Bonum Certa Men Certa

Links 20/1/2021: WireGuard for pfSense and New US President



  • GNU/Linux

    • Audiocasts/Shows

    • Kernel Space

      • Linux 5.10.9
      • Linux 5.4.91
      • Linux 4.19.169
      • Linux is Finally on Apple M1...Kind Of.

        Half of the reason to buy a Mac is to get native support for macOS, but that doesn’t mean Mac owners don’t also suffer from the grass-is-greener syndrome. While Apple’s operating system is known for being casual friendly and is also the OS system people who grew up on its products might be more familiar with, PC users are always quick to point out that the extra steps it adds to actions like installing programs can slow down more serious work. It’s currently possible to emulate Windows for ARM on Apple’s latest M1 Macs, but what if you want to take your power user cred a step further and use Linux on your new M1 Mac?

      • Pioneer DJM-750 DJ Mixer Handling For Linux Is En Route - Phoronix

        With Linux 5.11 came Pioneer DDJ-RR DJ controller support while for Linux 5.12 additional Pioneer DJ equipment will be supported.

        The latest Pioneer DJ kit to be supported by the Linux kernel is the Pioneer DJM-750 digital audio mixer. The Pioneer DJM-750 is a 4-channel mixer with built-in 24-bit / 96 kHz USB sound card and the same 32-bit DSP found in Pioneer's higher end models like the DJM-900NXS.

      • 2021 Could Be The Year That AMD Radeon Graphics Can Hot Unplug Gracefully On Linux - Phoronix

        It's been nearly one year that AMDGPU patches have been around to better handle GPU hot unplugging on Linux. The use-case for that being either removal via sysfs such as if then assigning the GPU to a VM or for external GPUs such as connected via Thunderbolt. Those patches are still baking but the latest iteration of the work has now been published by AMD.

        Currently the hot removal of AMD Radeon GPUs under Linux can result in a kernel oops or system hangs or application hangs, among related headaches. Reportedly, Windows doesn't handle the GPU hot-unplug situation much better.

      • Linux 5.12 To Add Atomics Support To The Promising eBPF - Phoronix

        The eBPF in-kernel virtual machine that allows for handling sandboxed "programs" within the Linux kernel continues on its stellar upward trajectory.

        eBPF remains one of the most exciting and revolutionary changes in recent years within the Linux kernel and new features continue to be tacked on to allow eBPF to fulfill more roles than the original BPF network packet filter use-case. Should you not be too familiar with eBPF, learn more on the technology at eBPF.io.

    • Instructionals/Technical

      • Block spammers/abusive IPs with Pf-badhost in OpenBSD. A 'must have' security tool!

        But how does it do all this? By periodically pulling IP addresses from well-known and well-respected spammer-IPs databases, where bad IP addresses are frequently logged (dangerous IPs reported by internet users) and stored.

        Then adding all collected IP addresses to the PF firewall (as an IP-table) that is already active on your server (hopefully?), and through that way, prevents their access to your server. So sort of works with the PF firewall.

        The blocklists are pulled from quality, trusted sources. The 'Spamhaus', 'Firehol', 'Emerging Threats' and 'Binary Defense' block lists are used as they are popular, regularly updated lists of the internet's most egregious offenders.

      • How to install Gimp 3 Beta on Linux Mint 20.1 - YouTube

        In this video, we are looking at how to install Gimp 3 Beta on Linux Mint 20.1.

      • How to dual-boot Deepin Linux and Windows on your PC | FOSS Linux

        For Windows users who want to migrate to Linux systems, Deepin Linux will give you a nearly similar user experience as the Windows User interface. In this article, we will install Deepin on the same PC on which you have Microsoft Windows installed in a dual boot configuration, which means while booting, you can select which OS you want to boot into.

      • Use the XFS File System on Oracle Linux 8
      • How to use and install Wine 6.0 on a Chromebook

        Today we are looking at how to install Wine 6.0 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • What’s the difference between apt and apt-get command?

        Most of us are often confused that what is the difference between apt and apt-get command.

        This confusion is common to all users, including newbies and experienced users.

        They are very similar command line tools used to manage package operations, including installation, upgrade, and removal.

        However, there are still some differences between them.

        In this article, we will show the difference between them.

        Make a note: Please don’t confuse the apt command with the APT, both are not the same.

        Before discussing apt and apt-get, let us discuss what is APT.

      • [Older] How to connect to an FTP server using Python

        FTP (File Transfer Protocol) needs no presentations: it is among the most used file transfer methods between one or more clients and a server. By design it supports both anonymous access and authentication, but in its most basic form it doesn’t provide data encryption, that’s why it is often secured via TLS.

      • Consuming logs from a Kafka topic using syslog-ng



        There is no official Kafka source in syslog-ng, but because this question comes up often enough, I created one. It is just a temporary workaround using the program() source, but it works. It involves Java and installing Kafka manually, but it was fast and reliabe in my tests: ingesting 50,000–100,000 messages a second on my laptop in a resource-constrained virtual machine.

        Of course, I also tried a more resource-friendly solution, using kafkacat to consume log messages from a Kafka topic. While it worked perfectly on the command line, I could not get it to work with the program() source in syslog-ng.

        If you read my blog last week about using templates in the topic() parameter of the Kafka destination, the test environment will look familiar. The only notable difference is that the tool used to consume logs from Kafka is now called within syslog-ng from a program() source.

      • Simple Linux Backups with Rsync command - LinuxTechLab

        Having a comprehensive data protection policy in place is now a fundamental practice to help ensure your data manages to weather all the storms that can be thrown at it. Saying that it should be done is the easy part, actually doing it gets more complex, and laborious, depending on the policy in place and what standards and laws the organization needs to adhere to. Fortunately, for Linux users there a tool exists that makes backing up data a breeze, and it can all be done from the command line.

      • Set up a Linux cloud on bare metal | Opensource.com

        Virtualization is one of the most used technologies. Fedora Linux uses Cloud Base images to create general-purpose virtual machines (VM), but there are many ways to set up Cloud Base images. Recently, the virt-install command-line tool for provisioning VMs added support for cloud-init, so it can now be used to configure and run a cloud image locally.

      • Quick and dirty ipmitool tutorial
      • Environment Modules - Michael Jansen, Drive By Coding

        Environment Modules is one of those open source projects that I wish more people would know and use. I always wonder why tools like asdf don’t provide support for it instead of rolling their own implementation. So lets increase awareness.

      • Easy frugal installation [Ed: updated]

        EasyOS is downloaded as an image file for a USB-stick, that you can boot on your PC. This will get you up and running with EasyOS, however, you might then want to install Easy to the hard drive in the computer. That is what this page is about.

    • Games

      • Embarrassing Bugs

        Well, this is embarrassing! I recently filed a bug against an open source project because I genuinely thought it was broken. It was (almost, probably, entirely) my fault. I thought I’d fess up and explain what happened. It might be useful for others.

        As I mentioned yesterday, I recently upgraded my Ubuntu machines, including my main desktop. It’s a funky Skull Canyon NUC with a weird hybrid Intel / AMD GPU setup and an external nVidia card in an enclosure.

        [...]

        Well, this is embarrassing! I recently filed a bug against an open source project because I genuinely thought it was broken. It was (almost, probably, entirely) my fault. I thought I’d fess up and explain what happened. It might be useful for others. As I mentioned yesterday, I recently upgraded my Ubuntu machines, including my main desktop. It’s a funky Skull Canyon NUC with a weird hybrid Intel / AMD GPU setup and an external nVidia card in an enclosure.

      • Godot Showcase - Resolutiion developer Monolith of Minds talks about their experience

        Welcome to the second developer interview following the introduction of the new Showcase page! This week, we've interviewed Monolith of Minds about their latest game Resolutiion.

      • Steampunk survival game Volcanoids has a huge combat upgrade | GamingOnLinux

        Stuck on an island where the volcano is erupting constantly, Volcanoids is an interesting setting for a survival game that gives you a big moving drill for a base.

        After sticking in co-op to the Early Access game a while back, the team at Volcanoid (yes the team is named like the game), have now boosted the combat in the game to make it actually a lot more interesting. To say this is a huge update would be quite the understatement. They added in aiming down sights, weapon recoil, bullet drop and spread, hit indicators, actual projectiles (no hit scans), lots of new animations, new guns and…you get the idea.

