Bonum Certa Men Certa

Links 2/3/2021: Maui 1.2.1, RSS Guard 3.9.0



  • GNU/Linux

    • The ‘Unix Way’ Has a Right Way That’s Almost a Lost Way

      I’ve often extolled the philosophy of Unix, and as the title implies, I’m not about to stop. Before I learned computer science, I thought all computers were impenetrably arcane. But when I grasped Unix, through the imperfect medium of Linux, it made intuitive sense to me. Through all its evolution, at its heart Unix retains the charm that I have previously remarked on.

      To touch on one such trait that is relevant to the point I want to make, I love that Unix’s simplest tools are also its most versatile. This is because its creators believed that a handful of default tools should allow users to do anything imaginable. To that end, Unix’s brain-parents also ensured effortless interoperation via the common interface of textual data. All these design choices consciously facilitated user freedom.

      But this bears an important caveat: freedom has reasonable implied limits. Philosophies with the cardinal virtue of liberating adherents can never afford to shed all limitations for the simple fact that philosophies without doctrines are self-effacing. A philosophy, by existing, defines what it is and thus implicitly delineates what it is not.

      This is what I call the “Daoism Paradox.” Without getting too esoteric, Daoist philosophy holds that all is a perfectly effortless way. Existence is as it must be. In fact, its nature is so all-encompassing that defining it is impossible. So how does Daoism express this if expressing Daoism is impossible?

    • Server

      • Istio / Announcing Istio 1.9.1

        This release fixes the security vulnerability described in our March 1st, 2021 news post as well as bug fixes to improve robustness.

        This release note describes what’s different between Istio 1.9.0 and Istio 1.9.1.

      • ISTIO-SECURITY-2021-001

        This issue only affects Istio 1.9.0; previous versions of Istio are not affected. This issue has been given a CVSS score of 8.2 by the Istio product security working group.

      • Power To The Kubernetes People

        Big Blue shelled out an incredible $34 billion to buy open source infrastructure software juggernaut Red Hat, and it is determined not to just tend and

      • Introduction to k3d: Run K3s in Docker | SUSE Communities

        k3d is a small program made for running a K3s cluster in Docker. K3s is a lightweight, CNCF-certified Kubernetes distribution and Sandbox project. Designed for low-resource environments, K3s is distributed as a single binary that uses under 512MB of RAM. To learn more about K3s, head over to the documentation or check out this blog post or video.

        k3d uses a Docker image built from the K3s repository to spin up multiple K3s nodes in Docker containers on any machine with Docker installed. That way, a single physical (or virtual) machine (let’s call it Docker Host) can run multiple K3s clusters, with multiple server and agent nodes each, simultaneously.

      • Sysdig Contributes eBPF Components to CNCF

        Sysdig, Inc. recently announced that it has contributed the sysdig kernel module, eBPF probe, and Falco libraries to the Cloud Native Computing Foundation (CNCF). The contributed source code will be moved into the Falco organization, a cloud-native runtime security project and de facto Kubernetes threat detection engine, which was also contributed to the CNCF by Sysdig.

      • Sysdig contributes Falco’s kernel module, eBPF probe, and libraries to the CNCF

        Today, I’m excited to announce the contribution of the sysdig kernel module, eBPF probe, and libraries to the Cloud Native Computing Foundation. The source code of these components will move into the Falco organization and be hosted in the falcosecurity github repository.

    • Audiocasts/Shows

      • The Right Wallpaper Is The Key To A Beautiful Desktop

        The key to creating a beautiful desktop is finding the right wallpaper. In Linux, we have a number of great wallpaper packs available to us in our distro's repositories, as well as some nice programs that will fetch wallpapers from the Internet.

      • Arch User Repository: How Does It Really Work - YouTube

        The Arch User Repository is an amazing tool for Arch users but a lot of new Arch users and people who don't use Arch don't really understand how it works and what makes it so useful so today I thought I'd try to explain a bit about the AUR.

      • Destination Linux 215: Open Source vs Commercial: Endless War or Symbiosis? & Jill’s Treasure Hunt

        This week on Destination Linux, we’re going to discuss why being a supporter of open source does not mean that you are anti-commercial. Later in the show, we’re going to go on a Treasure Hunt in Jill’s silicon world of wonders and hardware museum! Plus we’ve also got our famous tips, tricks and software picks. All of this and so much more this week on Destination Linux. So whether you’re brand new to Linux and open source or a guru of sudo. This is the podcast for you

    • Kernel Space

      • Linux Championed Work From Home Before Everyone Else: Greg Kroah-Hartman [Ed: This is a revisionist load. GNU predates this. Linux and LF trying to delete GNU from history…]

        Linux kernel is the world’s largest collaborative technology. It’s created by thousands of people from around the world, working together from the comfort of their homes, just via email. In this episode of TFiR Insights, we hosted none other than Greg Kroah-Hartman, the leading Linux kernel developer and maintainer of the stable branch. We discussed a wide range of topics including work from home and the progress Linux has made over the years.

