted something with blinkenlights - to match the original 1970s æsthetic. And something a little playful. So I dug out my old micro:bit!
One of the greatest things about this place is how y’all constantly feed off of each other. And while this isn’t exactly an example of that, it’s pretty darn close — we feature a square guitar build one day, and get a tip about another way different and perhaps more functional one the next.
A binaural recording is designed to mimic as closely as possible the experience of listening through human ears, and thus binaural microphones are often shaped like the human head with the microphone cartridges placed where the ears would be. That’s not the only way to make a binaural microphone though, and the Crown Stereo Ambient Sampling System, or SASS, did the same thing with a pair of pressure zone microphones for outdoor recordings. [Filip Mulier] doesn’t have one of the originals, but he’s done his best to make a SASS-like microphone of his own.
Researchers from Duke University used a web-scraping application to download and compile the top 100 most viewed videos tagged #IUD on TikTok. They found that nearly 38% had a negative tone compared to just 19% with a positive tone. Just under 28% mentioned distrust of health care professionals, while around 24% contained “moderately or highly inaccurate scientific claims,” according to the researchers.
But its widespread usage across the U.S. is alarming government officials. In November, FBI Director Christopher Wray raised eyebrows after he told lawmakers that the app could be used to control users' devices.
Citing national security concerns, governors from a handful of states are prohibiting state employees from using the app on government-issued devices.
The authors also showed that tree cover within cities has declined worldwide since 2000, particularly in Central Africa and South-East Asia. "This finding suggests that the possibility for the urban population to access green spaces is reducing as well," concludes Dr Gladys Barragan-Jason, a researcher at the Theoretical and Experimental Ecology Station and co-author of the study. "Indeed, the study reveals that the destruction of natural areas combined with a strong increase in urban population is leading to a growing spatial distance between humans and nature, especially in Asia, Africa and South America."
And that has real health benefits. A 2009 study found that participants had better immune function after a three-day, two-night trip to a forest than they did on normal working days – and that the immune boost lasted for more than 30 days after their trip. A small 2011 study found spending a couple of hours forest bathing led to a reduction in blood pressure.
A 2019 paper found that forest bathing can reduce levels of the stress hormone cortisol. Another 2019 study found that spending 120 minutes per week in nature was positively associated with better health and well-being, and that was true whether participants spent that time all at once, or broke it up across multiple days.
These benefits aren’t necessarily tied to weather; in fact, Timko Olsen says the benefits of forest bathing might be even more noticeable during the cooler months.
In August, we traveled to Brazil to learn how to improve Tails for the many people fighting for social change there. We trained 34 people on Tails: activists, journalists, feminists, and human rights defenders.
Expecting parents want to do the right thing. When the doctor suggests a prenatal screening test, many say yes. Learning more about the baby-to-be seems like it has no downside.
But they often don’t realize these popular tests aren’t regulated by the U.S. Food and Drug Administration. This means that no federal agency makes sure that marketing claims are backed up by evidence before the tests reach patients. Even many health care providers find it hard to understand their nuances.
In a conversation with public housing residents in the Bronx, one person remarked, "We are powerless in this system of public housing. Choices are made for us without including us in the decision-making process. New York City housing acts like we don't matter just because we are residents of public housing."
A massive cyberattack had compromised the health data of millions of patients, from those who live in extreme poverty to high-profile politicians, bureaucrats and judges.
The Delhi Police had a bigger problem at hand. They were in possession of an email that read, "What happened? Your files are encrypted? What is the price to repair? The price depends on how fast you can pay to us," reported news sources.
Apple's macOS, being a full UNIX system, has full support for PKI built-in. It uses OpenSSH - which is part of the OpenBSD project. Setting up your own PKI key pair is fairly easy in macOS. Once your keys are installed on your Mac, you'll rarely need to access them directly - they will mostly be used by applications in the background silently.
In macOS, SSH keys live in each user's folder, in a hidden folder called .ssh. This folder is normally hidden (for security reasons) unless you show invisible files in the Finder. If you haven't yet generated your PKI keys, this folder probably won't exist - it gets created by the system when you generate the keys.
There are two easy ways to generate a PKI key pair in macOS. Either the Terminal, or a third-party keychain app such as GPGTools can be used.