        [...]

        For me it's probably one of the most exciting open-world survival games (next to Valheim) supported on Linux.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • Simple-Mail Qt library 2.3 released

          SimpleMail is a small Qt library for sending mails, this release makes sure it compiles fine with Qt6, and has some small issues fixed.

          I thought this would give me a bit of work but was mostly changing CMakeLists.txt and including one header.

      • GNOME Desktop/GTK

        • GNOME 40 Will Now Handle XWayland On-Demand By Default

          Back in 2019 support was added to GNOME 3.34 to allow starting XWayland on-demand. With this opt-in feature, XWayland support would only be started up when needed (on-demand) for running X11 clients. That support has now matured enough where for the upcoming GNOME 40 it will be enabled by default.

          As of today in Mutter 40 is the enabling by default of the XWayland on-demand handling. This comes following a more robust check for helping to ensure X11 clients are no longer active prior to terminating XWayland. That plus other work now allows it to be enabled by default.

    • Distributions

      • BSD

        • WireGuard Is Now Available For pfSense - Phoronix

          The domination of the open-source WireGuard secure VPN tunnel not only on Linux systems but BSDs too... WireGuard is now available on pfSense, the FreeBSD-based firewall/router focused software platform.

          Netgate announced today that WireGuard is now available for pfSense. Following FreeBSD mainlining WireGuard support at the end of November, initial support for WireGuard has been brought to pfSense Community Edition 2.5 snapshots.

        • PulseAudio Lands Much Better Support For FreeBSD - Audio Now Plays Correctly - Phoronix

          While 2021 may be the year that some desktop Linux distributions begin using PipeWire by default as the next-generation replacement to the likes of PulseAudio and JACK, for upstream PulseAudio this week it's finally seeing better/restored support for FreeBSD. PulseAudio has merged a set of patches long available via FreeBSD Ports and the like to improve the BSD audio experience.

      • SUSE/OpenSUSE

        • OAK compatibility with all openSUSE

          While fcused on the openSUSE Innovator initiative as an openSUSE member and official Intel oneAPI innovator, I tested the OAK AI Kit device on openSUSE Leap 15.1, 15.2 and Tumbleweed. With all the work, we made available in the SDB an article on how to install this device on the openSUSE platform. More information can be found at https://en.opensuse.org/SDB:Install_OAK_AI_Kit.

          The OpenCV AI Kit, that is, OAK, is a tiny, low-end hardware computing module based on the integrated Intel Movidius Myriad-X AI chip. In comparison to other GPU, CPU, FPGA or TPU-based AI acceleration solutions, Movidius is a VPU architecture with 4.0 TOPS computing capacity. And it is 80 times faster for CV and AI tasks than the well-known OpenMV project, which has only 0.05 TOPS based on the ARM Cortex M7 microcontroller.

        • SUSE’s acquisition of Rancher ushers in an innovative new brand

          In 2020 SUSE and Rancher joined forces with one shared vision: being known as the leading open source innovator in the world. Entrusted with the challenge of fusing two strong brands, the brand refresh needed to capture the heart and soul of both companies while aligning them to one strong, shared identity.

        • Content Management with SUSE Manager 4.1

          The concept of Content Lifecycle Management is not new and applies to any piece of digital content, following it from beginning, to middle, to end of creation. With SUSE€® Manager, this idea is applied to software intended for rollout to production systems. Content Lifecycle Management allows you to customize and test packages before updating production systems. This is especially useful if you need to apply updates during a limited maintenance window.

          From within SUSE€® Manager, you can select software channels as sources, adjust them as required for your environment, and thoroughly test them before installing onto your production systems. From beginning (original development), to middle (testing), to end (deployment).

      • IBM/Red Hat/Fedora

        • Fedora 34 Cleared For Btrfs Zstd Compression By Default, DNF/RPM Copy-On-Write - Phoronix

          The Fedora Engineering and Steering Committee has unanimously approved several high profile features for the upcoming Fedora 34.

          The latest batch of Fedora 34 features that received unanimous approval ahead of tomorrow's scheduled FESCo meeting include:

          - Deprecating XEMacs and related packages. This is due to XEmacs not seeing a major release in over seven years and the upstream development essentially at an end. There is still an occasional commit but no meaningful additions being made and thus XEMacs is being deprecated.

        • 5 tips for configuring virtualenvs with Ansible Tower | Enable Sysadmin

          Virtualenvs are a great way to create isolated scenarios where you can experiment with different Python/Ansible modules.

        • 11 considerations for effectively managing a Linux sysadmin team | Enable Sysadmin

          Having worked as a sysadmin with many colleagues and later on as a sysadmins manager, I thought it would be good to share some of my experience in this area with hopes that current managers and managers-to-be might find some useful hints.

          Managing sysadmins is, in many aspects, no different from working with any other group of people: Planning vacations, discussing salaries, setting targets, making certain skills and tools are up to spec. Your management style reflects who you are, and the crew is that fantastic blend of personalities and abilities. Together you can deliver projects and maintain complex technical environments.

          There are, however, some things you should be aware of that will improve your ability as a manager when you interact with the sysadmins.

        • Call for Projects and Mentors: GSoC 2021 – Fedora Community Blog

          Google Summer of Code (GSoC) is a global program focused on introducing students to open source software development. Students work on a 10 week programming project with an open source organization during their break from a post secondary academic program. Fedora has had great participation and we would like to continue to be a mentoring org this year too.

          We are currently looking for mentors and projects. Process of how to apply is described at the end of this blog after a brief info and new changes in GSoC program.

        • Storage and Distributed Compute Nodes: Bringing Cinder persistent volumes to the edge

          In part one of our series about Distributed Compute Nodes (DCN), we described how the storage backends are deployed at each site and how to manage images at the edge. What about the OpenStack service (i.e. Cinder) that actually manages persistent block storage? This post will dive into more details.

        • Sharing is caring: Building clearer contribution paths to your community

          One of the most important topics in the open source community is "how do we attract more people to our community?" This makes perfect sense because you can’t have a community without people. Given the importance of inviting people to a community—otherwise known as onboarding—you would expect a lot of discussion and debate applied to the topic. And yet, there are many open source community managers frustrated by a lack of new contributors.€ In this post, we’ll focus on 3 core principles of contributor onboarding.

      • Canonical/Ubuntu Family

    • Devices/Embedded

      • Lilbits: Color E Ink, Huawei’s new laptops, more trouble for Huawei, and Linux phones

        The upcoming Astro Slide 5G from Planet Computers is a smartphone with a 6.5 inch touchscreen display and a slide-out keyboard that lets you use it like a little laptop. First announced last year, the phone has been available for pre-order through crowdfunding and we learned last week that it’s now expected to ship in June.

        We also learned that it’ll also have a less powerful processor than anticipated, but the folks at Planet Computer reached out this morning to let me know that the phone will at least have a 4,000 mAh battery rather than the downgraded 3,500 mAh battery. The company also provided Liliputing with some of the first images showing the phone running a pre-release version of Ubuntu Touch for the Astro Slide 5G.

      • Planet Computers Astro Slide 5G smartphone coming in June (following a spec change and pandemic-related delay)

        Planet Computers has been making smartphones with physical keyboards, unlocked bootloaders and support for Android or Linux software for a few years. I went hands-on with the Gemini PDA at CES 2018 and the Cosmo Communicator at CES 2019.

        Now the company is getting ready to ship its third phone. Planet Computer introduced the Astro Slide in March, 2020 and began taking pre-orders through an Indiegogo crowdfunding campaign that’s raised nearly $1.7 million so far.

      • Compact i.MX8M Plus module ships with full Linux BSP and Starterkit

        F&S announced a “PicoCore MX8MP” module that runs Linux on NXP’s NPU-equipped, quad -A53 i.MX8M Plus and offers up to 8GB RAM and 32GB eMMC plus 802.11/ac with BT 5.0, support for dual GbE ports, and Starterkit.