    • Benchmarks/Graphics

      • Let's talk about Wayland ...

        In the past few weeks, I read several articles on Wayland. And I thought, what the Internet needs is more debate, not less! So I figured I should add my own opinion into the ether and foster the productive, respectful and totally not emotional discussion around Wayland, the new desktop thingie what shows images on your screen. If you're a techie, you are already flipping, but if you're not, you may be wondering, what? Indeed, for non-techies, Wayland doesn't mean anything. Neither does Xorg.

        But the two are display engines, which results ultimately in stuff being painted on your monitor. Xorg is the old technology, a display server, and Wayland is the new display server protocol, and it is meant to replace the former. Except ... this has been going on for more a decade, without end in sight. It boils down to a boss fight of Xorg vs Wayland, and why one is better than the other, and so forth ad infinitum. Now, the real problem is, because this debate is heralded by techies, it boils down to technical details, which is WRONG. The reality is far simpler, far more abstract. Follow me.

        [...]

        Thirdly, logging keystrokes can be done in many many different ways. Why limit the discussion to this being possible with Xorg? Do you know how you prevent such a scenario? Don't have a rogue application or process on your host! Very simple. But then, why not go for malware that is sophisticated enough to install its own driver, or install its own device? Why not something that does all sorts of wonders when installed?

        If you have malware on your system, then you have a much bigger problem than the fact once it gets past your perimeter security, it could potentially do bad things. The solution is to make sure that your system does not get exposed or infected, and then, the discussion around Xorg is no longer relevant. Moreover, if someone gets onto your system, it's game over. Not in the movie drama sense, but there's no reason to limit oneself to an arbitrary usecase that serves the narrative. Why not listen to the microphone? Why not delete data? Why not pop a message in your terminal every nine seconds? Lots of options.

        [...]

        We also need to put things into perspective. The Linux desktop - desktop, as in you actually have a graphical interface where the Xorg vs Wayland argument would matter - controls a tiny proportion of the global PC market. To make things worse, the 1% mark has been around for a good decade plus, so it's not like we're going anywhere with any great majesty.

        The discussion around Wayland and Xorg affects 1% of users at best - and even then, lots of people don't really care about the technological ingredients in their systems, they just want functionality. The same way you don't care where the flax in your bed linen was sourced, how porcelain in your plates is made, the angle of the spark plug in your car's cylinders, or the composition of the fertilizer at the nearby farm. Those are trivial details behind functionality. They are only of interest to diehard fans.

        [...]

        The discussion around Wayland and Xorg shouldn't be about implementation details - those matter to the experts in the field, of course. But lacking any fundamental user-centric reasons why Xorg should be gone and why something (Wayland) should replace it, the narrative must deteriorate to bickering about tech lingo and buzzwords. At the end of the day, the proof is in the pudding. Functionality. Usability.

        Can Wayland do what Xorg does today? Does it offer users at least what they have today? Can a person, no matter their tech credentials, achieve their basic needs using this thing? And the answer to all of these is, unfortunately, NO. Wayland is just part of the greater equation called Linux. But it is a great example of a technology tool that intrudes into userspace and breaks the user experience, whereas technology should be the opposite. Totally invisible and silent. Hint: for those of you already rushing for your pitchforks, Xorg isn't the ideal solution either. It also breaks the user experience, only much less than Wayland.

        But the Linux desktop as a whole does not offer the seamless functionality that people need, because it is designed with software tools as the end goal and not with the user experience supported by software tools as the end goal. Cause and effect, reversed. Because it's not a product. It's a bundle of tech. And until this mindset changes (extremely unlikely), the Linux desktop will never get past its 1% share.

      • AES-NI XTS Crypto Performance Looking Good For AMD With Linux 5.12 Fix

        Of the performance-related changes with Linux 5.12 worth noting is faster AES-NI XTS performance for systems relying upon return trampolines "Retpolines" as part of the CPU's Spectre V2 mitigations. On the Intel side this primarily impacts older CPUs where Retpolines is still used while on the AMD side through Zen 3 the Retpolines is still relied upon, which as shown by these benchmarks is now much better off for AMD Ryzen AES XTS performance as measured by Cryptsetup.

