01.19.23

Gemini version available ♊︎

Links 19/01/2023: Release of DietPi 8.13 and Ubuntu Delays Due to Microsoft’s Restricted Boot

Posted in News Roundup at 9:11 pm by Dr. Roy Schestowitz

  • GNU/Linux

    • HowTo GeekSystem76′s Pangolin Laptop Will Have Linux and AMD Zen 3+

      System76 is one of the most popular Linux PC makers, and also serves as the developer of the Pop!_OS Linux distribution. Now the company is testing a new AMD-powered Linux laptop, the Pangolin.

      System76 has begun teasing a new model of the Pangolin laptop, and it’s packed to the brim with improvements and new features. The Pangolin laptop is powered by the new AMD Ryzen 7 6800U CPU, which uses the chipmaker’s Zen 3+ architecture — not quite the Zen 4 architecture you will soon be able to find on laptops, but it’s pretty good nonetheless. The screen is also getting an upgrade from its previous, bog-standard 60Hz refresh rate up to a more impressive 144Hz.

    • Server

      • The Register UKHPE and Oracle Solaris suit ends with hushed settlement • The Register

        HPE and Oracle have settled their long-running legal case over alleged copyright infringement regarding Solaris software updates for HPE customers, but it looks like the nature of the settlement is going to remain under wraps.

        The pair this week informed [PDF] the judge overseeing the case that they’d reached a mutual settlement and asked for the case to be dismissed “with prejudice” – ie, permanently. The settlement agreement is confidential, and its terms won’t be made public.

        The case goes back to at least 2016, when Oracle filed a lawsuit against HPE over the rights to support the Solaris operating system. HPE and a third company, software support outfit Terix, were accused of offering Solaris support for customers while the latter was not an authorised Oracle partner.

      • UbuntuCloud storage pricing – how to optimise TCO

        The flexibility of public cloud infrastructure allows for little to no upfront expense, and is great when starting a venture or testing an idea. But once a dataset grows and becomes predictable, it can become a significant base cost, compounded further by additional costs depending on how you are consuming that data.

        Public clouds were initially popularised under the premise that workloads are dynamic, and that you could easily match available compute resources to the peaks and troughs in your consumption, rather than having to maintain mostly idle buffer capacity to meet peak user demands. Essentially shifting sunk capital into variable operational expense.

      • Sean Scott’s “Oracle on Docker: Running Oracle Databases in Linux Containers” Debuted as a #1 New Release on Amazon – Technology Today – EIN Presswire

        Viscosity North America, Inc. (“Viscosity”) is excited to announce the recently published book about containers as an effective Oracle database storage and design tool. “Oracle on Docker: Running Oracle Databases in Linux Containers,” written by Sean Scott, Viscosity’s Managing Principal Consultant and Oracle ACE Pro, debuted in the No.1 position among the Amazon Hot New Releases in the Linux Networking & System Administration category during its first month.

    • Audiocasts/Shows

    • Kernel Space

      • Kernel Module Management testing | Pablo Iranzo Gómez blog

        Following on the Using Kcli to prepare for OCM testing, we’re going to prepare KMM testing in Hub-Spoke approach.

        First we need to prepare our .docker/config.json with the contents of our OpenShift pull secret used with Kcli.

      • LWNMemory-management short topics: page-table sharing and working sets [LWN.net]

        The kernel’s memory-management developers have been busy before and during the holidays; the result is a number of patch sets making significant changes to that subsystem. It is time for a quick look at three of those projects. Two of them aim to increase the sharing of page tables between processes, while the third takes advantage of the multi-generational LRU to create a better picture of what a process’s working set actually is.

      • LWNA vDSO implementation of getrandom() [LWN.net]

        Most developers probably do not see the generation of random numbers as being a performance bottleneck for their programs, but there are seemingly exceptions. Over the last few years, Jason Donenfeld has brought a new level of energy to the development of the kernel’s random-number generator; he is now directing his efforts toward improving performance for user space with this patch series that provides an implementation of the getrandom() system call in the kernel’s “virtual dynamic shared object” (vDSO) area. The result is, indeed, better performance, but not all developers see this benefit as being worth the additional complexity required to achieve it.

        Traditionally, user-space processes on Linux systems have obtained random data by opening /dev/urandom (or /dev/random) and reading data from it. More recently, the addition of getrandom() simplified access to random data; a call to getrandom() will fill a user-space buffer with random data from the kernel without the need to open any files. This random data is provided with all of the guarantees that the kernel can make, including doing its best to ensure that the data is actually random and preventing repeated data sequences when, for example, a virtual machine forks.

        It’s worth noting that, in the BSD world, it is more common to call the arc4random() library function. The 2.36 release of the GNU C Library included an implementation of arc4random() that, in its pre-release form, included a fair amount of its own logic for the generation and management of random data. In July 2022, Donenfeld questioned the need for this function, noting that “getrandom() and /dev/urandom are extremely fast”. Supporting arc4random() makes code more portable, though, so that function stayed in the library. The version that was eventually released was significantly simplified by Donenfeld, to the point that it essentially a wrapper around getrandom() when that system call is available. As a result, the performance of getrandom() also determines how fast arc4random() will be.