Amazon Web Services Inc., Microsoft Corp., Meta Platforms Inc. and GPS navigator maker TomTom NV today launched a new industry group focused on making map data more accessible.
The newly launched Overture Maps Foundation will operate as part of the Linux Foundation. Notably absent is Google LLC, perhaps an indication that other players view the search giant’s Maps service as a dominant force that needs to be reckoned with.
If the industry wants to thwart software supply chain attacks and prevent another Log4Shell, the way forward is to pay open source maintainers, Tidelift GC Luis Villa says.
In the last Patch Tuesday of 2022, we got patches for 74 vulnerabilities. Of these, 7 are critical, 1 was previously disclosed, and 1 is already being exploited, according to Microsoft.
The exploited vulnerability is a Windows SmartScreen Security Feature Bypass Vulnerability (CVE-2022-44698). When you download a file from the internet, Windows adds the zone identifier or Mark of the Web as an NTFS stream to the file. So, when you run the file, Windows SmartScreen checks if there is a zone identifier Alternate Data Stream (ADS) attached to the file. If the ADS indicates ZoneId=3 which means that the file was downloaded from the internet, the SmartScreen does a reputation check. Exploiting this vulnerability, an attacker can craft a malicious file that would evade Mark of the Web (MOTW) defenses. The CVSS for this vulnerability is 5.4.
The decision, which was conveyed to contractor Per Aarsleff on Tuesday night, has resulted in hundreds of people losing their jobs with immediate effect.
“It came out of the blue. We’ve laid the foundation, sewage, cables, buildings for workers, cantine and a parking area for 1,000 cars,” Søren Lange, a project manager for subcontractor PM Group, told TV2 Fyn.
At the Federal Press Conference, the Minister of the Interior, Nancy Faeser (SPD), spoke of wanting to ââ¬Å¾get closer“ to this so-called chat control. However, the two FDP-led ministries of justice and digital affairs reject this as a ââ¬Å¾red line“. Operators of email services and messengers are to be excluded from the regulation and “ client-side scanning“ is to be deleted.
In 2015, I went back to Tails because I was working on feminist security. I started teaching other women how to use Tails, women who work with reproductive rights. For these workshops, I developed the idea of mixing Linux with jewelry to create patuás, a type of Brazilian protection amulets.
By saying patuá instead of Tails, these woman could understand much better what is Tails and what it can do for them. Let's build an amulet, a patuá, to protect you, your community, and your organization.
Tails is useful for them not only to work on reproductive rights but also for their personal data. These women didn't have computers of their own and used the computers at work or in school or the computers of their husbands and boyfriends.
When they started learning about Tails and the importance of privacy, it was very transforming because their boyfriends had a very bad influence on them. Their boyfriends treated them like they were not smart and wouldn't be able to work with a technology like Tails.
But I taught them how to install Tails, create a passphrase, and also share Tails with other people by doing a copy of their amulet.
When digital security tools are too complicated to use, people make mistakes that compromise their security or simply give up and fall back on more dangerous practices.
Because journalists and whistleblowers use Tails to expose abuse of power and activists use Tails to defend human rights and our planet, the more people use Tails, the better we are all protected.
In 2022, we focused on making it easier to install Tails and improving many existing features, instead of adding new features. Here are some highlights.
Wyden said that some of the consumers may have been told that their information was not going to be shared with third parties.
“Neustar did not take sufficient steps to warn consumers that it no longer intended to honor these promises, and as such, appears to have engaged in business practices substantially similar to those that the FTC has previously argued violated the FTC Act,” he said.
We write a lot of reports at Bishop Fox (it’s what happens when you hack all the things). This frequently results in needing to redact certain text. We have a long-standing policy that when you redact text, the only way to do it securely is to use black bars. Sometimes, people like to be clever and try some other redaction techniques like blurring, swirling, or pixelation. But this is a mistake.
The CA industry has largely settled on a model of charging money based on the degree of verification performed. The cheapest kind of certificate is a “Domain Validation” (DV) certificate, free in the case of Let's Encrypt. (While there are more expensive certificates such as “Extended Validation” (EV), these are basically pointless because even if you go through the process of paying a lot more money for an EV certificate, browsers will still accept a DV certificate, so a MitM attacker still only needs to successfully obtain a DV certificate to pull off a MitM attack successfully.)