        As reported last year, AES-NI regressed heavily under Retpolines and seemingly went unnoticed for the better part of three years. Now with Linux 5.12 the AES-NI kernel module code has been reworked so it doesn't face such overhead in Retpolines-enabled environments and in turn really helps out with performance.

        I previously ran some benchmarks while now for getting an idea as to the impact with Linux 5.12 mainline, I carried out some fresh cryptsetup benchmarks with two AMD systems of Linux 5.11 stable versus Linux 5.12 Git at the end of the merge window.

    • Applications

      • Fish shell 3.2.0 released

        Version 3.2.0 of the fish shell has been released. New features include undo and redo support (for command-line editing, not commands!) and a long list of incremental improvements; see the announcement for details.

      • RSS Guard 3.9.0 - Neowin

        RSS Guard is a simple (yet powerful) feed reader. It is able to fetch the most known feed formats, including RSS/RDF and ATOM. It's free, it's open-source. RSS Guard currently supports Czech, Dutch, English, French, German, Italian. RSS Guard will never depend on other services - this includes online news aggregators like Feedly, The Old Reader and others.

    • Instructionals/Technical

      • Get started with CrowdSec v.1.0.X

        The official release of CrowdSec v.1.0.X introduces several improvements to the previous version, including a major architectural change: the introduction of a local REST API.

        This local API allows all components to communicate more efficiently to support more complex architectures, while keeping it simple for single-machines users. It also makes the creation of bouncers (the remediation component) much simpler and renders them more resilient to upcoming changes, which limits maintenance time.

      • Open Source Web Radio with Icecast and Raspberry PI - peppe8o

        As web became more popular, a number of web radio born because of their low maintenance costs. One of most popular platform to broadcast a private web radio is Icecast2, which runs also on Raspberry PI computer boards

        [...]

        Icecast is an open source software (distributed indet GNU GPL, version 2) able to create a self hosted streaming server. Supports a number of audio/video media formats, like Ogg (Vorbis and Theora), Opus, WebM and MP3.

      • How to install Citra Emulator on a Chromebook

        Today we are looking at how to install Citra, a Nintendo DS emulator, on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

      • How to change Apache Document root directory on Ubuntu 18.04

        To modify the root folder in Apache, you would need to make changes to two files basically. We will first start by modifying the file /etc/apache2/apache2.conf.

    • Games

      • Joan Fons is hired to work on Godot's rendering

        I started contributing to Godot about 3 years ago while I was still studying at uni. I quickly felt at home and I started focusing on 3D editor and rendering contributions. Not long after that, I got a job as a Godot consultant at Prehensile Tales, which I kept till last Friday...

        My latest big contribution to the engine is the new CPU lightmapper, which will be landing with the 3.2.4 release, and should make lightmaps a viable option for 3.2. Here you can see some screenshots...

        [...]

        Moving forward, and with my full focus on Godot development, my goal is to work on Godot's 3D rendering and help bring Godot 4.0 finish line.

        My first task will be integrating an occlusion culling system into the new Vulkan renderer. While occlusion culling is not a silver bullet, it can give big performance improvements in a variety of scenes. I have been working on a small prototype implementation and the results so far are promising, but it still needs to be integrated in the rendering backend and exposed to the user.

      • Building a Retro Linux Gaming Computer - Part 1: Dumpster Diving | GamingOnLinux

        Before I begin, I feel I should state that this project is just a bit of fun. The goal is not to build the most powerful retro gaming computer I can, or to engage in any kind of serious analysis or benchmarking. All I want to do is play around with old hardware and software, explore what could be done with Linux back in the day, and maybe learn a thing or two about how far we have come along the way.

        Older computing hardware is getting harder and harder to find. What would have been given away just five or ten years ago can now often only be found on websites such as eBay for inflated prices and heavy shipping costs, at least for Canadian buyers like myself. So when I noticed an interesting looking beige box ready to be recycled at my local dump, I did not hesitate to rescue it in order to see what was inside.

      • DXVK 1.8.1 Is Released With Better DirectX 9 Performance On AMD GPUs

        The DirectX to Vulkan translation layer DXVK, popular among Wine uses who like to play Windows games on Linux, got a huge speedbump for DirectX 9 games using MSAA on AMD graphics cards using the Mesa RADV driver in the latest 1.8.1 release. There's also workarounds for Mafia II and Warhammer Online.

    • Desktop Environments/WMs

      • K Desktop Environment/KDE SC/Qt

        • KStars v3.5.2 Is Released

          Developer Jasem Mutlaq has released another fine version of the user-friendly yet very advanced astronomy program KStars. The highlights in the new version are mostly for those who happen to have their own observatory. KStars is still a great little program for anyone who wants to brush up on the constellations or have an interest in the night sky.