        F&S Elektronik Systeme posted three press releases regarding its line of Linux-driven modules built around NXP’s i.MX8 processors. One announces a new PicoCore MX8MP module featuring NXP’s i.MX8M Plus, which we will focus on here. There is also an announcement promoting F&S’ already available, i.MX8M Mini based PicoCore MX8MM module. Since we covered the product in early 2019, it has become available with a 360-Euro ($436) Starterkit PicoCore MX8MM Linux. The Starterkit layout and feature set is much like the Starterkit PicoCore MX8MP Linux, which we cover farther below.

      • Astro Slide 5G slider phone specs and shipping date get finalized - SlashGear

        Phones are designed to cater to the general public as much as possible but there really is no such thing as a "one size fits all" phone. From the earliest days

        [...]

        Right from the start, the Astro Slide 5G is intended to be, well, a 5G phone. That hasn’t changed but it will now instead be powered by a MediaTek Dimensity 800 instead of a 1000. That still makes it the first and probably only 5G phone to sport an attached physical keyboard. The final specs also upgraded RAM from 6GB to 8GB, elevating its status a bit higher on the smartphone ladder and allowing power users to multi-task more confidently.

      • EasyOS Dunfell 2.6 released for the Raspberry Pi4

        EasyOS, compiled for an aarch64 (64-bit ARM) CPU, with 5.10.4 Linux kernel, compiled entirely from source in a port of the Dunfell release of OpenEmbedded, is available for the Raspberry Pi4. Version number is 2.6, but this is the first release for the Pi. EasyOS for the Pi4 might be a bit beta-quality in places, but overall quite a nice experience. The "beta bits" I will of course keep working on -- as there is an "update" icon on the desktop, it will be easy-peasy to update. Write the image to a good-quality and fast microSD-card (Class 10) or USB-stick (example: SanDisk Ultra), at least 8GB so that you have plenty of space for anything in the future. Though, a minimum of 2GB will work. As to the host board, even a Pi3B with 1GB RAM will work, or rather "just work" -- I recommend at least a Pi4 with 2GB RAM -- I have the 8GB RAM board.

      • Managing Edge IoT Linux Devices Closely, Remotely, Securely

        With the recent shift from Real-Time Operating Systems (RTOS) to Linux-based embedded systems, there has been a boom in the IoT industry in creativity and expandability and opened doors to a whole new level of automation.

        Unlike the previous generation of IoT devices which followed the “program once, use forever” concept, with the new developments in the IoT industry, mainly the devices based on Linux operating systems that demand more and more flexibility, accessibility, and control. It has been challenging to address all these points at once when it comes to remote monitoring and control of these devices; especially if one produces thousands of those smart devices to be sold worldwide.

        The ability to manage these connected devices (Raspberry Pi, Jetson Nano, or any SOM/SBC that runs a flavor of Linux such as Yocto based, Ubuntu or Debian, etc.) through a single platform, be it just one device, a dozen, or maybe a couple thousand would prove to be immensely productive when considering both the time and cost it’d otherwise take to manage them individually.

      • Watchy Pebble-like Smartwatch with E-paper display, ESP32 processor launched for $45

        The smartwatch is open-source hardware & software with documentation, KiCad hardware design files, 3D Case Designs (STLs), and plenty of examples and watch faces on either the product page or Github released under an MIT license. The watch is said to support Arduino, MicroPython, and the ESP-IDF framework.

      • Open Hardware/Modding

        • [Old] Why We Love the Raspberry Pi

          As a kid, I was always more fascinated with learning how to use computers than I was with doing anything productive with them. I had more fun hacking together a half-working machine with cables stuck awkwardly into a breadboard than I ever did typing up my latest school paper. The Raspberry Pi is a window into that world.

        • Arduino Blog €» This Arduino-based speed bag counts your punches

          Creator DuctTapeMechanic loves sports and electronics, so for a recent project he decided to combine his two passions by hacking a speed bag to keep track of his punches.

          As shown in the video below, the first step was to get it physically set up, modding an old metal bed frame into a support structure. He also added a recessed NPN capacitive sensor to pick up when the bag hits the back of the platform.

          The sensor sends “hit” signals to an Arduino Uno via a PC817 optocoupler. The board then counts punches and displays the number of hits on an LCD screen mounted just above eye level.

        • Arduino MKR inspired MKR Windy board is equipped with STM32WL LoRa SoC

          We recently wrote about MKR SharkyPro BLE, Zigbee, OpenThread development board based on STM32WB55 MCU and following Arduino MKR form factor, but it turns out Midatronics has also launched a similar-looking board with LoRa connectivity.

          MKR Windy board features the company’s Windy STM32WL module with an uFL connector and following the same Arduino MKR layout.

        • Raspberry Pi LEGO sorter
        • The Default Router

          How Linksys’ most famous router, the WRT54G, tripped into legendary status because of an undocumented feature that slipped through during a merger.

    • Free, Libre, and Open Source Software

      • Events

        • linux.conf.au 2021 ~ 23-25 January 2021 ~ Online, Worldwide

          SUSE is proud to be a Royal Penguin sponsor at the upcoming Australian Linux User Conference held virtually on the 23 – 25 January 2021. In its 22nd year, the event focus is on Linux and the community built up around it and the values it represents. Being a technical conference, topics to be covered will vary from the Linux kernel’s inner workings to dealing with communities’ inner workings.

        • One weekend, two conferences

          Join us as our 2021 conference schedule gets underway this weekend with the virtual editions of linux.conf.au and MiniDebConf India! Collaborans will be giving talks on recent projects including futex2, pristine-lfs, apt-offline, and Open Source AI video analytics with Panfrost.

          Sponsored by Collabora, linux.conf.au is "a conference with a focus on Linux and the community that has built up around it and the values that it represents. It is a deeply technical conference covering topics varying from the inner workings of the Linux kernel to the inner workings of dealing with communities". Held online from January 23-25, it be run in the Australian Eastern Daylight Time (UTC+11) timezone.

      • Web Browsers

        • Mozilla

          • Firefox Nightly: These Weeks in Firefox: Issue 86
          • Chris H-C: Doubling the Speed of Windows Firefox Builds using sccache-dist

            I’m one of the many users but few developers of Firefox on Windows. One of the biggest obstacles stopping me from doing more development on Windows instead of this beefy Linux desktop I have sitting under my table is how slow builds are.

            Luckily, distributed compilation (and caching) using sccache is here to help. This post is a step-by-step version of the rather-more-scattered docs I found on the github repo and in Firefox’s documentation. Those guides are excellent and have all of the same information (though they forgot to remind me to put the ports on the url config variables), but they have to satisfy many audiences with many platforms and many use cases so I found myself having to switch between all three to get myself set up.

      • SaaS/Back End/Databases

        • The Apache CloudStack Project Releases Apache€® CloudStack€® v4.15

          The Apache CloudStack Project announced today v4.15 of Apache€® CloudStack€®, the mature, turnkey Open Source enterprise Cloud orchestration platform.

          Apache CloudStack is the proven, highly scalable IaaS platform of choice to rapidly and easily create private, public, and hybrid Cloud environments: it "just works".

          Apache CloudStack powers mission-critical clouds for the world’s largest users and service providers, including Alcatel-Lucent, Apple, Autodesk, Bell Canada, BT, China Telecom, Dell, Disney, Fujitsu, Huawei, INRIA, Juniper Networks, Korea Telecom, Leaseweb, Melbourne University, Nokia, NTT, Orange, SAP, Schuberg Philis, Taiwan Mobile, Tata, TrendMicro, Verizon, WebMD, and countless others.

        • 10 ways big data and data science impacted the world in 2020

          Big data’s one of many domains where open source shines. From open source alternatives for Google Analytics to new features in MySQL, 2020 brought several ways for open source enthusiasts to learn big data skills.

      • Productivity Software/LibreOffice/Calligra

      • Programming/Development

        • Traps to Avoid When Reviewing Code Changes

          Reviewing code changes is an underappreciated art. It is part of most software engineers’ daily routine, but as an industry we do little towards developing it as a skill, even though it contributes directly to the quality of the software we produce.