      • LWNPer-extent encrypted keys for fscrypt [LWN.net]

        The kernel’s fscrypt subsystem enables filesystems to store files and directories in encrypted form, protecting them against offline attacks. A few filesystems support encryption with fscrypt currently, but Btrfs is an exception, despite a number of attempts to add this feature. The problem is that, as so often seems to be the case, Btrfs works differently and does not fit well with one of the key assumptions in the design of fscrypt. With this patch series, Sweet Tea Dorminy is working to enhance fscrypt to be a better fit for filesystems like Btrfs.

        Fscrypt got its start in 2015 as an ext4-specific encryption feature, but it was later generalized to be able to support other filesystems as well, with the second user being F2FS. To enable encryption, an administrator must start with an empty directory (which can be the root directory ) on a filesystem and set a “master key” for that directory, after which all files and subdirectories created below the top-level directory will be encrypted. To be able to access the contents of that directory, the master key must be stored in the kernel’s keyring. One master key can be used with multiple directory hierarchies, or different keys can be used with different hierarchies as needed.

    • Graphics Stack

      • 9to5LinuxNVIDIA 525.85.05 Linux Graphics Driver Improves Suspend/Resume on UEFI Systems

        Earlier this month, NVIDIA released the NVIDIA 525.78.01 graphics driver, but it looks like some important improvements needed to be made, so they released a small update, NVIDIA 525.85.05, to improve the reliability of suspend and resume on UEFI systems when using certain display panels.

        NVIDIA 525.85.05 also disables the Fixed Rate Link (FRL) when using passive DisplayPort to HDMI dongles, which are incompatible with FRL, and fixes a bug that prevented some controls in the nvidia-settings control panel from working when running an X server as an unprivileged user.

      • NeowinLatest Nvidia driver for Linux improves suspend reliability on systems that use UEFI – Neowin

        Nvidia has made its latest Linux driver available for download, the version number is 525.85.05 and comes in at 395.9 MB in size; the driver is available for x64 and aarch64 systems. The release notes contain four items and the most notable one is that the reliability of suspend and resume on UEFI systems on certain display panels has been improved. If you have an Nvidia GPU and you have any display issues following a system suspend, this driver could address those issues.

    • Applications

      • Linux Links12 Best Free Vim-Like Text Editors

        Fortunately, the days of Emacs vs vi flame wars fizzled out decades ago. But there remains lots of friction when it comes to text editors.

        Vim is an enhanced version of the vi editor, with development dating back to 1976.

        Vim is a highly configurable, powerful, console-based, open source text editor. It’s efficient, letting users edit files with a minimum of keystrokes. Vim offers word completion, undo, shortcuts, abbreviations, keyboard customization, macros, and scripts. You can turn this into your editor for your environment.

    • Instructionals/Technical

      • VideoHow to install ONLYOFFICE on KDE Neon – Invidious

        In this video, we are looking at how to install ONLYOFFICE on KDE Neon.

      • Upgrading Homelab Kubernetes Cluster from 1.24 to 1.25 | Lisenet.com :: Linux | Security | Networking

        Updating the cluster to match with the latest CKAD exam version.

      • Linux Made SimpleHow to install Vita3K on a Chromebook in 2023

        Today we are looking at how to install Vita3K on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • KifarunixHow to Install Docker Desktop on Ubuntu 22.04/Ubuntu 20.04 – kifarunix.com

        How can you install Docker desktop on Linux? In this tutorial, you will learn how to install Docker desktop on Ubuntu 22.04/Ubuntu 20.04.

      • HowTo GeekHow to Protect Your Linux Computer From Rogue USB Drives

        USB memory sticks can be used to steal data from your Linux computer. USBGuard lets you set rules governing the use of USB memory sticks, like a firewall for USB storage devices. Here’s how it works and how you can set it up.

      • TechRepublicHow to Add a New Development Environment to Portainer | TechRepublic

        Recently, I outlined how to deploy Portainer to a MicroK8s Kubernetes cluster. The process is surprisingly easy and goes a long way to strip the complications from Kubernetes. That Kubernetes environment makes for a robust development process, but what if you also need to work with Docker? Thankfully, Portainer has many convenient Docker features that make deploying those containers a breeze.

      • ZDNetHow to easily share a printer from the GNOME desktop | ZDNET

        GNOME has been my desktop of choice for some time now.

        And to anyone who might think adding or sharing a printer across a network on Linux is challenging, I’ve got news for you… it’s not.

        Case in point, I had to replace my aging Brother monochrome laser printer that I’ve been using for maybe five years.

        I opted to go with a similar model, but one without the wireless option that I never used.

        I pulled the printer out of the box, plugged it in, and clicked Add Printer in the Settings apps.

      • Linux Made SimpleHow to install Geographical Adventures on a Chromebook

        Today we are looking at how to install Geographical Adventures on a Chromebook.

      • Delete a Group from Linux CLI

        Deleting a group in Linux can be a simple task when done through the command line interface (CLI). In this article, we will go through the process of deleting a group in Linux using the CLI, with examples to help you understand the process.

