If you want to be a master of ethical hacking and grasp the understanding of possible loopholes or vulnerabilities of a system or systems existing under a defined network, then you have no choice but to turn to Kali Linux. It documents, versions, and parades the best tools in the Cybersecurity industry to use for penetration testing. The extensive documentation and community support of these penetration tools make a beginner’s first step into the Cybersecurity world a stressless joy.
If we journeyed back 20 years ago and previewed the calendar state of Cybersecurity, you would not be able to fit in this world as easily as you can now. Nothing was straightforward, and the available penetration tools were not exposed to thorough documentation. Such a gamble would require a standardized technical endurance level, which would make normal learning a dull adventure.
Hello and welcome to this week's weekly Linux Roundup.
We had another peaceful week in the world of Linux releases.
Amarok Linux 3.0 has been released with XFCE 4.16 this week.
In the Linux Release Roundup series, we summarize the new application and distribution versions release in the last few days. This keeps you informed with the latest developments in the Linux world.
Linux provides an amazing desktop experience by default. Although advanced users have the flexibility to choose their own window manager, the day-to-day flow of Gnome is better than ever since the GNOME 3.36 improvements. As a long-time Mac enthusiast turned Linux user, that's huge.
There is, however, one shortcut I use every day on a Mac that you won't find by default on Linux. It's a task I do dozens of times a day and an essential part of my digital communication. It's the emoji launcher.
You might laugh when you see that, but stick with me.
Let’s talk about the complicated nature of Linux on game consoles—a story that gets particularly complicated when the discussion turns to what Sony did on the PS3.
Google removes Matrix chat-client Element from the Play store, sudo has a major flaw with a long-tail, and Rocky Linux gets a boost.
On this episode of This Week in Linux, we’re going to talk about the pretty nasty bug discovered in the Sudo tool which has been named “Baron Samedit”. We’ve got some distro news to discuss for Ubuntu 21.04 and Tails OS. Then we’ll check out some news in the desktop environment space from KDE Plasma and CDE, the Common Desktop Environment of all things. In App news, we’ll check out the latest releases of Mozilla Firefox, Xfce’s Thunar file manager and another browser called qutebrowser. Cute with a “Q” naturally. We’ll take a look at the excite plans UBports has for Ubuntu Touch in 2021. All that and much more on Your Weekly Source for Linux GNews!
Vim emulation is tolerable but I'll always take full vim instead and that's where Firenvim comes in, this let's us embed neovim into our Firefox or Chromium and turn every single text box we see into a full instance of neovim with all your configurations included.
Things look a little calmer than last week, and over-all very average for rc6. So - like always this late in the release schedule - I'd certainly have liked things to be even calmer, but nothing here really stands out.
The diffstat is quite flat, meaning lots of small fixes, with the exception of one new LED driver, and a flurry of PI futex fixes (and one nouveau patch that is just a lot of trivial lines).
And all the stats look normal: average number of commits, and they are all in the usual places, with most of the patch being drivers (gpu, networking, sound, etc), but we obviously have all the usual suspects with arch updates, and a smattering of fixes to core code (kernel, mm, networking, filesystems).
A few known issues still, hopefully soon fixed, and on the whole things look quite normal apart from some mailing list hiccups..
Go test,
Linus
One of the notable changes this week was the orphaning of Intel Itanium support and with that a fix to restore the support after recent breakage. We'll see if the Itanium IA-64 support gets into better standing or ends up being removed in the not too distant future.
Aside from orphaning Itanium, there were a lot of other fixes throughout the massive kernel.
The 5.11-rc6 kernel prepatch is out for testing. "Things look a little calmer than last week, and over-all very average for rc6. So - like always this late in the release schedule - I'd certainly have liked things to be even calmer, but nothing here really stands out."
Hi folks,
I would like to announce an 0.2.9 release of Taiwins project. Back in September 2020, I released the 0.2 version of Taiwins, which was utilising wlroots for backend handling. I have gone on implementing backend logics and Laid out most of the ground work. Now Taiwins has a new release and libtaiwins is releasing with it. Libtaiwins is another alternative to libweston and wlroots, but GPL licensed. It handles the output and input devices and offers rendering context for compositing. I implemented some interesting features like gpu hotplug, and in the future, we will have vulkan renderer as well.
Apparently I am shamelessly advertising Taiwins here for potential interested users and developers. But I guess I didn't do a very good job last time since I am the only developer now. As one man, I think it is as much as I can push the project right now. I sort have to thank the pandemic otherwise I would never be able to have this much developing time. This time, I drafted a feature list [1] of Taiwins for those who are interested. We also have a Gitter channel if you have any questions. I am sure you will find tawins is an interesting an unique project.
Cheers to the new year.
Regards, Xichen
Taiwins debuted last year as a compact Wayland compositor and focused on being modular with Wayland scripting support. Up to now Taiwins relied upon the WLROOTS effort born out of the Sway project for doing much of the Wayland heavy-lifting but the developer has now replaced it with its own Wayland support library.
Taiwins 0.2.9 has been released as this latest version. While WLROOTS was used on the back-end previously, now there is "libtaiwins" as its own library as an alternative to WLROOTS or Weston's libweston. Libtaiwins is GPL-licensed but providing much of the same functionality around output handling, input devices, and related GPU/display/input functionality.
For those wondering how say AVX heavy a particular program is being benchmarked or if a given program/benchmark supports making use of new instruction set extensions such as Vector AES or forthcoming AVX VNNI or AMX, the Phoronix Test Suite and OpenBenchmarking.org can now provide that insight on a per-test basis with common CPU instruction set extensions.
[...]
About nine years ago I wrote an initial CPU instruction analysis for OpenBenchmarking.org albeit was in rough shape and not of much priority. After last year's overhaul to OpenBenchmarking.org, I began toying with it again and rewrote the implementation and is now much more capable. These days it's more interesting as well in an AVX-512 era where it can have significant implications on per-core clock speeds. Plus with the forthcoming Advanced Matrix Extensions (AMX) among other more recent notable extensions, the feature makes more sense and usefulness these days.
As of this weekend, the functionality is now restored on OpenBenchmarking.org. Test profiles will begin displaying what notable CPU instructions are used by a given test/benchmark. All flavors of AVX, AMX, AES, VAES, SERIALIZE, ENQCMD, MOVDIRx, FMA, and BMI2 are among the instructions being reported on the web interface.
The Kid3 audio tagger 3.8.5 was released today as a new bug-fix release which however includes also some minor new features.
Kid3 3.8.5 adds ability to change the language via Settings -> Appearance, though app needs a restart to apply change.
It also brings “Invert Selection” option under Edit menu, command option “config” to query and set configuration options, and script to rewrite all tags of the selected files.
Conky system monitor is a simple but advanced application to install on a Linux system for getting a Desktop widget with details of the system process, Memory consumption, CPU load, and more…
Users who have shifted from Windows to Linux platforms will always have some Task Manager in the form of a system monitor, however, as we know Linux platforms are full of possibilities, thus you will love Conky. It is a small lightweight and highly configurable Linux system monitor that can show all information in one place in a beautiful widget.
Although running the Conky system monitor is not difficult, the configuration would be easy especially for beginners, but with a little training you can create very nice “system monitors”.
There are a bunch of raw photo editors for Linux. Filmulator is one of them. Filmulator aims to make raw image editing simple by giving only the essential elements. It also adds the feature of library handling which is a plus if you are looking for a decent application for your camera images.
Let’s see what features you get in the Filmulator editor.
Filmulator claims that it is not the typical “film effect filter” that merely copies the outward characteristics of film. Instead, Filmulator gets to the root of what makes film so appealing: the development process.
Touche is a new desktop application to configure Touchegg, a multi-touch gesture recognizer for Linux.
After not receiving any updates for about 5 years, Touchegg was completely rewritten fairly recently to work with the new technologies that are now available on the Linux desktop, as well as to add new features.
