Bonum Certa Men Certa

Links 01/03/2023: More TikTok Bans



  • GNU/Linux

    • Server

      • Kubernetes BlogBlog: Introducing KWOK: Kubernetes WithOut Kubelet

        Have you ever wondered how to set up a cluster of thousands of nodes just in seconds, how to simulate real nodes with a low resource footprint, and how to test your Kubernetes controller at scale without spending much on infrastructure?

        If you answered "yes" to any of these questions, then you might be interested in KWOK, a toolkit that enables you to create a cluster of thousands of nodes in seconds.

        What is KWOK?

        KWOK stands for Kubernetes WithOut Kubelet. So far, it provides two tools:

        kwok
        kwok is the cornerstone of this project, responsible for simulating the lifecycle of fake nodes, pods, and other Kubernetes API resources.
        kwokctl
        kwokctl is a CLI tool designed to streamline the creation and management of clusters, with nodes simulated by kwok.
        Why use KWOK?

        KWOK has several advantages:

    • Audiocasts/Shows

      • Late Night Linux – Episode 218

        Canonical angers the community again – this time by asking Ubuntu flavours to stop shipping Flatpak by default, we can’t decide whether Microsoft or Google are worse, NASA contributes to way more open source software than you might think, ten years of Steam on Linux, and KDE Korner.

      • Bryan LundukeOn Lunduke's New Radio Show (and how awesome it is)

        Listen now (21 min) | The Lunduke Journal of Technology Podcast - Feb 28, 2023

    • Graphics Stack

    • Applications

      • DebugPoint5 Best FOSS PDF editors for Ubuntu and Other Linux

        Looking for a free and open-source PDF editor for Ubuntu? Read on to learn about the top PDF editors for Ubuntu and step-by-step guides on how to edit PDF files using them.

        Ubuntu is a popular operating system among developers, students, and professionals. Editing PDF files is a common task for many users, but finding the right tool for the job can be difficult. In this article, we'll look at some of the best PDF-free and open-source editors and their features.

      • Linux LinksMachine Learning in Linux: Ultimate Vocal Remover GUI

        With the availability of huge amounts of data for research and powerful machines to run your code on with distributed cloud computing and parallelism across GPU cores, Deep Learning has helped to create self-driving cars, intelligent voice assistants, pioneer medical advancements, machine translation, and much more. Deep Learning has become an indispensable tool for countless industries.

        Ultimate Vocal Remover is a GUI that lets you isolate stems from music. It offers convenient access to a wide range of different models.

      • LinuxiacMonophony: A GTK YouTube Music Player with Local Playlists

        Music is an integral part of our lives, and for Linux users, finding the right music player can be daunting. With so many options available, finding one that suits your needs can be challenging.

        However, if you’re looking for a sleek and minimalist music player with built-in playlist support to listen to your favorite tunes, then Monophony might be the answer you’ve been looking for.

    • Instructionals/Technical

      • LinuxTechiHow to Install PgAdmin4 on RHEL 9 Step by Step
      • Linux Host SupportHow To Install Plausible Analytics on Ubuntu 22.04

        Plausible Analytics is a free and open-source, self-hosted web analytics application that helps you to track your website visitors. It is a simple analytics alternative to Google Analytics. In this tutorial, we will install Plausible in a docker container and then install Apache as a reverse proxy for Plausible Analytics. Prerequisites Step 1.

      • LinuxiacHow to Install Docker on Linux Mint 21: A Step-by-Step Guide

        Follow our step-by-step guide to easily install Docker on your Linux Mint 21 system and start containerizing your applications.

      • Linux NightlyInstall Google Chrome on RHEL/Fedora/CentOS/Rocky/AlmaLinux

        In this tutorial, we'll see how to install the Google Chrome browser on RHEL-based Linux distributions such as Red Hat, Fedora, AlmaLinux, Rocky Linux, and CentOS in a few short steps. Installing Google Chrome Step 1. Download the Google Chrome RPM file with the wget command: $ wget https://dl.google.com/linux/direct/google-chrome-stable_current_x86_64.rpm Step 2.

      • Linux NightlyHow to Install VirtualBox on Fedora 37/36

        In this tutorial, you will learn how to install Oracle VirtualBox on Fedora Linux. VirtualBox is a very easy-to-use solution for all of your virtualization needs on Fedora, allowing you run different Linux distros, Windows, MacOS, and BSD as guest operating systems.

      • OpenSource.com3 tips to manage large Postgres databases

        The relational database PostgreSQL (also known as Postgres) has grown increasingly popular, and enterprises and public sectors use it across the globe. With this widespread adoption, databases have become larger than ever. At Crunchy Data, we regularly work with databases north of 20TB, and our existing databases continue to grow. My colleague David Christensen and I have gathered some tips about managing a database with huge tables.

      • Dan LangilleReplacing postfix with dma

        I like Postfix. I’ve been a fan of it for over 20 years. I deployed it on every host for outgoing email. Lately, I’ve taken to using dma (DragonFly Mail Agent) as my preferred mail handler on jails and hosts which don’t need to deal with incoming mail, only outgoing mail. After first getting serious with it about 6 months ago, I decided to remove it from all internal hosts during the consolidation of two hosts into one.

      • APNICTroubleshooting the other half

        You should know the operational state of your network because there really is no reason why you should not. The IETF and your hardware vendor of choice have worked hard to give you a whole fleet of protocols and machinery to assess all aspects of the pieces of the Internet that are under your direct control. But once you leave your own network and enter the public Internet, there is hardly anything you can do to pinpoint potential problems. And you might argue that nobody other than the network operator in question should actually be able to do that. Well, people using vital infrastructure hosted in the cloud might disagree.

      • University of TorontoFuture Internet PKI schemes need to be bootstrapped through web PKI

        A core element of any public key infrastructure (PKI) is identifying things, because by themselves public keys are relatively useless; you care about using public keys to talk to something or authenticate some information, and for that you need to know who you're talking to or who is giving you this information. Identifying things on the Internet can sound simple ('root of trust' everyone says in chorus) but it turns out to be very hard to do in practice in the face of attackers, misaligned incentives, mistakes, and other issues. There is exactly one Internet PKI system that is solving this problem in practice with a demonstrated ability to operate at scale and despite problems, and that is public web TLS.

      • OMG UbuntuWant to Create a Custom Ubuntu ISO? Try Cubic

        Create a custom Ubuntu ISO using Cubic, an open-source GTK app with an easy-to-use interface. The app works on Ubuntu 18.04 and up.

      • KifarunixConfigure Docker Daemon for Remote Connections

        Is it possible to connect Docker daemon running on remote host from local Docker client? Yes, this tutorial will take you through how to configure Docker daemon for remote connections. Docker daemon listens on Unix socket on a localhost by default.

      • KlaraZFS Optimization Success Stories

        Discover why storage is the main performance bottleneck for most workloads. Learn about Klara Performance Audits and Bug Investigations related to storage.

      • Peter Czanik: Syslog-ng 101, part 9: Filters
      • Peter 'CzP' CzanikPeter Czanik: Syslog-ng 101, part 9: Filters

        This is the ninth part of my syslog-ng tutorial. Last time, we learned about macros and templates. Today, we learn about syslog-ng filters. At the end of the session, we will see a more complex filter and a template function.

      • Adam Young: Vector Multiplication Using the Neon Coprocessor instructions on ARM64

        Last post I showed how to do multiplication for a vector of integers using ARM64 instructions. Lots of use cases require these kinds of operations to be performed in bulk. The Neon coprocessor has instructions that allow for the parallel loading and multiplication of numbers. Here’s my simplistic test of these instructions.

      • A Console-based Audio Visualizer for ALSA
        # Installing
        apt search cava
        sudo apt install cava
        # modify the default config to change the colors by their hex color code
        cava -p
        mkdir ~/.cava
        nano ~/.cava/config
        cava # run with changes!
      • It's FOSSTerminal Basics Series #3: Listing the Contents of Directory With ls Command

        In this chapter of Terminal Basics series, learn about displaying the contents of a directory, sorting them and checking file stats.

      • ID RootHow To Install Insomnia on Ubuntu 22.04 LTS

        In this tutorial, we will show you how to install Insomnia on Ubuntu 22.04 LTS. For those of you who didn’t know, Insomnia is a popular open-source REST API client that allows developers to test and debug HTTP requests.

      • ID RootHow To Install Slack on Fedora 37

        In this tutorial, we will show you how to install Slack on Fedora 37. For those of you who didn’t know, Slack is a powerful tool for team communication and collaboration.

      • ID RootHow To Change Hostname on Debian 11

        In this tutorial, we will show you how to change the hostname on Debian 11. For those of you who didn’t know, In Linux, the hostname is the name assigned to a computer, typically in a networked environment.