        Before we begin, it’s important to note that deleting a group will also delete all the users associated with that group. So, it’s important to make sure that you no longer need the group or users associated with it before proceeding with the deletion process.

      • Make Tech EasierHow to Set Up a VNC Server In Ubuntu – Make Tech Easier

        The Virtual Network Computing (VNC) protocol is one of the bedrock of remote desktop management. It allows you to seamlessly operate a server remotely along with its entire graphical desktop. Here we show you how to install a VNC server in Ubuntu. We will also show how you can connect to a VNC server and make it work for your specific needs.

      • Delete user from a group in Linux CLI

        Deleting a user from a group in Linux command line interface (CLI) is a simple process that can be accomplished using the command line tool usermod. This tool can be used to modify a user’s account information, including their group membership. In this article, we will go over the steps and examples of how to delete a user from a group in Linux CLI.

        Before we begin, it’s important to note that you will need to have root or superuser access to perform these actions. This means that you will need to log in as the root user or use the sudo command to run the commands with superuser privileges.

      • Add user to a Group in Linux CLI

        Adding users to a group in Linux command line interface (CLI) is a simple task that can be accomplished with a few commands. This process is important for managing users and their permissions within a Linux system, as it allows for better control over who has access to certain resources and functionality.

        Before diving into the process of adding a user to a group, it’s important to understand the basics of user and group management in Linux. In Linux, users are assigned a unique user ID (UID) and belong to one or more groups, which are identified by a group ID (GID). Groups are used to assign permissions to specific users or groups of users, allowing them to access certain resources or perform certain actions on the system.

        Now that we have a basic understanding of how users and groups work in Linux, let’s dive into the process of adding a user to a group.

      • Create a Group in Linux CLI

        Creating a group in Linux command line interface (CLI) can be a bit tricky if you’re not familiar with the process. But once you know how to do it, it’s a breeze. In this article, we’ll walk you through the steps of creating a group in Linux CLI, and provide some examples to help you understand the process better.

      • Delete User from Linux system CLI

        Deleting a user in Linux Command Line Interface (CLI) is a simple process that can be done in just a few steps. However, before you delete a user, it’s important to consider the consequences and make sure that it’s the right decision for your system. In this article, we’ll go over the steps to delete a user in Linux CLI, as well as some important considerations to keep in mind.

      • Create user in Linux CLI

        Creating a user in Linux Command Line Interface (CLI) is a simple task that can be accomplished using the “useradd” command. In this article, we will take a look at how to create a new user in Linux CLI, and also discuss some of the options that can be used with the “useradd” command.
        Before we begin, it is important to note that in order to create a new user in Linux, you must have root or superuser privileges. This means that you will need to log in as the root user or use the “sudo” command to execute the “useradd” command.

      • Joe BrockmeierLazyweb: Matching compatible mini-PCs with RAM / NVMe on hand? : Dissociated Press

        I’ve recently upgraded a few laptops and have some NVMe drives and spare RAM on hand. Rather than letting them gather dust or try to sell them online, I’d like to match them with inexpensive mini PCs for use in my home lab.

    • Games

      • The VergeThe Steam Deck wasn’t born ready, but it’s ready now – The Verge

        The Steam Deck is my favorite gadget of 2022. I have no hesitation in recommending it anymore. The kind of person who would buy one should buy one. My only question: are you that kind of person?

        [...]

        I should know. I’ve now spent 435 hours playing Steam games across three different Decks, averaging well over an hour per day since launch. I’ve torn through all 150 hours of Elden Ring and beat Stray, Cult of the Lamb, Signalis, The Forgotten City, Into the Breach, and Vampire Survivors* on the Deck alone. I’m in the middle of dozens more. Plus, those 435 hours don’t count all the time I’ve spent futzing around with alternative games stores, emulators, streaming games from PS5 to the handheld, or cracking open the case to install a better fan and a larger SSD.

      • Public KnowledgeHow a Fair Use Win Paved the Way for Competition From Valve’s Steam Deck – Public Knowledge

        Valve’s Steam Deck is a new handheld gaming device that can play PC games. First of all, my official product review: it is very cool. With that established, let’s talk about the really interesting stuff: copyright doctrine.

        The long-running and bitter fight between Oracle and Google concluded in 2021, when the Supreme Court ruled 6-2 (in a decision written by Stephen Breyer, with Justices Thomas and Alito dissenting) that re-implementing Application Software Interfaces (APIs) – a form of software library – was a fair use. Google had written its own code that was functionally identical to existing Java software to make it easier for developers to write for the then-new Android platform. A developer’s code might ask the system for particular information, or to perform some kind of calculation. By re-implementing Java APIs on Android, Google made it so that a developer’s code can ask the system for the same things, in the same way, and get an answer back it understands. While the “functional” code in a re-implemented API might be totally new and different from the original, the new code still has to essentially call things by the same names.

        The Supreme Court rightly found that this is pro-competitive and legal. Copyright law is not intended to lock software developers to proprietary platforms or prevent the emergence of new compatible platforms.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Make Use OfKDE Offers Sneak Preview of Enhanced Linux Desktop With Plasma 5.27 Beta

          The latest version of KDE Plasma, landing on Valentine’s Day 2023, features enhanced multiple monitor support and plenty of other new features.