The application runs in the background, transforming the multi-touch gestures you make on your touchpad into various desktop actions. It supports swipe and pinch multi-touch gestures, and it also features touchscreen support which allows pinch, swipe and tap gestures. For example, you can minimize a window by swiping down using 3 fingers, pinch in using 2 fingers to zoom in, etc.
To configure Touchegg, users need to edit a configuration file. This is where Touche, the new Touchegg GUI, comes in (created by the same developer).
The phrase “A picture is worth a thousand words” refers to the idea that a solitary still image can provide as much information as a large amount of descriptive text. Essentially, pictures convey information more effectively and efficiently than words can.
A screenshot is an image captured by a computer to record the output of a visual device. Screen capture software enable screenshots to be taken on a computer. This type of software has a wide range of uses. As an image can illustrate the operation of computer software so well, screenshots play a crucial role in software development and documentation. Alternatively, if you have a technical problem with your computer, a screenshot allows a technical support department to understand the problems you are facing. Writing computer-related articles, documentation and tutorials is nigh on impossible without a good tool for creating screenshots.
ScreenCloud is a screenshot tool that’s designed for network services such as Dropbox and Imgur. It’s open source software that uses Qt.
This is the second part of the Correlation Analysis in R series. In this post, I will provide an overview of some of the packages and functions used to perform correlation analysis in R, and will then address reporting and visualizing correlations as text, tables, and correlation matrices in online and print publications.
MySQL is one of the most widely used relational database management systems all over the IT industry. Mostly Linux-based operating systems are preferred for deployments of databases huge in size, and thus MySQL is very commonly deployed over Linux and used in the backend of an application.
The - bash: python: command not found error shows mainly because of three reasons. First of all, is the python executable installed on the machine? If it is installed, is the environment variable PATH configured correctly so it can locate the installed executable? The third reason could be a broken symlink.
MySQL is a relational database management system and is used widely all over the IT industry for efficient data storage. In Linux, MySQL is available in standard installation packages of almost all major Linux distributions. They install not only the MySQL Client and Server but also some other database utilities.
One such utility is MySQLDump. There are cases when MySQL databases need to be backed up and saved to a file: for example to secure a copy of the data as a backup, or to copy the databases to another system.
Recently my Linux desktop computer can’t mount my 5TB external hard disk drive (HDD), and the file manager displays the “can’t read superblock” error on the screen. I’m going to share with you what I did to fix the error, so if you are in the same situation, this article may help you.
MySQL is a popular choice when it comes to relational database management systems. MySQL and its clones power a large percentage of the worldwide web today; the reason for it being its robustness and plethora of options available.
There are scenarios when a MySQL database needs to be backed up and saved in a file: either to secure a copy of the data as a backup or to copy the database to another system.
pgAdmin is an open-source feature-rich, frontend management tool that allows you to easily administer and manage your PostgreSQL relational database from a web browser.
It provides an easy-to-use user interface that simplifies the creation and monitoring of databases and database objects. PgAdmin 4 is an improvement of the earlier pgAdmin tool and is available for Linux, Windows, macOS systems, and even a Docker container.
In this tutorial, you will learn how to install PostgreSQL with pgAdmin4 on Linux Mint 20.
A Network Port, simply known as a Port, is a logical number assigned to a process running on any machine. We know that on the Internet (or on any network) a machine is identified by its hostname.
The hostname can be simply the IP address of the machine, or a fully qualified domain name. A port number is assigned to each program running on the host machine; thus the client machine can access the program on the host.
Many times empty directories get cluttered in the Linux file system, and it becomes a difficult task to manually search for and delete each of them. The command rmdir (remove directory) is used in Linux to delete empty folders.
The CPU Information in any machine includes information about the processor, the vendor details, model name, architecture, speed of processing, etc. In Linux, CPU information is stored in a system file, which can be either read using a text editor, or it can be read and used in an administrative shell script.
One of the reasons why you may consider setting up a local apt repository server is to minimize the bandwidth required if you have multiple instances of Ubuntu to update. Take for instance a situation where you have 20 or so servers that all need to be updated twice a week. You could save a great deal of bandwidth because all you need to do is to updates all your systems over a LAN from your local repository server.
As the most widely used document format, PDF (portable document format) allows you to share documents across different OS platforms. All major web browsers come with a built-in PDF viewer, so you can open and view PDF files on pretty much any device with a web browser. Compared to its universal accessibility, however, modifying existing PDF files has not been as easy and as straightforward.
As one prime example, let's say you want to sign a PDF document. Although the official Adobe Acrobat Reader allows you sign a PDF document by typing, drawing or inserting an image of your handwritten signature, Acrobat Reader is no longer supported in Linux platform. Existing open-source PDF readers such as Evince or Okular come with limited editing capabilities such as PDF annotations, but do not allow you to add your signature to a PDF document.
Set the hostname on your Linux systems by using the hostnamectl command.
Ever needed to access a file inside your virtual machine, which resides on your host operating system? With the help of VirtualBox’s shared folders feature, you can select a folder on your host OS to share. Inside your VirtualBox virtual machine you can then mount this shared folder. Once configured, you can easily exchange files between the host and guest OS. In this article you’ll learn how to configure and mount a shared folder on your Linux based VirtualBox virtual machine.
Vsftpd is the acronym of Very Secure FTP Daemon: it is one of the most used ftp servers on Linux and other Unix-like operating systems. It is open source and released under the GPL license, and supports virtual users and SSL for data encryption. In this tutorial we will see how to install it and configure it on Linux.
With the support of the open-source community behind it and a strict privilege system embedded in its architecture, Linux has security built into its design. That being said, gone are the days that Linux system administrators could get away with subpar security practices. Cyber criminals have come to view Linux as a viable attack target due to its growing popularity, the valuable devices it powers worldwide, and an array of dangerous new Linux malware variants that have emerged in recent years.
It has become apparent that the majority of attacks on Linux systems can be attributed to misconfigurations and poor administration - and failure to properly secure the Linux kernel is often at least partially to blame. Kernel security is a key determinant of overall system security, as the Linux kernel is the foundation of the Linux OS and the core interface between a computer’s hardware and its processes.
Luckily, the Linux kernel possesses an assortment of effective built-in security defenses - namely, firewalls that use packet filters built into the kernel, Secure Boot, Linux Kernel Lockdown and SELinux or AppArmor - that administrators should take full advantage of. This article will examine the importance of robust kernel security and explore various measures that administrators can take to secure the Linux kernel and protect their systems from malware and other exploits.
Jelly is a free and open-source multimedia application to manage and stream your movies and songs over the internet.
If you love watching movies like me and always traveling with a smartphone having low storage space limits you with the number of movies you can watch.
Jellyfin is your all in one solution, but remember Jellyfin do not provide movies on its own. You have to first download it and then locate the movie’s location which you want to stream in Jellyfin.
Pantheon is the default desktop environment for the elementary OS. This quick guide explains the steps to install the Pantheon desktop environment in Arch Linux.
There are two ways to run a shell script in Linux.
A Linux distro can be described as a collection of inter-dependent packages on top of the Linux kernel. Together, they offer an amazing experience. To keep the packages in order, a package manager is a must-have for every distro.
In the case of Fedora, YUM and DNF are two package managers. In this guide, we’ll check out how to set up and use YUM on Fedora.
Elasticsearch loves data; none of us can dispute that. However, data can become redundant and useless at some point or the other, necessitating its removal. Luckily, with Elasticsearch, when data become redundant, all you need to do is access a tool to perform requests and transfer data over the network.
This quick guide will show you how to use the mighty Elasticsearch API to delete documents and indices.
Having up-to-date information about your devices can help troubleshoot and manage your system. Knowing this, Elasticsearch provides simple ways to display elaborate statistics about indices in your cluster. This tutorial discusses the art of using Elasticsearch CAT API to view detailed information about indices in the cluster. This information should help you manage how the clusters are performing and what actions to take.