        • How to use C++ Priority_queue? – Linux Hint

          In C++, a queue is a list data structure where the first element to be put in the list is the first element to be removed, when removal is to take place. A priority queue in C++ is similar, but has some ordering; it is the element with the greatest value that is removed first. The priority queue can still be configured so that it is the element with the least value that is removed first. Any queue must have at least the push() function and the pop() function. The push() function adds a new element at the back. For the normal queue, the pop() function removes the first element ever pushed in. For the priority queue, the pop() function removes the element with the highest priority, which could be the biggest or smallest, depending on the ordering scheme.

        • IAR Build Tools for Linux now supported by Parasoft C/C++test

          Parasoft announced its C/C++test update to support IAR Systems‘ build tools for Linux for Arm. IAR Build Tools for Linux inspired the update of Parasoft’s unified testing solution for C/C++test software development.

          With these tools combined, software developers gain the ability to configure fast and scalable CI/CD pipelines on Linux servers and automate the testing process.

        • Evaluate Spinnaker vs. Jenkins for CI/CD

          CI/CD tools like Jenkins and Spinnaker add value to application delivery pipelines. And while they share some functionality, they also have plenty of differences.

          Before diving into each tool and how they compare, it is important to grasp the various stages involved in delivering an application. Below are some of the practices that organizations employ to build and deploy applications.

        • Perl/Raku

          • faq: zef ecosystem

            Fez is the tool used for uploading your dists to the zef ecosystem. Subquestion: why the name fez? Surely it does the opposite of zef and should be named as such.

          • fez|zef - a raku ecosystem and auth

            fez is a utility for interacting with the zef ecosystem. you can think of it as the opposite of zef. zef downloads distributions and installs them and fez uploads making them available to zef.

  • Leftovers

    • Organize your task list using labels

      In prior years, this annual series covered open source organization apps like Notmuch and Syncthing. This year, we are looking at all-in-one solutions in addition to strategies to help in 2021. Welcome to day 9 of 21 Days of Productivity in 2021.

      I do this thing with my email, my to-do lists, and my notes where I decide one day I am going to "get organized" and re-arrange how and where I store things. Sometimes I have found a new program that I have to configure from scratch (again). Sometimes the current method has just blown up to the point where I am spending more time keeping the storage order up to date than I am using the system. That last one led me to a very important realization when I tested out some to-do list software last year.

    • Science

      • Outer space is a mess that Moriba Jah wants to clean up

        The Big Bad in all of these calculations is a collision: two objects slamming into each other at terrific speeds, creating numerous bits of new debris. Any one of those new pieces of junk could go on to threaten other operational hardware. Whether such collisions could amplify exponentially and wipe out entire orbits — the so-called “Kessler syndrome” — is up for debate. Jah, for one, isn’t suggesting that an orbital apocalypse is around the corner. But some kind of satellite-industry reckoning may need to be.

    • Education

      • Terrible financial advice is going viral on TikTok

        Below, Vox business and politics reporter Emily Stewart breaks down 10 of Finance TikTok’s most viral investing videos and what they’re actually selling, and why you might want to think twice before falling prey to a get-rich-quick scheme, or worse, accidentally doing something illegal. This commentary is not intended to provide specific advice or recommendations on any investment product or strategy. The bottom line: The best financial advice is the kind that’s tailored to your life, and likely can’t be contained in a 60-second video. Speak with your own financial advisor or investment professional to decide what’s best for you.

    • Health/Nutrition

      • Mask-wearing and control of SARS-CoV-2 transmission in the USA: a cross-sectional study

        378 207 individuals responded to the survey between June 3 and July 27, 2020, of which 4186 were excluded for missing data. We observed an increasing trend in reported mask usage across the USA, although uptake varied by geography. A logistic model controlling for physical distancing, population demographics, and other variables found that a 10% increase in self-reported mask-wearing was associated with an increased odds of transmission control (odds ratio 3€·53, 95% CI 2€·03–6€·43). We found that communities with high reported mask-wearing and physical distancing had the highest predicted probability of transmission control. Segmented regression analysis of reported mask-wearing showed no statistically significant change in the slope after mandates were introduced; however, the upward trend in reported mask-wearing was preserved.

      • Cyberattack on EMA - update 5

        The ongoing investigation of the cyberattack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines and vaccines have been leaked on the internet.

        This included internal/confidential email correspondence dating from November, relating to evaluation processes for COVID-19 vaccines. Some of the correspondence has been manipulated by the perpetrators prior to publication in a way which could undermine trust in vaccines.

      • EU regulator: [Crackers] ‘manipulated’ stolen vaccine documents

        The European Medicines Agency said that an ongoing investigation showed that [attackers] obtained emails and documents from November related to the evaluation of experimental coronavirus vaccines. The agency, which regulates drugs and medicines across the 27-member EU, had troves of confidential COVID-19 data as part of its vaccine approval process.

        “Some of the correspondence has been manipulated by the perpetrators prior to publication in a way which could undermine trust in vaccines,” the Netherlands-based agency said.

      • EU Regulator: Hackers ‘Manipulated’ Stolen Vaccine Documents

        “We have seen that some of the correspondence has been published not in its integrity and original form and, or with, comments or additions by the perpetrators.”

      • Biden’s incoming chief of staff warns that the virus death toll will reach 500,000 by the end of February.

        Average daily U.S. deaths from the virus have risen to well past 3,000, and the Centers for Disease Control and Prevention has sounded the alarm about a fast-spreading, far more contagious variant of the coronavirus that officials project will become the dominant source of infection in the country by March, potentially fueling another wrenching surge of cases and deaths.

    • Integrity/Availability

      • Senior TV journalist Nidhi Razdan files complaint with Delhi Police over fake Harvard job offer

        Delhi Police's cybercrime cell will investigate a complaint received from senior TV journalist Nidhi Razdan who has said she was a victim of a phishing scam in which she was given a fraudulent offer of a position of Associate Professor at the Harvard University.

        Razdan filed the complaint with the Delhi Police on Monday regarding commission of cognisable offences including forgery, cheating, identity fraud and impersonation by unknown accused against her. Earlier, she had filed a similar complaint with the Jammu and Kashmir Police on 16 January when she was in Srinagar.

      • Proprietary

        • Citrix Agrees to Buy Slack Competitor Wrike for $2.25 Billion

          Wrike, owned by the technology-focused buyout firm Vista Equity Partners, was founded by Andrew Filev in 2006 and is also backed by Bain Capital Ventures and Scale Venture Partners.

          Citrix will fund the deal with new debt and cash. It’s secured a $1.45 billion bridge loan from JPMorgan Chase & Co. JPMorgan advised Citrix on the deal while San Jose, California-based Wrike worked with Goldman Sachs Group Inc.

        • Scottish Environmental Protection Agency hit by ransomware attack [iophk: Windows TCO]

          That data was stolen became typical in ransomware attacks in the second half of 2020. S0-called “double-tap” ransomware has come to the fore, with ransomware gangs no longer content with simply trying to extort companies and organizations by encrypting their files. They’re also stealing data and threatening to publish the stolen data if the ransom isn’t paid.

        • Cyber Attack - what is affected and how to contact us [iophk: Windows TCO]

          On Christmas Eve, the Scottish Environment Protection Agency confirmed that it was responding to a significant cyber-attack affecting its contact centre, internal systems, processes and internal communications. We are continuing to respond to the ongoing ransomware attack likely to be by international serious and organised cyber-crime groups. The matter is subject to a live criminal investigation and the duty of confidence is embedded in law.

        • Cyber criminals demand ransom to unlock Sepa systems [iophk: Windows TCO]

          Critical services like flood forecasting are unaffected but entire systems will have to be rebuilt and it's unlikely the 1,300 workers will be able to get access to their old emails and online files.

        • Russia-Linked [Crack] Spread Via New Malware, Security Experts Say

          Raindrop “was used against a select number of victims that were of interest to the attackers,” according to a blog post by a team headed by Eric Chien, the technical director at Symantec, which is a unit of Broadcom Inc.

        • Doc & RTF Malicious Document

          A reader pointed us to a malicious Word document.

        • Biden DHS, Intel picks stress need to prioritize cybersecurity after SolarWinds [attack]

          DHS nominee Alejandro Mayorkas and DNI nominee Avril Haines each pointed to the specific need to secure the federal government against cyber threats following the recently discovered Russian hack of IT group SolarWinds, which compromised many key federal agencies and potentially thousands of businesses.