          [...]

          “Today we are bringing you the preview version of KDE’s Plasma 5.27 release,” an official KDE blog post said. “Plasma 5.27 Beta is aimed at testers, developers, and bug-hunters.”

          The KDE Community also took to Twitter to announce the beta version:

          Among the new features included are a new welcome screen, a Hebrew calendar option, a revamped ability to work across multiple monitors, an enhanced Bigscreen TV interface that debuted in earlier versions, and a new keyboard shortcut for tiling windows.

          Another significant new feature is a new permission settings menu for Flatpak packages. These packages by default lack access to the underlying system for security, but there may be times when users may need to turn it on, such as when an application needs to access the file system. The new menu is in the system settings.

  • Distributions and Operating Systems

    • The Register UKOS/2 Warp on a 21st century PC: Arca Noae’s making it happen • The Register

      Although the creator of OS/2 now owns Red Hat and has other fish to try, OS/2 lives on. The Reg spoke with Arca Noae’s Lewis Rosenthal about the issues of updating OS/2 Warp for modern PCs in 2023 – and beyond.

      OS/2 has had a long and sometimes troubled history, which The Register looked at in depth when the OS turned 25. IBM stopped selling OS/2 Warp back in the early part of this century, but that wasn’t the end of the line for this indomitable OS.

      After IBM stopped selling even the server version, eComStation continued support, and later offered their own updated version, and had plans for further modernization.

      After that, Arca Noae picked up the baton with what was originally codenamed Blue Lion. It went on to offer it for sale as Arca OS 5.

      The current version, Arca OS 5.0.7, can boot directly and install from a USB key, which is a first for the OS/2 family – and a significant help.

  • Free, Libre, and Open Source Software

    • The AnarcatMastodon comments in ikiwiki – anarcat

      Today I noticed bounces in my mail box. They were from ikiwiki trying to send registration confirmation email to users who probably never asked for it.

      I’m getting truly fed up with spam in my wiki. At this point, all comments are manually approved and I still get trouble: now it’s scammers spamming the registration form with dummy accounts, which bounce back to me when I make new posts, or just generate backscatter spam for the confirmation email. It’s really bad. I have hundreds of users registered on my blog, and I don’t know which are spammy, which aren’t. So. I’m considering ditching ikiwiki comments altogether.

      I am testing Mastodon as a commenting platforms. Others (e.g. JAK) have implemented this as a server but a simpler approach is toload them dynamically from Mastodon, which is what Carl Shwan has done. They are using Hugo, however, so they can easily embed page metadata in the template to load the right server with the right comment ID.

    • Web Browsers/Web Servers

    • Content Management Systems (CMS)

    • FSF

      • FSFFSF now accepting board nominations from associate members

        The FSF opened its new community-engaged nomination process today, seeking new directors to help drive its worldwide mission to promote computer user freedom. Nominations will be sought until Friday, March 3, 2023, 10:00 EST (15:00 UTC).

        “We’re excited to give associate members this opportunity to attract new talent, energy, and perspectives to the Foundation’s leadership,” said FSF president Geoffrey Knauth. “As a pioneer in the free software movement, FSF has consistently advocated, celebrated and defended user freedom and autonomy. Community engagement in the nomination and evaluation process will be critical to seating the leaders who can meet the challenges and seize the opportunities that lie ahead.”

      • FSFAssociate members are invited: Nominate new candidates to the FSF board

        Associate members of the Free Software Foundation (FSF) now have the chance to nominate candidates to serve on the board of directors. This news comes after an original announcement of the process by the FSF Board of Directors on January 18, 2022. The board and staff have worked for a year to design, develop, and prepare for the new community engagement process and the discussion structure to support it. The aim is a transparent and participatory selection process that ensures a consistent, long-term alignment with the FSF’s values and principles.

        The FSF has opened its new nomination process today, and is seeking new directors in support of its mission to promote computer user freedom.

    • FSFE

      • FSFEMunicipalities need Free Software: Recording and new mailing list [Ed: FSFE is pretending that Dortmund moves to Free software because of FSFE; typical lie and nothing could be further from the truth]

        Dortmund is opening a new chapter in Free Software Governance and inspiring municipalities all over Germany. The recording of our event on 11 January 2023 is now online. Are you interested in Free Software and working in a municipal administration or in politics? Join our new mailing list to exchange information on Free Software in municipalities!

    • Programming/Development

      • Python

        • LWNFormalizing f-strings [LWN.net]

          Python’s formatted strings, or “f-strings”, came relatively late to the language, but have become a popular feature. F-strings allow a compact representation for the common task of interpolating program data into strings, often in order to output them in some fashion. Some restrictions were placed on f-strings to simplify the implementation of them, but those restrictions are not really needed anymore and, in fact, are complicating the CPython parser. That has led to a Python Enhancement Proposal (PEP) to formalize the syntax of f-strings for the benefit of Python users while simplifying the maintenance of the interpreter itself.