You may already know that Elasticsearch loves JSON and uses it for all its APIs. However, displayed information or data is only useful to you when it’s in a simple, well-organized form; JSON might not accomplish this very well. Thus, Elasticsearch does not recommend using CAT API with applications but for human reading only.
When you’re working with databases, you’ll inevitably need to make changes such as adding, removing, and modifying data. When you’re modifying data in an Elasticsearch index, it can lead to downtime as the functionality gets completed and the data gets reindexed.
This tutorial will give you a much better way of updating indices without experiencing any downtime with the existing data source. Using the Elasticsearch re-indexing API, we will copy data from a specific source to another.
Let us get started.
Snap is a tool used to bundle an app and its required dependencies so that it works on different Linux distributions without any modification. Snap apps are hosted in the Snap Store. At the time of this writing, there are thousands of open-source and proprietary apps available in the snap store.
In this article, I am going to show you how to use the Snap package manager on Ubuntu. So, let’s get started!
Since you are reading a tutorial about Elasticsearch index, the chances are high that I don’t need to dive deep into what Elastisearch is, but a brief reminder will do you no harm.
Docker is one of the best technologies for virtualization and isolated environments for building applications.
This tutorial will show you how to create a Docker image that integrates Elasticsearch, Kibana, and Logstash. You can then use the image to deploy the ELK stack on any Docker container.
In this video, we are looking at how to install Atom text editor on Linux Mint 20.1.
Elasticsearch is one part of the popular ELK stack used for log analytics and search. Applications and systems are constantly logging data that can be very useful for troubleshooting and tracking problems. Using the ELK stack, you have the best tools to perform these tasks quickly and very easily.
There is a Linux tool that makes it easier for Android applications to run on the open source operating system. Anbox utility is a tool that acts like a bridge between Linux and Android. In this article you will learn how to install and use Android apps on Linux using Anbox.
Human: Fall Flat is a platformer puzzle game developed by No Brakes Games and published by Curve Digital. In the game, the player must solve physics-based puzzle games with their character. In this guide, we’ll show you how to play the game on Linux.
We are going to install node_exporter and configure Prometheus to monitor Linux servers.
The node_exporter service is a Prometheus exporter for hardware and OS metrics exposed by Linux kernels.
Elasticsearch is all about data, and as you probably already know, data is important—to you and Elasticsearch. However, in as much as both you and Elasticsearch love data, data failures may occur, leading to data loss.
To help safeguard against data loss, Elasticsearch has various features that allow you to ensure data availability, even in data failure instances.
Indices are an essential Elasticsearch feature without which it would probably not function as it does. Although Elasticsearch indices may vary depending on intended use, they tend to share common properties. Given this, it can be tiresome to create similar properties for all indices. Instead, it is much more efficient to create a template we can refer to when creating an index.
This tutorial will walk you through the ins and outs of Elasticsearch index templates that allow you to define templates or blueprints for common indices. For example, if you are constantly logging data from external sources, you can define a blueprint for all logging indices.
GitScrum is a free, open-source task management tool that you can use to manage projects with ease. GitScrum uses the famous Git platform and Scrum software methodology to allow for more effective team management. This software helps users to track time consumed to perform various tasks and keep a record of projects that users are working on. Users can create multiple projects, keep a record of projects assigned to different users, and even chat in real-time. This article shows you how to install GitScrum in Debian 10.
VIM is a powerful editor with a rich ecosystem and many many features it's used by many users around the world in their daily administrations and development tasks.
This tip is very useful if you want to use VIM (mainly) as your source code editor.
Like any other filesystems, the Btrfs filesystem also has a lot of mount options that you can use to configure the Btrfs filesystem’s behavior while mounting the filesystem.
This article will show you how to mount a Btrfs filesystem with your desired mount options. I will explain some of the useful Btrfs mount options as well. So, let’s get started.
JetBrains IntelliJ IDEA is a popular environment for application development. IntelliJ IDEA was developed by JetBrains. JetBrains IntelliJ IDEA contains several built-in tools, including auto code completion, database integration, terminal, inline debugger, and more. The core packages of IntelliJ IDEA support the Groovy, Java, XML, and Kotlin languages. You can also install various plugins to support other programming languages, such as Perl, Python, and Go.
This article provides a guide for installing JetBrains IntelliJ IDE on your Debian 10 system.
exFAT is a proprietary filesystem developed by Microsoft, which has been primarily used in Windows and many existing SD cards or USB drives. Compared to FAT32, exFAT offers many improvements in terms of file size limit (significant higher than FAT32's 4GB limit), maximum disk size, maximum number of files, disk allocation performance, timestamp granularity, file name length, etc. Because of these enhancements and good compatibility with Windows and MacOS, exFAT has been used as a default filesystem for many existing high-capacity SD cards (e.g., SDXC) or USB flash drives.
In this tutorial, we’re going to show you how to install YOURLS on an Ubuntu 20.04 server with Nginx, MariaDB, PHP, and Let’s Encrypt.
Today we are looking at how to install Eclipse IDE for Java Developers on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.
The installation procedure for Gentoo involves more steps than other distributions. This is intentional so you can control the steps in a more clear way. Using this strategy, you can get started with less than 4GiB of disk and memory of down to 256MiB, 512MiB if you want to use the liveDVD. You also have the opportunity to tweak your system to be as efficient as you can make it. Your first try will be slower if you are not well versed in Linux and all the intricate details, but you can end up with a very lean system.
The Btrfs filesystem-level encryption feature is still not available. But you can use a 3rd party encryption tool like dm-crypt to encrypt the entire storage devices of your Btrfs filesystem.
In this article, I am going to show you how to encrypt the storage devices added to a Btrfs filesystem with dm-crypt. So, let’s get started.
The article covers a guide about using the GameConqueror cheat engine in Linux. Many users who play games on Windows often use the “Cheat Engine” application to modify game parameters and player attributes to enhance the gameplay experience, get over unnecessary grinding, complete speedruns and so on. The Cheat Engine application is not available for Linux, however, another application called “GameConqueror” based on the same concept and features is available for Linux distributions. While GameConqueror is not as advanced as Cheat Engine, it gets the job done and it is the only Cheat Engine for Linux with an easy to use interface.
PDF stands for Portable Document Format which is widely used among general users for documentation purpose and its usage is primarily for printing, sharing and for large documents.
By default, all Linux distributions comes with a PDF viewer, but not ideally with PDF editor like Adobe Acrobat.
To edit PDF’s, LibreOffice Draw can be used as basic PDF editor which is readily available with most of the Linux distributions, as part of the LibreOffice suite.
LibreOffice Draw may not be a full-fledged PDF editor but definitely an editor to fulfill our basic requirements with some limitations.
root user is a privileged user in Linux, which is similar to an administrator in Windows.
All kind of administrative operations can be performed using root user privilege hence it is not advisable to provide root access to anyone who does not have much familiarity with Linux environment, which might cause adverse impact on the system.
Some time ago I came across a weird error when trying to run RSpec test suite involving PhantomJS in Vagrant. Here’s the solution.
Creating and destroying virtual machines in Vagrant left and right might get us in trouble. If we reuse the domain name, Vagrant will fail to create it again. Here is how to use virsh if Vagrant won’t help anymore.
Two years ago patches were posted in working on Wine support for IBM POWER / OpenPOWER hardware. The aim with that enablement has been to run Windows programs on POWER 64-bit hardware via Wine with the related "Hangover" project for handling the cross-architecture difference. The Wine patches for PPC64 have now been revived with hopes of mainlining them now that Wine 6.0 has passed.
[...]
The updated Wine port can be found on the developer list while awaiting review to see if the code is in good enough shape that it could potentially be mainlined this year.