Another transformation was in external policy—from a militarised, expansionist Eurasian realm into a compact state that enforced internal cohesion but mostly eschewed foreign adventures. At least, until the past decade or so, in which President Recep Tayyip Erdogan has turned Ottoman nostalgia into a style of governance and a stimulus to military braggadocio.
The men, the prosecution said, ultimately were seeking to inspire a U.S. civil war known as the boogaloo, and even though their plans were thwarted by law enforcement, they succeeded in intimidating officeholders, potential candidates and residents.
Lieutenant Colonel Mikhail Fotin, the military commissar for the cities of Dmitrov, Taldom, and Dubna, in the Moscow region, announced that in 2023 Russia plans to increase the term of mandatory military service to two years.
The presidential administration has ordered state-owned companies and the heads of regional administrations to prepare an agenda of positive news stories and events in which Vladimir Putin can take part, sources close to the Kremlin and company spokespeople told The Moscow Times.
In the case of journalist Anton Krasovsky, who called for Ukrainian children to be “drowned” and “burned,” the Investigative Committee found no corpus delicti, meaning that they could not prove the crime Krasovsky was accused of had occurred.
In Kriyvy Rih, Ukraine, in the early morning hours of December 17, rescue workers pulled the body of a one-and-a-half-year-old boy from the rubble of a residential building destroyed by a Russian missile strike. Valentyn Reznichenko, Governor of the Dnipropetrovsk region, reported the death.
Two years after launching an investigation of war crimes in Palestine, the ICC is still dragging its feet.
After years of backing a disastrous, Saudi-led military intervention in Yemen, the United States is shifting its approach to the war, supporting a UN-brokered truce that has resulted in the most significant reduction of violence since the war began.
A pair of progressive advocacy groups launched a petition on Friday to pressure the U.S. House of Representatives not to seat returning members who supported the January 6, 2021 attack on the Capitol.
The petition, led by Free Speech for People and MoveOn, takes aim at three Republican members of Congress in particular, citing the section of the 14th Amendment that bars from federal office anyone who has taken an oath to support the Constitution then "engaged in insurrection or rebellion."
The organization Sakhalin Environmental Watch announced that it will close. The announcement came the day after the Russian Justice Ministry included the organization on its list of “foreign agents.”€
Operators were alerted to an issue with the pipeline on Dec. 7. As of Friday morning, TC Energy says, 4,125 barrels of oil from the creek have been recovered of the estimated 14,000 barrels (about 588,000 gallons) reportedly lost in the spill.
Aerial footage of the leak from Nebraska Public Media shows the leak has affected a nearby pasture and residents' farmland.
The bankruptcy of FTX and the arrest of its founder and former CEO are raising new questions about the role celebrity athletes such as Tom Brady, Steph Curry, Naomi Osaka and others played in lending legitimacy to the largely unregulated landscape of [cryptocurrency], while also reframing the conversation about just how costly blind loyalty to favorite players or teams can be for the average fan.
As FTX grew, Mr. Salame began building his profile in Washington as a big Republican donor. During the midterm elections, Mr. Salame gave $24 million, primarily to Republican candidates and committees, while Mr. Bankman-Fried gave about $40 million, primarily to Democrats. Together, they formed a bipartisan megadonor tag team, with fund-raisers on both sides of the aisle clamoring for access to a stream of donations that many expected to last decades.
The contributions were part of an effort by FTX executives to win supporters in both political parties as they sought to shape U.S. regulation around the cryptocurrency industry.
FTX account holders, in addition to those who bought now-worthless [cryptocurrency] from other issuers that filed for bankruptcy, are likely to recoup pennies on the dollar on their investments. FTX’s new chief executive John J. Ray III told a House committee Dec.ââ¬Â¯13, “We’re not going to be able to recover all the losses here.” They sit in line behind a host of creditors with higher priority. Now, new scrutiny is on the A-listers to whom FTX turned to launder its reputation. While they might not have knowingly committed fraud, they could be on the hook for promoting unregistered securities. “The people who have the most liability happen to be billionaires,” says Adam Moskowitz, who is representing FTX and Voyager customers in proposed class actions against the [cryptocurrency] exchange firms.