        • LWNPyTorch and the PyPI supply chain [LWN.net]

          The PyTorch compromise that happened right at the end of 2022 was rather ugly, but its impact was not widespread—seemingly, at least. The incident does highlight some of the perils of relying on an external “supply chain” for the components that are used to build one’s software. It also would appear to be another case of “security researchers” run amok, though perhaps that part of the story is only meant to cover the tracks—or ass—of the perpetrator.

          Beyond that, the incident shows that the Python Package Index (PyPI) and the pip package installer act in ways that arguably assisted the compromise. That clearly comes as a surprise to many, though those behaviors are well-known and well-established in the Python Package Authority (PyPA) community. There is, at minimum, a need for education on that topic.

  • Leftovers

    • Science

      • AdafruitAn interactive sound sculpture brings the world to the Center of Science and Industry Museum

        We’ve all seen photos of the Eiffel Tower in Paris, watched movies of the ancient Colosseum in Rome, & stared at the brush strokes in a poster of Vincent van Gogh’s “Starry Night”. But what do they sound like? Daric Gill introduces “The Memory Machine: Sound“, a motion-activated sound sculpture that plays a collection of recordings, taken during travels to some of the world’s most interesting places.

    • Proprietary

      • HackadayLinux Fu: UEFI Booting [Ed: UEFI is more proprietary junk that takes control of the computer at the users' expense, potentially denying them the right to boot into their system of choice]

        Unless your computer is pretty old, it probably uses UEFI (Unified Extensible Firmware Interface) to boot. The idea is that a bootloader picks up files from an EFI partition and uses them to start your operating system. If you use Windows, you get Windows. If you use Linux, there’s a good chance you’ll use Grub which may or may not show you a menu. The problem with Grub is you have to do a lot of configuration to get it to do different things. Granted, distros like Ubuntu have tools that go through and do much of the work for you and if you are satisfied with that, there’s no harm in using Grub to boot and manage multiple operating systems.

        An alternative would be rEFInd, which is a nice modern UEFI boot manager. If you are still booting through normal (legacy) BIOS, the installation might be a hassle. But, in general, rEFInd, once installed, just automatically picks up most things, including Windows, Mac, and Linux operating systems and kernels. The biggest reasons you might change the configuration is if you want to hide some things you don’t care about or change the visual theme.

      • SteelCloud Cyber Software Locks Down Nuclear Power Utility Company IT Infrastructure

        The same instance of ConfigOS addresses CISCO network devices, Apache, Red Hat 5/6/7/8, SUSE, CENTOS, Ubuntu, and Oracle Linux.

      • glTF 2.0 Import Arrives in the PlayCanvas Editor | PlayCanvas

        We are excited to announce a major update for the PlayCanvas Editor: glTF 2.0 import. This new feature allows users to easily import and use 3D models created in other applications such as Blender and SketchUp, as well as from digital asset stores like Sketchfab, directly into the PlayCanvas Editor.

      • Bleeping ComputerMicrosoft investigates bug behind unresponsive Windows Start Menu
    • Entrapment (Microsoft GitHub)

    • Security

      • LWNExploiting null-dereferences in the Linux kernel (Project Zero) [LWN.net]

        The Google Project Zero page shows how to compromise the kernel by using a NULL pointer to repeatedly force an oops and overflow a reference count.

      • GoogleProject Zero: Exploiting null-dereferences in the Linux kernel

        For a fair amount of time, null-deref bugs were a highly exploitable kernel bug class. Back when the kernel was able to access userland memory without restriction, and userland programs were still able to map the zero page, there were many easy techniques for exploiting null-deref bugs. However with the introduction of modern exploit mitigations such as SMEP and SMAP, as well as mmap_min_addr preventing unprivileged programs from mmap’ing low addresses, null-deref bugs are generally not considered a security issue in modern kernel versions. This blog post provides an exploit technique demonstrating that treating these bugs as universally innocuous often leads to faulty evaluations of their relevance to security.

      • Beta NewsNew Linux malware up 50 percent in 2022 [Ed: Linux-hostile people and Microsoft boosters like Ian Barker use this self-promotional (conflict of interest) claim to bash and scare people away from GNU/Linux]

        Data analyzed by the Atlas VPN team, based on malware threat statistics from AV-ATLAS, shows new Linux malware threats hit record numbers in 2022, increasing by 50 percent to 1.9 million.

      • LWNSecurity updates for Thursday [LWN.net]

        Security updates have been issued by Debian (firefox-esr, libitext5-java, sudo, and webkit2gtk), Fedora (firefox and qemu), Red Hat (java-11-openjdk and java-17-openjdk), Slackware (sudo), SUSE (sudo), and Ubuntu (python-urllib3 and sudo).

      • USCERTCISA Releases One Industrial Control Systems Advisory | CISA

        CISA released one Industrial Control Systems (ICS) advisory on January 19, 2023. This advisory provides timely information about current security issues, vulnerabilities, and exploits surrounding ICS.

      • A hands-on approach to symmetric-key encryption – sergioprado.blog

        In this article, we will learn how symmetric-key encryption works from a practical perspective.

        In the “Introduction to encryption for embedded Linux developers” article, we learned the basic concepts, including an introduction to security, confidentiality and encryption, the main motivations and how encryption works, types of encryption (symmetric-key and asymmetric-key encryption), the most commonly used ciphers and the trade-offs between them.