Valve are in the legal spotlight again following the EU Commission Fine with a few more Steam troubles, as a new lawsuit has emerged about an abuse of their market power.
First reported on Hollywood Reporter, which has the full document that shows the lawsuit was filed on January 28, was filed by 5 people together and doesn't appear to have any major companies backing it. The suit mentions how Valve require developers to sign an agreement that contains a "Most Favored Nations" provision to have developers keep the price of their games the same on Steam as other platforms.
Closing in on a big new stable release, the OpenRA project to play the classic Command & Conquer real time strategy games has a new test release that needs more people to try out. This fresh update builds upon the test release launched late last year, and they expect it to be the final one before a new stable release is out for everyone.
Need more combat flight sims? Pirates of Frontier's Reach is a somewhat promising upcoming (Early Access) title that just recently made its way onto Linux officially.
"Pirates of Frontier's Reach is an arcade flight combat game set in the Frontier's Reach Universe. A universe where humanity has taken it's first steps into the stars and begun to establish colonies across hundreds of worlds from the most habitable to the most hostile. Players will assume the role of a fighter pilot serving in the privateer fleet of the Republic of the Frontier Worlds where human's from every culture and tongue have come to seek opportunity and an escape from the overbearing authority of the Sol Confederacy of Planets."
Publisher Assemble Entertainment and developer Chaosmonger Studio have released their Bladerunner-meets-Full Throttle point-and-click adventure game, Encodya on Steam and GOG.
Payday 2 is a cooperative FPS developed by Overkill Software and published by 505 games. In the game, players team up in a group of 4 to do bank robberies. In this guide, we’ll show you how to get Payday 2 working on Linux.
One of the hardest things in drawing and painting is controlling the individual strokes. Not only do you have to control the location but also the pressure, tilt and rotation of the pen or brush. This means mastering five or six degrees of freedom at the same time with extreme precision. Doing it well requires years of practice. Modern painting applications and tools like drawing tablets emulate this experience quite well, but the beauty of computers is that we can do even more.
gRPC has a very, very big flaw for publically facing services: streams play awfully with reverse proxies like nginx, as they're essentially HTTP2 requests that aren't closed. This causes proxies to be like “hmmm this is a slow loris attack, time to yeet this stream.” For our homeserver at https://harmonyapp.io, this means we had to configure nginx to be ok with requests taking an entire hour. Any streams would always terminate at exactly 60 minutes. To be fair to gRPC, there's a dedicated HTTP2 streams thing being worked on that would allow reverse proxies like nginx to play nice with it, but unfortunately that's not the case now.
Besides that, gRPC's client libraries, while widely available, range from mediocre to [ censored ] awful. gRPC is a Google product that isn't Go, which means that “error handling” is not a word in its dictionary. This has really bad implications for the C++/Qt client, Challah. Essentially, if anything goes marginally wrong, the client just straight up aborts. There is no way for us to gracefully recover from any errors that originate from the gRPC library. This is terrible for the user experience, as we can't even show a “something is going wrong” page. This is one of the big reasons we're moving away from gRPC: we cannot have our only desktop client be crashing on anything slightly less than perfect network conditions.
That wouldn't be a problem, if making our own implementation of gRPC was easy. Unfortunately, it's not. Remember the part where I said it used low-level HTTP2 a lot? Yeah, that gets very complicated very fast.
After years in development, mayor 6.0 version of GNOME Data Access library known as libgda has been released!
Vivien Malerba is the champion in the number of commits with 2071, when we see at history of libgda. The long stable 5.2 series, has been useful for many people out there, to create Database oriented applications. I’ve found libgda scripts written in Python very useful, when I need to import data from CSV format. Also programs written in other languages takes advantage of its features.
New 6.0 series, is a modernization in the heart of libgda, powered by Meson Build System, that push ahead its development, followed by a lot of fixes to use modern database providers like PostgreSQL, MySQL and SQLite. New features include a new API for Data Definition, allowing to hide some complexities to create database objects like tables and columns in GDA.
More providers could be better, but GDA now has less. Over time some interested developers may intent to fix current providers, but add new ones are not recommended.
In the opening weeks of 2021 I decided to engage in a search for technological simplicity and dived into a series of distributions with a keep it simple (KIS) philosophy. This week I decided to try Kwort, which is described on the distribution's website as follows:
Kwort is a Linux distribution based on CRUX; we make use of their port system to build a set of minimal packages. While Kwort uses binary packages, we offer the users this port system as well. Looking for the best tools aligned to Kwort's philosophy is an on-going task during the whole year. Because of all this, Kwort is [an] extremely simple and straight forward Linux system.
The Kwort distribution is available in one edition for 64-bit (x86_64) computers. The ISO file is a 1GB download. According to the project's latest release announcement, the recent 4.3.5 release mostly focuses on package updates, bringing the compiler, Linux kernel, and web browsers up to date with their upstream versions.
Booting from the live media brings up a menu offering to boot in normal or "Without RMS" modes. Taking either of these options results in a kernel panic with an error message reporting the root filesystem could not be found. After verifying the media's checksum again, I tried choosing both boot options again and confirmed both resulted in kernel panics early in the boot process. There are some similar reports on the Kwort forum so it seems the problem isn't limited to my environment. This brought my trial with Kwort to an early conclusion.
I wanted to move a couple of USB hard drives from one OpenBSD machine to another. They are configured with softraid(4) as RAID 1 (mirrored). When I plugged the drives into the new machine though, nothing happened with softraid. This was pretty worrying.
Released in May 2019, openSUSE Leap 15.1 was based on the SUSE Linux Enterprise (SLE) 15 Service Pack (SP) 1 sources and powered by the Linux 4.19 LTS kernel, and shipped with many interesting changes, such as the use of the popular NetworkManager open-source network connection manager by default for both laptops and desktops, while server installations still used Wicked.
openSUSE Leap 15.1 also introduced lots of great improvements to the YaST installation and configuration utility, easier migration to SUSE Linux Enterprise (SLE), and much more. But, since new openSUSE Leap releases are supported for about 18 months and don’t have a rolling-release model, openSUSE Leap 15.1 has now reached end of life on January 31st, 2021.
The configurable Python-based HPC package manager Spack is now an Official package in openSUSE Tumbleweed, which currently has the 0.16.0 version of Spack.
If you work with scientific software, you probably know about spack.
Spack is a package manager for HPC that allows to install scientific software using provided recipes. You can easily use multiple compilers and compiler versions. And different versions of the same software can coexist peacefully.
Spack is used with environment-modules or lmod to make easier for users to choose the software stack for their projects.
In a statement Ctrl IQ notes the Rocky Linux community was already "in the thousands of people driving the foundation of the organization..."
Initially, when I started my Linux journey, I used to switch from one distribution to another. It was interesting a few days later, and I feel monotonous to add GPG Key again to Install various software.
It isn’t enjoyable to find GPG keys again and add them one by one for all packages.
I need to find some solution through which I can take backup or move the key to another computer.
I switched my main computer and this time I opted for Lenovo’s Thinkpad T14 that comes with an AMD Processor. It’s the first time that I have 8 cores in my laptop with this AMD Ryzen 7 PRO 4750U CPU and it gives a real performance boost together with the 32GB of RAM.
Despite the fact that it’s a laptop I use it mainly on my desktop where it’s now connected to the “USB-C Dock Gen2” so that I can connect it with a single USB-C cable to power/ethernet/keyboard/mouse and two external displays. I use the display port output and I had some hiccups with the HDMI output where the screen would become blank for a few seconds…
I try to use Wayland wherever possible, since the performance gains and battery life improvements are just too good to ignore. There’s still two major blockers, though – first, NVIDIA support is problematic, at best, so my main computer will remain on X until NVIDIA gets its act together.