Vela Bikes, an E-bike maker started in Brazil 12 years ago that expanded into the U.S. during the COVID-19 E-bike boom, heard the industry buzz about Detroit and, after some due diligence, decided to move manufacturing and assembling of its bikes from China to Detroit — a process currently underway.
It should be obvious to pretty much everyone at this point that anything crypto is an old-fashioned grift, a scam, a Ponzi scheme. Those who got in on the ground floor of crypto-currencies and NFTs and the like—and then left when the going was good—have made out like bandits. The rest of us are left holding the bill.
Time is of the essence in almost every emergency situation, especially when it comes to wildfires. A wind-driven fire can roar across a fuel-rich landscape like a freight train, except one that can turn on a dime or jump a mile-wide gap in a matter of seconds. Usually, the only realistic defense against fires like these is to get the hell out of their way as soon as possible and make room for the professionals to do what they can to stop the flames.
In a public consultation on how it should fix its network, the company said: “As our climate changes, we’ll likely see more severe and frequent droughts.
“In severe droughts, water restrictions could see us rationing water for everyday activities or turning off supplies for certain periods during the day. Restrictions like this could last for several weeks.”
The water industry has been engulfed in a scandal over companies’ failure to invest its often Victorian infrastructure since privatisation three decades ago.
Some conflicts we can see—and understand—rather easily. Their raw rhetoric will typically help us identify the opposing players and what they’re fighting over.
Congressional Republicans happily teamed up with Democrats this month to authorize $858 billion in military spending for the next fiscal year, but the GOP is refusing to even consider proposals to revive the Child Tax Credit expansion that lifted millions of kids out of poverty last year—even though bringing the program back would cost a fraction of the Pentagon outlay.
A spokesperson for Senate Finance Committee Chair Ron Wyden (D-Ore.) told HuffPost earlier this week that Republicans have thus far been unwilling to negotiate over the Child Tax Credit (CTC) boost, which they unanimously opposed when it was enacted as part of the American Rescue Plan last year.
Turns out that linking to several days old public data in order to demonstrate that Elon's jet was broadcasting its tail number in the clear is apparently "posting private information" so for anyone looking for me there I'm actually here
The coup against Pedro Castillo was led by an odious right-wing that refused to accept the people's aspiration for a progressive project
The row over the suspension of journalists’ accounts reached as high as the United Nations, where a spokesperson complained about the “dangerous precedent” that was being set. A vice president in the European Commission warned of “sanctions, soon” on the far side of the Atlantic.
Millions of people and organisations are flocking to Mastodon in the wake of Elon Musk’s Twitter takeover. EDRi is among those who recently started using the decentralised and free social network. What does Mastodon do better, and why does it get digital rights groups all excited?
History rhymes. Federation, identity issues, and a hostile takeover.
IRC was the communication platform of choice from the 90s until around 2000 when AIM took over. Around 2010, Freenode emerged as the go-to for the open-source crowd and then grew over the next decade to become the home for many software developers, DevOps professionals, and hobbyists. I’m thankful for the graduate math students that took the time to help me with my high school calculus on ##math.
The events leading to the fall of Freenode are eerily similar to the ones happening to Twitter today. A look at the fall of Freenode.
Is my investigation pursued in an even-handed spirit? Not in the slightest. While Twitter has been a remarkable and in my experience mostly good part of the big picture, I’m hoping for it to fade away and open a better path forward, based on standards-driven federation, open to everyone, and at least partly free of the clutches of Big Tech.
More than a dozen former feds flocked to the company in the months and years prior to Elon Musk’s purchase of the social network in October.
The Post found FBI influence was considerably more significant than just James Baker, the FBI’s former general counsel who later worked in the same role for Twitter. He was recently fired by Musk for interfering in the billionaire’s efforts to come clean about past transgressions at the company.
Editor’s Note: Kara Alaimo, an associate professor in the Lawrence Herbert School of Communication at Hofstra University, writes about issues affecting women and social media. Her book “This Feed Is on Fire: Why Social Media Is Toxic for Women and Girls — And How We Can Reclaim It” will be published by Alcove Press in 2024. [...]
The big picture: Musk has repeatedly said he supports free speech and intends to use Twitter to promote it, Axios' Sara Fischer writes. However, he has been inconsistent with content moderation decisions.