        In this article, we will use OpenSSL to put into practice some concepts about symmetric-key encryption.

        To follow along with this article and run the commands on your machine, you just need a terminal with a recent version of OpenSSL.

        Have fun! :-)

      • CyberRisk Alliance LLCStealthy malware distribution involves polyglot files [Ed: Windows TCO]

        Deep Instinct researchers discovered that the StrRAT payload has been deployed in a campaign leveraging both JAR and MSI file formats, indicating potential execution via Windows and Java Runtime Environments.

      • Hacker NewsCybercriminals Using Polyglot Files in Malware Distribution to Fly Under the Radar [Ed: Windows TCO]

        This is not the first time such malware-laced polyglots have been detected in the wild. In November 2022, Berlin-based DCSO CyTec unearthed an information stealer dubbed StrelaStealer that’s spread as a DLL/HTML polyglot.

    • Finance

      • IBM Old TimerIrving Wladawsky-Berger: Has Economic Globalization Been a Failure?

        “So one big promise of globalization was that countries, as they became more integrated in the global economy, would also modernize on a political dimension,” said Freakonomics Radio host, Stephen Dubner in the introduction to his recent podcast Has Globalization Failed?

        Globalization was supposed to boost prosperity and democracy at the same time. The 1990s ushered a golden age of globalization, when the world seemed to be coming together. Nations were becoming more economically interdependent. The internet fostered worldwide communications. The ideological contest between communism and capitalism appeared to be over. Democracy was spreading a set of universal values – freedom, equality, human rights.

        “I’m curious how successful or unsuccessful you think that’s been?,” Dubner asked his podcast guest Anthea Roberts, professor at the Australia National University and co-author of the 2021 book Six Faces of Globalization: Who Wins, Who Loses, and Why It Matters.

        “One of the things that I think has clearly come out from both Russia and China is that that has not borne fruit in quite the way the United States may have hoped,” answered Roberts. “But part of it may also be that the U.S. may be retelling that story a little bit. It may have been that they wanted to say that it was about democracy, but actually a lot of it was also just about their own economic interests, and now their understanding of their economic interests have changed.”

    • AstroTurf/Lobbying/Politics

      • OMG! LinuxIt’s Official: 3rd-Party Twitter Apps No Longer Allowed – OMG! Linux

        Welp, it’s official: 3rd-party Twitter clients are no longer allowed to exist.

        As per Engadget, the social networking site has updated its developer agreement to state that devs can not “use or access the Licensed Materials to create or attempt to create a substitute or similar service or product to the Twitter Applications.”

        Not an awful lot of ambiguity to find in that, is there? The “similar product to the Twitter applications” phrase basically describes every unofficial Twitter app in existence.

        Last week the web winced when Twitter blocked a bunch of popular third-party Twitter apps from accessing its service.

    • Censorship/Free Speech

      • AccessNowIT Rules amendments: Indian government bids to tighten control over online content – Access Now

        Access Now is alarmed by Indian authorities’ attempts to further tighten their control of the internet via proposed new content governance rules.

        As part of revisions to the IT (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021, India’s Ministry of Electronics and Information Technology (MeitY) has extended its deadline for feedback on draft amendments for online gaming. At the same time, it has proposed an amendment requiring intermediaries to remove content that the central government’s Press Information Bureau or other authorised agencies deem to be “fake or false.” Including such content governance provisions at the last minute undermines the consultative process, and demonstrates the ongoing lack of transparency and open deliberation in MeitY’s rulemaking processes.

        “The Central Government is designating its press relations office — the Press Information Bureau — as the online arbiter of what is true and what is false,” said Raman Jit Singh Chima, Asia Pacific Policy Director and Senior International Counsel at Access Now. “This will give them the power to decide what content stays up and what is taken down, without any parliamentary authorisation or legal authority whatsoever.”

        The proposed provision will jeopardise press freedoms by making it almost impossible for media outlets to question or contradict the government’s version of events in their reports.

    • Civil Rights/Policing

      • Citizen LabInformation Controls Fellowship Program 2023 – The Citizen Lab

        The Information Controls Fellowship Program (ICFP) from the Open Technology Fund (OTF) fosters research, outputs, and creative collaboration on repressive Internet censorship and surveillance issues. The program supports examination into how governments in countries, regions, or areas of OTF’s core focus are restricting the free flow of information, cutting access to the open Internet, and implementing censorship mechanisms, threatening global citizens’ ability to exercise basic human rights and democracy; work focused on mitigating such threats is also encouraged.

    • Monopolies

      • Copyrights

        • Heather J MeekerIs Copyright Eating AI? [Ed: So a 'former' Microsofter is trying to defend Microsoft plagiarism. Says a lot about Microsoft. "Hey Hi" (AI) does not mean plagiarism, but Microsoft muddies the water intentionally.]

          Marc Andreessen famously said that software is eating the world. But the latest and greatest software trend–generative AI–is in danger of being swallowed up by copyright law. Like a cruise ship heading for a scary iceberg, AI is in trouble, and the problems are mostly below the surface.

          [...]