        • Malwarebytes also hit by SolarWinds attackers, but through different vector

          Security vendor Malwarebytes was also hit by the same actor that was implicated in the attacks using SolarWinds Orion network management software, but says the attack vector was not the software.

        • FireEye releases update on attacks, offers Azure auditing script

          Cyber security firm FireEye has released new guidance for those who have been compromised by the SolarWinds attackers to harden their environments and remediate areas where attacks are feared.

        • Security

          • Snort 3 Open-Source Intrusion Prevention System Released with Major New Features

            Snort 3 is the next-generation of the open-source intrusion prevention system software designed to protect your network from all sorts of unwanted traffic, including spam, malicious software, and phishing attacks. It’s packed with years’ worth of new features and improvements to make Snort faster and more efficient.

            Highlights include support for multiple packet processing threads, support for sticky buffers in rules, the ability to automatically detect services for portless configurations, support for shared configuration and attribute table, support for pluggable components, as well as a more simple and scriptable configuration.

          • BC Security’s Empire/Starkiller & Kali Linux

            We have always worked to support the information security community as a whole, and over the years experimented with different ideas (some with a greater success than others). One of the key components to Kali is the tools included (either pre-installed or installed via apt). Joining together Infosec professional/hobbyist and tool authors, today we are announcing another partnership: Kali has partnered with BC Security.

            BC Security is the team who is currently maintaining the most active fork of Empire. In August 2019, the original maintainers archived the project, but with Open-source projects (as long as they don’t break software licenses) other groups can take someone else’s code and improve upon it. This is exactly what BC Security did, forking the project, to keep the flame of PowerShell Empire alive.

          • Introduction to Tengine Web Server |

            This error and more specifically its footer “Powered by Tengine” stirred up my interest and so I started looking for more information about this unknown to me web server.

            [....]

            The Sysguard and Consistent hash modules impressed me as very useful because they would allow advanced load balancing.

            To get an idea of Tengine’s capabilities, imagine you wish the web server to return a 503 error or a custom page when your free memory is below 100M or CPU load is above 20? With the Sysguard module this can be easily done with a configuration like this:

          • Cisco loses top researcher as Rascagnères moves to Kaspersky

            The Cisco Talos Intelligence Group has lost one of its better researchers, with Paul Rascagnères moving over to join Kaspersky's Global Threat Research unit this year.

          • Big upward tick in Windows ransomware attacks on US public sector

            Ransomware continued on its merry ways in the US public sector in 2020, with 2354 attacks on government, healthcare facilities and schools. The attacks have been only on systems running Microsoft's Windows operating system.

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

            • Check Point uncovers live Linux attack, urges users to take action [Ed: This is not a "Linux" issue, this is an unpatched software issue for software that's not even Linux but installed on top of GNU/Linux]

              The researchers have spotted an ongoing attack campaign exploiting recently-discovered vulnerabilities in Linux systems to create a botnet, a collection of machines infected with malware that can be controlled remotely.

              The attacks involve a new malware variant called 'FreakOut', capable of conducting port scanning, information gathering, network sniffing, DDoS and flooding.

          • Privacy/Surveillance

            • A preliminary look at privacy labels in iOS VPN apps

              Apple has split the privacy labels into two types depending on whether the information collected is used to track you, or is not linked to you and used for things like app functionality. For more information on what all this means technically, and some illustrative examples, do reference Apple’s official Privacy Definitions and Examples.

            • Is the GDPR finally going to get some teeth?

              One reason is that the Irish Data Protection Commission (DPC) has a backlog of important GDPR cases. The Irish DPC finds itself in this position because of the way that the GDPR works: when there are privacy problems, the cases are brought by the data protection authority of the EU nation in which the company concerned is based. For most leading Internet companies, that’s Ireland. One person who has been struggling with Ireland’s inability to finalize cases is the privacy activist Max Schrems. He’s been battling the DPC for years, trying to get the agency to investigate Facebook’s transatlantic transfers of personal data. It finally looks as if Schrems has obtained this:

            • How Biden Becomes @POTUS: A Twitter Transition Breakdown

              Twitter says the multi-step process starts with transferring the current accounts, which have been operated by President Donald Trump's administration for the last four years, to the National Archives and Records Administration, where their tweets will be archived for public access. After Twitter completes the archival process, Twitter will transfer ownership of the accounts to the Biden administration.

            • Facebook has no current plan to end the Trump suspension

              A representative for Facebook pointed The Hill to a tweet from the company's communications director Andy Stone emphasizing there are "no plans" to lift the block on Trump's accounts.

            • Facebook has no plans to lift Trump ban, sources say

              Facebook has no plan in place to lift the indefinite suspension on President Donald Trump's Facebook account following his departure from the White House on Wednesday, sources familiar with the company's plans said.

              The ban on Trump's account remains indefinite, the sources said, and there is no current plan in place to lift it. The social media giant said on Jan. 7 that it would "indefinitely" ban the president's account due to his role in inciting the attack on the U.S. Capitol a day earlier. The company said the ban would last at least through the end of his term.

              Facebook's suspension stopped short of the permanent ban that other social media companies like Twitter and Snapchat lated placed on Trump's accounts.

            • Banning President Trump was the right decision, says Instagram’s Adam Mosseri

              Adam Mosseri has a broad view of Facebook, its capabilities, and its challenges. And Facebook has a lot of challenges right now: the attack on the Capitol was at least partly driven by conspiracy theories and misinformation on social media; all of the major platforms have banned or restricted Donald Trump, prompting a reckoning about content moderation; the Federal Trade Commission and 48 attorneys general across the US have filed a major antitrust lawsuit that seeks to break Facebook up entirely; and there is new competition from TikTok, which has taken over Instagram’s relevance to culture in surprising ways.

            • Paper review: Statistical and Combinatorial Analysis of the TOR Routing Protocol

              I previously wrote the following about É. Filiol, and I'm still standing by my word:

              Eric Filiol is known for pretending to have broken AES in 2002 (he didn't), and in 2003 (he still didn't) and Tor in 2011 (he didn't either), and for being the architect and designer of DAVFI, a French "new generation anti-malware solution", known for a being a phenomenal (and extraordinary expensive) source of fun.

              The paper was published in the Journal of Computer Virology and Hacking Techniques in March 2020, apparently because it was presented at the 2nd International Workshop on FORmal methods for Security Engineering in 2018. It was also presented in 2018 at the The International Conference on Information Systems Security and Privacy 2018. It was also presented at the 13th International Conference on Cyber Warfare and SecurityICCWS 2018 the same year. É. Filiol has been presenting at this conference in 2017 ("Automated Intelligence Gathering Through Comparison of JPEG Images and their Thumbnails"), 2016 ("Combinatorial Optimization of Operational (Cyber) Attacks against Large-scale Critical Infrastructures: The Vertex Cover Approach"), and 2014 ("Critical Infrastructures: Where we stand today?") as well.

              All of those conferences claim to have strict review processes.

            • Zuckerberg’s WhatsApp follies: Tight integration with Facebook is a way of selling your data to advertisers and others

              We must hope that Mark Zuckerberg has more sense of humour than he publicly shows. Only a keen sense of irony could ballast him through the self-destructive storm now ravaging his empire.

              In India and around the world, the low credibility he and his businesses have earned for themselves are causing people to flee WhatsApp in droves, not because of something he has just done, but because they have finally realised what he has been doing all along.

            • Card Over Cash?

              One of the biggest reasons for people preferring cash in developing countries is not having a bank account and thus no bank card. In the Philippines, only 29 percent of adults had a bank account in 2019, according to the country's central bank. Cash Essentials notes that the number of card-accepting terminals also remained low in the country.

              It remains to be seen if card payments still catch on in some developing countries. In places where payment cards are not yet widespread, phone payments can actually spread quicker, creating a leapfrog effect of the population migrating straight from cash to mobile wallets and other phone payments.

            • Behind a Secret Deal Between Google and Facebook

              Details of the agreement, based on documents the Texas attorney general’s office said it had uncovered as part of the multistate suit, were redacted in the complaint filed in federal court in Texas last month. But they were not hidden in a draft version of the complaint reviewed by The New York Times.