      • ID RootHow To Install R and RStudio on Fedora 37

        In this tutorial, we will show you how to install R and RStudio on Fedora 37.

    • Games

      • Terence EdenWhy are video games so expensive these days?

        I was looking to buy the latest Zelda game for my wife as a present (Shhh! Don't tell her!) and it was SIXTY BLOODY QUID! For a video game!

        That seems extortionate. I remember, when I were a lad, video games cost... wait? Do I remember? Or is it just rose tinted glasses?

      • ArduinoThis illuminated chessboard displays possible moves

        This is still a work in progress, but the short video does a great job of demonstrating the concept. The entire board is lit from underneath and normally shows the standard checkered pattern. But when a person lifts up a piece, the surrounding squares change color to indicate where the player can place that piece. The starting square is yellow, and squares the piece can move to are green. Red squares indicate positions that a piece would normally be able to go, but which are blocked by other pieces.

      • GamingOnLinuxJSAUX makes more Steam Deck backplate colours available

        Want to give your Steam Deck a bit more colour and customization? The new coloured translucent backplates from JSAUX are available to order.

      • GamingOnLinuxParadox plan announcements next week, like a new game from Cities Skylines dev

        Paradox Interactive announced that on Monday, March 6th they will be announcing a whole bunch of new games and expansions.

      • TechdirtAnnouncing The Winners Of The 5th Annual Public Domain Game Jam!

        In January, we asked designers to create games based on works that entered the public domain this year for our fifth annual public domain game jam, Gaming Like It’s 1927! It took us a little while to get through all the entries, but now it’s time to announce the winners, and it was not an easy decision. There were so many great entries this year, and you should check them all out.

      • GamingOnLinuxProton Experimental fixes up Wo Long: Fallen Dynasty, No Man's Sky

        Proton Experimental from Valve has been upgraded fixing up some more problematic games for Steam Deck and Linux Desktop.

      • GamingOnLinuxFury Unleashed got a nice update to get it Steam Deck Verified

        Fury Unleashed, a fast-paced action roguelike from Awesome Games Studio, recently had a rather nice upgrade for Steam Deck players. It has full Linux support with a Native Linux version too, and it is now Steam Deck Verified using that Native build.

      • GamingOnLinuxOpenRA gets a big new stable release, lots of fun for classic RTS fans

        After multiple testing releases, OpenRA for the playing the classics Red Alert, Command & Conquer€ and Dune 2000 has now released a major upgrade.

      • GamingOnLinuxInventory management roguelike Backpack Hero releases 1.0 in May

        Currently in Early Access with Native Linux support and rated Steam Deck Playable, the inventory management roguelike Backpack Hero is releasing in full in May.

    • Desktop Environments/WMs

      • Systemd 76COSMIC DE: February Discussions

        And we’re back! As projects have been completed and more are in progress, we’re light on things to report this time around. The Bluetooth applet joins many others in being added to COSMIC DE. There’s been discussion around decisions like how config files and widget layering should work, but most of the conversation has been around COSMIC DE’s text editor application. The UX team gathered data on what people like about existing text editors like Vim and VS Code, and they now have an initial concept for how the text editor will behave!

      • K Desktop Environment/KDE SC/Qt

        • OMG! LinuxKDE Plasma Development Branch Now Qt 6 Only

          With KDE Plasma 5.27 out of the door — this was the final release in the Qt 5-based 5.x series — development effort is going to focus entirely on the next generation.

  • Distributions and Operating Systems

  • Free, Libre, and Open Source Software

    • OpenSource.com3 myths about open source CMS platforms

      There are two choices when it comes to building a website. You can choose an open source platform like Drupal or WordPress, or a proprietary platform overseen by a company like Adobe or Microsoft. How do you know which is best for your website?

      For organizations with limited budgets, the choice is either an open source site or something less flexible like Wix or Squarespace – the cost attached to a proprietary platform might be out of reach. However, for a large enterprise organization, both approaches have pros and cons worth addressing.

    • OpenSUSEOpen Source Policy Update Spotlights AI Considerations

      Arecent update of SUSE’s Open Source Policy is giving developers, communities and projects food for thought as Artificial Intelligence chatbots and protocols are gaining popularity and are being integrated into the fabric of global society.

      The policy is specific to all SUSE employees; the ambition, however, is that open-source communities and developers give the policy careful consideration and that the policy will inspire other companies to adopt or introduce an open-source policy.

    • MedevelBest 5 Open Source Identity Management Solutions (IAM) For Enterprise for 2023

      Identity management is a crucial aspect of modern-day digital operations. It involves the management of user identities, access controls, and authentication in a secure and efficient manner. With the rise of cloud computing, the need for effective identity management solutions has become more apparent.

    • EarthlyAnnouncing Earthly v0.7

      We do not take major or minor releases lightly at Earthly. We’ve never had a major release, and our last minor release was over a year ago, in December 2021 (read about it in Announcing Earthly v0.6). That’s because we know that the reliability and stability of your build and CI/CD processes are of the utmost importance. In every minor release of Earthly (and also eventually when we have a major release), all features promoted to GA have finalized APIs and have been through thorough testing. That’s why we are comfortable enabling all features promoted to GA by default.

    • Web Browsers/Web Servers

      • Mozilla

        • MozillaCommon Sense Media’s ultimate guide to parental controls

          Do you need parental controls? What are the options? Do they really work? Here’s everything you need to know about the wide array of parental control solutions, from OS settings to monitoring apps to network hardware.

        • MozillaAn Axios tech reporter on her favorite corners of the internet

          Here at Mozilla, we are the first to admit the internet isn’t perfect, but we are also quick to point out that the internet is pretty darn magical. The internet opens up doors and opportunities, allows for people to connect with others, and lets everyone find where they belong — their corners of the internet. We all have an internet story worth sharing. In My Corner Of The Internet, we talk with people about the online spaces they can’t get enough of, what we should save in Pocket to read later, and what sites and forums shaped them.

    • SaaS/Back End/Databases

      • Programming Language DataBaseA brief interview with Rexx creator Mike Cowlishaw

        Mike Cowlishaw is a distinguished computer scientist and creator of Rexx and NetRexx. He has worked on many other programming languages, including PL/I, C and Java. Mike Cowlishaw is a Visiting Professor at the Department of Computer Science at the University of Warwick. He is a Fellow of the Royal Academy of Engineering, elected for his contributions to the field of engineering, and is a retired IBM Fellow. His relentless spirit has catapulted too many contributions to count yet he remains humble and accessible :)

    • Education

      • Sumana HarihareswaraPyCon 2023: "Argument Clinic" & Mitigating COVID Risk

        I plan to attend PyCon US 2023 in person in mid-April in Salt Lake City, Utah, USA. I'll be speaking there, co-presenting the play "Argument Clinic: What Healthy Professional Conflict Looks Like" with Jacob Kaplan-Moss at 5pm MT on Friday, April 21st.

      • MWLBSDCan 2023 Tutorial: OpenBSD Storage Management

        I’ll be teaching a four-hour tutorial on OpenBSD storage management at BSDCan 2023. As you might imagine, it’s based on OpenBSD Mastery: Filesystems.

    • Programming/Development

      • Tim BradshawDynamic binding without special in Common Lisp

        Common Lisp has two sorts of bindings for variables: lexical binding and dynamic binding. Lexical binding has lexical scope — the binding is available where it is visible in source code — and indefinite extent — the binding is available as long as any code might reference it. Dynamic binding has indefinite scope — the binding is available to any code which runs between when the binding is established and when control leaves the form which established it — and dynamic extent — the binding ceases to exist when control leaves the binding form.

      • Tim BradshawTwo tiny Lisp evaluators

        Everyone who has written Lisp has written tiny Lisp evaluators in Lisp: here are two more.

        Following two recent articles I wrote on scope and extent in Common Lisp, I thought I would finish with two very tiny evaluators for dynamically and lexically bound variants on a tiny Lisp.

      • Alex EwerlöfThe Dangers of Enforcing a Premature RTO Policy

        Amazon used to have a generous remote work policy. Since last week it demands at least 3 days at the office per week. It is not the first company to enforce RTO (return to office) policy: [...]

      • IdiomdrottningA glex/acetone example

        Glex is such a limited and clueless lexer that has zero idea about context, and acetone is such an strange and weird parser that doesn’t look anything like a traditional BNF string rewriting parser. At first glance they look like they’d be beyond useless. So here’s a worked example.