Second, my desktop environment of choice, Cinnamon, does not support Wayland and has no support coming in the pipeline, which is really disappointing. GNOME can be made usable with extensive use of extensions, and I’m seriously considering switching to it once the NVIDIA situation is sorted. My laptop already runs GNOME for this very reason.
75% of users are still depending on traditional package mangers (APT, DNF… etc) instead of using Snaps or Flatpaks, but this is gradually starting to change, as larger organizations and development communities start to use the latter instead of the former.
Some people like Snaps, some people hate them, which is fine, just like most things in life. However, it is important to balance this love-hate relationship in order to not be biased toward a certain direction, ignoring the other.
The releases following an LTS are always a good time to make changes the set the future direction of the distribution with an eye on where we want to be for the next LTS release. Therefore, Ubuntu MATE 20.10 ships with that latest MATE Desktop 1.24.1, keeps paces with other developments within Ubuntu (such as Active Directory authentication) and migrated to the Ayatana Indicators project.
If you want bug fixes, kernel updates, a new web camera control, and a new indicator experience, then 20.10 is for you. Ubuntu MATE 20.10 will be supported for 9 months until July 2021. If you need Long Term Support, we recommend you use Ubuntu MATE 20.04 LTS.
Read on to learn more…
We’ve previously seen programmable, portable game consoles powered by Espressif Systems ESP32 processor with the likes of ODROID-GO or WiFiBoy32 both equipped with a 2.4-inch display, and design to play retro games or create IoT projects with a small display thanks to I/O headers.
But if for some reason, you’d like an even more compact ESP32 portable game console based on the WiFi & Bluetooth SoC, Byte-Mix Labs microByte may be what you are looking for thanks to a tiny 1.3-inch square display.
Broadcom BCM2711 processor comes with a PCIe interface that is used for the USB ports on the Raspberry Pi 4 SBC, but that is exposed through the board-to-board connectors of Raspberry Pi Compute Module 4, aka Raspberry Pi CM4, and allows all sort of designs.
So far we’ve mostly seen this PCIe interface used for M.2 expansion slots on devices ranging from industrial computers to carrier board such as Piunora or Gumstix Raspberry Pi CM4 development board. But Wiretrustee had a different idea and designed carrier board with Marvell 88SE9215 PCIe to SATA controller and offering four SATA connectors to build a 4-bay NAS with Raspberry Pi CM4 module.
After more than seven years of absence from the Debian GNU/Linux repositories, the latest version of the open-source and cross-platform Arduino IDE is now once again available for installation thanks to the hard work done by Carsten Schoenert and Rock Storm.
While you could get the latest Arduino IDE release from the official website as a binary for 64-bit, 32-bit and ARM (32/64-bit) architectures, installing the Arduino IDE in Debian GNU/Linux is now just a command away. Simply run sudo apt install arduino in a terminal emulator and you’ll have the latest version installed on your Debian PC and ready to hack your Arduino boards.
The Debian Electronics Team is happy to announce that the latest version of Arduino, probably the most widespread platform for programming AVR micro-controllers, is now packaged and uploaded onto Debian unstable.
The last version of Arduino that was readily available in Debian was 1.0.5, which dates back to 2013. It's been years of trying and failing but finally, after a great months-long effort from Carsten Schoenert and Rock Storm, we have got a working package for the latest Arduino. After over 7 years now, users will be able to install the Arduino IDE as easy as "apt install arduino" again.
To properly process graphics, the basic RISC-V core will support new graphics and machine learning specific — RV32X — data types, including scalars (8, 16, 24, and 32 bit fixed and floats, vectors (RV32-V), and matrices (2x2, 3x3, and 4x4); vector/math instructions; pixel/texture instructions; frame buffer instructions; a special register set (featuring configurable 136-bit vector registers); and some graphics-specific instructions. Initially, the graphics core will support the Vulkan API, but the group strives to make it DirectX (shader model 5) and OpenGL/ES-compliant.
QR codes are an excellent way to provide information to people without the trouble and expense of printing it. Most people have smartphones that support QR code scanning, regardless of the operating system.
There are many reasons you might want to use QR codes. Maybe you're a teacher looking to challenge your students with supplemental material to enhance learning or a restaurant that needs to provide menus while complying with social-distancing guidelines. I often walk on nature trails where trees and other flora are labeled. Supplementing those small labels with QR codes is a great way to provide additional information about the park's exhibits without the expense and maintenance of signage. In these cases and others, QR codes are very useful.
Google banned the "Element" chat client, which is an open source client used to connect to the Matrix.org chat network. According to Element's blog post, Google removed Element from the Play Store due to "some extremely abusive content" on the Matrix.org home server (which Element moderates).
FOSDEM is an open-source developer event that takes place on the first week-end of February every year in Brussels, Belgium. Every year except this year, as due to COVID-19 restrictions, FOSDEM 2021 will take place online like most events these days.
The schedule has been up for some time, and today I’ll look at some of the interesting talks mostly from the Embedded, Mobile and Automotive “virtual devroom” but also other tracks.
Every year in Brussels, Belgium, the first weekend of February is dedicated to the Free and Open source Software Developers’ European Meeting (FOSDEM) This is the largest open source, developer-oriented conference of the year. As expected, the conference is going online for the 2021 edition, which gives open source enthusiasts from everywhere the opportunity to attend. You can participate with the Fedora community virtually, too.
The Fedora Project has a long history of attendance at FOSDEM (since 2006) and 2021 will not be an exception. Every year a team of dedicated volunteers, advocates, and ambassadors staff a booth, hand out swag, and answer questions related to the Fedora Project. Although we will miss seeing everyone’s faces in person this year, we are still excited to catch up with friends, old and new.
Compliance with Open Source and Free Software licenses remains a perennial topic of discussion among policy makers in our community. However, little attention is paid to the motivations why these licenses have specific requirements. Specifically, at least for copyleft licenses, the licenses seek to bestow specific rights and freedoms to the users who receive the software integrated into the devices they use. This panel, containing a group of industry experts, consultants, and license enforcement experts, discusses the challenges and importance of assuring downstream can actually utilize the compliance artifacts they receive with products as intended by the license.
Compliance with Open Source and Free Software licenses remains a perennial topic of discussion among policy makers in our community. However, little attention is paid to the motivations why these licenses have specific requirements. Specifically, at least for copyleft licenses, the licenses seek to bestow specific rights and freedoms to the users who receive the software integrated into the devices they use. This panel, containing a group of industry experts, consultants, and license enforcement experts, discusses the challenges and importance of assuring downstream can actually utilize the compliance artifacts they receive with products as intended by the license.
On March 15, 2021, Google will limit access to many Chrome application programming interfaces (API) inside the open-source Chromium web browser. Google's doing this because, "third-party Chromium-based browsers integrating Google cloud-based features, such as Chrome sync and Click to Call, that were intended only for Google Chrome users".
In other words, "this meant that a small fraction of users could sign into their Google Account and store their personal Chrome sync data, such as bookmarks, not just with Google Chrome, but also with some third-party Chromium-based browsers".
[...]
That's especially true when you consider just how dominant Chromium is in the web browser world. You could even argue that Chromium is the single most important end-user, open-source program in the world. Think about it. With 90% control of the browser marketplace, that's not just people "using" the web. No, it's 90% of people buying goods from Amazon; working at their jobs using Microsoft 365; running their line of business programs such as Salesforce, and on and on.
It's time to think about taking Chromium out of Google's control and giving it to a neutral third-party foundation. If Google doesn't want to go along with this idea, fine. Fork Chromium. It won't be the first or last time a top open-source program has been forked.
Yes, the problem here isn't with the code itself. It's with the rules that Google has applied to its APIs. We've just had our noses rubbed into how those service APIs have locked developers into a world where Google calls all the shots.
It's not easy to replace those API service functionalities. Just ask the developers behind the Google-less Android /e/OS operating system and smartphones. But, it can be done, and it could be done much easier by a community foundation with, or without, Google's help.