              Executives at six of the more than 20 partners in the alliance told The Times that their agreements with Google did not include many of the same generous terms that Facebook received and that the search giant had handed Facebook a significant advantage over the rest of them.

              The executives, all of whom spoke on condition of anonymity to avoid jeopardizing their business relationships with Google, also said they had not known that Google had afforded such advantages to Facebook. The clear disparity in how their companies were treated by Google when compared to Facebook has not been previously reported.

            • Today I learned bats are trendsetters in tracking tech

              One of the latest innovations in tracking wearables is the dulog system, a wireless sensor network built by biologist Simon Ripperger and engineer Niklas Duda, which was put to the test in several bat-tracking studies over the past few years. Now that the dulog has proven its mettle with bats, which are tiny, nocturnal, and generally tough to observe, the pair believe it could be useful in monitoring all kinds of animals.

            • Devil's in the details: WhatsApp controversy raises digital security concerns

              Experts say that digital safety and security should be a concern for all of us and consumers should not just accept what is presented to them.

              Popular messaging service WhatsApp has been mired in controversy since it announced its new privacy policy.

              This has seen users moving to other messaging platforms such as Telegram and Signal.

    • Defence/Aggression

      • Video: US troops occupy Washington DC in massive show of force
      • US Army private facing terrorism charges over alleged efforts to help ISIS ambush troops

        The 20-year-old, who joined the Army around September 2019, served as a cavalry scout in the 3rd Infantry Division in Fort Stewart, Ga. During the same year he joined, prosecutors said Bridges started reading and viewing online jihadist propaganda and declared his support for ISIS and jihad over social media.

        In October 2020, Bridges started talking to an FBI online undercover employee, called the “OCE” in the release, who acted like an ISIS supporter and said they were communicating with ISIS fighters located in the Middle East.

        The complaint alleges that Bridges told the OCE that he was frustrated with the military and wanted to help ISIS and provided the contact with training, including military combat tactics used against ISIS, and guidance, including suggestions about targets in New York City.

      • [Old] Arctic Competition: Part Two: Military Buildup and Great Power Competition

        A more militarized Arctic raises the stakes and likelihood of a potential miscalculation occurring in the region—and, with direct territorial disputes unlikely to lead to conflict at present, a miscalculation remains the most immediate risk for regional escalation. While the Arctic is still not likely to be an arena for direct military confrontation in the immediate future, the great power competition emerging in the region has long-term implications reaching far beyond Arctic borders. The Arctic presents Russia with its best opportunity for projecting international power, serving as a key strategic region in which it can maintain a distinct military advantage over NATO rivals. The U.S. is recognizing the long-term strategic importance of the region, and growing attention by policymakers and funding for Arctic defense could signal the beginning of a prolonged Arctic power struggle with Russia. While China is still an outsider in Arctic affairs, its ability to provide capital for Arctic developments makes it a mainstay in the Arctic for the foreseeable future. Despite it being the largest financier of Russian Arctic development, Russia’s relationship with China is nuanced, and it remains to be seen whether both nations can maintain a stable partnership in the region.

        As climate change continues to affect the region at a disproportionate rate, the impacts of Arctic affairs will increasingly be felt outside of the Arctic. More nations across Asia and Europe are now looking toward the Arctic for resources and increased trade and navigation and as a key region in the fight against climate change. Collaboration on climate change represents a clear opportunity for deeper engagement among Arctic nations. Since the Cold War, the Arctic has not been at the forefront of geopolitical debates, but the worsening climate crisis and the return of great power competition are bringing it toward center stage. And for stakeholders with key interests in the Arctic, the region is now a commercial and geostrategic priority.

      • Republican Party moves to replace GOP board member who voted to certify Michigan election

        He said the events of November highlight the dangers of hyper-partisanship.

        "As tensions escalated, some political leaders — blinded by power and partisanship —urged the board to withhold certification based on unproven allegations of voter fraud, even though we had no legal authority to do so."

        The board "was essentially asked to disregard the oath of office, to abandon its long-standing ministerial role certifying elections, and to ignore a clear legal duty along with 100 years of legal precedent," he said. "We were asked to take power we didn’t have."

    • Transparency/Investigative Reporting

    • Environment

      • Wildlife/Nature

        • Australian lungfish has largest genome of any animal sequenced so far

          Siegfried Schloissnig at the Research Institute of Molecular Pathology in Austria and his colleagues have found that the lungfish’s genome is 43 billion base pairs long, which is around 14 times larger than the human genome.

          Its genome is 30 per cent larger than that of the previous record holder: the axolotl, a Mexican amphibian that the team sequenced in 2018.

          The researchers used high-powered computer sequencers to piece together the lungfish genome.

          To account for inherent errors that the sequencers introduce, they used multiple copies of the genome, each fragmented into small pieces of DNA. After all the fragments were sequenced, the team used algorithms to reassemble the pieces into a complete genome.

          The result took roughly 100,000 hours of computer processing power, Schloissnig estimates.

    • AstroTurf/Lobbying/Politics

      • Donald Trump, the Pantomime President

        It is a story which begins at the end of the nineteenth century. Trump’s grandfather, Fredrick Trump, was made of hard, flinty Protestant stuff, a grey austere man who had made it over on a steamship bound for the US in order to invest his life savings, making a fortune as a restaurateur and businessman at the height of the gold rush.€ € His son, Fred Christ Trump, was fated to live in less salubrious times. Trump Senior came to his own business ventures on the cusp of the Wall Street Crash, but while the times were changing, Trump Senior inherited his father’s ruthless determination and his ability to turn a buck.

        Fred Trump was able to channel the windfall from his father’s network of restaurants, brothels and bars into the grey, piling storeys – the squat rooms, the leaky ceilings – of the crumbling dilapidated tenement housing whose gloominess seemed to speak of the depression era€ par excellence.€ € Fred Trump, like many an astute businessman before him, was an effective barometer for human desperation, and in the thirties – the epoch of the dust bowl and the hobo, and desperation and drought – it was here when Fred Trump made his bones.€ € A savvy skin-flint, he was notorious for pinching the pennies; rather than shell out for an exterminator to take care of the more lice-filled rooms he rented, he would endeavour to do the job himself.€ € He was known for keeping his books and cash on his person, and even as a millionaire many times over, he would keep just the one small office with a single secretary.€ € He had the immigrant outsider’s sense of self-sufficiency, the businessman’s need to keep things on the down-low, and the landlord’s sense of superiority and borderline revulsion toward those he rents to, those to be squeezed and extorted.

      • The Shipwreck of a Democracy: Trump and the Aftermath

        The€ captain is either the last to leave the ship or goes down with it; this is what the maritime tradition dictates.€ It is the captain’s social and legal responsibility to wait€ for all other crew and passengers to evacuate. To save the ship and everyone in it or die trying. But what if it is the captain who decides to sink the ship? What happens then?

        The Captain, after all, has always€ believed that he could get away with violence. Once he even€ boasted, “I could stand in the middle of Fifth Avenue and shoot somebody, and I wouldn’t lose voters.” Perhaps, he later realized that was not sensational enough; there are so many Americans shooting other Americans already. He could stage a greater spectacle than that. A tremendous spectacle. And so he made his€ announcement:€ “Be there, will be wild!”

      • 'Good Riddance You Fascist White Supremacist': Trump Farewell Gets Cold Shoulder

        "Today is the last full day of the worst and most dangerous president in American history," said Sen. Bernie Sanders.

      • After Inciting Deadly Capitol Terror Attack, Hawley Delays Confirmation of Biden Homeland Security Chief

        "Josh Hawley liked what he saw on January 6th," said Rep. Mondaire Jones. "He'd like to see more."

      • Opinion | To Shine A Light
      • Rep. Rashida Tlaib: I Fear Trump Will Lead More Violent Attacks; He Must Be Held to Account

        As President-elect Joe Biden prepares for his inauguration on Wednesday, he has outlined sweeping plans for his first days in office to address the raging coronavirus pandemic and roll back key parts of Donald Trump’s agenda, including on immigration, the climate crisis and more. President Trump, meanwhile, leaves office as the only president ever impeached twice, after he encouraged a violent insurrection at the U.S. Capitol. For more on the transition, we speak with Congressmember Rashida Tlaib of Michigan, who says senators must vote to convict Trump after his impeachment in the House. “I hope that there’s an awakening in the Senate, but I’ve been waiting for that awakening to happen for quite a while,” says Tlaib.