      • Jim NielsenEnd Users Over All Else, Even In Our Tools

        While the consumerization of software has made strides towards putting the focus and decision making power in the hands of end users, many people are still required to use obtuse software because somebody from Company A took somebody from Company B out to dinner and a round of golf. In return, the person at Company B said, “Sure, we’ll throw you our business.”[1]

      • Loris CroZig's Curious Multi-Sequence For Loops

        Zig has just gained new for loop syntax that allows you to iterate on multiple slices / arrays at the same time. In this blog post I’m going to explain in detail the rationale behind this choice, while also introducing you to a couple useful patterns that the syntax is meant to encourage.

      • Linux HintStrsep() Function in C Language

        Practical tutorial on how to use the strsep() function, the theoretical explanation of its operation, its syntax, and the type of data that they each accept.

      • Linux HintStrdup() Function in the C Language

        Comprehensive tutorial on how to use the strdup() function, its syntax, its theoretical explanation about its usage, and its input and output arguments.

      • Linux HintDo-While Loops in the C Language

        Guide on how to use the conditional “do-while” loop, what the conditional loops are consist of and discussed the different options available in the C language.

      • Python

        • Linux HintPython Pad a String with Leading Zeros

          To pad the string with leading zeros in Python, the “f-string“, “format()”, “zfill()”, “rjust()”, and “ljust()” methods can be used.

        • Linux HintPython Add String to List

          To add the string to the list, the “+” operator, the “insert()” method, the “extend()” method, and the “itertool.chain()” method can be used.

        • Linux HintPython Inline If-else

          The inline if-else is a logical statement that allows users to preserve the code quality in a single line by replacing the number of lines of “if-else” code.

        • Linux HintPython Prepend List

          To prepend the Python list, the “+” operator with square brackets “[ ]”, “slicing” method, “insert()“ method and “deque.appendleft()“ method can be used.

        • Linux HintPip Install Tkinter

          The pip install tkinter command is used to install the tkinter package, a GUI building tool, in your Python Environment. Read this guide to learn about Tkinter.

        • Linux HintPython Substring After Character

          To get substring after a character in Python, the “split()” method, the “partition()” method, the “index()” and the “find()” method are used.

        • Linux HintPython Check if a String is a Float

          To check if a string is float or not in Python, the “float()” method, the “replace()” method and the “isdigit()” method are used.

        • Linux HintPython Truncate String

          Truncating a string means splitting the string into separate parts. In Python, truncating a string can be done by slicing and by using the rsplit() method.

        • Linux HintPython Insert Character Into String

          Use the concatenation operator (+) to add the character(s) at either end of the string, or use the string slicing to insert them into the middle of the string.

        • Linux HintPython KeyboardInterrupt

          The Python KeyboardInterrupt is the action performed by the user by pressing the combination “CTRL + C” terminating the execution of the program.

        • Linux HintOverwrite a file in Python

          To overwrite a file in Python, either use the open() method with the mode “w” or the truncate method. To overwrite specific content, use the re.sub() method.

        • Linux HintPython Multiply List by Scalar

          In Python, a list can be multiplied with a scalar using list comprehension, loops, maps, and the Numpy Package. Read to learn all these methods.

      • Shell/Bash/Zsh/Ksh

        • [Old] Linux HandbookWhat is Zsh? Should You Use it?

          Now, the questions comes, what features make Zsh a popular choice and should you even bother to use it?

          Let me answer that.

        • [Old] FOSSLinuxBash vs. Zsh – differences you should know

          Linux is known most famously for freedom (free as in free speech, not free beer). It will allow you to do anything to your system, which goes to such an extent that it even implodes if you tell it to. This freedom is mainly accessible to the users through the operating system’s shell (shell can be thought of as the interface to the operating system). This shell is usually Bash, but again, thanks to the freedom, that’s not necessary.

          Today, we will explore an alternative shell called Z Shell that has been gaining a lot of attention and popularity recently, and for a good reason. We will also see how it is different from our good ol’ Bash.

  • Leftovers

    • Science

    • Health/Nutrition/Agriculture

    • Proprietary

      • GizmodoTesla Pauses 'Full Self-Driving' Beta Rollout Amid Latest Recall

        In the lead-up to Tesla’s March 1 Investor Day event, the company is facing renewed challenges and questions over the safety of its driver assistance technology.

      • India TimesTesla, Elon Musk sued by shareholders over self-driving safety claims

        In a proposed class action filed in San Francisco federal court, shareholders said Tesla defrauded them over four years with false and misleading statements that concealed how its technologies, suspected as a possible cause of multiple fatal crashes, "created a serious risk of accident and injury."

      • NBCDish Network confirms network outage was a cybersecurity breach

        The intrusion took place on the morning of Feb. 23, the same day the company reported its fourth-quarter earnings. “This morning, we experienced an internal outage that’s continuing to affect our internal servers and IT telephony,” Dish CEO W. Erik Carlson said at that time. “We’re analyzing the root causes and any consequences of the outage, while we work to restore the affected systems as quickly as possible.”

      • The Register UKNews Corp outfoxed by IT intruders for years [iophk: Windows TCO]

        A year later, according to a four-page letter sent to employees, News Corp executives said the unidentified cybercriminals likely first gained access to a company system as early as February 2020, and then got into "certain business documents and emails from a limited number of its personnel's accounts in the affected system."

      • Data BreachesU.S. Marshals Service suffers ransomware breach that compromises sensitive information, senior law enforcement officials say [iophk: Windows TCO]

        The U.S. Marshals Service suffered a security breach over a week ago that compromises sensitive information, multiple senior U.S. law enforcement officials said Monday.

      • NBCU.S. Marshals Service suffers 'major' security breach that compromises sensitive information, senior law enforcement officials say [iophk: Windows TCO]

        In a statement Monday, U.S. Marshals Service spokesperson Drew Wade acknowledged the breach, telling NBC News: “The affected system contains law enforcement sensitive information, including returns from legal process, administrative information, and personally identifiable information pertaining to subjects of USMS investigations, third parties, and certain USMS employees.”

        Wade said the incident occurred Feb. 17, when the Marshals Service "discovered a ransomware and data exfiltration event affecting a stand-alone USMS system."

      • Data BreachesCrowdStrike: Threat actors shifting away from ransomware

        The cybersecurity vendor this week published its “2023 Global Threat Report,” which annually compiles CrowdStrike’s research related to cybercrime, or “eCrime,” from the previous year. Major topics covered in the 2023 report include malware-free extortion attacks, cloud-related attacks and ongoing geopolitical conflicts.

      • CNNTop US cyber official warns software firms aren’t doing enough to stop damage from [crackers] from China and elsewhere [iophk: Windows TCO]

        Easterly’s speech reflects frustration from US officials that major software programs used by millions of people are routinely released with gaping flaws that can be exploited by [crackers]. After a series of high-profile [breaches], the Biden administration introduced cybersecurity regulations for sectors such as pipelines. US officials have not ruled out more regulation in an effort to raise defenses.

      • Riccardo MoriSubscription fatigue and related musings

        This is an App Store review of an app I, too, have been using on my iOS devices for years. I have translated the review because it only appears on the Spanish App Store. The ‘previous version’ the reviewer refers to is the last version of the app to use the ‘free with in-app purchases’ model. Since then, the developer has switched to a ‘free with strict limitations unless you subscribe’ model.

    • Security

      • The Kent StaterKent State’s ticket vendor down due to security breach

        The third-party ticket vendor for Kent State events, including athletics and performing arts, experienced a security breach Tuesday.€  AudienceView has halted services until the investigation is over.

      • Krebs On SecurityHackers Claim They Breached T-Mobile More Than 100 Times in 2022

        Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user's text messages and phone calls to another device.

      • GizmodoA Top LastPass Engineer's Home PC Got Pwned by a Hacker's Keylogger

        Beleaguered password manager LastPass has announced yet another serious security screwup and, this time, it may be the final straw for some users.

      • Security WeekSecurity Defects in TPM 2.0 Spec Raise Alarm

        Security defects in the Trusted Platform Module (TPM) 2.0 reference library specification expose devices to code execution attacks.

        Security researchers at Quarkslab have identified a pair of serious security defects in the Trusted Platform Module (TPM) 2.0 reference library specification, prompting a massive cross-vendor effort to identify and patch vulnerable installations.

      • uni Carnegie MellonTCG TPM2.0 implementations vulnerable to memory corruption

        Two buffer overflow vulnerabilities were discovered in the Trusted Platform Module (TPM) 2.0 reference library specification, currently at Level 00, Revision 01.59 November 2019. An attacker who has access to a TPM-command interface can send maliciously-crafted commands to the module and trigger these vulnerabilities. This allows either read-only access to sensitive data or overwriting of normally protected data that is only available to the TPM (e.g., cryptographic keys).

      • Port SwiggerBug Bounty Radar // The latest bug bounty programs for March 2023

        New web targets for the discerning hacker

      • Security WeekRansomware Attack Hits US Marshals Service

        The US Marshals Service has confirmed that ransomware was deployed on one of its systems that contains sensitive law enforcement information.