Why I want this is simple; if your program can use SQLite, I don't have to run a database server for it. When I don't have to run a database server, I also don't have to install it, set it up, manage the access passwords for it, make sure I'm properly backing it up, manage updates to it (including across upgrading the version of the operating system), and so on and so forth. Every actual database server (whether MySQL, PostgreSQL, or something else) comes with its own collection of necessary work to maintain it. As sysadmins, we can do all of that work, but we only have a finite amount of work time and we would really like to spend that time on more useful things.
LibreDWG version 0.12.1 - 2021/01/31 - beta: Major bugfixes: * fixed dwg_bmp() and dwgbmp for >= r2004. Wrong dat offset. * Fixed EED with code 3 for layer handles. (Fixes GH #310, shanzhugit) * Fixed bit_convert_TU utf8 conversion with ubsan, wrong endian-ness. Various fuzzing errors detected and fuzzed by Chew Kin Zhong (See GH #304): * Fix possible null-deref with broken DWG's in dwg_get_first_object. * Fix possible null-deref with broken DWG's in dwg_find_class with empty CLASS.dxfname. (GH #309) * Fix possible null-deref with broken DWG's in dwglayers with empty LAYER.name. (GH #308) * Fix short integer overflow in EED checks when decoding malcrafted DWG's, which also led to encode buffer overflows. (GH #307) * Fix possible null-derefs with broken DWG's in json export. (GH #306) * Fix possible null-deref with broken DWG's in dwg_next_entity iterator. (GH #305) * Fix wrong TFF overflow check for static strings, where we cannot set the string nor the size. (GH #304) * Fix heap-overflows and invalid free's when decoding broken 3DSOLID's in malcrafted DWG's. Only accept version 1 and 2. (GH #304) Minor features: * Added string converters with known TU sizes: bit_TU_to_utf8_len, bit_read_TU_len.
The beginnings of what is now most commonly referred to as “open source software” was an earlier movement that coined the term Free Software. While it’s mainly about free-ness akin to ‘free speech’ and not necessarily about being ‘free of charge’, the latter is almost always the case as well.
By the 1980s, almost all software was proprietary, which means that it had owners who forbid and prevent cooperation by users.
Source: https://www.gnu.org/gnu/gnu-history.html
In response to the prevailing trend of closed software, a group of liberal-minded technologists devised The Free Software Definition. Think of it as a “Declaration of Code Freedoms”. It goes like this:
Web development is reaching a new high with each passing year with various tools at disposal for web developers. These tools have helped developers develop powerful and popular modern-day web applications like Amazon Prime, Netflix, and AirBnB. End products like these have increased expectations from web developers.
Web development tools can be divided into different categories such as code/text editors, web application frameworks, front-end frameworks, API and testing clouds tools, and web design tools.
Hence, every web developer must have the right web development tools in his toolbox. In this article, we’re going to look at the best Linux tools for web developers.
A report from an online learning platform presents a different take on programming language and devops trends, showing Python and Java ahead of the usual survey winner JavaScript.
O'Reilly veep of content strategy Mike Loukides aimed to discover "real trends" which "unfold on much longer time scales" rather than the current use snapshots in other surveys such as Redmonk's language rankings.
Investigating what people want to learn is a reasonable angle on this – especially if online learning is your business. The new report on 2020 covers "all usage of our platform, not just content that O'Reilly has published, and certainly not just books."
While Qt 6.0 wasn't even released a full two months ago, the Qt 6.1 feature freeze went into effect this morning in trying to get out this next update sooner.
This year's Qt 6.1 and Qt 6.2 releases are expected to be released on a tighter timeline than the prior cadence. If all goes well this means Qt 6.1 will be out before the end of April, barring any delays.
In traditional POSIX compatible operating systems, to get information from a document contained in a file system, a program used the read system call. A document descriptor that is usually accessed from a prior call to open is defined by the file. This read system call reads out the information in bytes and the integer of which the caller specifies from the document, and then saves it in a buffer provided by the calling mechanism.
A Caesar cypher is a weak form of encryption that involves “rotating” each letter of the input string by a fixed number of places. To rotate a letter means to shift it through the alphabet, wrapping around to the end if necessary. In the movie 2001: A Space Odyssey, the spaceship’s computer is called HAL, which is IBM left rotated by 1.
Note that the task description says that the input string contains only the letters A..Z, but the example provided also contains spaces which are not in the encrypted solution. So we need to handle spaces as a special case. Depending on the language, my solutions will either handle spaces as one special case, or decide not to convert any letter outside of the A..Z range in order, for example, to preserve also punctuation marks).
In this post, I’d like to demonstrate a few ways of computing factorials using the Raku programming language.
Python NumPy library has many aggregate or statistical functions for doing different types of tasks with the one-dimensional or multi-dimensional array. Some of the useful aggregate functions are mean(), min(), max(), average(), sum(), median(), percentile(), etc. The uses of mean(), min(), and max() functions are described in this tutorial. The mean() function is used to return the arithmetic mean value of the array elements. The arithmetic mean is calculated by dividing the sum of all elements of the array by the total number of array elements. If the particular axis is mentioned in the function, then it will calculate the mean value of the particular axis. max() function is used to find out the maximum value from the array elements or the elements of the particular array axis. min() function is used to find out the minimum value from the array elements or the particular array axis.
A histogram is a mapping of intervals to frequencies. It is used to approximate the probability density function of the particular variable. It is known as the bar graph also. Many options are available in python for building and plotting histograms. NumPy library of python is useful for scientific and mathematical operations. One of this library’s important features is to implement histogram by using the histogram() function. This function is used to create the histogram that represents the frequency distribution of data graphically. In the histogram, the class intervals are represented by bins that look like horizontal rectangles, and the variable height represents the frequencies. The knowledge of creating NumPy array is necessary to understand the examples shown in this tutorial.
In this article, we are going to discuss the Python Date and Time module. Python does not have its data type to represent a date, but it allows the programmer to import a DateTime module. In addition to the date, time can also be displayed by Python in various ways. With the assistance of date and time modules, it is possible to set the Python time and date.
In this article, we will try to learn about Python Lambda.
NumPy library is used in python to create one or more dimensional arrays, and it has many functions to work with the array. The unique() function is one of this library’s useful functions to find out the unique values of an array and return the sorted unique values. This function can also return a tuple of array values, the array of the associative indices, and the number of times each unique value appears in the main array. The different uses of this function are shown in this tutorial.
When the value of the number changes in each execution of the script, then that number is called a random number. The random numbers are mainly used for the various types of testing and sampling. Many ways exist in Python to generate the random number, and using a random module of the NumPy library is one way to do it. Many functions exist in random module to generate random numbers, such as rand(), randint(), random(), etc. The uses of the random() function of the random module to generate random numbers in Python are shown in this tutorial.
Various types of arrays can be created in Python using the NumPy library. You have to know the ways of creating a NumPy array before using the linspace() function in Python. Sometimes we need to create the array with evenly spaced or non-evenly spaced numbers. Both evenly spaced and non-evenly spaced arrays with a range of numbers can be created using the linspace() function. It is a useful function for numerical calculation. How the linspace() function can be used in the python script has been shown in this tutorial.
Recently I have become curious about the Gemini Project and the content that people have made available to be retrieved over the gemini:// protocol. I’m not convinced by the arguments for not just using http, and mostly it’s just that I typically find more things that I am interested in casually reading through on people’s gemlogs than I would on, say, reddit, and similar aggregators. But presumably advocates of gemini:// and the text/gemini format would argue that it’s various respects in which it differs from the web that makes geminispace conducive to the production of the sort of content you find there. So I’m remaining open minded about the possibility that having a completely separate protocol is important, and not just an annoyance because rss2email doesn’t work and I had to spend time writing gmi2email.