The journalists, however, share a common thread of critical coverage of Musk and his management and policy decisions following his October takeover of Twitter, including a recent controversy over Twitter shutting down an account that tracked Musk’s private jet. In a retroactive change to Twitter’s content moderation policy, Musk announced that any instances of posting real-time location data would be treated as a form of doxxing, and result in a suspension of the account. Musk attempted to link developer Jack Sweeney’s flight tracking data project to an incident in which he claims an individual followed a car carrying his son. No evidence has come to light that the individual was motivated by or gathered information from Sweeney’s account. Nevertheless, Musk threatened legal action against him.
“These things should happen in a framework, not just because someone decides they should,” Mr. Bahrke said.
He reiterated that if Twitter failed to comply with the Digital Services Act, a set of major European Union regulations for digital services that came into force last month, then the company may be liable for penalties of up to 6 percent of global annual turnover, and even a Europe-wide ban.
The Washington Post’s executive editor, Sally Buzbee, called for a reversal of the ban and reinstatement of technology reporter Drew Harwell’s account. She stated that the ban, “Directly undermines Elon Musk’s claim that he intends to run Twitter as a platform dedicated to free speech,” adding that Harwell was banned, “without warning, process or explanation, following the publication of his accurate reporting about Musk.”
Economics has been called the dismal science, and 2023 will vindicate that moniker. We are at the mercy of two cataclysms that are simply beyond our control. The first is the Covid-19 pandemic, which continues to threaten us with new, more deadly, contagious, or vaccine-resistant variants. The pandemic has been managed especially poorly by China, owing mainly to its failure to inoculate its citizens with more effective (Western-made) mRNA vaccines.
The women later discovered they weren’t at the abortion clinic they’d intended to visit, but at the similarly named Women’s Help Center, one of more than 2,500 crisis pregnancy centers across the country that aim to discourage people from getting abortions. Henderson, then in her early 70s, wasn’t a “cancer doctor,” as she allegedly informed one client, or indeed any type of licensed medical professional. Her only medical experience was as a radiation therapy technologist, and her license had expired 10 years earlier.
Nor was there a doctor on hand to review the ultrasound images Henderson took, as is considered best practice by mainstream medical organizations and the pregnancy center industry itself. The Women’s Help Center – which has four locations in the Jacksonville area – did have a volunteer medical director, according to its tax filings, a family practitioner then in his mid-80s. But he wasn’t involved in daily operations – “never saw clients and did not provide medical advice,” the clinic’s executive director, Nancy Basham, told Florida Department of Health investigators in 2018, according to a never-before-published report obtained by Reveal from The Center for Investigative Reporting. Basham declined to comment.
Moldova has temporarily suspended the broadcast licenses of six television channels for airing "incorrect information" about the country and Russia's war in Ukraine.
The six TV stations are owned or affiliated with businessman Ilan ÃËhor, who is a fugitive from Moldovan justice and who has been designated for sanctions by the United States and Britain.
Prolific author JK Rowling is under fire from trans activists after throwing her support behind a new counseling service for female survivors of sexual violence in the Edinburgh area, leading many pro-woman advocates to question the priorities of her detractors.
Nevertheless, Europeans also perceive the Constitution primarily as a framework dealing with governmental powers, and the most frequent approach consists in indirectly imposing on private persons the constitutional obligation to respect freedom of expression. This reasoning considers that the government is involved in private restrictions, which are reconceptualized as "GONG restrictions" (government organized non-governmental restrictions). In the end, the European speaker, less protected than her American counterpart against the government, enjoys a greater protection against private actors. This might mean that freedom of expression is better protected in Europe than in the United States.
Alidoosti has made at least three posts on her Instagram account expressing solidarity with protesters since the demonstrations broke out in September. Her account was suspended Sunday.
The MSM were angry about Twitter suspending corporate journalists but don’t care when independent journalists critical of officialdom — including from CN — are banned.
Elon Musk’s decision to abruptly suspend several journalists from Twitter sparked an outcry on Friday from First Amendment advocates, threats of sanctions from European regulators, and questions about the social media platform’s future as a gathering place for news and ideas.
But as people debated complex, novel issues of free speech and online censorship, the move also underscored the role of a simpler, more enduring element of American life: the press baron.
Hello, Citizen Musk.
Musk tweeted late Friday that the company would lift the suspensions following the results of a public poll on the site. The poll showed 58.7% of respondents favored a move to immediately unsuspend accounts over 41.3% who said the suspensions should be lifted in seven days.