      • Security WeekVulnerabilities Being Exploited Faster Than Ever: Analysis

        The time from vulnerability disclosure to exploitation is decreasing, according to a new intelligence report from Rapid7.

      • Security WeekVulnerability in Popular Real Estate Theme Exploited to Hack WordPress Websites [Ed: FUD. This is about a theme! Not WordPress.]

        A critical vulnerability in the Houzez premium WordPress theme and plugin has been exploited in the wild.

      • Security Week‘Hackers’ Behind Air Raid Alerts Across Russia: Official

        Russian authorities said that several television and radio stations that have recently broadcast air raid alerts had been breached by hackers.

      • GhacksFirefox 110.0.1 fixes security issues and a crash: here are the details

        Mozilla plans to release Firefox 110.0.1 Stable later today. The new stable version of the Firefox web browser fixes security issues in the browser as well as crashes and other non-security issues.

        Firefox users may select Menu > Help > About Firefox to display the version that is installed on their device. The browser checks for updates when the about page is opened, and it will download any update that it finds to the local system to install note.

        Please note that the update may not be available yet, if you are reading this on February 28,2023.

      • GizmodoDish Network Confirms Hack Following Chaotic Multi-Day Outage

        Dish Network, the television provider and satellite/telecoms company, has been hacked, according to a statement published Tuesday on its website.

      • Security Week33 New Adversaries Identified by CrowdStrike in 2022 [Ed: Microsoft-connected CrowdStrike is a political front group, alsoa FUD merchant, not a reliable source or authority]

        CrowdStrike identified 33 new threat actors and campaigns in 2022, including many cybercrime groups and operations.

      • Security WeekNew ‘Exfiltrator-22’ Post-Exploitation Framework Linked to Former LockBit Affiliates [Ed: Microsoft Windows TCO]

        A recently identified post-exploitation framework ‘Exfiltrator-22’ uses the same C&C infrastructure as the LockBit ransomware.

      • Integrity/Availability/Authenticity

      • Privacy/Surveillance

        • GizmodoAmazon Driver Says AI Is Tracking Their Every Move, Even Beard Scratching

          The dark overlord Sauron that is the online retail giant Amazon always has its eye on its workers, and none more so than its delivery drivers.

        • Signal hotar lämna länder som bryter kryptering

          Meddelande-appen Signal meddelar att den kan komma att lämna länder som tvingar den att kringgÃ¥ kryptering. Till exempel vad gäller brittiska Online Safety Bill och EU:s #ChatControl / CSA Regulation.

        • AntiWarHow Social Networks Became a ‘Subsidiary’ of the FBI and CIA

          The US Congress last tried to grapple with what the country’s ballooning security services were up to nearly half a century ago. In 1975, the Church Committee managed to take a fleeting, if far from complete, snapshot of the netherworld in which agencies such as the Central Intelligence Agency (CIA),

        • Scoop News GroupWhite House faces deeply skeptical Congress as it advocates for controversial surveillance tool

          Section 702 of the Foreign Intelligence Surveillance Act, which was saved from the brink of sunsetting by Congress twice before, is in perhaps its most precarious position yet. Leading House Republicans, including House Judiciary Chairman Jim Jordan, R-Ohio, have signaled strong opposition to renewing surveillance. House Minority Leader Hakeem Jeffries, D-N.Y., voted against reauthorization in 2018 while other Democrats have made it clear that their support for reauthorization is dependent on significant reforms.

          Those signs of early opposition to the law, which is set to expire at the end of this year, may be the reason the White House has started to publicly push for its renewal 10 months before 702 expires. In statements released Tuesday and during an event at the Brookings Institution the same day, top law enforcement and national security officials made their case that 702 has become an essential tool for protecting Americans against a growing number of threats.

        • Scoop News GroupIllinois’ biometric privacy law provides blueprint as states seek to curb data collection

          Congressional efforts to address the concerns about online privacy have largely failed. Last year, federal privacy legislation that covered biometric data passed out of a House committee but floundered on the floor and its Senate companion didn’t even reach a vote. States, tired of waiting around, have increasingly filled in the gaps with their own laws.

        • Vice Media GroupUS Military Signs Contract to Put Facial Recognition on Drones

          The Air Force paid RealNetworks $729,056 for SAFR. “Through this effort, we will adapt the SAFR facial recognition platform for deployment on an autonomous [small unmanned aircraft system] for special ops, [intelligence, surveillance, and target acquisition] , and other expeditionary use-cases,” the contract said. “This will require integrating the SAFR software with the hardware and software stack of the [small drones], including its onboard compute, communications systems, and remote controller software to enable operation in [disconnected, intermittent, and limited] communications settings, support actionable insight for remote human operators, and open the opportunity for real-time autonomous response by the robot.”

        • El PaísWhite House: No more TikTok on Government devices within 30 days

          The Office of Management and Budget calls the guidance, issued Monday, a “critical step forward in addressing the risks presented by the app to sensitive government data.” Some agencies, including the Departments of Defense, Homeland Security and State, already have restrictions in place; the guidance calls on the rest of the federal government to follow suit within 30 days. The White House already does not allow TikTok on its devices.

        • National Post'Unacceptable level of risk': Canada bans TikTok from federal government devices

          In a statement Monday, Treasury Board Secretariat President Mona Fortier confirmed reporting by National Post that no government mobile device would be allowed to host the short-video social media app owned by Chinese company ByteDance as of Tuesday.

        • India TimesTikTok's Chinese ownership, security concerns spark bans across nations

          The move has thrown a spotlight on the social media app owned by ByteDance, the world's most valuable start-up, and raised concerns of its proximity to the Chinese government and hold over user data across the world.

        • NYOBData brokers: Identification possible to sell ads, not to exercise fundamental rights

          Today, noyb filed a series of complaints against websites and data brokers that did not correctly address access requests using cookies as an authentication factor. The companies had shown obstructive approaches when authenticating users; ranging from denying the right to access, to requiring additional information, unnecessary to authenticate the user.

      • Confidentiality

        • [Older] TechCrunchSensitive US military emails spill online

          The exposed server was hosted on Microsoft’s Azure government cloud for Department of Defense customers, which uses servers that are physically separated from other commercial customers and as such can be used to share sensitive but unclassified government data. The exposed server was part of an internal mailbox system storing about three terabytes of internal military emails, many pertaining to U.S. Special Operations Command, or USSOCOM, the U.S. military unit tasked with conducting special military operations.

        • BBCSignal would 'walk' from UK if Online Safety Bill undermined encryption

          But the digital rights campaigners the Open Rights Group said it highlighted how the bill threatened to "undermine our right to communicate securely and privately".

          But Ms Whittaker told the BBC it was "magical thinking" to believe we can have privacy "but only for the good guys".

        • Wladimir PalantLastPass breach update: The few additional bits of information

          Half a year after the LastPass breach started in August 2022, information on it remains sparse. It took until December 2022 for LastPass to admit losing their users’ partially encrypted vault data. This statement was highly misleading, e.g. making wrong claims about the protection level provided by the encryption. Some of the failures to protect users only became apparent after some time, such as many accounts configured with a dangerously low password iterations setting, the company hasn’t admitted them to this day.

    • Defence/Aggression

      • AntiWarThe Antiwar Movement Roars Back to Life

        On February 19th, the National Mall in Washington, DC saw its largest antiwar rally in 20 years. The speakers list included four former US presidential candidates and a broad and diverse collection of antiwar activists from beyond the left and right.

      • AntiWarJoe Biden Disparages George Washington on President’s Day With Trip to Kyiv

        Rather than celebrating President’s Day in the United States on Monday, February 20, President Joe Biden went to Kyiv to meet with Ukrainian President Volodymyr Zelensky. In direct contradiction to President George Washington’s 1796 farewell address, Biden delivered another $500 million in military aid to keep bloodying the Ukraine killing fields.

      • The StrategistTime for a more honest conversation about foreign basing in Australia

        Australia needs to have a more honest conversation, with itself and its main ally, about the b-word. As a straight-talking country that prides itself on its closeness to the United States, Australia finds it curiously ...

      • The StrategistTreason, sedition and parliamentary privilege in Fiji

        Contrary to some media reports, Fijian opposition leader Frank Bainimarama’s three-year suspension from parliament was not for an act of sedition. Rather, he was excluded from service to the parliament for something more prosaic—using unparliamentary ...

      • Atlantic CouncilMakings of the Market: Seven perspectives on offensive cyber capability proliferation

        The marketplace for offensive cyber capabilities continues to grow globally. Their proliferation poses an expanding set of risks to national security and human rights, these capabilities also have legitimate use in state security and defense. To dive deeper on this topic, we asked seven experts to offer their perspectives.