      • 57% of US Voters Want Trump Barred From Seeking Office Ever Again: Poll

        "After what he has done, the consequences of which we were all witness to, Donald Trump should not be eligible to run for office ever again," said incoming Majority Leader Chuck Schumer.

      • Big Tech and Regulation—A Response to the Quillette Editors

        The fallout has been intense and has gripped the professional commentariat. The most interesting point of discussion has concerned whether the First Amendment understanding of free speech is really meaningful or relevant if what we consider “the commons” is privately owned. What are the consequences? As Mike Solana solemnly put it in a post entitled “Insurrection as a Service”: [...]

      • Insurrection as a Service

        Today, the internet is a life-critical layer of our world. In some sense, what happens on the internet — from payments to communication — is all that matters, as without it few things of significance in the “real world” are possible. You would be forgiven for not remembering that Trump was impeached last year, as it meant practically nothing. But erasing him from the internet? If this sticks, and Trump can no longer communicate or raise funds at scale, a small handful of unelected tech executives just ended a president’s political career. In theory, they can legally do this to anyone, which means they are effectively the most powerful people alive. Silicon Valley is our nation’s shadow capital, argues Katherine Boyle, and welcome to the shadow state. It is not a democracy.

      • What Is DDos-Guard? Parler Website Back Thanks to Russian Tech Company

        Registry records now suggest the social network used an internet protocol (IP) address that is owned by DDos-Guard, an entity owned by Russians and registered in the U.K. that offers hosting and protection against what are known as distributed denial of service (DDos) cyberattacks.

        DDoS is a type of cyberattack that maliciously overwhelms a website server with traffic from a variety of sources in order to temporarily force it offline.

        As reported by Reuters, the business appears to be owned by at least two Russian men and has been associated with far right, racist or extremist websites, including 8kun, the messageboard formerly known as 8chan that was home to QAnon conspiracy content and tied to white nationalist attacks, including the 2019 El Paso shooting.

      • a chrome extension that marks names of the seditionist members of congress with an asterisk

        This is such a fascinating transformation of how we’re accustomed to dealing with the web and the news.

      • Rob Joyce named new NSA cybersecurity director

        Rob Joyce, the National Security Agency’s special U.S. liaison officer at the U.S. Embassy in London, will replace Anne Neuberger as director in the agency’s Cybersecurity Directorate, the NSA announced Friday.

        The Biden transition team announced Wednesday that Neuberger will soon be joining the Biden administration as deputy national security adviser for cyber and emerging technology on the National Security Council (NSC).

        It was not immediately clear who would take on Joyce’s role as the NSA’s senior cryptologic representative in the U.K.

    • Censorship/Free Speech

      • Turkey Hits Twitter, Pinterest with Advertising Bans

        The rules that went into effect in October have drawn criticism from human rights and media freedom groups who argue Turkey’s government is trying to stifle dissent.

        The law calls for a local representative to respond to requests to remove content that violates privacy and personal rights within 48 hours.

      • Thai woman jailed for record 43 years for criticising monarchy

        The former civil servant, known only as Anchan, posted audio clips from a podcast on social media.

        The 63-year-old said she had simply shared the audio files and had not commented on the content.

        Thailand's lèse-majesté law, which forbids any insult to the monarchy, is among the strictest in the world.

      • “Put them on the no-fly list!”

        [“How do you get on the no-fly list?” Larger image; PDF with legend.]In the aftermath of the storming of the U.S. Capitol last week, there’s been a confused cacophony of calls to “put the rioters on the no-fly list“.

        At the same time, there have been equally confusing claims and denials that some people found out that they had already been “put on the no-fly list” when they were denied boarding on flights home from Washington.

        Are these people “on the no-fly list”? Could they be? Should they be? Is this legal?

      • ACLU Warns a Domestic War on Terror Could Unfairly Harm People of Color More Than White Supremacists

        Outrage continues to build as more evidence emerges about participants in the January 6 insurrection at the U.S. Capitol, which included members of violent white supremacist groups, including some who were on a terror watchlist. Leading Democrats, including President-elect Joe Biden, have called for new domestic terror laws to crack down on white supremacist violence, but civil liberties groups warn that law enforcement agencies already have the powers they need to disrupt violent far-right groups and that new domestic terrorism laws will ultimately harm marginalized groups. “We cannot find our solutions in systems that ultimately harm us, particularly Black and Brown people,” says Manar Waheed, senior legislative and advocacy counsel at the American Civil Liberties Union.

      • Stephen Michael Kellat: Consolidating Positions

        The social media landscape in the United States has been getting weirder as 2021 has continued to unfold. I don’t need to recount the dramatics about various sites being knocked off the Internet. Those stories have gotten boring.

        What is interesting at this point is what is happening on sites like Facebook and Twitter. They’ve been trying to get their sites cleared of extremist content. The attack on the United States Capitol has given them impetus to finally push forward in that respect.

        Unfortunately it appears that these efforts do lead to some collateral damage. My experience with one site has been deteriorating steadily over the past few months and the decline accelerated after January 6th. When your timeline stops updating for half a day and simply remains frozen it makes you feel as if something is wrong. Having it happen repeatedly makes it seem as if it is time to move on from using that site.

    • Freedom of Information/Freedom of the Press

      • My Trial, and Freedom of Speech

        My trial for Contempt of Court in my reporting of the Alex Salmond trial is on 27 and 28 January at the Court of Appeals in Edinburgh. Contempt of Court charges can be brought by a judge or by the Crown. These are being brought by the Crown – an important point. It is a strange charge. The potential penalties are very serious – up to two years in prison and an “unlimited” fine. Yet it is not a criminal offence nor a criminal trial, and despite the life-changing penalties there is no jury; but the judges do have to rule on the facts to the criminal standard of beyond reasonable doubt.

    • Civil Rights/Policing

      • After Prop 22, Expect Uber to Escalate Its War on Workers’ Rights

        Companies like Uber had a massive victory in November, when their $200 million propaganda blitz convinced voters in California to pass Proposition 22, excluding platform workers from labor protections. Their plan to entrench contractor status for workers nationwide is clear, but stopping them is still an option — and a necessity.

    • Monopolies

      • Patents

        • Can a Patent Violate Rights of Publicity?

          This morning I was looking for inauguration related patents and stumbled across Facebook’s recently issued US10855640, which essentially claims combining a live video with parallel live social media responses. This patent is part of a family claiming a 2009 priority date, and at least three other patents have also issued.

          Image

          The image from the patent is really fascinating. It shows a line-drawing of the Washington Mall and reports on the inauguration of Barack Obama. The drawing also shows several reactions. The names of the people here are not made-up. Kevin Werbach is a popular Business-Tech professor at Wharton; Ryan Merket is a start-up guy; as is Tariq Krim, Monty Metzger, and Chris Sacca; Peter Rothman is a computational guru.

        • Director Andrei Iancu has stepped-down as PTO Director

          As expected and is usual, Andrei Iancu has stepped-down from his post as Undersecretary of Commerce and USPTO Director a few hours before the conclusion of Donald Trump’s four years as president. Iancu will be remembered as being professional and engaged with the IP community throughout his three-year leadership. Every day Iancu spoke about the storied history of our patent system and its future potential. Iancu has been seen as more “pro-patentee” than his predecessor Michelle Lee, especially in ways that he transformed elements of the Patent Trial & Appeal Board (PTAB).

          [...]

          Although I have not heard, I expect that Laura Peter (Deputy Director) will also be resigning by Noon on January 20. Under ordinary succession process, Drew Hirshfeld, Commissioner for Patents, would take charge as the acting director until a successor is nominated by the new President and confirmed by the Senate. Hirshfeld has continually shown himself to be a solid manager with deep understanding of the patent law issues — something needed for the 10,000+ person office.