          [...]

          There's also two major improvements to the Ekos Polar Alignment Assistant, contributed by Hy Murveit, in KStars 3.5.2. Polar Alignment can now be done while pointing anywhere in the sky, and the user-interface for it has been greatly improved.

        • Plasma Mobile updates make the user interface more customizable (and a bit more Android-like)

          There are several different user interfaces available for Linux smartphones, but the one that will probably feel the most familiar to Android users is KDE’s Plasma Mobile.

          Like Android, it has a home screen, an app drawer, navigation buttons on the bottom, status notifications at the top, and a quick settings panel that appears when you swipe down from the top of the screen.

          Soon, it may work even more like Android – developers plan to add support for multiple home screens that you can scroll through horizontally, giving you more space for app icons and widgets. Support for custom app launchers may also be on the way.

        • Plasma Mobile February Update

          The Plasma Mobile team is happy to present the Plasma Mobile updates from January and February 2021.

          [...]

          The highlights for Plasma Dialer include one bug fix and two new features. First off, Powerdevil no longer suspends calls. (Bhushan Shah: plasma-mobile/plasma-dialer!31) The two new features are that it is now possible to send DTMF tones and send USSD requests. DTMF tones can be sent during a call and can be used to navigate the menus of certain automated calling systems. USSD requests, also called “quick codes”, can be used to request the current pre-paid balance from the mobile phone operator, as well as other data. Both features were tested to work on the Pinephone. (Alexey Andreyev: plasma-mobile/plasma-dialer!32 and plasma-mobile/plasma-dialer!33)

        • Maui 1.2.1 & 1.1.0 Releases

          Today, we are pleased to announce the release of MauiKit and Maui Apps 1.2.1!.

          Are you a developer and want to start developing cross-platform and convergent apps, targeting, among other things, the upcoming Linux mobile devices? Then join us on Telegram: https://t.me/mauiproject. If you are interested in testing this project and helping out with translations or documentation, you are also more than welcome.

        • January/February in KDE PIM

          Since the last report two month ago we saw the 20.12.2 release of Kontact, had a virtual New Year meetup, and integrate more than 1600 changes by more than 30 contributors. Here are some of the highlights.

          [...]

          The bulk of the changes again focus on preparing the upcoming migration to Qt6 and KF6. This mainly consists of porting away from deprecated functionality in Qt, KDE Frameworks or the build system, towards the respective future-proof alternatives.

      • GNOME Desktop/GTK

        • Martín Abente Lahaye: Portfolio 0.9.10

          This new release introduces a new home page, which serves as the starting point for the navigation experience. Besides its utility as “quick access”, it also provides a better interface for managing external devices. Kudos to @nahuelwexd for designing it.

        • Sam Thursfield: Return to Codethink

          2020 was a year full of surprises, so surprise that I finished it by returning to work in the same job that I left exactly 3 years ago.

          There are a few reasons I did that! I will someday blog in more detail about working as a language teacher. It’s a fun job but to make the most of it you have to move around regularly, and I unexpectedly found a reason to settle in Santiago. Codethink kindly agreed that I could join the ongoing remote-work revolution and work from here.

          Three years is a long time. What changed since I left? There’s a much bigger and nicer office in Manchester, with nobody in it due to the pandemic. The company is now grouped into 4 internal divisions. This is still an experiment and it adds some management overhead, also helps to maintain a feeling of autonomy in a company that’s now almost 100 people. (When I started there ten years ago, I think there were seventeen employees?!)

          I also want to mention some research projects that my colleagues are working on. Codethink is a services company, but has always funded some non-customer work including in the past work on dconf, Baserock, Buildstream and the Freedesktop SDK. These are termed ‘internal investments’ but they are far from internal, the goal is always to contribute to open software and hardware projects. The process for deciding where to invest has improved somewhat in my absence; it still requires some business case for the investment (I’m still thinking how to propose that I get paid to work on music recommendations and desktop search tools all day), but there is now a process!

          [...]

          My contribution to Codethink’s RISC-V research was writing an article about it. The tl;dr is we are playing with some RISC-V boards, mainly in the context of Freedesktop SDK. Since writing that article the team tracked down a thorny bug in how qemu-user uses GLib that had been blocking progress, and got GNOME OS running in qemu-system-riscv. Expect to see a video soon. You can thank us when you get your first RISC-V laptop

    • Distributions

      • Reviews

        • GParted 1.2.0 Live CD & USB Image: Nimble and Effective

          Continuing the theme of Debian based rescue distributions, simply because most of them are built on Debian, I am looking at GParted this week as last one in this short series. GParted is of course known as a tool to work with and edit partitions that is included with most distributions where it could be considered a de facto standard. But it also lends its name to a rescue CD image where it is at the centre of the collection of tools.