      • Atlantic CouncilThe fourth inflection point: Testimony of Frederick Kempe to the House Permanent Select Committee on Intelligence

        This moment is as crucial as the periods after World War I, World War II, and the Cold War, when US leadership alongside allies and partners—or the failure of US leadership—will have global and generational consequences.

      • Atlantic CouncilWhat we learned from the Russia-China-South Africa military drills

        Why did these three nations get together? What’s in it for South Africa? Our experts set sail with the answers.

      • Atlantic CouncilTech innovation helps Ukraine even the odds against Russia’s military might

        Over the past year, Ukrainians have demonstrated their ability to defeat Russia using a combination of raw courage and innovative military tech, writes Ukraine's Digital Transformation Minister Mykhailo Fedorov.

      • Jacobin MagazineRupert Murdoch’s Press Empire Is a Threat to Democracy

        Murdoch poses a threat to democracy in the United States and the United Kingdom. But ultimately he’s a symptom of an industry-wide problem. Disgraced CBS chairman Leslie Moonves was infamously quoted as saying that Trump’s 2016 presidential campaign “may not be good for America, but it’s damn good for CBS,” demonstrating to the public that the media system is less interested in holding power to account than prioritizing profit margins from advertisements.

      • ABCIran can make enough material for nuclear device in 'about 12 days,' US official says

        On Tuesday, the IAEA said the capability had actually reached 83.7 percent, which is on the verge of making weapons-grade uranium.

      • Deutsche WelleDenmark abolishes public holiday to boost defense spending

        People in Denmark will no longer get a long weekend off for "Great Prayer Day" late in the spring starting next year, after lawmakers passed a bill on Tuesday scrapping it as a public holiday.

        The move comes as Denmark's newly-formed government seeks to implement reforms aimed at improving the country's welfare model, and as it tries to reach its NATO defense spending targets.

      • RFERLIslamist Militants Have Pakistan's Police In Their Crosshairs

        More than 2,100 Pakistani police personnel have been killed and 7,000 injured since 2001, but never have they been the target of militants' operations to the degree they are today.

      • DroidGazzetteWhy Technology Will Define the Future of Geopolitics

        The competition between the United States and China is as much a competition between systems as it is between states. In the Chinese model of civil-military fusion, the government promotes domestic competition and funds emerging winners as “national champions.” These companies play a dual role, maximizing commercial success and advancing Chinese national security interests. The American model, on the other hand, relies on a more disparate set of private actors. The federal government provides funding to basic science but largely leaves innovation and commercialization to the market.

        For a long time, the trifecta of government, industry, and academia was the primary source of American innovation. This collaboration drove many technological breakthroughs, from the moon landing to the Internet. But with the end of the Cold War, the U.S. government grew averse to allocating funding for applied research, and it even lowered the amount devoted to fundamental research. Although private spending has taken off, public investments have plateaued over the past half century. In 2015, the share of government funding for basic research dropped below 50 percent for the first time since the end of World War II, having hovered around 70 percent in the 1960s. Meanwhile, the geometry of innovation—the respective role of public and private players in driving technological progress—has changed since the Cold War, in ways that have not always yielded what the country needs. The rise of venture capital helped accelerate adoption and commercialization, but it did little to address higher-order scientific problems.

      • Scoop News Group‘A year of cyberwar’ with Russia: An inside look from a top Ukrainian cybersecurity official

        Covert cyber operations during the eight years prior to the invasion, which we can consider part of this ongoing war, were preparations to the full scale war which we have right now — testing the efficiency of technologies and probing with the goal of understanding the possibility of using cyber as a destructive way of attacking Ukraine. We shouldn’t underestimate the importance Russian offensive cyberattacks. But in general, they choose to use more disruptive weapons, while keeping cyber operations for psychological operations or cyberespionage.

      • International Business TimesDangerous threats, violence against MPs have worsened since Jo Cox murder

        The panel is set to be co-chaired by Tory Baroness Gabrielle Bertin and Labour's Lord Vernon Coaker. The ongoing issue of the MP's safety was brought to light once more after Tory MP Sir David Amess was stabbed to death during a constituency surgery in 2021.

      • ADFSub-Saharan Africa Emerges as Epicenter of Violent Extremism

        Like al-Shabaab, violent extremist groups such as Al-Sunna wa Jama’a, or ASWJ, Boko Haram, Daesh and Jama’at Nusrat al-Islam wal Muslimeen, or JNIM, are seizing on local grievances to establish a foothold in mostly rural communities across the region. That is among the findings of new reporting by the United Nations Development Program (UNDP).

        One recent UNDP report labels Sub-Saharan Africa as one of the world’s new epicenters for violent extremism.

      • ADFIslamic State Expands Campaign of Violence in the Sahel

        The woman, one of about 410,000 people displaced by violence in Mali, added that the group “just wants to control the area [and] bring the people to submission while promising security and that any opposition would not be accepted.”

      • Deutsche WelleWhy are so many Pakistanis trying to reach the EU illegally?

        Over one-fifth of Pakistan's 220 million people already live below the national poverty line, according to the Asian Development Bank and IMF.

        Currently, inflation is running at nearly 30%, the wealth gap is enormous, and tax avoidance by the rich is rampant.

    • Transparency/Investigative Reporting

      • ReasonACLU of N.C., Freedom of the Press Foundation, and I Are Challenging Sealing of Documents Related to Gag Order

        In Doe v. U.N.C. Sys. (W.D.N.C.), a case challenging the expulsion of plaintiff Jacob Doe for alleged sexual assault, the court issued a quite remarkable TRO last week: It, among other things, required defendants "to direct all individuals"—including UNC students—"over whom they exercise control to refrain from publishing or disclosing any information concerning the Plaintiff...

      • Site36German government dupes parliament: Cooperations with foreign secret services remain secret

        The term is used to justify secrecy if the information sought by parliament comes from a service abroad. According to the argumentation, this authority only transmitted the information on the condition that no third party obtains knowledge of it. This concerns, among other things, the activities of the Federal Intelligence Service, which is responsible for overseas reconnaissance. Since 2001, the Federal Office for the Protection of the Constitution (BfV) has also been working together with all other domestic secret services of the Schengen states in a „Counter Terrorism Group“. It belongs to the informal „Club of Berne“, about which there is also great secrecy vis-à-vis the Bundestag.

    • Environment

      • Omicron LimitedWastewater sector emits nearly twice as much methane as previously thought

        "The waste sector is one of the largest anthropogenic sources of methane in the world," said Mark Zondlo, professor of civil and environmental engineering and associated faculty at the Andlinger Center for Energy and the Environment. "As cities continue to urbanize and develop net-zero plans, they can't ignore the liquid wastewater treatment sector."

      • Jacobin MagazineCanada Loves to Shower Fossil Fuel Companies With Public Money

        In effect, Smith is promising to lower already cut-price royalty obligations if oil companies fulfill a task to which they are already legally committed. If Smith is reelected and the program goes through, the cost to Albertans will very likely be immense. When Smith first pushed the idea as a lobbyist, she advocated for oil companies to be subsidized by R-Star credits in the amount of $20 billion.

      • Science NewsAn incendiary form of lightning may surge under climate change

        An analysis of satellite data suggests “hot lightning” — strikes that channel electrical charge for an extended period — may be more likely to set landscapes ablaze than more ephemeral flashes, researchers report February 10 in Nature Communications. Each 1 degree Celsius of warming could spur a 10 percent increase in the most incendiary of these Promethean bolts, boosting their flash rate to about four times per second by 2090 — up from nearly three times per second in 2011.

      • NBCFTX ex-engineering chief Nishad Singh pleads guilty to criminal charges

        Two of the criminal charges are related to wire fraud, and another is conspiracy to commit commodities fraud.

      • David RosenthalThe Center For Gaslighting About Blockchains

        Source On March 10th 2022, as Bitcoin recorded a 43% loss from its peak the previous November, and 8 weeks before Terra/Luna crashed, driving the loss to 76%, Princeton launched the Center for the Decentralization of Power Through Blockchain Technology.

        A year later I am laughing as I read Francesca Maglione’s Princeton Says Crypto Chaos Helps Justify Its Blockchain Center describing their desperate attempts to spin this as a good move. Below the fold I pour scorn on this outbreak of "blockchain is the answer, now what was the question?".

      • BBC[Cryptoccurrency]-mining scheme run from US school crawl space

        Nadeam Nahas, 39, who was an assistant facilities director in Cohasset, pleaded not guilty in court on Friday.

        He is charged with fraudulent use of electricity and vandalising Cohasset High School, just outside Boston.

      • RFERLIran's Power Company Warns Of Cuts Due To Illegal Cryptocurrency Mining

        Such illegal mining was responsible for 20 percent of blackouts over the summer, the statement added.