The company has not explained why the accounts were taken down. But Musk took to Twitter on Thursday night to accuse journalists of sharing private information about his whereabouts, which he described as "basically assassination coordinates." He provided no evidence for that claim.
The company has not explained why the accounts were taken down. But Musk took to Twitter on Thursday night to accuse journalists of sharing private information about his whereabouts, which he described as “basically assassination coordinates.” He provided no evidence for that claim.
Prominent journalists, including those from The Washington Post, New York Times, CNN, Voice of America and other outlets, had their Twitter accounts suspended Thursday. The ban also affected non-media related accounts, such as the official account for Mastodon, a rival social media platform that has been described as an alternative to Twitter.
Four Michigan Native American Tribes reached a tentative deal with the federal and state governments to split up the next 24 years-worth of fishing access in Michigan’s Great Lakes waters.
Before the colonial period, more than 500 different Native tribes lived in what is now the United States. When conflicts arose among the various groups, Native peoples used diplomatic tools to address them.
The Cherokee Nation’s alleged right to a delegate has been described as “unique,” but nothing could be further from the truth. The Cherokee treaties apply to all three successor Cherokee tribes: the Cherokee Nation of Oklahoma, the Eastern Band of Cherokee Indians and the United Keetoowah Band of Cherokee Indians in Oklahoma. Other tribes, including ours, have congressional delegate treaty promises that are almost identical to the one relied on by the Cherokee Nation. To seat Cherokee Nation’s delegate before seating the other Cherokee tribes’ delegates violated the treaty promises made to all Cherokee people. Further, seating the Cherokee Nation delegate before our Delaware delegate would violate the promise made to us in the Treaty of Fort Pitt, 57 years before the treaty the Cherokee Nation relies on.
If the U.S. Congress wants to stand up for treaties, the first one would be a good place to start.
Mohammad Mehdi Karami says he was tortured into making a confession to security forces who were looking to pin the blame on him and 15 other protesters for the death of a member of the Basij paramilitary force during nationwide demonstrations.
On the last street before leaving Jacksonville, there’s a dark brick one-story building that the locals know as the school for “bad” kids. It’s actually a tiny public school for children with disabilities. It sits across the street from farmland and is 2 miles from the Illinois city’s police department, which makes for a short trip when the school calls 911.
Administrators at the Garrison School call the police to report student misbehavior every other school day, on average. And because staff members regularly press charges against the children — some as young as 9 — officers have arrested students more than 100 times in the last five school years, an investigation by the Chicago Tribune and ProPublica found. That is an astounding number given that Garrison, the only school that is part of the Four Rivers Special Education District, has fewer than 65 students in most years.
Joe Biden ran for president as an abolitionist. It is time for him to put this country on record as committed to ending the death penalty.
19 people have died in New York City’s notorious pretrial detention center. Advocates are calling for a court-appointed federal receivership to intervene.
The demoscene never ceases to amaze. Back in the mid-80s, people wouldn’t just hack software to remove the copy restrictions, but would go the extra mile and add some fun artwork and greetz. Over the ensuing decade the artform broke away from the cracks entirely, and the elite hackers were making electronic music with amazing accompanying graphics to simply show off.
Robinson's book is important: it not only disproves the (variously attributed) capitalist realism aphorism that "it is easier to imagine the end of the world than it is to imagine the end of capitalism" – it also imagines the means by which that ending was brought about.
[...]
Blocking future monopolies without ending existing ones is a huge risk. Any monopoly in an industrial supply chain can destroy the smaller firms it buys from and sells to. Think of how Big Pharma's mergers let it gouge hospitals on drug prices, leading to regional hospital monopolies that had the bargaining power to push back. But then those hospitals turned around and started screwing insurers, who also formed regional monopolies in order to defend themselves from price-gouging.
In the end, monopoly leads to monopoly, with workers and consumers at either end of the supply chain, unorganized and vulnerable, which is why health workers make less money under worse conditions and patients spend more money for worse care. It's not enough to prevent future monopolies – we also have to break up the ones that are all around us.
Funeral homes were once dominated by local, family owned businesses. Today, odds are, your neighborhood funeral home is owned by Service Corporation International, which has bought hundreds of funeral homes (keeping the proprietor's name over the door), jacking up prices and reaping vast profits.