          Images are updated frequently, about every two months, but core functionality stays the same so there is no need to focus on numbers too much. That said, I downloaded the gparted-live-1.2.0-1-amd64.iso which was 387 MB in size and is using the 5.10 Linux kernel. 1.2.0-2 is currently in testing. These newer builds are based on the unstable branch of Debian for obvious reasons, to stay relevant with support for newer hardware, but are in themselves considered stable.

          The systemd software is running under the hood. With its small size GParted can be written to USB, CD or DVD and is available for i686 and x86_64 architectures, as ISO or extractable USB image. There‘s also a PAE enabled version for 32-bit computers. The 64-bit version supports booting UEFI machines. The home page advises to have a minimum of 320 MB RAM available.

      • SUSE/OpenSUSE

        • Call for Papers Open for openSUSE Conference

          The call for papers is open until May 4. This leaves a little more than 60 days to submit a proposal. The dates of the conference are scheduled for June 18 - 20. Registration for the conference has also begun.

      • Arch Family

        • [Arch] FOSS Activities in February 2021

          The start of this month was marked with FOSDEM! I held a talk about secure boot and the tooling stuff I have written, sbctl. It’s a tool to help you manage secure boot keys and signing files. With help from sbsigntools it also does live enrollment of keys.

          The talk went great (I think) and it was fun to see how FOSDEM pulled off the conference with matrix and jitsi. I gave me some inspiration for Arch Conf 2021 that I should try kick off some planning on.

      • IBM/Red Hat/Fedora

        • Red Hat Risk Report: A tour of 2020's branded security flaws [Ed: Branding is just hype and marketing for FUD agenda]

          An article from December 2020 reported that 2020 had a record high number of CVEs reported for the fourth year in a row (yet another reason to dislike the year!). Across the technical spectrum more than 176,447 CVEs were reported. Back when we started the Red Hat Risk Report the volume of CVEs across all software vendors numbered in the 4,000-8,000 range. The specific reasons for the increase will be debated for some time to come, but the harsh reality is that the organizations need to address a growing number of vulnerabilities each year.

        • Customer Success Stories: Red Hat solutions found around the world

          We regularly publish customer success stories that highlight how we're helping customers gain efficiency and transform the way they deliver software. Read on to see how we helped Tomago Aluminium, the MGEN Group, and Alliance Bank—three customers in three different continents—find success in application deployment, automation, and more.

        • Ben Williams: F33-20210301 updated Live isos released

          The Fedora Respins SIG is pleased to announce the latest release of Updated F33-20210301-Live ISOs, carrying the 5.10.18-200 kernel.

          This set of updated isos will save considerable amounts of updates after install. ((for new installs.)(New installs of Workstation have about 1.1GB+ of updates savings )).

        • Developers can now use IBM’s cloud services across multiple environments with IBM Cloud Satellite

          Today we announced that IBM Cloud Satellite has designed its cloud services to be available across multiple environments — on IBM Cloud, on premises, or at the edge. This is big news for enterprise developers for several reasons.

          The first is that increasingly enterprise developers are being asked to build applications across a wide range of environments, and that trend is only accelerating. A recent IBM Institute for Business Value study found that a typical enterprise uses nearly eight clouds from multiple vendors. There has been a surge in the adoption of hybrid clouds — the combination of public clouds, private clouds, and on-premises IT — noting that in the next three years, hybrid cloud adoption is expected to grow by 47%, and the average organization will be using nearly six clouds.

      • Debian Family

        • Charging the Librem 5

          When you find yourself low on power, it’s helpful to know how long it takes to charge your device. This video will go over the expected charge time of the Librem 5.

        • Built-in "Xray" like UNO object inspector – Part 2

          Since my last blog post I've been continuing the work on DevTools and since then a lot of things have progressed. Point & click has been implemented and the object inspector view has been greatly improved to show current object’s properties and methods. In this part I will mainly talk about the point & click and a bit about the current state, and in the next blog I will extensively talk about the object inspector.

          [...]

          The object inspector is already in a very good shape so I encourage everyone to try it and give feedback, what can be improved, changed or added - especially if you use Xray or MRI regularly.

          For the next steps the major focus will be to fix a couple of bugs and crashes (mainly due to missing checks if objects are available), work on the UI, object stack (so it is possible to go back to the previous object) and finalizing all the features of the object inspector.