      • Business InsiderAuthorities seek arrest of man who allegedly mined [cryptocurrency] under a high school and stole $18,000 of electricity

        Nadeam Nahas, the former assistant facilities director for the town of Cohasset, was scheduled to be arraigned Thursday on charges of vandalizing a school and stealing $18,000 worth of electricity. But he failed to appear in court, and a judge issued a warrant for his arrest.

        The town discovered 11 computers, electrical wiring, and ductwork in the crawl space of Cohasset High School in December 2021.

      • Modern DiplomacyFuture Potential of Fusion Energy

        The fusion energy is moving in the right direction. Firstly, the regimes have to step up investment in the fusion industry. Secondly, the decentralization of fusion research is transpiring. Incipient startups are growing, companies are taking an interest in fusion energy, and private-sector investment is transpiring at an expeditious rate. According to a survey by FIA, 93 percent of people working in the fusion industry believe that fusion energy will reach the grid by 2030. In the last year, the survey percentage of these people was 83 per cent. In the same survey, 84 percent of respondents believe that fusion energy is going to be efficacious. The top Chinese scientist believes that fusion energy will become authentic by 2028. These people might be partial towards the prospects of fusion energy because they work in the fusion industry; however, fusion energy is, without a doubt, moving in the right direction.

      • Omicron LimitedNew study shows people are willing to start bicycling more post-COVID-19 pandemic

        The findings, which were recently published in Scientific Reports, were the result of an analysis of data from the COVID-19 and the Future Survey conducted by Arizona State University and the University of Illinois Chicago.

        Results showed that two factors came out of their findings: People who are more environmentally friendly and those who are more satisfied with their life have a higher probability of cycling more post-pandemic.

      • Renewable Energy WorldBattery recycler Li-Cycle Holdings inks $375m DOE loan pledge

        Canada-based Li-Cycle Holdings said that it received a conditional commitment for a $375 million loan from the Department of Energy’s Loan Programs Office, through DOE’s Advanced Technology Vehicles Manufacturing program.

      • Low Tech MagCan We Make Bicycles Sustainable Again?

        For this article, I have consulted academic studies that compare different types of bicycles against each other or focus on the manufacturing stage of a particular two-wheeler. That kind of research was virtually non-existent until three or four years ago. Using the available material, I compare different generations of bicycles. Set in a historical context, it becomes clear that the resource use of a bike's production increases while its lifetime is becoming shorter. The result is a growing environmental footprint. That trend has a clear beginning. The bicycle evolved very slowly until the early 1980s and then suddenly underwent a fast succession of changes that continues up to this day.

      • Copenhagen PostClimate report: Denmark is behind schedule on CO2 emission ambitions

        Council on Climate Change contends that there is great risk that climate targets won’t be reached unless significant action is taken

      • Science AlertAntarctic Sea Ice Is The Lowest It's Been in 45 Years of Records, Researchers Report

        This is fine.

    • Finance

    • AstroTurf/Lobbying/Politics

    • Censorship/Free Speech

      • GizmodoRecord Number of Countries Blocked the Internet in Blackouts in 2022

        Governments in 35 countries shut down the internet for a record total of at least 185 times in 2022 alone, a new study shows.

      • GizmodoRussia Hits Wikipedia With Fine for Going Against Putin's War Narrative

        Russia issued a two million ruble fine ($27,000) to Wikipedia on Tuesday, claiming the site refused to remove “misinformation” about the country’s military involvement in the Ukraine War. The Kremlin issued a series of laws last year restricting reports that contradict Russia’s official message.

      • QuilletteWords Are the Only Victors

        Even with Rushdie in hiding the controversy continued to rage. Bookstores in the United States were firebombed. The novel’s Japanese translator was stabbed to death. And dozens were killed in anti-Rushdie protests around the world.

        But as the years passed the controversy waned and Rushdie began to appear more frequently in public. By the time of the Chautauqua event, more than 33 years had passed since the fatwa, which was beginning to seem like an empty threat. Perhaps this explains the lack of security at the event, where audience members were prohibited from bringing coffee into the hall but were seemingly not checked for weapons.

      • ReasonA group autopsy of the Supreme Court's oral argument on section 230

        As promised, the Cyberlaw Podcast devoted half of this episode to an autopsy of Gonzalez v Google LLC , the Supreme Court's first opportunity in a quarter century to construe section 230 of the Communications Decency Act. And an autopsy is what our panel – Adam Candeub, Gus Hurwitz, Michael Ellis and Mark MacCarthy – came to perform. I had already laid out my analysis and predictions in a separate article for the Volokh Conspiracy, contending that both Gonzalez and Google would lose.

      • ReasonWhy Big Tech will lose its Supreme Court case on section 230

        First, a bit about the case. Gonzalez seeks to hold Google liable because the terror group ISIS was able to post videos on YouTube, and YouTube recommended or at least kept serving those videos to susceptible people. This contributed, the complaint alleges, to a terror attack in Paris that killed Gonzalez's daughter. Google's defense is that section 230 makes it immune from liability as a "publisher" of third-party content, and that organizing, presenting, and even recommending content is the kind of thing publishers do.

      • NYPostMore than half of college professors bite their tongues over cancel culture fears

        Academic freedom is under siege. A new survey from the Foundation for Individual Rights and Expression (FIRE) reveals professors are shutting their mouths and biting their tongues out of fear of being canceled.

        In their newly released report “The Academic Mind in 2022,” FIRE (where I’ve been a fellow since 2021) surveyed nearly 1,500 professors from colleges and universities across the country. The results show mass self-censorship and a widespread fear that saying the wrong thing could cost them their reputations — or even their jobs.

    • Freedom of Information / Freedom of the Press

    • Civil Rights/Policing

      • The Kent StaterCampus Views: Black minds matter

        The most pressing issues in the Black community are the disparity in mental health resources, cultural stigmas and the lack of Black psychiatric health professionals.

      • ShadowproofGeorgia Prisoners May Lose Critical Lifelines As Prison Officials Overhaul Communications And Target Contraband Phones

        As Georgia prison officials move towards fully digitizing communications with Securus and curtailing access to contraband cellphones, incarcerated people and their loved ones are speaking out.

      • Common Dreams'Schultz Has Given Us No Choice': Sanders Plans Vote to Subpoena Starbucks CEO

        U.S. Sen. Bernie Sanders on Wednesday announced plans to have the committee he chairs vote next week on whether to subpoena Starbucks CEO Howard Schultz, who so far has refused to provide testimony about the coffee chain's federal labor law violations.

      • FAIRTyre Nichols Was One of Too Many

        News outlets treat cases like Tyre Nichols' as isolated incidents, lavishing short-term attention that makes the chronic seem exceptional.

      • CoryDoctorowVW wouldn't help find kidnapped child because his mother wasn't paying for find-my-car subscription

        Likewise, the VW execs who decided to nonconsensually track the location of every driver and sell that data to shady brokers – but to deny car owners access to that data unless they paid for a "find my car" subscription – didn't foresee that their cheap, bumbling subcontractors would refuse the local sheriff's pleas to locate the car with the kidnapped toddler.

      • CBCVancouver police shoot man twice with less-lethal rounds in case of mistaken identity

        Before he could explain he was not that man, police shot him twice with less-lethal rounds in the stomach and buttocks "at point blank range." Barnett's complaint describes the rounds as bean bags. Police referred to them as rubber bullets.bv

      • [Repeat] Vice Media GroupThe Invisible Workers Who Train Google's Algorithm Fought for $15/Hr and Won

        A group of contractors working on Google products have won a second historic pay raise and will now be paid the company’s minimum standard wage of $15 an hour, according to a Monday announcement by the Alphabet Workers Union-CWA.

        This victory comes after the union delivered a petition demanding that the contract workers be included in Google’s company-wide U.S. Wages and Benefits Standards to the company’s Mountain View, CA headquarters on Feb. 1. Over 1,000 Alphabet workers signed it.

      • ShadowproofGeorgia Prisoners May Lose Critical Lifelines As Prison Officials Overhaul Communications And Target Contraband Phones

        As Georgia prison officials move towards fully digitizing communications with Securus and curtailing access to contraband cellphones, incarcerated people and their loved ones are speaking out. According to advocates, contraband phones are both a vital transparency tool and are increasingly used by Georgia prison officials as a scapegoat for agency brutality and incompetence.

        When Tim Ward was commissioner of the Georgia Department of Corrections (GDC) last year, he told the state senate that the department believes cellphones are used to commit crimes and plan “hits” on civilians within the prison walls. The crackdown on such devices is allegedly a response to threats to safety and security within the prison system. However, incarcerated people and their advocates say the GDC is attending to fears of media exposure and enjoys financial incentives to remove the devices.