While a handful of elected officials recognize the gravity and push for a Green New Deal (GND) — that rightfully strives to curtail carbon-intensive economic growth — it must also be recognized that the GND is only an initial step. The GND hints at contradictions within the U.S. economy and outlines a transition to alleviate some of these contradictions, yet it is a mere jumping-off point and a framework that leaves questions regarding its implementation.
In sum, the current mode of production and distribution — of private ownership motivated by unlimited growth and profits — is incompatible with ensuring the survival of humanity, serving the common interest, and staving off ecological collapse. To effectively limit the destructive tendencies of a system based on carbon-intensive growth, mitigate economic contradictions, and reverse course from impending ecological collapse, a bold conversation offering implementation with explicit class politics is urgently needed from GND champions.
Silver surged at the week’s open, with futures topping $29 an ounce within minutes, as the the Reddit-inspired frenzy that roiled stock markets last week spills over into commodities.
In a second "Gilded Age" where the power of billionaires and elites over our lives is now being widely questioned, what do we do about their ability to radically and undemocratically alter the landscape of our daily lives using the almighty algorithm?
There is a substantial overlap between RIPE and CCC communities. In this post, I highlight talks from the most recent event that might be inspirational and useful to our readers.
Eighty-seven times as many people have now died from Covid-19 in the U.S. as in China, but in a puzzling attempt to undermine the notion that China's pandemic response has been better, the Times€ has recently highlighted that country's "efforts to hide its missteps"—and criticized it for sending excess vaccines to other nations.
Brazil has recorded the second-highest number of deaths and the third-highest number of confirmed cases of COVID-19 in the world, according to data from the Johns Hopkins University’s Coronavirus Resource Center.
More than 224,000 Brazilians have died of the virus since the pandemic began last year.
There are still unanswered questions about how and whether the vaccines will actually get to a workforce€ that ranks among the€ most vulnerable€ to the coronavirus.
One of the original promises of open source software is that distributed peer review and transparency of process results in enhanced end-user security. However, whilst anyone may inspect the source code of free and open source software for malicious flaws, almost all software today is distributed as pre-compiled binaries. This allows nefarious third-parties to compromise systems by injecting malicious code into ostensibly secure software during the various compilation and distribution processes.
The motivation behind the Reproducible Builds effort is to ensure no flaws have been introduced during this compilation process by promising identical results are always generated from a given source, thus allowing multiple third-parties to come to a consensus on whether a build was compromised.
The Qualys Research Team has discovered a heap overflow vulnerability in sudo, a near-ubiquitous utility available on major Unix-like operating systems. Any unprivileged user can gain root privileges on a vulnerable host using a default sudo configuration by exploiting this vulnerability.
Sudo is a powerful utility that’s included in most if not all Unix- and Linux-based OSes. It allows users to run programs with the security privileges of another user. The vulnerability itself has been hiding in plain sight for nearly 10 years. It was introduced in July 2011 (commit 8255ed69) and affects all legacy versions from 1.8.2 to 1.8.31p2 and all stable versions from 1.9.0 to 1.9.5p1 in their default configuration.
Josh and Kurt talk about 8 bit computing. What sort of security lessons can we learn from the 8 bit world? More than you think.
Juniper revealed its incident in December 2015, saying that [attackers] had slipped unauthorized code into the firm’s software that could allow access to firewalls and the ability to decrypt virtual private network connections. Despite repeated inquiries from Capitol Hill— and concern in the Pentagon about the potential exposure of its contractors to the [crack] — there has been no public U.S. government assessment of who carried out the [crack], and what data was accessed.
A senior computer network manager for a global financial services company, Peter (who did not want to give his surname, or the name of his employer, due to his firm's anxieties surrounding cyber-security), says they are bombarded from all directions.
A "severe" vulnerability in GNU Privacy Guard (GnuPG)'s Libgcrypt encryption software could have allowed an attacker to write arbitrary data to the target machine, potentially leading to remote code execution.
The flaw, which affects version 1.9.0 of libgcrypt, was discovered on January 28 by Tavis Ormandy of Project Zero, a security research unit within Google dedicated to finding zero-day bugs in hardware and software systems.
Version 1.9.0 of Libgcrypt, GnuPG's cryptographic library, is impacted by a serious remote code execution (RCE) vulnerability that could allow an attacker to execute arbitrary code on the target machine.
However, the good news is that the developers of Libgcrypt library have already removed the vulnerable version from their download servers and have released Version 1.9.1 that is free from the flaw.
Unmanned systems have been flying regularly for the European Union’s agencies since 2017. Now, member states are also receiving funding for drones at their external borders. Soon, remote-controlled patrol boats could be deployed.
Data companies are going to find ever more creative, and sometimes more intrusive, sources of data to fuel their AI-driven behavioral analytics systems in 2021, according to a new report.
As users find themselves in a fix over how to safeguard their personal data from being mined by tech giants, a Kaspersky report said that finally, public awareness of the perils of unfettered data collection is growing, and the free market is taking notice.
The FT reports that local law enforcement departments on the platform asked for Ring videos for a total of more than 22,335 incidents in 2020. The disclosure data from Ring also shows that law enforcement made some 1,900 requests — such as subpoenas, search warrants, and court orders— for footage or data from Ring cameras even after the device owner has denied the request. Amazon complied with such requests 57 percent of the time, its figures show, down from 68 percent in 2019.
If you’ve been living under a rock recently, you may have missed that WhatApp are forcing their users to agree to sharing data with Facebook. This has led to droves of people leaving the platform, myself included. But what now?
In a memo to Senator Ron Wyden, the US Defense Intelligence Agency (DIA) admitted to buying location data of the public (and not just US residents) from data brokers.
Data brokers pay application developers and websites for user data. They aggregate and organize the data, and then sell it to paying parties. Their known clients include the US government, police, and intelligence agencies.
Myanmar’s military has seized power in a coup, detaining several politicians, including civilian leader Aung San Suu Kyi, whose party won a second, consecutive landslide in November general elections. In an early Monday broadcast on army TV, the military announced that the commander-in-chief of the armed forces, Min Aung Hlaing, had been installed in power, and that Suu Kyi and other leading members of her National League for Democracy (NLD) party had been arrested for alleged election fraud. "The actions of the military are actions to put the country back under a dictatorship," the NLD said in a statement issued in Suu Kyi's name. "I urge people not to accept this, to respond and wholeheartedly to protest against the coup by the military." Much remains unclear about the implications of the military seizing back power 10 years after agreeing to a civilian transition. This selection of recent TNH stories offers a window into the overlapping conflicts and humanitarian crises Myanmar faces in the midst of today’s news.
“As far as we know, all the important people have been arrested by the Burmese military,” he said. “So, now we can say it is coup d'état. In Naypyidaw, Aung San Suu Kyi and President Win Myint has been arrested, I heard. But we are not sure about members of Parliament in municipality compound, but we can assume that they have been arrested, too.”
Hours after the arrests, military TV confirmed a state of emergency had been declared for one year.
The coup comes after tensions rose between the civilian government and the military following a disputed election.
He says the widespread acceptance of disinformation is not only divisive but also dangerous for the country.
"We act on our beliefs. If you truly believe the country is under attack ... if this, of course, is not true ... obviously it poses a threat," Hawdon says.
People often latch onto pieces of misinformation that align with their worldview and gradually begin to accept even bigger lies, he says.
The proposed law will provide a framework for the creation of an official digital currency to be issued by the Reserve Bank of India and allow certain exceptions to promote blockchain, the underlying technology of cryptocurrency and its uses, according to a bulletin of the lower house of parliament.
The central bank is looking into the need for a digital version of the fiat currency and how to implement it.