Funeral homes are now one of America's most predatory, vicious industries, and SCI uses the profits it gouges out of bereaved, reeling families to fuel more acquisitions – 121 more in 2021. SCI gets some economies of scale out of this consolidation, but that's passed onto shareholders, not consumers. SCI charges 42% more than independent funeral homes.
In May, Senate Majority Leader Chuck Schumer promised an early-summer vote on bipartisan antitrust legislation that, while relatively modest, would take concrete steps to curb the vast power of Big Tech.
But with the end of the year approaching, Schumer has yet to deliver on his pledge, angering supporters of the bills who say the Democratic leader is caving to Apple, Google, Amazon, and Meta—corporate behemoths that have been lobbying aggressively against the antitrust measures.
Microsoft obtained the patent for ANS-Coding after a failed attempt by Google. The inventor is willing to release the process for public use.
Microsoft did not create ANS, but Jaroslaw (Jarek) Duda, a researcher at the University of Krakau. Due to Duda's own desire to never patent or otherwise protect ANS, his work is available on the Arxiv repository. Several years ago, the information scientist criticized Google's attempts to register a patent on ANS. Google's application for the patent was rejected as well.
A patent has been granted to software giant Microsoft after years of trying to obtain one from the US Patent Office. Several variants of the coding procedure Asymmetric Numerical Systems (ANS) may be found in most modern codecs, such as AV1, Z-Standard compression, or even rANS in JPEG XL.
The creator of ANS, Jarosà âaw Duda, assistant professor at Institute of Computer Science at Jagiellonian University in Poland, has been trying for years to keep ANS patent-free and available for public use. Back in 2018, Duda's lobbying helped convince Google to abandon its ANS-related patent claim in the US and Europe. And he raised the alarm last year when he learned Microsoft had applied for an rANS (range asymmetric number system) patent.
Now that Microsoft's patent application has been granted, he fears the utility of ANS will be diminished, as software developers try to steer clear of a potential infringement claim.
Asymmetric numeral systems (ANS) is a family of entropy encoding methods introduced by Jarosà âaw (Jarek) Duda of the Jagiellonian University, in Kraków, Poland. It is an important technology used in data compression since 2014 by various companies worldwide due to improved performance compared to previously used methods, being up to 30 times faster.
Jarek Duda, as the principal author, never intended to patent this technology.[1] However, in January 2022, a variant of ANS was patented[2] by Microsoft despite clear existence of prior art.[3] This is a clear example of software patents blocking innovation and research. A technology released into the public domain is at risk of becoming a monopoly because of patent trolls.
Within a year of posting as Mostley Music, Motley found himself suddenly able to break into the industry which felt impenetrable to him just months earlier. Atlantic and Interscope/ Darkroom offered him A&R consultant gigs and Spotify tapped him as co-host of their Spotify Live show Lorem Life. And just a few months ago, Motley co-founded a label of his own. Called Music Soup, the record label provides expertise in digital marketing and was the first to use TikTok Sound On as a distributor. Motley says if it hadn’t been for building out Mostley Music during quarantine, he’d probably be working his way up slowly in the ranks from the assistant level of a record label – not founding his own at age 24.
Artists have soared to the top of the charts because of trends on TikTok, muddling the music industry's business model.
The Z-Library crackdown has resulted in some unusual takedown notices that have little to do with authors or publishers. Knockoff sites such as Zlibrary.to and Zlib.is appear to be most interested in protecting their newly gained popularity. At the same time, a publication that wrote about Z-Library alternatives is going after sites that copied its article.
The "when the Web dies" thing - https://midnight.pub/posts/1223, I'd say I have happened across another one of those moments. RSS, Read.write.as, Midnight, Smol Pub, various Mastodon feeds (again, through RSS), they run dry and I'm left with fingers resting on keyboard thinking: "well NOW what am I going to consume-and-then-write about?"
And yea, it's usually general writing ideas I am generating/formulating when I surf blogs. Not straight out responses, or quirky quips, but just some form of mental stimuli to get me to think of something related to something related to something that I can make a blog post out of.
So, with Twitter deciding to kick into high gear its downfall, a lot of people have looked to Mastodon as a replacement.
* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.