      • NBCIran probes 'deliberate' poisoning of schoolgirls across the country

        The mysterious incidents may have been deliberate attacks designed to prevent girls from seeking an education, officials said in recent days, after previously downplaying the issue. Girls and young women have played a prominent role in the protests that have rocked the Islamic Republic.

      • Common DreamsIsraeli Police Crack Down on 'National Day of Disruption' Over Judicial Overhaul

        Under fire for pushing what critics have decried as an authoritarian overhaul of Israeli's judicial system, the country's right-wing government directed police to respond with force on Wednesday as thousands of people marched, blocked traffic, and rallied to protest the plan.

    • Internet Policy/Net Neutrality

    • Monopolies

      • Software Patents

      • Copyrights

        • Michael GeistCanadian Copyright, Fair Dealing and Education, Part Five: Open Textbooks Saving Students Millions of Dollars

          Fair Dealing Week for 2023 may have come to an end, but my series on Canadian copyright, fair dealing, and education continues.

          [...]

          I’ve often written about the importance of open access publishing. The Directory of Open Access Journals (DOAJ) now lists nearly 19,000 open access journals featuring millions of articles which play an increasingly important role not only in knowledge dissemination but also as course materials. For example, the University of Guelph’s electronic course reserve data shows that shows that their open access course materials increased by 79.9% between 2018/19 and 2021/22. In 2021, Simon Fraser University was one of 14 universities across Canada to adopt an institution-wide open access policy and in 2020, Selkirk College was recognized for their “Open First!” approach that prioritized open access resources in course curriculum.

        • Public Domain ReviewLaw and Ordure: Scatalogic Rites of All Nations (1891)

          In this strange book, marked “not for general perusal”, the use excrement in medicine, magic, and culture is elevated to a universal aspect of human life.

        • ZimbabweLet’s talk about how ChatGPT and friends could kill blogs and the [Internet] as we know it

          Google and ChatGPT do not actually know the answers to the questions we ask them. They just search the internet for the answer on the websites accessible to them and serve it to us. ChatGPT can generate original content but it needs a lot of information to be out there from which to train itself.

          Most of these websites they pull from or train themselves on are commercial enterprises that rely on getting eyeballs on their websites. You know the business model, you visit a website and scroll through the content and as you do that they serve you a few ads so they can get paid themselves.

          Now, if Google or ChatGPT scour through that website and serve the answer to the searcher in plain text, then the searcher does not even need to visit the website. You can see the problem, right? With no eyeballs going to the website, the website loses out on ad revenue. Tough luck, you say.

          Well, we could look at it as the world moving on from that particular way of doing things and tell websites to move with the times. However, let us remind ourselves that Google does not have a bank of this information, they rely on those same websites.

  • Gemini* and Gopher

    • Personal

      • It's been a while eh!

        I seem to be following my normal pattern of blogging for a bit, and then forgetting to update it for months at a time cos I don't think I have anything fun, interesting or blog worthy to report.

        Anyways, living in the country has been OK. We got the insulation and double glazing finished up in early spring, and we had a few cold (0€°C overnight, top of 9€°C) days, and the diffrence was pretty astounding. The kitchen felt so warm we thought we'd left the oven on accidentally. We eventually got the fire managed so that we were maintaining ~20€°C on those colder days with it damped almost all the way down, which is a big diffrence from not being able to sustain more than about 18€°C with the fire on full blast previously!

        We have the Solar and battery installed, ended up with 12.7kW of panels, and a 22kWh battery backing it, with lights and sockets being powered in a grid down event, so far we've been effectively off grid since it was turned on! Hasn't been without hitches though, the Zappi car charger we got was tripping the breaker after ~40 minutes of charging. Discovered that the terminals on the breaker weren't ever tightened properly, causing it to overheat and trip. Then it worked for a while, charging up at full speed from excess solar, decided to check the terminals inside the thing and they also were not tightened down properly :( And once we put it back together, it no longer worked. It's being replaced by MyEnergi (the manufacturuer) but I'll have to get a sparkie to install, and that's not going to happen before Christmas I don't reckon.

      • Fun in games

        People were playing a horror game (CoC I think), chars are in some monster infested tunnels, one of ‘em suddenly goes “I panic, the flashlight slips out of my hand, and I run”, tunnels go dark, monsters go omnomnom, rest in pieces rest of party. Players mad AF out of character because the game had set up conflicting affordances. The flashlight dropper had violated their expectation of “trying to win” in the situation. If there had been rules in place that rewarded that sort of behavior (like compels in Fate) or even mandated it (fear checks in Alien, meters in Unknown Armies), that’d sidestep the argument and lead to clarity.

        The “actor”/“instigator” type players who like to experience things on an emotional level and act it out fully would be allowed to do so, and the tactical minded players would need to take the psychological state of their characters into account (à la Darkest Dungeon), making it more acceptable as just another vector for trouble, parameter to plan around—or, if the design was focused on another kind of fun, rules could reward or mandate calming your tits for three seconds and just hold the light steady while we figure this situation out. Either way the design would have a clear promised premise and lean into that promise rather than fight it all the way like that PoS game CoC does.

      • Against the “Criterion of Embarrassment”

        Before we get into it, I wanna clarify that I’m not arguing against the historicity of the baptism or crufixion. I’m just arguing against a specific line of reasoning about it.

        The criterion of embarrassment is the idea that a group would not make up false embarrassing facts about their own leaders, and therefore ideas such as “having to” get your sins baptized away or “succumbing to” a painful humiliating death could not have been made up or mythical.

      • 🔤SpellBinding: DEILTZU Wordo: FILER
      • Books list

        These are the books that I'm reading, have read, or haven't read. You may find many of them on Gutenberg and/or Standard Ebooks, and some of them in the care list. If I don't forget, I'll link to their sources. Though less common, if I have a page dedicated to a book of this list I'll link to it instead, like I did with How to Avoid a Climate Disaster.

      • Streetlights

        On Monday evening I was returning home from an appointment by car. My route took me across a bridge crossing over an interstate highway, at a time when the sun had just dipped below the horizon.

        The bridge was lined with streetlights activated by individual light sensors, as opposed to a central switch. As I reached the intersection just before the bridge, the the streetlights turned on--but not all at the same time. At first only one light blinked on, but after about a second, another light began to glow. Then came a third, a fourth, and a host of about two dozen in rapid (and uneven) succession. Soon all but one of the lights illuminated the roadway, and the last, seemingly hurrying to catch up with the others, winked into life a few seconds later.

      • I'm seriously wondering who is trolling who at this point

        I have a Gmail account. I signed up early enough to get my name as an email address at Gmail. But I never use it for anything, so by default, anything that arrives there is either spam or misaddressed. I will occasionally check it, and I found two emails from one Trudy XXXXX€­XXXXX€­X.

      • Its fasting time...

        After observing myself going back to the bad old habits (spending too many hours mindlessly browsing reddit and zoning out to youtube) and - worse - spending way too much time in r/collapse and subreddits dedicated to the ongoing conflict in Ukraine (which did absolutely no good to my - even under normal circumstances - brooding personality). So i set the goal to leave the commercial net with all its addictive content for at least until easter... and perhaps leave it for good.

      • An even-handed and restrained criticism of police

        In July 2011 in Norway a man in a cop uniform and flashing a cop badge killed 77 people. The whole idea of “trust law enforcement”, “comply” etc is a sick joke.

        There are often reports in the news here about elderly being robbed by people claiming to be police. Usually reported with the victim-blaming slant that “well of course they should’ve called their local precint and waited in line on the phone for hours and gotten their badge numbers and verified them before opening the door”.

        Really? What happened to “well of course they should’ve complied and not have to suffer police brutality”...?

    • Technical

      • text-only interfaces

        I'd like to talk a little bit about how I've changed my private workflow more and more towards text-only interfaces.

        It started when I had caught myself sitting in front of my triple-monitor Windows 10 machine, evening after evening, either mindlessly performing “dailes” in one video game or another, or watching YouTube videos that barely interested me. I had stopped *doing* and was only *consuming*, passing time until I could fall asleep.

        I felt that what I needed was _less_. Less technicolor, ultraHD, dolby surround. More focus, more purpose and communication.

      • sudo make install

        I found a weird bug. It occurred while installing neatroff, which is a nice, new, tidy implementation of troff. It can be used from the source dir itself, or can be installed to a $(BASE) like /usr/local/share/neatroff.