        • Sparky news 2021/02

          Many thanks to all of you for supporting our open-source projects, specially in this difficult days. Your donations help keeping them and us alive.

      • Canonical/Ubuntu Family

    • Devices/Embedded

    • Free, Libre, and Open Source Software

      • Apache Month in Review: February 2021
      • Approved: Four New Open Source Licenses

        As the steward of the Open Source Defintion, the Open Source Initiative has been designating licenses as "open source" for over 20 years. These licenses are the foundation of the open source software ecosystem, ensuring that everyone can use, improve, and share software. When a license is approved, it is because the OSI believes that the license fosters collaboration and sharing for the benefit of everyone who participates in the ecosystem.

        The world has changed over the past 20 years, with software now used in new and even unimaginable ways. The OSI has seen that the familiar open source licenses are not always well-suited for these new situations. But license stewards have stepped up, submitting several new licenses for more expansive uses. The OSI was challenged to evaluate whether these new concepts in licensing would continue to advance sharing and collaboration and merit being referred to as "open source" licenses, ultimately approving some new special purpose licenses.

      • Cryptographic Autonomy License Approved by OSI

        The controversy over the scope of copyleft these days remains brisk. Regarding CAL, it was so heated that OSI founder Bruce Perens resigned in protest, as the license approached approval. There is a also a larger controversy over whether copyleft licenses written by single companies, and not part of the community drafting process, should be approved, regardless of content.

      • Programming/Development

        • DRY enums for Absinth macros

          Absinth is a great GraphQL library for Elixir, but it brings a few challenges as it’s practically implemented using macros. One of these challenges is a DRY way of reusing enumerables in Absinth enums.

          [...]

          The only thing we had to do is to use require to require the module beforehand.

        • Perl/Raku

          • Gzip::Zopfli - another compression module

            Following on from the Gzip::Libdeflate I mentioned before, I also made this: Gzip::Zopfli

            It is based on the Zopfli gzip compression library from Google Research.

        • Rust

          • Weird architectures weren't supported to begin with

            You don’t know about any of the above until the bug reports start rolling in: users will report bugs that have already been fixed, bugs that you explicitly document as caused by unsupported configurations, bugs that don’t make any sense whatsoever.

            You struggle to debug your users’ reports, since you don’t have access to the niche hardware, environments, or corporate systems that they’re running on. You slowly burn out as an unending torrent of already fixed bugs that never seem to make it to your users. Your user base is unhappy, and you start to wonder why you’re putting all this effort into project maintenance in the first place. Open source was supposed to be fun!

            What’s the point of this spiel? It’s precisely what happened to pyca/cryptography: nobody asked them whether it was a good idea to try to run their code on HPPA, much less System/3906; some packagers just went ahead and did it, and are frustrated that it no longer works. People just assumed that it would, because there is still a norm that everything flows from C, and that any host with a halfway-functional C compiler should have the entire open source ecosystem at its disposal.

          • Woodruff: Weird architectures weren't supported to begin with

            William Woodruff has posted a rant of sorts on the adoption of Rust by the Python Cryptography project, which was covered here in February.

  • Leftovers

    • Integrity/Availability

      • Proprietary

        • Security

          • Security updates for Monday

            Security updates have been issued by CentOS (firefox, ImageMagick, libexif, thunderbird, and xorg-x11-server), Debian (docker.io, python-aiohttp, and thunderbird), Fedora (chromium, firefox, kernel, and rygel), Mageia (nodejs, pix, and subversion), openSUSE (glibc, gnuplot, nodejs12, nodejs14, pcp, python-cryptography, qemu, and salt), Red Hat (bind and podman), and SUSE (csync2, glibc, java-1_8_0-ibm, nodejs12, nodejs14, python-Jinja2, and rpmlint).

          • KDE neon Blog: Offline Updates are Coming

            For a very long time we’ve been paving the road for offline updates. We are excited to finally introduce the first step to the KDE neon Unstable Edition today and would love to hear your opinion in the forum.

            Unlike regular updates offline updates are not applied immediately but are only download and marked for installation on the next system restart. This has the tremendous advantage that you no longer need to interrupt whatever you are doing to update the system. They also prevent the system from entering a curious state of inconsistency resulting in an increased chance of bugs and crashes just after updating. Previously you might have been angrily looked at by Firefox, had Dolphin crash on you, or even got locked out of the session because the lockscreen jumped off a cliff after you applied an update. The reason for this is that most complex pieces of software really do not fare well if essential files change out from under it. Offline updates solve this problem by simply moving the installation stage to a time when the system is in a less vulnerable state.