      • Copyrights

        • Musicians Need to Organize Collectively, as Workers

          Launched in the spring as the coronavirus pandemic shut down music venues across the country, the Union of Musicians and Allied Workers (UMAW) seeks to, per their website, “organize music workers to fight for a more just music industry, and to join with other workers in the struggle for a better society.” In October, the union launched its Justice at Spotify campaign, seeking to increase the streaming giant’s abysmally low payout rate for musicians. The campaign currently has the support of more than 26,000 recording artists.

        • U.S. Government's List of Notorious 'Piracy' Markets is a Mixed Bag

          Ten years ago, the USTR's list of notorious online piracy markets was mostly made up of classic pirate outlets, such as torrent sites and cyberlockers. Over the years it has transformed into a mixed bag of targets including social media platforms, billion-dollar e-commerce companies, hosting services, and advertisers. The Pirate Bay is still there as well, of course.

        • Russia Adds 1,768 Pirate Site Domains to WIPO Advertising Blacklist

          A database run by the World Intellectual Property Organization with the purpose of depriving pirate sites of ad revenue has just swelled significantly with the help of Russia. After being identified as persistent copyright infringers by rightsholders, local telecoms watchdog Roscomnadzor has entered the domains of 1,768 pirate sites, hoping to make them much less profitable.



Recent Techrights' Posts

15 Countries Where Yandex is Already Seen to be Bigger Than Microsoft (in Search)
Georgia, Syrian Arab Republic, Cyprus, Moldova, Ukraine, Armenia, Azerbaijan, Kyrgyz Republic, Uzbekistan, Kazakhstan, Turkmenistan, Tajikistan, Belarus, Turkey, and Russia
FSF Has Made It Halfway to Its Target (Funding Goal) a Week Before Christmas Day
$400,000 definitely seems reachable now, especially if they extend the "deadline"
 
There's an Abundance of Articles About the New Release of Kali Linux, But This One is a Fake
It can add nothing except casual misinformation (fed back into the model to reinforce lies)
Links 19/12/2024: Astronaut Record and Observer Absorbed
Links for the day
Links 19/12/2024: Seven Dirty Words and Isle Release v0.0.3 (Alpha)
Links for the day
Links 19/12/2024: Nurses Besieged by "Apps", More Harms of Social Control Media Illuminated
Links for the day
Links 19/12/2024: Magnitude 7.3 Earthquake and Privacy Camp
Links for the day
Gemini Links 19/12/2024: Port Of Miami Explosion, TurboQOA, Gnus
Links for the day
Fake Articles About 'Linux'
Dated yesterday
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 18, 2024
IRC logs for Wednesday, December 18, 2024
[Meme] The Master Churnalist
Speaking of press releases being passed off as "journalism"
Spamnil's TFiR: Still Pretending Press Releases Are 'Articles' (TFiR 'Originals' as Plagiarism or Fluff)
Same as last year
Links 18/12/2024: Zakir Hussain Dies, TuneIn Layoffs
Links for the day
Links 18/12/2024: Karate Love and Advent of Code
Links for the day
Windows (or Microsoft) Has Become the "One Percent" (Market Share) in Chad
How long before it falls below 1%?
Arvind Krishna, IBM's CEO, Will Eventually Suck Up to Donald Trump Like His Predecessor Did or the Watson Family Did With Adolf Hitler
Literally Hitler
Being a Geek Need Not Mean Being Sedentary
"In the past 18 months," Berkholz writes, "I’ve lost 75 pounds and gone from completely sedentary to fit, while minimizing the effort to do so (but needing a whole lot of persistence and grit)."
GAFAM Kissing the Ring of the Mafia Don
"resistance" to dictatorship and defenders of democracy?
Slop Spaghetti From the Chef, Second Time Today
Fresh slop ready out the oven!
IBM - Like Microsoft - Lies About the Number of People It's Laying Off (Several Tens of Thousands, Not Counting R.T.O. "Silent" Layoffs and Contractors/Perma-Temps)
How many waves of silent layoffs have we seen so far at IBM this year?
Links 18/12/2024: EU Launches Probe Into TikTok (At Last!)
Links for the day
Links 18/12/2024: Doha/Qatar Trafficking, Bloat Comfort Zone, and Advent of Code 2024
Links for the day
Saving What's Left of Decent and Independent Journalism on the Web
We increasingly (over time) try to make local copies (hosted on our server) of important documents; it's hard to rely on third parties
[Meme] Microsoft's Latest Marketing Pitch
"Stop Being Poor; buy a new PC with TPMs"
In South Africa, a Very Large Nation, Web Developers Can Already Ignore Microsoft Browsers (Edge Measured Below 3% in 55 Nations)
The dumb assumption you must naively test with Microsoft browsers is no longer applicable in a lot of places
Open Source Initiative (OSI) is the Voice of Bill Gates and Satya Nadella
Not hard to see what they've done with the money
Microsoft Boasts That Its (Microsoft-Sponsored) "Open Source AI" Propaganda Got Cited in Media (That's Just What the Money Did)
This is a grotesque openwashing campaign
In Many Places Around the World, Perhaps as Expected, Yandex is Nearly Bigger Than Microsoft (Like in Several African Countries)
Microsoft may soon fall to "third place" in search
Keeping Productive This Christmas
We've (pre)paid for hosting till almost January 2026 and fully back on the saddle
IBM and Canonical Leave Money on the Table Because Microsoft Pays Them Not to Compete and Instead Market Windows, WSL, Microsoft 'Clown Computing', and TPMs
Where are the regulators?
Other Editors Who Agree "Hey Hi" (AI) is Just Hype But Won't Say So Publicly as It Might Upset Key Sponsors
Some media would gladly participate in a scam to make money
Brian Fagioli's Latest "Linux" Article Appears to be Fake
Another form of plagiarism/ripoff using bots?
IBM (and Red Hat) is a Patent Troll, Still Leveraging Software Patents to Extract Money Out of Other Companies by Suing Them
Basically, when it comes to patents, IBM is demonstrably part of the problem, not the solution
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 17, 2024
IRC logs for Tuesday, December 17, 2024
[Meme] When the People Who Falsely Accuse You of Pedophilia Turn Out to be Projecting
When you attack something or someone using falsehoods, as happens a lot to Richard Stallman (RMS), there's risk that the attacks will backfire, badly
In Some Countries, Such as Greece, Almost 80% of Windows Users Are on Vista 10 and About 85% Need to Move to GNU/Linux for Security Patches
Vista 11 was a failure
[Meme] They Don't Want the Public to Know What "Responsible Encryption" Really Means
They also blame "China" for their own back doors (because China learned how to exploit those)
The Linux Foundation's Certificate Authority (CA) Significantly and Suspiciously Raises the Number of Certificates It Issues (Quantity Increase/Inflation) by Lessening Their Lifetime in the Name of 'Security' (That Barely Makes Sense!)
LE made 3 months the "standard" for most, soon to become just 6 days instead of 6 months?
Why I Continue to Believe That at the End Software Freedom Will Win
a short and incomplete list of factors which I believe contribute to the sentiment that we can - and will - win the battles over hearts and minds in the "Tech" realm
Links 17/12/2024: More China Sanctions, GOP Scheming to Prop Up Fentanylware (TikTok)
Links for the day
Gemini Links 17/12/2024: The Streisand Effect and Productivity-systems Desiderata
Links for the day
Technology: rights or responsibilities? - Part X
By Dr. Andy Farnell
Links 17/12/2024: More "Tesla Autopilot" and "Hey Hi" (AI) Blunders
Links for the day
Instead of Promoting GNU/Linux (or Ubuntu) Ahead of Vista 10's EoL Canonical is Marketing Microsoft's Proprietary Software
It's like Canonical employs people who work for Microsoft, not for Canonical
Links 17/12/2024: Many Abuses by Microsoft and War Updates From Ukraine
Links for the day
Content Management Systems (CMS) Bloat/ Static Site Generators (SSG) Trouble
some Web site management stories
DEI Room at fedoraproject.org Pretty Much Dead
We're not against diversity but against its weaponisation by greedy people who do not value diversity at all
The "Latest Technology News" at BetaNews is Slop About Slop
This is at the very top of the "news" (front page) at the moment
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 16, 2024
IRC logs for Monday, December 16, 2024