      • Internet/Gemini

        • Molly Brown upgrade

          Ahoy, Geminatus! Sometime this coming weekend (March 4th and 5th) I will be installing a more recent version of the Molly Brown Gemini server software which powers gemini.circumlunar.space. The new version is currently being "dog fooded" at another server with promising results so far, so I anticipate the upgrade going smoothly. One can never quite be sure when computers are involved, though, so here's some advance warning to please not panic immediatley if there is a little downtime. I'll be keeping an eye out for gremlins over the weekend. If things still seem to be acting up come Monday - especially if you have a user capsule here and it stops working like it used to - then feel free to bring this to my attention.

        • A Decentralized Internet

          Let's imagine a hypothetical decentralized internet for a second.

          Your home internet connection is fast, and it's fast for both uploads and downloads. You're not much of a sysadmin, but like everyone else, you know someone who is, and maybe even live with them. They run some services on a laptop in their house (or in yours, if you live together).

          You decide you want to talk to your friend who lives a few hundred miles away. Instead of logging into Discord, you log into the XMPP server your sysadmin buddy runs for you. It connects to the XMPP server your friend runs in their house, and y'all have a nice chat.

        • Self-hosting calendars is a mess

          Here I was, thinking that hosting a calendar for my family would be easy…

          Currently my wife and me use Google Calendars to keep track of birthdays, times where I'm away from home because of work, etc. You know, the usual things. But since I want to get us off the clouds and regain control over our data, the next item on my list was to see if I could host a calendar server myself.


* Gemini (Primer) links can be opened using Gemini software. It's like the World Wide Web but a lot lighter.



Recent Techrights' Posts

'Dark Patterns' or a Trap at the European Patent Office (EPO)
insincere if not malicious E-mail from the EPO's dictators
There's an Abundance of Articles About the New Release of Kali Linux, But This One is a Fake
It can add nothing except casual misinformation (fed back into the model to reinforce lies)
 
Links 20/12/2024: Security Patches, Openwashing by Open Source Initiative, Prison Sentence for Bitcoin Charlatan and Fraud
Links for the day
Another Terrible Month for Microsoft in Web Servers
Consistent downward curve
LLM Slop Disguised as Journalism: The Latest Threat to the Web
A lot of it is to do with proprietary GitHub, i.e. Microsoft
Gemini Links 20/12/2024: Regulation and Implementing Graphics
Links for the day
Links 20/12/2024: Windows Breaks Itself, Mass Layoffs Coming to Google Again (Big Wave)
Links for the day
Microsoft: "Upgrade" to Vista 11 Today, We'll Brick Your Audio and You Cannot Prevent This
Windows Update is obligatory, so...
The Unspeakable National Security Threat: Plasticwares as the New Industrial Standard
Made to last or made to be as cheap as possible? Meritocracy or industrial rat races are everywhere now.
Microsoft's All-Time Lows in Macao and Hong Kong
Microsoft is having a hard time in China, not only for political reasons
[Meme] "It Was Like a Nuclear Winter"
This won't happen again, will it?
If You Know That Hey Hi (AI) is Hype, Then Stop Participating in It
bogus narrative of "Hey Hi (AI) arms race" and "era/age of Hey Hi" and "Hey Hi Revolution"
Bangladesh (Population Close to 200 Million) Sees Highest GNU/Linux Adoption Levels Ever
Microsoft barely has a grip on this country. It used to.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 19, 2024
IRC logs for Thursday, December 19, 2024
Gemini Links 19/12/2024: Fast Year Passes and Advent of Code Ongoing
Links for the day
Twitter is Going to Fall Out of Top 100 Domains as Clownflare (DNS MitM) Sees It
evidence of Twitter's (X's) collapse
[Meme] Making Choices at the EPO
Decisions, decisions...
Large and Significant Error Correction in South America?
Windows now has less than half what Android achieved in terms of "market share"
IBM's Leadership Ruining Lives of People Who Thought Working for IBM Would be OK
Nobody gets fire-lined for buying IBM?
The United States' Authorities Ought to Become Enforcers of the General Public License (GPL) for National Security's Sake
US federal agencies ought to pursue availability of code and GPL compliance (copyleft), not bans
The Problem of Microsoft Security Problems is Microsoft (the Solution is to Quit Microsoft) and "Salt Typhoon" Coverage Must Name CALEA Back Doors
Name the holes, not those who exploit them.
A "Year of Efficiency"
No, we don't mean layoffs
Links 19/12/2024: Astronaut Record and Observer Absorbed
Links for the day
Links 19/12/2024: Seven Dirty Words and Isle Release v0.0.3 (Alpha)
Links for the day
Links 19/12/2024: Nurses Besieged by "Apps", More Harms of Social Control Media Illuminated
Links for the day
15 Countries Where Yandex is Already Seen to be Bigger Than Microsoft (in Search)
Georgia, Syrian Arab Republic, Cyprus, Moldova, Ukraine, Armenia, Azerbaijan, Kyrgyz Republic, Uzbekistan, Kazakhstan, Turkmenistan, Tajikistan, Belarus, Turkey, and Russia
Links 19/12/2024: Magnitude 7.3 Earthquake and Privacy Camp
Links for the day
Gemini Links 19/12/2024: Port Of Miami Explosion, TurboQOA, Gnus
Links for the day
Fake Articles About 'Linux'
Dated yesterday
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 18, 2024
IRC logs for Wednesday, December 18, 2024
FSF Has Made It Halfway to Its Target (Funding Goal) a Week Before Christmas Day
$400,000 definitely seems reachable now, especially if they extend the "deadline"
[Meme] The Master Churnalist
Speaking of press releases being passed off as "journalism"
Spamnil's TFiR: Still Pretending Press Releases Are 'Articles' (TFiR 'Originals' as Plagiarism or Fluff)
Same as last year
Links 18/12/2024: Zakir Hussain Dies, TuneIn Layoffs
Links for the day
Links 18/12/2024: Karate Love and Advent of Code
Links for the day
Windows (or Microsoft) Has Become the "One Percent" (Market Share) in Chad
How long before it falls below 1%?
Arvind Krishna, IBM's CEO, Will Eventually Suck Up to Donald Trump Like His Predecessor Did or the Watson Family Did With Adolf Hitler
Literally Hitler
Being a Geek Need Not Mean Being Sedentary
"In the past 18 months," Berkholz writes, "I’ve lost 75 pounds and gone from completely sedentary to fit, while minimizing the effort to do so (but needing a whole lot of persistence and grit)."
GAFAM Kissing the Ring of the Mafia Don
"resistance" to dictatorship and defenders of democracy?
Slop Spaghetti From the Chef, Second Time Today
Fresh slop ready out the oven!
IBM - Like Microsoft - Lies About the Number of People It's Laying Off (Several Tens of Thousands, Not Counting R.T.O. "Silent" Layoffs and Contractors/Perma-Temps)
How many waves of silent layoffs have we seen so far at IBM this year?
Links 18/12/2024: EU Launches Probe Into TikTok (At Last!)
Links for the day
Links 18/12/2024: Doha/Qatar Trafficking, Bloat Comfort Zone, and Advent of Code 2024
Links for the day
Saving What's Left of Decent and Independent Journalism on the Web
We increasingly (over time) try to make local copies (hosted on our server) of important documents; it's hard to rely on third parties
[Meme] Microsoft's Latest Marketing Pitch
"Stop Being Poor; buy a new PC with TPMs"
In South Africa, a Very Large Nation, Web Developers Can Already Ignore Microsoft Browsers (Edge Measured Below 3% in 55 Nations)
The dumb assumption you must naively test with Microsoft browsers is no longer applicable in a lot of places
Open Source Initiative (OSI) is the Voice of Bill Gates and Satya Nadella
Not hard to see what they've done with the money
Microsoft Boasts That Its (Microsoft-Sponsored) "Open Source AI" Propaganda Got Cited in Media (That's Just What the Money Did)
This is a grotesque openwashing campaign
In Many Places Around the World, Perhaps as Expected, Yandex is Nearly Bigger Than Microsoft (Like in Several African Countries)
Microsoft may soon fall to "third place" in search
Keeping Productive This Christmas
We've (pre)paid for hosting till almost January 2026 and fully back on the saddle
IBM and Canonical Leave Money on the Table Because Microsoft Pays Them Not to Compete and Instead Market Windows, WSL, Microsoft 'Clown Computing', and TPMs
Where are the regulators?
Other Editors Who Agree "Hey Hi" (AI) is Just Hype But Won't Say So Publicly as It Might Upset Key Sponsors
Some media would gladly participate in a scam to make money
Brian Fagioli's Latest "Linux" Article Appears to be Fake
Another form of plagiarism/ripoff using bots?
IBM (and Red Hat) is a Patent Troll, Still Leveraging Software Patents to Extract Money Out of Other Companies by Suing Them
Basically, when it comes to patents, IBM is demonstrably part of the problem, not the solution
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 17, 2024
IRC logs for Tuesday, December 17, 2024