          • Working Linux exploit for Spectre flaw found by French researcher

            A French researcher claims to have found a working exploit for the Spectre vulnerability on Linux systems on the VirusTotal database, the first such exploit to come to light since the flaw was made public by Intel back in 2018.

            Julien Voisin said in a short post on Monday that a Windows exploit had also been uploaded, adding that he had not looked at it closely.

          • Working Windows and Linux Spectre exploits found on VirusTotal

            Working exploits targeting Linux and Windows systems not patched against a three-year-old vulnerability dubbed Spectre were found by security researcher Julien Voisin on VirusTotal.

            The vulnerability was unveiled as a hardware bug in January 2018 by Google Project Zero researchers.

          • Fear, Uncertainty, Doubt/Fear-mongering/Dramatisation

          • Privacy/Surveillance

            • Singapore reveals open-source blockchain COVID-test result tracker, eyes uses as vaccine passport app [Ed: Openwashing surveillance and Orwellian stuff, as has become common]

              Singapore has proposed a blockchain-based document verification system developed by its GovTech agency to provide proof of recent negative COVID-19 tests, and hopes it becomes used to offer proof of vaccination status around the world.

              Named "HealthCerts", the system is based on open-source framework known as OpenAttestation that uses blockchain to issue cryptographically trustworthy documents. The technology is already applied by some local universities to issue and authenticate diplomas.

              [...]

              From that date travelers planning to leave Singapore will book in for a COVID PCR test before they fly. Results will be uploaded to a government website and aspiring tourists will then go online to request the results be notarised by the Ministry of Health. If approved, the QR code linking to the notarised digital certificate will appear in SingPass Mobile, the nation's app for consuming digital government services.

    • Censorship/Free Speech

      • Hardware Unboxed Has Been Shadow-Banned From YouTube

        The somewhat popular Australian hardware review channel Hardware Unboxed, with 730k subscribers, has been shadow-banned from the Google-owned video hosting platform YouTube. This illustrates the importance of diversifying by creating your own video hosting platform using free open source software if you are completely reliant on one or two big-tech platforms.

        [...]

        YouTube has a long history of shadow-banning, and outright de-platforming, anyone who mentions any inconvenient truth or has that today rare quality called "critical thinking skills". The rampant YouTube-censorship has so far not affected any bigger mainstream technology-related YouTube channels. That seems to have changed with the current shadow-banning of the Australian hardware review channel Hardware Unboxed.

        [...]

        YouTube never told Hardware Unboxed that their channel is shadow-banned or why. YouTube did warn them that their channel had been flagged for some kind of "suspicious activity" the same day the shadow-ban took effect, so there is likely some relation between that vague warning and the shadow-ban. Nobody from Hardware Unboxed can tell you what, concretely, that means or what, if anything, they have done on their end that would qualify as "suspicious activity".

        The shadow-ban is hurting the channel badly both in terms of viewership and financial revenue.

        Hardware Unboxed does not have any website of their and do not have their own video hosting platform. The excellent free software video hosting platform PeerTube is very easy to install, configure and use. Hardware Unboxed could easily diversify and become less reliant of the whims of big tech. Luke Smith is one of many mostly Linux-focused video creators with his own video hosting platform at videos.lukesmith.xyz. Hardware Unboxed aren't even on any of the alternative free-to-use video hosting platforms like BitChute thought they do have a presence on the subscription-based pay-walled Canadian video hosting platform floatplane.com.

      • this what happens when a user pisses off Google

        this is why there need to be alternatives to Google, Youtube, GoogleDrive… actually in every country.

    • Monopolies

      • Patents

        • Court Affirms Damages on Very Wide Royalty Range Testimony

          A jury sided with the patentee Bayer — finding the patent infringed and not proven invalid. The judge refused to allow the jury to decide willfulness, and instead found no willful infringement as a matter of law. Affirmed here on appeal.

          The basic setup: Bayer’s U.S. Patent No. 9,364,520 covers a conjugate that includes a “functional Factor VIII polypeptide” having a particular amino acid sequence (“or an allelic variant thereof”). Factor VIII is normally produced by the human liver and is important to blood coagulation. Thus, Factor VIII is also a helpful treatment for hemophilia A. The conjugate also includes polyethylene glycol (PEG) that is used as a preservative and has a particular binding site on the polypeptide (“the B-domain”). The process of joining the two factors together is known as PEGylation. The B-domain binding site limitation was important because prior researchers had found that non-specific conjugation changed the Factor VIII in a way that reduced or eliminated its functionality.

          [...]