Eureka! Amsterdam, the Venice of the North, discovers doughnut economics. With a click of fingers, it abandons the major tenets of the neoliberal brand of capitalism’s insatiable thirst for growth to infinity at any and all costs. This city where capitalism spawned via the Dutch East India Company first issuing shares in 1602 has turned agnostic on 400 years of embedded capitalism.
In the face of a virus that has turned the world to a state of reflection of how to best cope, new ideas bring new hope. After all, the virus has exposed the utter fragility, vast inequity, and incongruity of the engulfing neoliberal machine as conceived under the auspices of Reaganism/Thatcherism over four decades ago. Nowadays, its results are aptly summarized by the universally accepted epithet “The One Percent.”
"We made promises to the American people. We're going to keep those promises."
A long line of critical fiscal theorists has pointed to the limits of financing a politics of emancipation through levies on a regressive economy. We need to heed their warnings today.
“The State cannot cease to be a class State so long as its public finances remain class-bound at every level,” declared Rudolf Goldscheid, an Austrian novelist, economist, and socialist, in his 1925 essay “A Sociological Approach to Problems of Public Finance.” For Goldscheid, this binding took the form of the state’s fiscal dependence on taxes drawn from the incomes and profits of the wealthy. While liberals and social democrats waxed rhapsodic over the social programs that could be funded via progressive taxation, Goldscheid cautioned that this arrangement provided their opponents with the fiscal leverage needed to veto those very policies.
Joe Manchin doesn't necessarily have an interest in the institutional health of the Democratic Party, but the party's leaders have a vital interest in passing sweeping reforms that gratify its base and mitigate its structural disadvantages.€
The corporate assault on democracy hasn't been as violent as the pro-Trump mob who stormed the Capitol. And it's entirely legal. But it's arguably more damaging over the long term.
Their proposal isn’t a compromise. It would be a total surrender. It trims direct payments and unemployment aid that Americans desperately need. Biden should reject it out of hand.
"We owe it to future generations, to the Indigenous communities we've signed treaties with, and to every living being on this planet to stop building fossil fuel infrastructure."
UPDATE: At 2020-01-30 23:17 UTC we received a call from a VP at Google who apologised for the bad communication from Google and explained the situation, which related to some extremely abusive content which was accessible on the default matrix.org homeserver. Our Trust and Safety team had already identified and acted on this content to enforce the server's terms of use, and so we've explained how Element and Matrix works, established a channel for communication over any future moderation concerns, and expect the app to be restored shortly.
UPDATE: The app is restored as of 2020-01-31 00:30 UTC. Huge thanks to everyone for your patience and support while we sorted this out, and to the wider Element team who spent their Saturday on this. Thanks also to Google for being transparent and apologetic and the rapid resolution once we'd established contact.
We shouldn’t have to pitch the need to integrate this into our digital work process. Building solutions that are inclusive is part of our responsibility as designers. Everyone should care about creating solutions that a bigger audience can use. But that’s not always the case. In fact, that’s almost never the case. So for those who still have to make this pitch, I hope this article provides you with the proper arsenal for this battle.
Regardless of whether we’re creating an in-person exhibit experience or a digital experience, understanding your audience is crucial to positioning your solution. In order to successfully get buy-in for accessibility work to be a part of your current project processes, we also have to understand the mindset of our audience and their priorities.
The Trump administration, according to President Biden's campaign team, "wrote Saudi Arabia a blank cheque". It accused it of turning a blind eye to human rights abuses and prolonging a disastrous war in Yemen where tens of thousands have been killed in six years of conflict.
Director Emerald Fennell’s debut feature, “A Promising Young Woman," centers on medical school-dropout Cassie, played by Carey Mulligan, as she takes revenge on men who prey on inebriated women at bars. Flipping the script on our often alcohol-fueled rape culture, Cassie pretends to be plastered on her nightly missions to see how many “nice guys” try to take advantage of her. A disturbingly high number do. One by one, they receive her dead-sober message: You made a really bad call, bro.
High Court deputy judge Marcus Smith has declared that the court will not stay proceedings between Vodafone and Top Optimized Technologies (TOT). Vodafone had requested a stay, based on jurisdictional grounds as laid out in Article 30 of the Brussels Recast.
Currently, three claims make up the dispute; one in Spain, and two parallel in the UK. In Spain, the proceedings also involve Huawei. All three cases concern EP 19 26 224 B1, which covers an outer-loop power control method and device for wireless communication systems.
Spanish suits
Three years ago, Vodafone and Huawei entered into a non-disclosure agreement with TOT. The latter party then claimed breach of contract by Huawei and commenced proceedings against the telecommunications company in Spain. However, prior to the proceedings in Madrid, Vodafone challenged several of TOT’s claims. It argued the claims were subject to exclusive jurisdictional clauses of UK courts.
Vodafone succeeded in its jurisdictional challenge, with the Madrid Commercial Court declining jurisdiction over the proceedings. As such, TOT only sued Huawei in Spain. In the first decision handed down by the Spanish court, the judges dismissed TOT’s claims against Huawei, finding the company not liable for misuse of confidential information. TOT appealed the decision.
Vodafone then sought a stay of the second UK proceedings, pending the outcome of TOT’s appeal in Madrid. Parties expect the outcome of the Spanish appeal at the end of 2021 by the earliest. The initial claim brought by TOT against Vodafone was worth €508 million.
Four of the busiest patents judges, including Alan Albright, Rodney Gilstrap and Len Stark, share how litigators can help the courts this year
I have the pleasure and the honor of welcoming Professor Anne-Catherine Chriariny in the next two weeks’ posts. Professor Chiariny teaches Patent Law and International Private Law at the University of Montpellier. She is notably the author of a famous doctoral thesis on international patent litigation awarded by the Prix Pierre Véron and the Prix Cercle Montesquieu in 2007, published in 2006 (you can order it here), and has kindly accepted to offer us two brief lectures on issues relating to FRAND litigation in a global context: which Judge can fix a global rate (Part 1)? Which Judge can order a cross-border injunction (Part 2)?
This invitation results from passionate discussions we had together with Professor Chiariny and a common observation to which we have come: the hot debates on FRAND litigation in a global context, particularly because of their undeniable “political” color, often lead us to forget what the fundamental legal rules are. This is notably the case when we talk about FRAND royalty rates, especially when addressing the issue of a global royalty rate since the Unwired Planet case (see here), which is now at the heart of many disputes, being notably the source of the anti-suit injunctions and anti-anti-suit injunctions (see here).
Jeff Berkowitz is a Miami real estate developer, lawyer, and now inventor. Berkowitz, along with architect Bernardo Fort Brescia and civil engineer Ronald Klemencic were recently awarded a design patent on their design for SkyRise Miami. D908917 (“The ornamental design for a building as shown and described.”). The building is apparently now under construction, although at a somewhat delayed pace.
[...]
The design patent took-up 3 1/2 years of prosecution. That is an unusually long time for a design patent. The examiner initially issued a restriction requirement because two sets of drawings had been submitted. Subsequently, the examiner identified inconsistencies in the various views that required repeated correct.
A federal court in New York has ordered a local resident to pay $108,750 in damages for sharing over a hundred pirated videos. The judgment follows a complaint from adult entertainment company Strike 3 Holdings which went uncontested in court. Meanwhile, over in Illinois, a previously accused BitTorrent pirate celebrated a victory.
Earlier this month Rights Alliance declared victory in its war against private torrent trackers but according to the anti-piracy group, a stubborn minority of BitTorrent users aren't getting the message. So, in partnership with the State Prosecutor for Serious Economic Crime, Rights Alliance aims to weed them out - even those hiding behind VPNs.
His decisions looked like he wanted to punish Oracle for its sucessful copyrightability appeal, and he wanted a jury to let Google off the hook--on the basis of fair use--so that the outcome would ultimately be the same as what it would have been had his puzzling non-coprightability holding been upheld. A right-for-the-wrong-reasons kind of situation, with his fans still believing he had been right in the first place.