          The Stable Diffusion suit alleges copyright infringement, stating that, “The resulting image is necessarily a derivative work, because it is generated exclusively from a combination of the conditioning data and the latent images, all of which are copies of copyrighted images. It is, in short, a 21st-century collage tool.” That characterization is the essence and conclusion of the lawsuit, and one with which many AI designers would disagree.

          So, all neural network developers, get ready for the lawyers, because they are coming to get you.

  • Gemini* and Gopher

    • Technical

      • A weird framework is not itself a compelling mystery

        Many of the best works of fiction, like Groundhog Day, use a weird framework to tell compelling stories.

        These stories can use the weirdness to tell stories of themes that are difficult to get at otherwise, like infinity or effervescence, or how different choices or different behavior in a situation can cause different outcomes, or the weirdness can be a metaphor for something else, or it can be just a backdrop for introducing interrelated sub-stories of compelling characters.

        All those usages of weirdness are different from each other but can all be great. Pretty much all my favorite fiction is on the “weird” shelf. Love it. The human experience made hyper-clear by going beyond the real.

      • The finger protocol support really is universal.

        On Windows and macOS the finger command is already installed by default. Just fire up a terminal and you are good to go. It is also present on many (most?) Linux distros in the default setup and even when that isn’t true, it’s typically a simple install command away. But actually, you may not even need to install it, since it is such a basic protocol it is easily simulated with other common networking tools.

      • In Which I Rant About the Most User Hostile Piece of Tech I Own

        I don’t use it as a “smart” TV any more. For that I use a Fire TV stick which definitely isn’t better from a privacy standpoint, but it’s way faster, supports more codecs, and is much friendlier towards advanced users.

        I wanted to disconnect the Roku from my wifi since I have no use for it being on the network and I’d rather it not spy on everything I watch. Turns out they really don’t want you doing that.

        First of all, the option to clear your network settings is buried several menus deep in advanced system settings, nowhere near the rest of the network settings. Annoying, but nothing you can’t figure out after an internet search.

      • Build scripts for non-code projects

        Build scripts are super helpful. By “build scripts” I mean Makefiles, a publish.sh shell script, really anything that automates building or creating something. Usually that’s a program, but I find them helpful even for things that are not strictly speaking development work.

        For example, I have been porting the content from some Apple history projects to Markdown. I also am publishing them as gemtext on my capsule. This is an iterative process, so generating the gemtext is something I do as I add more content.

      • When your problem is perpendicular to your project

        At work one of our new devs has been working on a problem we originally assigned a day or two worth of points to resolve. The issue itself is not that interesting, we run on top of a commonly used web framework with a shadow DOM and need an event to trigger when the page is done loading. But as the page fills in dynamically and data is pulled asynchronously all solutions for this problem are hit or miss if they work and none work 100% of the time. It is a common issue, one of those where no one has a good Stack Exchange solution in spite of the fact there are many duplicate questions posted.

        What I found interesting about this problem is why it exists and why no one has a good solution. Our specific problem is that the framework doesn’t really have the concept of a page load being “complete.” Components are connected with properties, async calls for data will modify these properties and the page is always in a state of agitation. We can’t use timers because of the drastic difference in time to load from a desktop on a 1Gbps connection compared to a super slow 3G cell connection. We can’t use event handlers in the page because when component life cycle claim it exist the page may still be changing and the event fires too soon.


* Gemini (Primer) links can be opened using Gemini software. It’s like the World Wide Web but a lot lighter.

Share in other sites/networks: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Reddit
  • email

Decor ᶃ Gemini Space

Below is a Web proxy. We recommend getting a Gemini client/browser.

Black/white/grey bullet button This post is also available in Gemini over at this address (requires a Gemini client/browser to open).

Decor ✐ Cross-references

Black/white/grey bullet button Pages that cross-reference this one, if any exist, are listed below or will be listed below over time.

Decor ▢ Respond and Discuss

Black/white/grey bullet button If you liked this post, consider subscribing to the RSS feed or join us now at the IRC channels.

DecorWhat Else is New


  1. Sirius Finished

    Yesterday I was sent a letter approving my resignation from Sirius ‘Open Source’, two months after I had already announced that I was resigning with immediate effect; they sent an identical letter to my wife (this time, unlike before, they remembered to also change the names!!)



  2. The Collapse of Sirius in a Nutshell: How to Identify the Symptoms and Decide When to Leave

    Sirius is finished, but it's important to share the lessons learned with other people; there might be other "pretenders" out there and they need to be abandoned



  3. Links 03/02/2023: WINE 8.1 and RapidDisk 9.0.0

    Links for the day



  4. Links 02/02/2023: KDE Gear 22.12.2 and LibreOffice 7.5

    Links for the day



  5. Linux News or Marketing Platform?

    Ads everywhere: Phoronix puts them at the top, bottom, navigation bar, left, and right just to read some Microsoft junk (puff pieces about something that nobody other than Microsoft even uses); in addition there are pop-ups asking for consent to send visitors’ data to hundreds of data brokers



  6. Daily Links at Techrights Turn 15, Time to Give Them an Upgrade

    This year we have several 15-year anniversaries; one of them is Daily Links (it turned 15 earlier this week) and we've been working to improve these batches of links, making them a lot more extensive and somewhat better structured/clustered