          RANDOM: Construing the Claim Construction. The district court construed the claimed polypeptide conjugation as “not random” based upon statements in the patent and the prosecution history. On appeal, the defendant argued that the term random – although not found in the claims – should have been construed by the district court.

          On appeal, the Federal Circuit found no error — explaining that claim construction need not “purge every shred of ambiguity.” quoting Acumed LLC v. Stryker Corp., 483 F.3d 800 (Fed. Cir. 2007). Here, the defendant had asked for a particular narrow construction and the district court had refused — finding it too narrow.



Recent Techrights' Posts

Brittany Day Can Rest and Let Microsoft/Chatbots Write Fake 'Articles' About "Linux" This Christmas
Who said people don't work on Christmas? Chatbots or plagiarism-as-a-service work 24/7, every day of the year except during Microsoft downtimes
 
[Meme] Time to Also Investigate Bill Gaetz
Investigation overdue
Microsoft Openwashing Stunts Initiative (OSI) is A Vulture in "Open" Clothing
it's quite telling that the OSI isn't protecting the Open Source Definition
IBM Has Almost Obliterated or Killed the Entire Fedora Community (Not IBM Staff)
Remaining Fedora insiders are well aware of this, but bringing this up (an "accusation" against IBM) might be a CoC violation
Links 25/12/2024: Fentanylware (TikTok) Scams and "Zelle Scams Lead to $870M Loss"
Links for the day
Links 25/12/2024: Windows TCO Brought to SSH, Terence Eden 'Retires'
Links for the day
Gemini Links 25/12/2024: Reality Bites and Gopher Thanks
Links for the day
Links 25/12/2024: Latest Report Front Microsoft Splinter Group, War Updates
Links for the day
Links 25/12/2024: Hong Kong Attacks Activists During Holidays, Xerox to Buy Lexmark
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Tuesday, December 24, 2024
IRC logs for Tuesday, December 24, 2024
Gemini Links 25/12/2024: Open Source Social and No Search
Links for the day
Brittany Day Connects Windows Ransomware to "Linux" Using Microsoft LLMs (FUD Galore, Zero Effort, No Accountability)
FUD and misinformation made by Microsoft LLMs again?
Links 24/12/2024: Labour Strikes and TikTok Scrambling to Prop Up Radical Politicians That Would Protect TikTok
Links for the day
Where the Population is Controlled by Skinnerboxes Inside People's Pockets (or Purses)
A very small fraction of mobile users practise or exercise freedom/control over the skinnerbox
[Meme] Coin-Operated Publishers (Gaming the Message, Buying the Narrative)
Advertise (sponsor) to 'play'
Advertisers and Their Covert Impact on Publications' Output (or Writers' Topics of Choice, as Assigned or Approved by Editors)
It cannot be trivially denied that sponsorship in the form of "advertising" impacts where publishers go (or don't go, won't go)
Terrible Year for Microsoft Windows in Cyprus
down from 86% to 72% since January
[Meme] How to Kill Unions (Staff on Shoestring Budget Cannot Afford Lawyers)
What next for the EPO? "Gig economy"?
The EPO's Staff Union (SUEPO) Takes Legal Action to Rectify the Decrease in Wages (Lessening of Purchasing Power)
here is what the union published
Gemini Links 24/12/2024: Deedum Gemini Client Gets Colour Support, Advent of Code 2024
Links for the day
Microsoft Windows Slides to New Lows in Colombia
Now Windows is at an all-time low
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Monday, December 23, 2024
IRC logs for Monday, December 23, 2024
A Strong and Positive Closing for the Year's Last Week
In a lot of ways this year was a good one for Free software
Feels Too Warm for Christmas
Christmas is here, no snow in sight
Links 23/12/2024: 'Negative Time' and US Arms Taiwan Again
Links for the day
Links 23/12/2024: The Book of Uncommon Beings, Squirrels, and Slop Ruining Workplaces
Links for the day
Links 23/12/2024: North Korean Death Toll in Russia at ~1,100, Oligarch Who Illegally Migrated/Stayed (Musk) Shuts Down US Government
Links for the day
The World's 'Richest Country' Chooses GNU/Linux
This has gone on for quite some time
Richard Stallman on Love
Richard Stallman's personal website includes a section that lists three essays on the subject of love
Apple's LLM Slop Told Us Luigi Mangione Had Shot Himself, BetaNews Used LLMs to Talk About a Dead Linus Torvalds
They can blame it on some bot
Microsoft, Give Me LLM Slop About "Linux" and "Santa", I Need Some Fake Article...
BetaNews is basically an LLM slop site
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Sunday, December 22, 2024
IRC logs for Sunday, December 22, 2024