  7. Back to Focusing on Unified Patent Court (UPC) Crimes and Illegal Patent Agenda, Including the EPO's

    The EPO's (European Patent Office, Europe's second-largest institution) violations of constitutions, laws and so on merit more coverage, seeing that what's left of the "media" not only fails to cover scandalous things but is actively cheering for criminals (in exchange for money)



  8. European Patent Office Staff Votes in Favour of Freedom of Association (97% of Voters in Support)

    The Central Staff Committee (CSC) at the EPO makes a strong case for António Campinos to stop breaking and law and actually start obeying court orders (he’s no better than Benoît Battistelli and he uses worse language already)



  9. Links 02/02/2023: Glibc 2.37 and Go 1.20

    Links for the day



  10. IRC Proceedings: Wednesday, February 01, 2023

    IRC logs for Wednesday, February 01, 2023



  11. Links 01/02/2023: Security Problems, Unrest, and More

    Links for the day



  12. Links 01/02/2023: Stables Kernels and Upcoming COSMIC From System76

    Links for the day



  13. IRC Proceedings: Tuesday, January 31, 2023

    IRC logs for Tuesday, January 31, 2023



  14. Links 31/01/2023: Catchup Again, Wayland in Xfce 4.20

    Links for the day



  15. Links 31/01/2023: elementary OS 7

    Links for the day



  16. Intimidation Against Nitrux Development Team Upsets the Community and Makes the Media Less Trustworthy

    Nitrux is being criticised for being “very unappealing”; but a look behind the scenes reveals an angry reviewer (habitual mouthpiece of the Linux Foundation and Linux foes) trying to intimidate Nitrux developers, who are unpaid volunteers rather than “corporate” developers



  17. Links 31/01/2023: GNOME 44 Wallpapers and Alpha

    Links for the day



  18. Free and Open Source Software Developers' European Meeting (FOSDEM) and KU Leuven Boosting Americans and Cancellers of the Father of Free Software

    The Free Software Foundation (FSF) and its founder, Richard M. Stallman (RMS), along with the SFLC one might add, have been under a siege by the trademark-abusing FSFE and SFC; Belgium helps legitimise the ‘fakes’



  19. Techrights in the Next 5 or 10 Years

    Now that I’m free from the shackles of a company (it deteriorated a lot after grabbing Gates Foundation money under an NDA) the site Techrights can flourish and become more active



  20. 60 Days of Articles About Sirius 'Open Source' and the Long Road Ahead

    The Sirius ‘Open Source’ series ended after 60 days (parts published every day except the day my SSD died completely and very suddenly); the video above explains what’s to come and what lessons can be learned from the 21-year collective experience (my wife and I; work periods combined) in a company that still claims, in vain, to be “Open Source”



  21. IRC Proceedings: Monday, January 30, 2023

    IRC logs for Monday, January 30, 2023



  22. Taking Techrights to the Next Level in 2023

    I've reached a state of "closure" when it comes to my employer (almost 12 years for me, 9+ years for my wife); expect Techrights to become more active than ever before and belatedly publish important articles, based on longstanding investigations that take a lot of effort



  23. The ISO Delusion: When the Employer Doesn’t Realise That Outsourcing Clients' Passwords to LassPass After Security Breaches Is a Terrible Idea

    The mentality or the general mindset at Sirius ‘Open Source’ was not compatible with that of security conscientiousness and it seemed abundantly clear that paper mills (e.g. ISO certification) cannot compensate for that



  24. Links 30/01/2023: Plasma Mobile 23.01 and GNU Taler 0.9.1

    Links for the day



  25. EPO Management Isn't Listening to Staff, It's Just Trying to Divide and Demoralise the Staff Instead

    “On 18 January 2023,” the staff representatives tell European Patent Office (EPO) colleagues, “the staff representation met with the administration in a Working Group on the project “Bringing Teams Together”. It was the first meeting since the departure of PD General Administration and the radical changes made to the project. We voiced the major concerns of staff, the organization chaos and unrest caused by the project among teams and made concrete proposals.”



  26. Links 30/01/2023: Coreboot 4.19 and Budgie 10.7

    Links for the day



  27. IRC Proceedings: Sunday, January 29, 2023

    IRC logs for Sunday, January 29, 2023



  28. [Meme] With Superheroes Like These...

    Ever since the new managers arrived the talent has fled the company that falsely credits itself with "Open Source"



  29. Not Tolerating Proprietary 'Bossware' in the Workplace (or at Home in Case of Work-From-Home)

    The company known as Sirius ‘Open Source’ generally rejected… Open Source. Today’s focus was the migration to Slack.



  30. The ISO Delusion: A Stack of Proprietary Junk (Slack) Failing Miserably

    When the company where I worked for nearly 12 years spoke of pragmatism it was merely making excuses to adopt proprietary software at the expense of already-working and functional Free software


RSS 64x64RSS Feed: subscribe to the RSS feed for regular updates

Home iconSite Wiki: You can improve this site by helping the extension of the site's content

Home iconSite Home: Background about the site and some key features in the front page

Chat iconIRC Channel: Come and chat with us in real time

Recent Posts